-- issue 1
For this sub-control, I see this as a consolidation exercise. Where the organization would combine the 4 detection methods together into one list. Starting with a new set of Measures
M1 = Physical inventory (from my 1.1 comments the 207 (100 workstations, 100 IP Phones, 2 printers, 4 servers, and a router)
M2 = detected via Active Scan
M3 = Detect via Passive Scan
M4 = Detected via DHCP assignment
M5 = Any Asset that is not covered by M1 - M4
M6 = Total devices (Union of M1 - M4, tracking all applicable Detection Methods)
M7 = Coverage of all devices vs detection method (Union M2 - M5) / M6
-- issue 1 For this sub-control, I see this as a consolidation exercise. Where the organization would combine the 4 detection methods together into one list. Starting with a new set of Measures
M1 = Physical inventory (from my 1.1 comments the 207 (100 workstations, 100 IP Phones, 2 printers, 4 servers, and a router) M2 = detected via Active Scan M3 = Detect via Passive Scan M4 = Detected via DHCP assignment M5 = Any Asset that is not covered by M1 - M4 M6 = Total devices (Union of M1 - M4, tracking all applicable Detection Methods)
M7 = Coverage of all devices vs detection method (Union M2 - M5) / M6