From the CISA.gov Ransomware Guide:

□ Understand and inventory your organization’s IT assets, both logical (e.g., data, software) and physical (e.g., hardware).

□ Understand which data or systems are most critical for health and safety, revenue generation, or other critical services, as well as any associated interdependencies (i.e., “critical asset or system list”). This will aid your organization in determining restoration priorities should an incident occur

□ Use the MS-ISAC Hardware and Software Asset Tracking Spreadsheet: See link below*

https://www.cisa.gov/sites/default/files/publications/CISA_MS-ISAC_Ransomware%20Guide_S508C_.pdf

https://www.cisecurity. org/white-papers/cis-hardware-and-software-asset-tracking-spreadsheet/