Keeping an accurate, up-to-date application inventory list allows you, your department, and the IT Security Office to collaborate and quickly respond to security incidents.
- Maintain a list of applications used by your department. The application list should at least include the following details.
- What is the purpose of the application?
- What is the risk classification of the application (low, medium, or high)?
- Who is responsible for maintaining the application (name, email, and phone number)?
- Send the IT Security Office a list of high risk applications and their URLs (if applicable).
- Update the application list annually.
If you have questions that are not covered in this procedure, please contact the Virginia Tech IT Security Office at email@example.com for a consultation.