[corpospec]
Legal pillar · v0.16.0

asset-inventory AssetInventoryEntry

Information-asset record.

$id · https://corpospec.com/schemas/v0.16.0/asset-inventory.schema.json

View raw JSON → ← all schemas

Fields

Field Type Required Description
confidentiality Confidentiality yes Cross-cutting confidentiality classification used across privacy, security, knowledge, IR pillars. Default rendering rule: `corpospec-report` excludes `Restricted | BoardOnly | InvestorOnly` records from public output unless an explicit audience parameter overrides. See BDR 0076 §1.
criticality AssetCriticality yes Classification level (often parallel to Confidentiality but with a separate, more granular axis for risk modelling).
custodian PathRef yes Custodian — operates day-to-day.
description string yes
disposal_method DisposalMethod yes Disposal method (ISO 27001 A.7.14 secure disposal).
entity PathRef yes Path-based cross-reference relative to .corpospec/ root. Pattern: `^[a-z0-9_-]+(/[a-z0-9_.-]+)+$`
id PathRef yes Path-based cross-reference relative to .corpospec/ root. Pattern: `^[a-z0-9_-]+(/[a-z0-9_.-]+)+$`
kind InventoryAssetKind yes Asset kind.
last_reviewed IsoDate yes ISO 8601 date (YYYY-MM-DD).
lifecycle AssetLifecycle yes Asset lifecycle.
location string yes Where the asset lives (physical address / cloud region / system path).
name string yes
next_review_due IsoDate yes ISO 8601 date (YYYY-MM-DD).
owner PathRef yes Owner — has accountability.
pii_class PiiClass yes Personal-data classification on every record carrying personal data, per BDR 0070 / BDR 0069 / BDR 0078. Used by `corpospec-report` to gate rendering and by the privacy pillar's RoPA records to determine safeguards.
provisioned_on IsoDate yes ISO 8601 date (YYYY-MM-DD).
retention_policy string yes Retention narrative.
canonical_ref PathRef? PathRef to the canonical record in another pillar (where applicable; e.g. vendor.rs entry for a vendor asset).
regulatory_implications string? Regulatory implications free-form (e.g. "GDPR Art. 9 special category — DPIA required").
retired_on IsoDate?

Definitions

Shared types referenced within this schema.

AssetCriticality
Classification level (often parallel to Confidentiality but with a separate, more granular axis for risk modelling).
AssetLifecycle
Asset lifecycle.
Confidentiality
Cross-cutting confidentiality classification used across privacy, security, knowledge, IR pillars. Default rendering rule: `corpospec-report` excludes `Restricted | BoardOnly | InvestorOnly` records from public output unless an explicit audience parameter overrides. See BDR 0076 §1.
DisposalMethod
Disposal method (ISO 27001 A.7.14 secure disposal).
InventoryAssetKind
Asset kind.
IsoDate
ISO 8601 date (YYYY-MM-DD).
type: string
PathRef
Path-based cross-reference relative to .corpospec/ root. Pattern: `^[a-z0-9_-]+(/[a-z0-9_.-]+)+$`
pattern: ^[a-z0-9_-]+(/[a-z0-9_.-]+)+$
PiiClass
Personal-data classification on every record carrying personal data, per BDR 0070 / BDR 0069 / BDR 0078. Used by `corpospec-report` to gate rendering and by the privacy pillar's RoPA records to determine safeguards.

Reference in your YAML

# yaml-language-server: $schema=https://corpospec.com/schemas/v0.16.0/asset-inventory.schema.json