3.2: Establish and Maintain a Data Inventory

CSF v1.1 References:

ID.AM-5

Group:

Previous Version:

Critical Security Controls Version 7.1:
13.1: Maintain an Inventory of Sensitive Information

Control Statement

Establish and maintain a data inventory, based on the enterprise’s data management process. Inventory sensitive data, at a minimum. Review and update inventory annually, at a minimum, with a priority on sensitive data.

[csf.tools Note: For more information on the Critical Security Controls, visit the Center for Internet Security.]

Control Statement

Related Controls

NIST Special Publication 800-53 Revision 5

NIST Special Publication 800-53 Revision 4