Asset management is becoming increasingly important in the current environment, only because regulations require it but also because of the imperatives of paradigm shifts in the protection approach. An inventory makes it possible to clearly establish responsibilities in asset protection and management and to meet regulatory requirements. However, in the current state of evolution of threats and regulatory frameworks, the question is no longer whether or not an inventory is needed but rather, how to elaborate it in a pragmatic way, so that the security program and security governance can make the most of it. However, they often provide information on classifications, responsibilities, and the use of assets in business operations. The risk management process is based on threats and the vulnerabilities of corporate assets. Knowing the value of the assets and deciding how to protect them are essential prerequisites for risk assessment and treatment.