ID.AM-1

Physical devices and systems are inventoried

Identify · Asset Management

Semi-Automated

Compliance Score

72%

Partially Compliant

Documentation Maturity

3/ 5

Target: 2.5

Implementation Maturity

3/ 5

Target: 2.5

Control Description

The organization maintains an up-to-date inventory of all physical devices and systems (servers, workstations, laptops, mobile devices, network equipment, printers, IoT devices) connected to the network.

Microsoft Graph API Endpoints Used

GET /deviceManagement/managedDevicesGET /deviceManagement/detectedApps

Required Permissions

DeviceManagementManagedDevices.Read.All

Findings (1)

14/20 items compliant

Severity	Finding	Recommendation
medium	Improvement needed: Physical devices and systems are inventoried Current implementation does not fully meet the requirements of ID.AM-1.	Enroll all devices in Microsoft Intune for automated inventory. For unmanaged devices (printers, IoT), maintain a manual inventory spreadsheet or CMDB. Review inventory quarterly.

Severity

Finding

medium

Improvement needed: Physical devices and systems are inventoried

Current implementation does not fully meet the requirements of ID.AM-1.

Remediation Guidance

Enroll all devices in Microsoft Intune for automated inventory. For unmanaged devices (printers, IoT), maintain a manual inventory spreadsheet or CMDB. Review inventory quarterly.