ID.AM-05—Assets are prioritized based on classification, criticality, resources, and impact on the mission
>Control Description
This asset management subcategory ensures that assets are prioritized based on classification, criticality, resources, and impact on the mission. Key activities include: Define criteria for prioritizing each class of assets; Apply the prioritization criteria to assets; Track the asset priorities and update them periodically or when significant changes to the organization occur.
>Cross-Framework Mappings
PCI DSS v4.0.1
via NIST OLIR Catalog>Informative References
Official NIST mappings to external frameworks and standards. Source: NIST CSF 2.0
CCMv4.0
CEK-04
DCS-05
DSP-04
CIS Controls v8.0
3.7
CIS Controls v8.1
3.7
CRI Profile v2.0
ID.AM-05
ID.AM-05.01
ID.AM-05.02
CSF v1.1
ID.AM-5
CoP
A1
ISO/IEC 27001:2022
Mandatory Clause: None
Annex A Controls: 5.9
Annex A Controls: 5.12
Annex A Controls: 5.13
NICE Framework
DD-WRL-001
DD-WRL-002
IO-WRL-002
IO-WRL-003
IO-WRL-004
IO-WRL-005
OG-WRL-011
OG-WRL-015
PCI DSS
12.3.1
6.3.1
9.5.1.2.1
10.4.2.1
11.6.1
SCF
AST-04.1
BCD-02
TPM-02
SP 800-221A
MA.RI-1
SP 800-53 Rev 5.1.1
RA-03
RA-09
RA-02
SP 800-53 Rev 5.2.0
RA-03
RA-09
RA-02
SP-800-37 Rev 2
RMF Prepare Step (Organization & Mission/Business Levels): TASK P-3 Risk Assessment—Organization
RMF Prepare Step (Organization & Mission/Business Levels): TASK P-6 Impact-Level Prioritization (Opt
RMF Prepare Step (System Level): TASK P-8 Mission or Business Focus
RMF Prepare Step (System Level): TASK P-10 Asset Identification
RMF Prepare Step (System Level): TASK P-14 Risk Assessment—System
Ask AI
Configure your API key to use AI features.