Skip to content

Enum: AssetType

The category of enterprise asset primarily addressed by a Safeguard. Aligned with the CIS Controls Asset Classes taxonomy (v8.1, pg. 8). Sub-classes exist within each category but Safeguards reference the top-level class only.

URI: cis_controls:AssetType

Permissible Values

Value Meaning Description
Devices None Enterprise assets (data processing and storage assets), end-user devices (inc...
Software None Sets of data and instructions used to direct a computer to complete a specifi...
Data None A collection of facts that can be examined, considered, and used for decision...
Users None Employees, third-party vendors, contractors, service providers, consultants, ...
Network None A group of interconnected devices that exchange data
Documentation None Policies, processes, procedures, plans, diagrams, and other written material ...

Slots

Name Description
asset_type The class of enterprise asset primarily addressed by this Safeguard

Identifier and Mapping Information

Schema Source

LinkML Source

name: AssetType
description: The category of enterprise asset primarily addressed by a Safeguard.
  Aligned with the CIS Controls Asset Classes taxonomy (v8.1, pg. 8). Sub-classes
  exist within each category but Safeguards reference the top-level class only.
from_schema: https://w3id.org/lmodel/cis-controls
rank: 1000
permissible_values:
  Devices:
    text: Devices
    description: Enterprise assets (data processing and storage assets), end-user
      devices (including portable and mobile devices), servers, Internet of Things
      (IoT) and non-computing devices, network devices, and removable media. Devices
      may exist in physical, virtual, or cloud-based environments and can remotely
      connect to these systems.
  Software:
    text: Software
    description: Sets of data and instructions used to direct a computer to complete
      a specific task. Includes applications, operating systems (with their services,
      libraries, and APIs), and firmware. Both applications and operating systems
      are considered software assets.
  Data:
    text: Data
    description: 'A collection of facts that can be examined, considered, and used
      for decision-making. Although data may be physical, the CIS Controls primarily
      provide protection for digital data stored, transferred, and processed by enterprise
      assets. Sub-classes: sensitive data, log data, and physical data.'
  Users:
    text: Users
    description: Employees, third-party vendors, contractors, service providers, consultants,
      or any other person authorized to access an enterprise asset. Includes workforce,
      service providers, and user/administrator/service accounts.
  Network:
    text: Network
    description: A group of interconnected devices that exchange data. A superset
      of network infrastructure (hardware and software providing connectivity and
      communication) and network architecture (the logical and physical design of
      the network).
  Documentation:
    text: Documentation
    description: 'Policies, processes, procedures, plans, diagrams, and other written
      material (physical or digital), such as compliance reports. Examples include
      methods of governance for an enterprise, processes users follow, or descriptions
      of network architecture. Sub-classes: plans, policies, processes, and procedures.'