13.1: Maintain an Inventory of Sensitive Information
CSF v1.1 References:
Next Version:
- Critical Security Controls Version 8:
- 3.2: Establish and Maintain a Data Inventory
Control Statement
Maintain an inventory of all sensitive information stored, processed, or transmitted by the organization’s technology systems, including those located on-site or at a remote service provider.
[csf.tools Note: For more information on the Critical Security Controls, visit the Center for Internet Security.]