Does your organization implement automated network monitoring to detect new hardware and update inventory records in real-time?
Explanation
Continuous network monitoring for new hardware is essential for maintaining an accurate asset inventory and identifying unauthorized devices that could pose security risks. Without automated detection, organizations may have blind spots in their network where unmanaged or rogue devices could operate undetected, potentially creating entry points for attackers or data exfiltration paths.
Evidence of fulfillment could include screenshots of a network access control (NAC) system dashboard showing newly detected devices, documentation of the automated inventory update process, or reports from tools like network scanners or endpoint management systems that show timestamps of when new devices were detected and added to inventory.
Implementation Example
Constantly monitor networks to detect new hardware and automatically update inventories
ID: ID.AM-01.121
Context
- Function
- ID: IDENTIFY
- Category
- ID.AM: Asset Management
- Sub-Category
- Inventories of hardware managed by the organization are maintained
Related questions
- Does your organization maintain comprehensive inventories of all hardware assets, including IT equipment, IoT devices, operational technology (OT), and mobile devices?
- Does your organization maintain a comprehensive inventory of all software and services, including commercial, open-source, custom, API, and cloud-based applications?
- Does your organization implement continuous monitoring for software and service inventory changes across all platforms, including containers and virtual machines?
- Does your organization maintain a comprehensive inventory of all systems within your environment?
- Does your organization maintain documented baselines of expected network communication patterns and data flows for both wired and wireless networks?
- Does your organization document and maintain baselines of expected communication patterns and data flows with third parties?

