F7_ASID Asset Identification Viewpoint

Domain	Aspect	Maturity
Functional	Safety & Security	proposed

Example

Purpose

The Asset Identification viewpoint defines the assets that must be taken into account in the risk analysis. This is the first step of the risk management process according to DIN EN ISO/IEC 27005:2024-05.

Applicability

The Asset Identification Viewpoint supports the activity “Identifying and describing information security risks” [§7.2.1] within the “Information security risk assessment process” according to DIN EN ISO/IEC 27005:2024-05. It contributes to the Asset-based approach which identifies threat scenarios regarding assets and their vulnerabilities.

This viewpoint also supports the approach of the “Risk management process” according to ISO 15288 [§6.3.4] by enabling the definition of the context of the Risk Management process.

Presentation

Stakeholder

• Security Expert
• System Architect

Concern

• What are the assets that need protection?

Profile Model Reference

The following Stereotypes / Model Elements are used in the Viewpoint:

• SAF_Asset
• SAF_SecurityObjective
• SAF_PhysicalResource
• SAF_LogicalResource
• SAF_SystemDomainKindAsset
• SAF_FunctionAsset
• SAF_SecurityContext

Related Viewpoints

Required Viewpoints

Recommended Viewpoints