Content library
Equipment maintenance and safety
Documentation of other protected assets
Physical security
Equipment maintenance and safety

Documentation of other protected assets

Start free trial

Task description

Documentation of other protected assets

The organization shall list all relevant protected assets to determine ownership and to ensure that security measures cover all necessary items.

A large portion of the protected assets (including data sets, data systems, personnel / units, and partners) are treated through other tasks. In addition, the organization must list other important assets, which may be, depending on the nature of its operations, e.g. hardware (servers, network equipment, workstations, printers) or infrastructure (real estate, power generation, air conditioning). In addition the organization should make sure that relevant external devices are documented.

Requirements connected to the task

15.5.γ: Απογραφή των περιουσιακών στοιχείων
Εθνική αρχή για την ασφάλεια στον κυβερνοχώρο και άλλες διατάξεις (Ελλάδα)
19.2.i (assets): Asset management
Avviż Legali 71 tal-2025 (Malta)
21.2.i (assets): Asset management
NIS2 Directive
23.3.i (actief): Activabeheer
Cyberbeveiligingswet (Nederland)
25: Suojattavien kohteiden tunnistaminen ja dokumentointi
Digital security overview
27.(d): Sistēmas un aktīvu pārvaldība
Nacionālās kiberdrošības likums (Latvia)
29.4.i (assets): Asset management
The national cyber security bill 2024 (Ireland)
3.1.3: Management of supporting assets
TISAX: Information security
3.1.7 (tillgångar): Tillgångshantering
Cybersäkerhetslagen (Sverige)
30 § 3.9° (actifs): Gestion des actifs
La loi NIS2 (Belgique)

Other tasks from the same security theme

Task name
Priority
Policy
Other requirements
Maintenance of assets
Critical
High
Normal
Low
Equipment maintenance and safety
1
requirements

Examples of other requirements this task affects

No items found.
See all related requirements and other information from tasks own page.
Go to >
Maintenance of assets
Security controls for ICT assets
Critical
High
Normal
Low
Equipment maintenance and safety
1
requirements

Examples of other requirements this task affects

No items found.
See all related requirements and other information from tasks own page.
Go to >
Security controls for ICT assets
Disposal of media and hardware
Critical
High
Normal
Low
Equipment maintenance and safety
1
requirements

Examples of other requirements this task affects

No items found.
See all related requirements and other information from tasks own page.
Go to >
Disposal of media and hardware
Process for reviewing and approving hardware before deployment
Critical
High
Normal
Low
Equipment maintenance and safety
1
requirements

Examples of other requirements this task affects

ID.RA-09: Reviewing hardware and software
NIST 2.0
See all related requirements and other information from tasks own page.
Go to >
Process for reviewing and approving hardware before deployment
Regular updating and maintenance of hardware
Critical
High
Normal
Low
Equipment maintenance and safety
2
requirements

Examples of other requirements this task affects

PR.PS-03: Hardware management
NIST 2.0
§ 10.f: Systemutvikling og vedlikehold
NIS2 NO
See all related requirements and other information from tasks own page.
Go to >
Regular updating and maintenance of hardware
Secure usage of maintenance tools and portable devices for organization's systems
Critical
High
Normal
Low
Equipment maintenance and safety
1
requirements

Examples of other requirements this task affects

PR.MA-1: Maintenance and repair of organizational assets are performed and logged, with approved and controlled tools.
CyberFundamentals
See all related requirements and other information from tasks own page.
Go to >
Secure usage of maintenance tools and portable devices for organization's systems
Handling the loss, misuse, damage and theft of assets
Critical
High
Normal
Low
Equipment maintenance and safety
2
requirements

Examples of other requirements this task affects

PR.DS-3: Assets are formally managed throughout removal, transfers, and disposition.
CyberFundamentals
See all related requirements and other information from tasks own page.
Go to >
Handling the loss, misuse, damage and theft of assets
Setting up and resourcing backup equipment
Critical
High
Normal
Low
Equipment maintenance and safety
3
requirements

Examples of other requirements this task affects

Article 12: Backup policies and procedures, restoration and recovery procedures and methods
DORA
PR.DS-11: Backup policy
NIST 2.0
PR.IR-04: Resource capacity
NIST 2.0
See all related requirements and other information from tasks own page.
Go to >
Setting up and resourcing backup equipment
Basic service testing, fault tolerance evaluation and verification
Critical
High
Normal
Low
Equipment maintenance and safety
15
requirements

