Asset Management
75% complete
1 section left
Back to Courses
Chapter 1: Introduction to Asset Management
Chapter 2: Asset Discovery and Inventory
Chapter 3: Common Pitfalls
Asset Management: Key Takeaways & Conclusion

Chapter 3: Common Pitfalls

Underestimating the importance of Asset Management

One of the most common—and most dangerous—mistakes in cybersecurity is neglecting asset management altogether. Many organizations either underestimate its importance or assume they can secure their environment without a structured inventory. Yet, failing to track assets, their locations, ownership, and contents leaves security efforts ineffective, reactive, and full of blind spots.

Relying solely on RMM tools

While RMM tools are excellent for tracking technology assets such as computers, software, and logins, they do not capture the full range of assets needed for comprehensive asset management. Important non-technical assets, such as process documentation and operational workflows, are often ignored. For example, if a CFO is unavailable due to unforeseen circumstances, having detailed process documentation ensures business continuity. An RMM tool acts as a register of technology assets but does not provide a complete asset inventory or indicate who the decision makers are—a key detail that can be outlined using a RACI (Responsible, Accountable, Consulted, Informed) chart.

Lack of granularity

Striking the right balance in asset categorization is crucial. An inventory that is too high-level—e.g., “42 workstations”—lacks the detail needed for effective risk management and incident response. On the other hand, overly granular inventories with thousands of tracked items can become difficult to maintain. The goal is to reach a level of detail that supports business continuity. For example, listing “Workstation #1: HR workstation” with attributes such as “type of data: PII” and “owner: HR department” provides enough context without becoming overwhelming. This level of detail helps identify which assets hold critical data and require prioritized protection.

Outdated Asset Inventory

Maintaining an updated inventory is essential for effective asset management. An outdated inventory can lead to significant security gaps and make incident response ineffective. Regular updates and a clear process for maintaining the inventory are key to ensuring its accuracy and relevance. Organizations should establish a process for reviewing and updating the inventory, including verifying that assets are still in use and ensuring that stakeholders are aware of any changes.

« Previous Chapter Next »