The term information assets was first introduced in the 1994 Hawley Report Within this report Information assets were defined as a collection or single piece of data that is documented organised and managed which has financial value or potential value to a business Information can become out of date inaccurate or irrelevant to a business which causes the value it to depreciate There are many factors that can affect this for example the direction of the business The benefits of information assets are often found in the internal business processes While information assets may underpin important revenue generating activities there may be no benefits in monetary terms However It is essential that assets of any kind whether they are hardware software or information should be protected from criminal or unauthorised access use disclosure alteration destruction and or theft which all result in a loss to the organisation The quality of data that forms the information asset itself is the uttermost priority The quality of information is determined by the following Degree of accuracy Comprehensively Credibility Relevance Simplify Validity
There is no comprehensive or consistent approach in identifying information assets as the definition of assets can vary across organisations However the most recognised approach is that assets should be evaluated and categorised first Some examples of types of information are Market and customer information Product information Business process information Management information and plans Human resource information Supplier information The evaluation of information assets Since the Cyberspace and the business world have crossed paths it has become essential to focus on information evaluation and security The security risk and the evaluation of that risk need to be measured against the asset s value and the impact consequences of a breach Evaluation of information assets is done through the classification of assets according to the threats level low moderate critical Regardless of the size of a business without the understanding of key business information it isn't possible to fully protect and utilise it to its full potential The UK Accounting Standard for Goodwill and Intangible Assets FRS 10 ASB 1997a recommended three methods which could be used to value intangible assets in UK companies
These are The amount for which such an asset could be sold The difference between cost and fair value if it has been purchased with reference to the active market where frequent buying and selling of such an asset takes place A good way to indicate whether data is an information asset is by asking the following questions Does the information have a value to the organisation How useful is it Will it cost money to reacquire Would there be legal reputational or financial repercussions if you couldn't produce it on request Would it have an effect on operational efficiency if you could not access it easily Would there be consequences of not having it Is there a risk associated with the information Is there a risk of losing it A risk that it is not accurate A risk that someone may try to tamper with it A risk arising from inappropriate disclosure The criticality to a business Critical assets have the greatest impact on an organisation be it production rate or quality of product or service Information assets cover all ends of the criticality spectrum It is the responsibility of the organisation to establish which assets are important and why and consequently applying the appropriate amount of resources for their care Asset criticality provides us with a method to manage assets through by ranking which are more essential Information assets should be valued to establish how important it is and to consider the cost t of replacing lost information However the cost of information is often not related to its value Information which cost little to acquire may be very valuable in the right circumstances while information which cost a great deal to collect may prove useless
The cost of information is therefore not always a reliable figure on which to base value A cybersecurity risk assessment identifies the various information assets that could be affected by a cyber attack such as hardware systems laptops customer data and intellectual property and then identifies the various risks that could affect those assets Way to access how important information assets are is by cross referencing them against the following points What would be the Impact on the productivity of organisation What contribution does this asset have to decision making product quality the efficiency of operation or working conditions time saving promotion of timely action What contribution to new markets improved customer satisfaction meeting targets and objectives promoting more harmonious relationships Impact on financial position Asset Criticality Ranking ACR is a process of evaluating each asset s importance to the business with a focus on factors such as safety regulatory impact revenue loss and reduced capacity
This practice is based on the level of criticality to the business and uses this a guide in order understand the operations and strategic improvement efforts ACR is a systematic approach to the proactive preservation of critical asset functionality and operation Benefits Eliminates subjectivity of which assets are critical and provides an objective analysis of formal ranking Allows for the application of reliability engineering concepts at the appropriate level for each asset based on criticality Provides an asset ranking profile to prioritize work order planning and scheduling The primary mechanism to prioritize improvement activities when time and resource availability are limited Ensures the most critical assets get adequate attention in proactive maintenance development to minimize failures Provides cost savings by way of NOT deploying valuable resources to mitigate inconsequential failures on the least critical assets
CALCULATE YOUR ORDER
Save on your first order!