Understanding the Asset Register
The Asset Register records the systems, software, data stores, platforms, device groups, integrations, and digital services your organisation relies on or must protect. Assets are not the same as vendors — vendors are third parties; assets are the things your organisation uses or owns. Vendors and evidence can be linked to an asset to show how it is supported.
Open the Compliance workspace, switch to the Registers group, and select Assets. Add your most critical assets first — anything that holds sensitive data, customer information, or is core to operations.
A current asset register is foundational to defensible governance. It answers "what do we have, who is responsible, and is it being looked after?" — questions auditors, insurers, and incident responders ask first.
As you populate the register, link related vendors and evidence, and set review dates. Asset reviews then surface in Cadence, and asset changes appear on the Defensibility Timeline.
