Asset inventory

NIS2 asset inventory for ICT suppliers

A clear inventory connects digital services, systems, data and suppliers. Without it, risk assessment, incident planning and evidence checklists remain weak.

What to include

Delivered services, applications, infrastructure, processed data, critical suppliers, internal owners and operational dependencies.

Link with risk

Each critical asset or service should be connected to risk scenarios, existing controls and possible impacts.

Use in questionnaires

An updated inventory makes it easier to answer questions about systems, hosting, backup, access, suppliers and data.

ReadyKit output

The ReadyKit generates an Asset & Service Inventory ready for review and inclusion in the supplier evidence pack.

Note: this material supports documentation readiness. It is not certification, an official audit or legal advice.