1. The purpose of identifying IT assets and inventory is to evaluate assets and track them.
2. The asset classification is to determine possible critical problems that need an immediate plan of action.
3. I picked HIPPA. Customer privacy elements are insurance information, account numbers, claim numbers and other private health insurance related items.
4. Website classification is minor in contrast to the e-commerce server because the server potentially holds more personal information than the website itself.
5. Customer privacy data and intellectual property assets are critical because they hold personal information that can pose a potential threat if exposed.
6. Security controls for recent compliance law requirements for HIPPA
7. Data Classification Standard helps with asset classification by defining which class it falls into by definition.
8. Minimizing leakage of customer privacy data through the public network would be possible through data encryption, server firewalls.
9. Security controls and security countermeasures to help protect the Master SQL Database that houses customer privacy data and intellectual property assets.
10. The Mock IT infrastructure in combination with the data classification, those that are major should be planned to decrease the possibility.
11. The organization can document the IT Asset list , Risk analysis and plans to handle mitigations and a log of these procedures.
13. The location is important so the company will know where to start to protect it and audit.