Managing physical assets only

Realizing value from assets

Cybersecurity management

Information technology management

Any physical item

Any entity with potential value

Only physical assets

Only digital assets

Managing financial assets

Identifying and mitigating security risks

Inventory management

Enhancing employee productivity

Assessing risks

Defining protection responsibilities

Managing financial assets

Conducting internal audits

Managing physical assets

Assessing cybersecurity risks

Determining security classification levels

Financial management

Chief Financial Officer (CFO)

Information owner or delegate

Chief Information Security Officer (CISO)

Human Resources Manager

Assessing security risks

Preventing unauthorized disclosure of information

Conducting internal audits

Classifying information assets