Application Inventory


Keeping an accurate, up-to-date application inventory list allows you, your department, and the IT Security Office to collaborate and quickly respond to security incidents.


  1. Maintain a list of applications used by your department. The application list should at least include the following details.
  • What is the purpose of the application?
  • What is the risk classification of the application (low, medium, or high)?
  • Who is responsible for maintaining the application (name, email, and phone number)?
  1. Send the IT Security Office a list of high risk applications and their URLs (if applicable).
  2. Update the application list annually.


If you have questions that are not covered in this procedure, please contact the Virginia Tech IT Security Office at for a consultation.