# Asset Register The **Asset Register** in Sprinto serves as the central repository for all assets relevant to an organisation's security and compliance posture. It consolidates both automatically discovered assets from integrated systems and manually added assets, enabling complete visibility and tracking of infrastructure, endpoints, codebases, and people across your organisation. The register is structured into two main categories: * **Auto-discovered assets:** Retrieved through integrations configured in the Security Hub. These include Infrastructure, Staff Devices, Code Repositories, and People. * **Custom assets:** Manually added assets that Sprinto cannot fetch due to integration limitations, such as on-premise servers, CCTV systems, or backup generators. Together, these asset types support a unified approach to asset-based risk evaluation, compliance monitoring, and evidence collection. *** ### Key Benefits * **Centralised Asset Inventory:** View all assets across cloud, device, human, and software domains in a single interface. * **Compliance Alignment:** Tag assets as *In Scope* or *Out of Scope* to map them to relevant compliance requirements. * **Risk Assessment Foundation:** Supports Asset-Based Risk Assessment (ABRA) by identifying risks tied to each asset category. * **Ownership and Traceability:** Assign owners and metadata to each asset to ensure accountability. * **Bulk Upload Capabilities:** Quickly onboard custom assets using a CSV-based upload template. *** ### Sections Within the Asset Register
SectionDescription
Auto-discoveredDisplays assets retrieved automatically via integrations. Tabs include:
Infrastructure: e.g., EC2, S3, Lambda (from AWS/Azure)
Staff Devices: e.g., employee laptops, enrolled via Dr. Sprinto/Rippling
Code Repos: GitLab, GitHub, Bitbucket, Azure DevOps repositories
People: Staff members with compliance status and roles
Custom assetsIncludes manually uploaded assets not supported via integrations.
• Add assets individually or in bulk
• Organise by asset groups
• Add metadata: owner, scope, notes, and classification
*** ### Use Cases
ScenarioDescription
Compliance audit preparationRetrieve a full list of production assets for SOC 2, ISO 27001, or GDPR audits
Device scope classificationTag employee devices as In Scope or Out of Scope for onboarding and offboarding checks
Code repository trackingView classification and ownership of repos across integrated Git providers
Manual asset trackingRegister on-prem systems, backup generators, and legacy infrastructure manually
Asset-based risk evaluation (ABRA)Use asset-level visibility to evaluate exposure and prioritise remediation
Bulk onboarding of unmapped assetsUpload multiple assets at once using the bulk CSV template
Ownership visibility for audit trailsIdentify asset owners to assign responsibility and streamline incident response
--- # Agent Instructions: Querying This Documentation If you need additional information that is not directly available in this page, you can query the documentation dynamically by asking a question. Perform an HTTP GET request on the current page URL with the `ask` query parameter: ``` GET https://docs.sprinto.com/data-library/asset-register.md?ask= ``` The question should be specific, self-contained, and written in natural language. The response will contain a direct answer to the question and relevant excerpts and sources from the documentation. Use this mechanism when the answer is not explicitly present in the current page, you need clarification or additional context, or you want to retrieve related documentation sections.