Data Inventory Form?

[Chet Langin <clangin () SIU EDU>]

Hello,

Can anyone recommend a standardized data inventory form?  What we want to do is pass this form around to users and 
administrators in
order for them to indicate if they have sensitive information on their computer equipment, such as socials, credit card 
numbers, and
driver's license numbers, whether or not it is encrypted, what software is using the data, who owns the data, who 
maintains the
data, and who maintains the systems.  Plus things like the IP addresses, domain names, and type of hardware.  They will 
be returning
these forms to the information security unit which will then have to maintain the data.  Then, are there any ideas on 
how to store
this data?  By IP address, LAN admin, dept, or "all of the above"?  We want to know where our sensitive data is at!  :-)


--
Chet Langin
SIU Information Security Analyst

Attachment: smime.p7s
Description: