2.4: Utilize Automated Software Inventory Tools
Utilize software inventory tools, when possible, throughout the enterprise to automate the discovery and documentation of installed software.
Asset Type |
Security Function |
Implementation Groups |
---|---|---|
Applications |
Detect |
2, 3 |
Dependencies
Safeguard 1.1: Establish and Maintain Detailed Enterprise Asset Inventory
Safeguard 2.3: Address Unauthorized Software
Inputs
GV1
: Enterprise asset inventoryGV7
: Software capable assetsList of software inventory tools
Operations
Use
GV1
andGV7
to identify and enumrate assets unable to support sofware (M2).- For each software capable asset
GV7
Identify and enumerate if the asset is covered by at least one software inventory tool (M3)
Identify and enumerate if the asset is not covered by at least one software inventory tool (M4)
- For each software capable asset
Measures
M1 = Count of
GV7
M2 = Count of assets unable to to support software
M3 = Count of assets covered by software inventory tools
M4 = Count of assets not covered by software inventory tools
M5 = Count of Input 2
Metrics
If M5 is 0 or unavailable, then this safeguard is measured at a 0 and receives a failing score. The other metrics don’t apply.