What drives us

Nothing in life is risk free but risks can be managed. It’s our job to make everyone and everything safer. HawkSight software uses a sophisticated algorithm that assesses risks based on relevant threat data. This delivers a dynamic risk profile, identifies vulnerabilities, and provides options for mitigation.

We call it security risk insight and we’re global leaders at it.

We believe that this will enable people to live freer lives and enterprises to flourish as risk diminishes. The ability to live and operate safely in an increasingly complex world is our goal.

Book a call
zig-zag-img
left-laptop-image-

What Needs Protecting? A Simple Guide to Identifying Assets in Your Business

What Needs Protecting? A Simple Guide to Identifying Assets in Your Business

Understanding what to protect in your business is the initial step in any security risk assessment, whether for physical or digital security. In simple terms, you need to know what you are protecting.

ISO 31000 risk management guidelines objective is to help organisations protect their assets, achieve their objectives, and improve decision-making.

The ISO 270001 Information Security Management System defines an asset as anything of value to the organisation where information is stored and processed.

The Australian HB167 Security Risk Management Handbook refers to assets as anything of value that needs to be protected. Asset identification is central to its security risk assessment approach.

So, if you're unsure what’s valuable in your business, here’s an easy way to figure it out.

First, you need to list assets essential to the success of your business, project or operation.

HB167 suggests that these assets include Information, People, Property, Reputation, and Operations, but you don’t have to stick to these; you can label them in a way that makes sense for your business.

How do you know which assets are important? Talk to the people responsible for them. Ask the heads of different parts of your business what’s important in their areas and how things operate—for example, Human Resources for employees and contractors.

People are often an essential resource. Some might have special skills that are challenging to find elsewhere. Physical assets, like a fuel supply, are essential for a transport business.

With technology being a big part of every business, physical and cyber security professionals must work together to build an enterprise-wide asset inventory to ensure no gaps in your security planning.

Now you have your list, you need to figure out what’s most important to protect first. HB167 offers a ranking table from Low to Extreme to help with this, but you can rank items in a way that works for your business. Here is an example of a simple asset inventory for a corporate office.

 

Asset

Level of importance

Client & company information

Extreme

Employees

Extreme

Server room

High

Data centre

High

Office building

Significant

In the next blog, we will discuss how to assess the potential threats to these assets.
blogs you may also like