In the Appendix 1 in the toolkit I bought you are proposing some assets, I need to ask the whole company (management and so on) to give me a list of all the assets and mark whoever the ones that are more critical for our organization. But on what level should we specify the assets?
For example, the ones you specified:
- Part time external employers
- External parties that visiting the organization
Applications and databases
And so on.
If we take some few real examples from our organization, should we specify detailed such as:
*** (helpdesk software, critical for giving good support to our clients)
*** (billing system for our cloud business)
Or should this be classified as a broader category such as your examples?