Your browser version is outdated. We recommend that you update your browser to the latest version.


Asset Identification and Valuation

We can identify and document the business value for IT assets within the scope of an assessment. The list (i.e. Statement of Sensitivity) can value the assets according to organization pre-established ratings or industry recognized values.


Collect data from documentation, briefing and interview sessions that identify business critical IT assets and their relative value or importance to the organization.

Expected Outcome(s):

A Statement of Sensitivity (SoS) is an Asset Identification and Valuation that provides a detailed description of the system or application from both an operational perspective and a technical perspective. It also provides a list of the valuable or essential assets forming the IT system with an appreciation of the worth of each asset from a financial or business perspective.

The SoS describes the asset values in terms of their confidentiality, integrity, and availability ratings for each critical asset.

  • Confidentiality: ensuring that information is accessible only to those authorized to have access;
  • Integrity: safeguarding the accuracy and completeness of information and processing methods; and
  • Availability: ensuring that authorized users have access to information and associated assets when required.

The SoS can identify the current security controls or safeguards in place which support the system or related assets.