Purpose
Ensure that Perfect Wiki maintains awareness of its information assets and applies appropriate controls to them throughout their lifecycle.
Scope
All logical and physical assets that store, process, or transmit Perfect Wiki or customer data.
Asset categories
- Production cloud resources: Google Cloud project (Firestore databases, Cloud Storage buckets, Pub/Sub topics, Redis instance, Cloud Run / Compute Engine workloads, IAM identities, service accounts).
- Application code & configuration: Source repositories, container images, build artifacts.
- SaaS & vendor consoles: Sentry, Cloudflare, Algolia, Qdrant, Azure OpenAI, Postmark, SendPulse, PostHog, FastSpring, Microsoft Partner Center, Slack App Directory, Google Cloud Console, Bitbucket.
- Endpoints: Personnel workstations used for development and operations.
- Data: Customer content, customer account data, operational logs, backups, billing records.
Inventory
- An asset inventory is maintained covering the categories above, identifying for each asset: owner, business purpose, data category (per the Data Classification Policy), and applicable controls.
- Cloud resources are inventoried natively via Google Cloud Asset Inventory.
- The inventory is reviewed at least annually.
Asset handling
- Each asset is classified per the Data Classification Policy and protected accordingly.
- Asset access is granted per the Access Control & Identity Management Policy.
- Decommissioning of an asset triggers secure data deletion per the Data Classification, Retention & Deletion Policy and revocation of associated credentials.
Roles & responsibilities
- CEO/CTO: Owns the asset inventory and conducts annual reviews.
Review cadence
Reviewed annually.