An effective IT asset management (ITAM) solution can harness physical and virtual assets and provide an organization’s management and cybersecurity team with a complete picture of what, where, and how assets are being used. ITAM enhances visibility for security analysts, which leads to better asset utilization and security.
While a physical asset management system can identify the location of a computer, it cannot detect the operating systems running on an organization’s laptops or which devices are vulnerable to the latest threat.
NIST Special Publication (SP) 1800-5, “IT Asset Management,” details how organizations can track, manage and report on information assets throughout their entire life cycle. This ability can ultimately increase cybersecurity resilience by enhancing the visibility of assets, identifying vulnerable assets, enabling faster response to security alerts, revealing which applications are actually being used, and reduce help desk response times, according to a NIST news release.
Publication: SP 1800-5 (DOI) or NIST Download
Supplemental Material: Web version; Project Homepage
Document History: Draft SP 1800-5 (10/26/15); SP 1800-5 (9/7/18)
Authors: Michael Stone (NIST), Chinedum Irrechukwu (MITRE), Harry Perper (MITRE), Devin Wynne (MITRE)