ID.AM-01
Inventories of hardware managed by the organization are maintained
Implementation examples
- Ex1: Maintain inventories for all types of hardware, including IT, IoT, OT, and mobile devices
- Ex2: Constantly monitor networks to detect new hardware and automatically update inventories
Mapped NIST 800-53 r5 controls (2)
All informative references (29)
- CCMv4.0: CCC-04
- CCMv4.0: DCS-06
- CCMv4.0: DSP-19
- CCMv4.0: UEM-04
- CIS Controls v8.0: 1.1
- CIS Controls v8.1: 1.1
- CRI Profile v2.0: ID.AM-01
- CRI Profile v2.0: ID.AM-01.01
- CSF v1.1: ID.AM-1
- ISO/IEC 27001:2022: Mandatory Clause: None
- ISO/IEC 27001:2022: Annex A Controls: 5.9
- NICE Framework: DD-WRL-002
- NICE Framework: DD-WRL-009
- NICE Framework: IO-WRL-002
- NICE Framework: IO-WRL-003
- NICE Framework: IO-WRL-004
- NICE Framework: IO-WRL-005
- NICE Framework: OG-WRL-015
- PCI DSS: 12.5.1
- PCI DSS: 9.5.1.1
- PCI DSS: 1.2.3
- PCI DSS: 9.5.1.2
- SCF: AST-02
- SP 800-221A: MA.RI-1
- SP 800-53 Rev 5.1.1: CM-08
- SP 800-53 Rev 5.1.1: PM-05
- SP 800-53 Rev 5.2.0: CM-08
- SP 800-53 Rev 5.2.0: PM-05
- SP-800-37 Rev 2: RMF Prepare Step (System Level): TASK P-10 Asset Identification
Source: NIST Cybersecurity Framework 2.0 · CSF 2.0 → 800-53 mappings sourced from NIST Cybersecurity & Privacy Reference Tool (CPRT) · US government work — attribution requested per NIST Open License Terms. Direct CSF→CWE/CVE cross-references will be added in a Phase B LLM-authored mapping pass (not yet rendered).