Examples of other requirements this task affects

Toiminnan jatkuvuuden hallinta
Katakri
F08: Toiminnan jatkuvuuden varmistaminen
Katakri
11.2.2: Supporting utilities
ISO 27001
11.1.4: Protecting against external and environmental threats
ISO 27001
PR.IP-5: Physical operating environment
NIST
See all related requirements and other information from tasks own page.
Go to >
Basic service testing, fault tolerance evaluation and verification
Ensuring the quality of equipment maintenance
Critical
High
Normal
Low
Equipment maintenance and safety
8
requirements

Examples of other requirements this task affects

F04: Kulkuoikeuksien hallinta
Katakri
11.2.4: Equipment maintenance
ISO 27001
PR.MA-1: Asset management and repair
NIST
7.13: Equipment maintenance
ISO 27001
A1.2: Recovery of infrastructure according to objectives
SOC 2
See all related requirements and other information from tasks own page.
Go to >
Ensuring the quality of equipment maintenance
Safe placement of equipment
Critical
High
Normal
Low
Equipment maintenance and safety
20
requirements

Examples of other requirements this task affects

Toiminnan jatkuvuuden hallinta
Katakri
F08: Toiminnan jatkuvuuden varmistaminen
Katakri
11.1.3: Securing offices, rooms and facilities
ISO 27001
11.2.1: Equipment siting and protection
ISO 27001
11.1.4: Protecting against external and environmental threats
ISO 27001
See all related requirements and other information from tasks own page.
Go to >
Safe placement of equipment
Documentation of other protected assets
Critical
High
Normal
Low
Equipment maintenance and safety
53
requirements

Examples of other requirements this task affects

Članak 30.1.i (Imovina): Upravljanja programskom i sklopovskom imovinom
NIS2 Croatia
9.5 §: Suojattavan omaisuuden hallinta
Kyberturvallisuuslaki
9.12 §: Fyysinen turvallisuus
Kyberturvallisuuslaki
5.2.7: Network management
TISAX
3.1.3: Management of supporting assets
TISAX
See all related requirements and other information from tasks own page.
Go to >
Documentation of other protected assets
Identifying the hardware that is connecting to the datacenter
Critical
High
Normal
Low
Equipment maintenance and safety
1
requirements

Examples of other requirements this task affects

No items found.
See all related requirements and other information from tasks own page.
Go to >
Identifying the hardware that is connecting to the datacenter
Ensuring hardware integrity
Critical
High
Normal
Low
Equipment maintenance and safety
4
requirements

Examples of other requirements this task affects

PR.DS-8: Integrity checking (hardware)
NIST
PR.DS-8: Integrity checking mechanisms are used to verify hardware integrity.
CyberFundamentals
PR.PS-03: Hardware management
NIST 2.0
Article 32: Physical and environmental security
DORA simplified RMF
See all related requirements and other information from tasks own page.
Go to >
Ensuring hardware integrity
Baseline configuration for systems
Critical
High
Normal
Low
Equipment maintenance and safety
3
requirements

Examples of other requirements this task affects

PR.IP-1: A baseline configuration of information technology systems
NIST
PR.IP-1: A baseline configuration of information technology/industrial control systems is created and maintained incorporating security principles.
CyberFundamentals
PR.PS-01: Configuration management
NIST 2.0
See all related requirements and other information from tasks own page.
Go to >
Baseline configuration for systems
Protection of equipment against unauthorized devices (CL II)
Critical
High
Normal
Low
Equipment maintenance and safety
2
requirements

Examples of other requirements this task affects

TEK-17.4: Muutoshallintamenettelyt - TL II
Julkri
I-16: SECURITY THROUGHOUT THE INFORMATION PROCESSING ENVIRONMENT LIFE CYCLE - CHANGE MANAGEMENT
Katakri 2020
See all related requirements and other information from tasks own page.
Go to >
Protection of equipment against unauthorized devices (CL II)
Physical switch security
Critical
High
Normal
Low
Equipment maintenance and safety
1
requirements

Examples of other requirements this task affects

2.4.3: Identify physical access to switches and cables
NSM ICT-SP
See all related requirements and other information from tasks own page.
Go to >
Physical switch security
Equipment maintenance log
Critical
High
Normal
Low
Equipment maintenance and safety
6
requirements

Examples of other requirements this task affects

11.2.4: Equipment maintenance
ISO 27001
PR.MA-1: Asset management and repair
NIST
7.13: Equipment maintenance
ISO 27001
A1.2: Recovery of infrastructure according to objectives
SOC 2
PR.MA-1: Maintenance and repair of organizational assets are performed and logged, with approved and controlled tools.
CyberFundamentals
See all related requirements and other information from tasks own page.
Go to >
Equipment maintenance log
Electromagnetic data breach management
Critical
High
Normal
Low
Equipment maintenance and safety
11
requirements

