# Asset Valuation and Criticality One-sentence definition: Determining business value and criticality of assets to prioritize protection and recovery. ## Key Facts - Value sources: replacement cost, revenue impact, legal penalties, reputation. - Criticality drives RTO/RPO, redundancy, and monitoring. - Use tiers (e.g., Tier 0–3) and map to controls/SLAs. - Validate with BIA and stakeholder review. - Reassess after major changes or incidents. - **Verify:** check official (ISC)² CBK and current exam outline. ## Exam Relevance - Select control investment aligned to asset criticality. **Mnemonic:** “Value → Vigilance.” ## Mini Scenario Q: Two systems: one revenue-critical, one internal—who gets HA? A: The revenue-critical system. ## Revision Checklist - Name 3 valuation factors. - Define criticality tiers. - Tie valuation to RTO/RPO. ## Related [[Business Impact Analysis (BIA)]] · [[RTO, RPO, WRT]] · [[Backups for Data Protection (Domain 2 view)]] · [[Redundancy and Resilience (HA, Clustering, FT)]] · [[Data Inventory and Asset Register]] · [[Domain 2 - Index]]