ABSTRACT
This chapter presents a framework for asset identification and classification that is the first of many organizational processes aimed at providing an appropriate level of cyber resilience. It deals with a general discussion of asset management and suggests that conceptual understanding into the depths of applying it in such a way that the organization can build it into the maturation of the larger scope of a cyber resilience program. The chapter examines the relationship between standard Information Technology Asset Management practices and cyber resilience. It explores the importance of and tasks involved in asset management planning. The chapter proposes how to use configuration management to effectively manage changes to services and the assets they support in order to sustain cyber resilience. Dating back to the 1960s, 1970s, and 1980s when computers were primarily used for business data processing, there has always been a need for some form of software inventory and tracking capabilities.
