Have an up-to-date inventory of workstations and servers
The objective is to have up-to-date knowledge of all servers and workstations in use. This understanding helps you identify possible attack vectors and essential assets for your organization. In case of an incident it can help you to detect where the problem comes from and potentially which supplier you need to contact. Keeping an inventory of your IT assets allows you to understand the scope of your essential assets. It also helps you to identify those resources that are no longer used but have not yet been decommissioned.
Maintain a list of all PC's and Laptops that connect to your network, including basic information as who is the owner of the device.
Maintain a list of all the servers in your network. Categorise them by different server-types, based on purpose and/or operating system.
For each server-type (e.g. Linux mail Server, Windows File Server), a different risk assesment will be needed