Hornbill Technologies maintains a single inventory of information assets, which is subdivided by asset owners into separate asset groups. Each asset is classified as hardware (all computing and information processing equipment, including printers, fax machines, photocopiers, etc), software, information/database (e.g. software, software media etc), intangible, service (which includes designated secure areas), people (those individuals whose skills, knowledge and experience are considered essential), and other assets.
This inventory is the asset inventory that is used in the risk assessment process.
For each asset, Hornbill Technologies documents sufficient information to identify the asset, identify the physical (or logical) location of the asset, where appropriate, and the information security classification of each Asset.
For each asset, Hornbill Technologies identifies the business unit or business role that ‘owns’ the asset. The asset owner is responsible for ensuring that the asset is correctly classified and for the day to day maintenance of the identified controls.
Asset owners may delegate routine tasks, in respect of their assets or systems.