Embedded Files
Overview
Overview
The Assets page in Maple GRC is the single place to catalogue everything your department relies on: software, hardware, and virtual or cloud resources. A clean, accurate inventory lets Maple align controls, assign owners, and produce audit-ready evidence for CyberSecure Canada.
Accessing the Assets Page
Accessing the Assets Page
Go to app.maplegrc.com.
Log in with your account credentials.
From the homepage, navigate to the Assets Page section.
Navigate Between Asset Categories
Use The Assets Section to Navigate Between Asset Categories:
Software Assets — View and manage software records.
Hardware Assets — View and manage physical devices.
Virtual Assets — View and manage cloud accounts, websites, and other virtual resources.
This Module Enables You to
Add assets: Create new asset records and assign categories.
Assign owners: Link owners, operators, and classifications to each asset.
Export inventory: Download the inventory for audits and evidence.
Edit or retire: Update asset details or retire assets when no longer used.
Page Layout and Controls
Page Layout and Controls
Page actions (top right)
Page actions (top right)
Export: Generates a PDF report of the assets currently listed in the selected sub-tab. Use it for quick handoffs or audit packs.
Add to Evidence: Captures a point-in-time copy of the current assets list to your evidence library for compliance.
How this page works: Opens a brief walkthrough explaining the page layout and key functions .
Add a New Asset
Add a New Asset
Click Add Asset in the sub-tab you want (Software, Hardware, or Virtual).
Fill out the form fields described below.
Click Save.
Add Hardware Assets
Add Hardware Assets
Example:
Your organization’s physical technology assets such as laptops, servers, mobile devices, desktops or network equipment. These should be documented and tracked as Hardware Assets.
Note: This category only covers technology-related physical assets for cybersecurity purposes. Do not include buildings or physical office spaces.
Add a virtual asset
Add a virtual asset
Choose Hardware Assets under assets umbrella
Click Add Hardware asset
Choose the hardware asset, search for the model, for example;
Apple → Desktop Computer Apple iMac, Desktop Computer Apple Mac Mini, Desktop Computer Apple Mac Pro
Dell → Desktop Computer Dell Inspiron, Desktop Computer Dell XPS, Desktop Computer Dell OptiPlex
HP → Desktop Computer HP Pavilion, Desktop Computer HP ENVY, Desktop Computer HP OMEN
Lenovo → Desktop Computer Lenovo ThinkCentre, Desktop Computer Lenovo IdeaCentre, Desktop Computer Lenovo Legion
.....and so on for the remaining hardware assets in the list.
After adding a new asset, go to the “How to Fill the Required Data for Software/Hardware/Virtual Asset” section below to find a guide on how to fill it
Note: You do not need to add every single device. If you have five laptops of the same model, add the model once. Security controls are applied to the asset type, not the quantity.
Add Software Assets
Add Software Assets
Example
Example
Your organization may use a variety of software solutions such as applications, APIs, or cloud services. These can be documented and managed as Software Assets.
Add a software asset
Add a software asset
Choose software Assets under assets umbrella
Click Add software asset
Choose the Account Type:
From the “Select Vendor” list, choose the relevant software asset that matches the service you're adding. For example:
Aloware → Aloware iPro, Aloware uPro, Aloware xPro
Google Cloud Platform → Apigee Edge for Private Cloud on GCP, Apigee Edge for Public Cloud, Apigee X
Google Workspace → Apps Script, Endpoint Management, Google Workspace, AppSheet Core
.....and so on for the remaining software assets in the list.
After adding a new asset, go to the “How to Fill the Required Data for Software/Hardware/Virtual Asset” section below to find a guide on how to fill it
Add Virtual Assets
Add Virtual Assets
Example
Example
Your organization’s website or social media account(linkedin).
Add a virtual asset
Add a virtual asset
Choose Virtual Assets under assets umbrella
Click Add virtual asset
Choose the Account Type:
From the “Select Vendor” list, choose the relevant Account Type according to the platform you want to add. For example:
Meta → Facebook Account or Instagram Account
Google → YouTube Account
Microsoft → LinkedIn Account
X Corp → Twitter Account
Web Application
Website
After adding a new asset, go to the “How to Fill the Required Data for Software/Hardware/Virtual Asset” section below to find a guide on how to fill it
How to fill The Required Data for Software/Hardware/Virtual Assets:
Provide the technical owner's email — the person who manages the asset in the organization
Operating System — select the OS (e.g., Windows 10/11, macOS, Ubuntu, Cisco IOS). This field applies to hardware assets only, not to virtual or software assets.
Tick the check boxes if applicable:
Automatic patching — indicate whether automatic patching is supported.
Backups — indicate whether backups are allowed; if yes, set the backup frequency: daily, monthly, weekly or quarterly. Backup frequency applies only to Software Assets.
Multi-factor authentication (MFA) — indicate whether MFA is supported.
Critical — indicate whether the asset is critical. (Critical asset: contains critical information or its failure would stop business operations.)
Software Asset Ownership
Software Asset Ownership
When adding a Software Asset, specify who owns the data by choosing one of the following:
Customer
Organization
The data is jointly owned by both the organization and the customer.
Note: This applies only to Software Assets.
Hardware Asset Ownership
Hardware Asset Ownership
When adding a Hardware Asset, whether the device is owned by
The organization
Individual users.
Note: This applies only to Hardware Assets.
Asset Management
Asset Management
Select Who Manages the Asset, Choose one of the following options:
User → Select the appropriate User from the dropdown list.
Organization → Select the relevant Department.
Vendor → Select the responsible Vendor.
Data Classification for Assets
Data Classification for Assets
Check Confidentiality
If the asset stores critical or confidential information, tick the checkbox to enable this section.
If not, leave it unchecked.
Note: for virtual assets, most websites do not store confidential data, so this section will often not apply.
If the asset stores confidential information, complete the required Fields
Data ownership — owned by the customer, owned by the organization, or shared
Select the appropriate Data Classification level.
Enter the Data Location where the information is stored.
Once all applicable fields are completed, click Save to apply the updates.'
Why Adding Assets Matters
Why Adding Assets Matters
MapleGRC uses your assets, together with your organization context and users, to generate cybersecurity policies that fit your organization.
Assets help MapleGRC evaluate risk at the asset level and determine which technical controls need to be implemented.
Incident response plans are tied to asset types, so each plan defines what steps to take when incidents affect those assets.
Maintaining an asset inventory is a requirement in CyberSecure Canada. By adding assets to the MapleGRC inventory, your organization meets the requirement to develop and maintain a list of its information systems and assets.
Page updated
Report abuse