Optimum Web
ISO 27001NIS2CR-ISO-03

Asset Inventory & Classification

ISO 27001 asset inventory: catalogue all assets, assign owners, classify C/I/A, define handling rules. Links to risk assessment and SoA. $349.

Asset Inventory & Classification by Optimum Web is a fixed-price compliance service covering ISO 27001 Annex A 5.9–5.13 — Information classification and asset management. It costs $349 with 3–5 business days delivery by senior security engineers. Information asset register (all assets, owners, locations, types). 14-day warranty included.

Covers: ISO 27001 Annex A 5.9–5.13 — Information classification and asset management

$349
Fixed price, VAT excluded
3–5 business daysSenior only
Information asset register (all assets, owners, locations, types)
Classification scheme (confidentiality/integrity/availability levels)
Handling procedures per classification level
Labeling guidance + integration with risk assessment

PayPal failed to load. Please refresh or contact us directly.

Email Us to Order
+373 22 843569
PayPal · SSL
👨‍💻 Senior only
14-day warranty
🆔 CR-ISO-03

This Service Covers

ISO 27001Annex A 5.9–5.13 — Asset inventory, classification, labeling, handling
NIS2Article 21(2)(a) — Information system security

What You Get

Complete information asset inventory and classification for ISO 27001. We catalogue: all information assets (databases, servers, network devices, SaaS services, documents, people), assign owners, classify by confidentiality/integrity/availability (C/I/A) using a 3-level or 4-level scheme, define handling procedures per classification level, and create labeling guidance. The asset register links directly to the risk assessment (CR-ISO-04) and Statement of Applicability.

How It Works

STEP 01
Discovery

Identify all information assets: systems, data, documents, people

STEP 02
Classification

Classify each asset by confidentiality, integrity, availability

STEP 03
Ownership

Assign asset owners responsible for classification and protection

STEP 04
Procedures

Create handling and labeling procedures per classification level

Who Needs This

  • Companies pursuing ISO 27001 needing Annex A 5.9-5.13 controls
  • Organizations that don't know all their information assets
  • Businesses that completed GDPR data mapping and need to extend it to all asset types
  • Companies whose risk assessment needs a proper asset baseline

ONGOING COMPLIANCE

Don't Want to Think About Compliance Every Quarter?

Compliance-as-a-Service: $790/month. We handle reviews, scans, documentation, security questionnaires. Your outsourced compliance officer.

Start CaaS — $790/month

Ready to Start?

$349 · 3–5 business days · 14-day warranty

PayPal failed to load. Please refresh or contact us directly.

Email Us to Order
+373 22 843569

Want ongoing compliance? Compliance-as-a-Service — $790/month

Learn more

Frequently Asked Questions

What counts as an 'information asset' for ISO 27001?+
Everything that stores, processes, or transmits information: servers, databases, laptops, SaaS accounts, paper files, people (they have knowledge too), network devices, and backup media. We typically find 30-80 assets for a mid-size company.
How does classification work?+
We assign levels for each of Confidentiality (Public → Internal → Confidential → Restricted), Integrity (Low → Medium → High), and Availability (Low → Medium → High). Each combination determines the handling requirements.
Can this build on our GDPR data mapping?+
Yes. If you did CR-GDPR-03 (Data Mapping), we use that as a starting point and extend it to non-personal data assets (servers, network devices, code repositories, etc.). Saves 30-40% of the effort.
How does this connect to risk assessment?+
Each asset becomes an entry in the risk register. The classification determines the impact level if the asset is compromised. CR-ISO-04 builds directly on this inventory.
Do we need to classify every single document?+
No. We classify asset categories, not individual documents. 'Customer database' is one asset, not each record. 'HR file share' is one asset. The classification scheme then tells employees how to handle new items in each category.

Also Relevant

ISO 27001

Risk Assessment & Treatment Plan

$490 · 5–7 business days
ISO 27001

ISO 27001 Readiness Assessment

$590 · 5–7 business days
GDPR

Data Mapping & Personal Data Inventory

$390 · 3–5 business days
ISO 27001

ISMS Scope & Policy Document Pack

$490 · 5–7 business days

PayPal failed to load. Please refresh or contact us directly.

Email Us to Order
+373 22 843569