Logo Enveedo - horizontal tipo blanca.webp
Back to Enveedo
Welcome to the Enveedo Knowledge Hub
Getting Started
Platform Overview
Initial Setup and Onboarding
Initial Setup
Initial Setup
Complete Business Profile
View Risk Scorecard
Add Security Stack
Connect Critical Systems (Integrations)
Invite Team Members
Setup Your Vulnerability Scan
Program Development
Program Development
Review Findings
Complete Crown Jewel Analysis
Update Risk Register
Complete an Assessment
Module Details
Role Base Management
Asset Management
Asset Management
Systems & Applications
People
Vendor Management
Vendor Management
Training Videos
Self-Assessments Based on Frameworks
Risk Creation and Management
Vendor Management and Documentation
Asset Management and Tracking
Creating and Managing Cybersecurity Incidents
Cybersecurity Stack
Control catalog
Home
Getting Started
Program Development
Complete Crown Jewel...
Complete Crown Jewel Analysis

Purpose: Identify and prioritize your organization's most critical assets through a structured categorization process, then connect them to specific IT systems and services to enable comprehensive risk management.

 

How the Analysis Works: The Crown Jewel Analysis is a collaborative, multi-phase process that ensures organization-wide alignment on asset priorities through individual assessment followed by stakeholder consensus building.

 

Individual Assessment Each key stakeholder completes the analysis independently to capture diverse perspectives across the organization.

 

Step 1: Category Selection and Prioritization Select from predefined asset categories and organize them into three priority levels using drag-and-drop interface.

 

Available Crown Jewel Categories:

  • Application Source Code: Proprietary software and development assets
  • Confidential Customer Data: Sensitive customer information and records
  • Corporate Secrets: Strategic information and competitive advantages
  • Critical Infrastructure Services: Essential operational systems and services
  • Financial Information: Financial records, payment data, and monetary assets
  • Intellectual Property: Patents, trade secrets, and proprietary knowledge
  • IT Operations: Core technology infrastructure and systems
  • Marketing Assets: Brand materials, campaigns, and market intelligence
  • Operational/Production Impact: Business processes critical to operations
  • Payment Card Industry Information (PCI): Credit card and payment data
  • Personal Identifiable Information (PII): Individual privacy data
  • Pricing Information: Commercial pricing strategies and data
  • Protected Health Information (PHI): Medical and health-related data
  • Research and Development: Innovation projects and future products
  • Strategic Plans: Business strategy and planning documents

 

 

Prioritization Levels:

  1. Critical Priority (Up to 3 selections): Assets whose compromise would cause immediate, severe business impact.
  2. High Priority (Up to 7 selections): Assets that are very important but not immediately business-critical.
  3. Important Priority (Up to 10 selections): Assets that matter to business operations but have manageable impact if compromised.

 

 

Step 2: Business Justification For each selected category, provide specific justification explaining why this asset type qualifies as a crown jewel for your organization.

 

Step 3: Asset Mapping Identify and document the specific IT systems, applications, and services that store, transfer, or process data related to each crown jewel category.

 

 

Phase 2: Stakeholder Alignment Session After individual assessments are complete, key stakeholders meet to review all responses, discuss differences in perspective, and vote on final priorities. This collaborative process ensures:

  • Cross-functional input: Different departments provide unique insights on business asset criticality
  • Consensus building: Group discussion resolves conflicting priorities and builds alignment
  • Executive validation: Leadership confirms that final priorities align with business strategy
  • Clear directive: Organization emerges with unified understanding of what matters most

 

 

Typical Stakeholders Include:

  • Executive leadership (CEO, CTO, CISO)
  • Department heads (Operations, Finance, IT, Legal)
  • Risk managers and compliance officers
  • Key operational personnel with expertise

 

Asset Mapping Examples:

  • Customer Database Systems: Applications and databases containing confidential customer data
  • Development Infrastructure: Source code repositories, build systems, and development environments
  • Financial Systems: ERP systems, payment processors, and accounting applications
  • Infrastructure Services: Core network services, authentication systems, and operational platforms

 

Analysis Outputs and Integration:

  • Risk Register Enhancement: Crown jewel status automatically elevates the priority of related risks and vulnerabilities
  • Asset Detail Population: Identified systems become part of your comprehensive asset inventory
  • Vendor Risk Identification: Vendors supporting crown jewel assets are flagged for enhanced risk assessment
  • Security Control Prioritization: Crown jewel assets receive priority for security control implementation

 

Business Value: This comprehensive mapping enables Enveedo to provide more accurate risk assessments by understanding which technical vulnerabilities could impact your most critical business assets, ensuring security investments align with actual business priorities.

 

Did this answer your question?