Cybersecurity Risk Management - Software Platforms

The NIST CSF subcategory ID.AM-2 deals with the inventory of software platforms and applications used in your organization. Most organizations will that creating an inventory of software to be a bit more challenging than creating one for hardware.

When developing the inventory, make sure to take a holistic view of your organization’s operations and functions to build a comprehensive list of the software used in each line of operations.

Similar to the approach used for hardware, automation will play a critical role in the software inventory. Running vulnerability management or scanning software should provide visibility into each scanned system's software.

A recommended inventory management approach would be to keep the hardware inventory and software inventory in a single location or file to facilitate the identification of critical issues if they arise.

========

*** FREE GUIDE ***
https://www.execcybered.com/asset-management

Blog: https://www.execcybered.com/blog
Training: https://www.execcybered.com/iso27001foundationcourse
Linkedin: https://www.linkedin.com/company/exceccybered/
Youtube: https://bit.ly/3BGOtPA

Thanks.
Dr. Bill Souza
CEO | Founder
www.execcybered.com