Examples of other requirements this task affects

I14: Hajasäteily (TEMPEST)
Katakri
11.1.3: Securing offices, rooms and facilities
ISO 27001
11.2.1: Equipment siting and protection
ISO 27001
PR.DS-2: Data-in-transit
NIST
FYY-01.1: Fyysisen turvallisuuden riskien arviointi - TEMPEST - TL III
Julkri
See all related requirements and other information from tasks own page.
Go to >
Electromagnetic data breach management
Lightning protection
Critical
High
Normal
Low
Equipment maintenance and safety
2
requirements

Examples of other requirements this task affects

11.2.1: Equipment siting and protection
ISO 27001
7.8: Equipment siting and protection
ISO 27001
See all related requirements and other information from tasks own page.
Go to >
Lightning protection
Cabling security
Critical
High
Normal
Low
Equipment maintenance and safety
5
requirements

Examples of other requirements this task affects

11.2.3: Cabling security
ISO 27001
ID.BE-4: Dependencies and critical functions
NIST
7.12: Cabling security
ISO 27001
2.4.3: Identify physical access to switches and cables
NSM ICT-SP
See all related requirements and other information from tasks own page.
Go to >
Cabling security
Alarm systems for equipment environment
Critical
High
Normal
Low
Equipment maintenance and safety
16
requirements

Examples of other requirements this task affects

Toiminnan jatkuvuuden hallinta
Katakri
F08: Toiminnan jatkuvuuden varmistaminen
Katakri
11.2.1: Equipment siting and protection
ISO 27001
11.2.2: Supporting utilities
ISO 27001
PR.IP-5: Physical operating environment
NIST
See all related requirements and other information from tasks own page.
Go to >
Alarm systems for equipment environment
Use of surge protectors and uninterruptible power supplies (UPS)
Critical
High
Normal
Low
Equipment maintenance and safety
8
requirements

Examples of other requirements this task affects

Toiminnan jatkuvuuden hallinta
Katakri
F08: Toiminnan jatkuvuuden varmistaminen
Katakri
11.2.2: Supporting utilities
ISO 27001
PR.IP-5: Physical operating environment
NIST
7.11: Supporting utilities
ISO 27001
See all related requirements and other information from tasks own page.
Go to >
Use of surge protectors and uninterruptible power supplies (UPS)

Never duplicate effort. Do it once - improve compliance across frameworks.

Reach multi-framework compliance in the simplest possible way
Security frameworks tend to share the same core requirements - like risk management, backup, malware, personnel awareness or access management.
Cyberday maps all frameworks’ requirements into shared tasks - one single plan that improves all frameworks’ compliance.
Do it once - we automatically apply it to all current and future frameworks.
Start free trial
Get to know Cyberday
Start your free trial
Cyberday is your all-in-one solution for building a secure and compliant organization. Whether you're setting up a cyber security plan, evaluating policies, implementing tasks, or generating automated reports, Cyberday simplifies the entire process.
With AI-driven insights and a user-friendly interface, it's easier than ever to stay ahead of compliance requirements and focus on continuous improvement.
Clear framework compliance plans
Activate relevant frameworks and turn them into actionable policies tailored to your needs.
Credible reports to proof your compliance
Use guided tasks to ensure secure implementations and create professional reports with just a few clicks.
AI-powered improvement suggestions
Focus on the most impactful improvements in your compliance with help from Cyberday AI.
Effortless compliance improvement
Widest framework library in EU
Extensive support

Start your compliance journey

Use in MS Teams or use your browser with Slack integration.
Risk free trial. No credit card required. Stop at any time.

Start free 14-day trial
Book a meeting
How it works?
SummarySecurity tasks and assuranceDocumentation workflowsEmployee guidelinesReporting templates
Use cases
By frameworkAll frameworksISO 27001NIS2 directiveNIST CSFCSA CCMISO 27701GDPRISO 27017ISO 27018
By methodCyber risk managementEmployee awarenessCompliance reportingControl managementAsset managementPrivacy managementVendor assessments
Resources
AcademyWebinarsBlogHelp articlesVideo coursesContent libraryGuidesNewsletterLeave a reviewPartner programTeamTerms of usePrivacy policy
Contact us
+358 10 231 6010
team@cyberday.ai
App works in:
Known in Finland as Digiturvamalli
© Cyberday Inc. Kalevantie 2 33100 Tampere, Finland
Cyberday.ai - Improve and certify your cyber security