Build a governed asset register with automated discovery, ownership tracking, and audit-ready evidence.
The challenge
Spreadsheet-based asset registers drift immediately. Shadow IT goes untracked. Audit scope becomes impossible to determine.
How Fig helps
Assets aggregate from hardware, cloud, domain scanning, and integrations with automatic conflict resolution.
Every asset has a documented owner with reassignment workflows, approval chains, and full audit trail.
Fig ingests signals from connected tooling to build a live register of assets in your estate, including their security configuration and compliance status.
Track provisioning, changes, reviews, and decommissioning with timestamped evidence at every stage.
Structured evidence packs include lifecycle records, review history, and reconciliation events.
Audit-ready workflow
Asset Discovery should not be treated as a standalone tool surface. In Fig it is part of a governed workflow: a signal is captured, an owner is assigned, a control or risk is updated, and evidence is retained so the organisation can prove what happened later.
Lifecycle
The Discover phase is where this capability sits in the wider Fig operating model. Spreadsheet-based asset registers drift immediately. Shadow IT goes untracked. Audit scope becomes impossible to determine. Fig turns that problem into a repeatable lifecycle so MSPs, risk teams, and auditors are not relying on static spreadsheets or ad hoc screenshots when a buyer asks for proof.
Evidence captured
For asset discovery, useful evidence normally includes the triggering record, the affected asset or supplier, the control requirement, the assigned owner, the decision made, the timestamp, and the outcome. That evidence is mapped back to frameworks such as Cyber Essentials, ISO 27001, NIS2, DORA, GDPR, CMMC, and internal policy requirements where relevant.
Implementation checks
Useful references
The exact evidence required still depends on your scope, risk profile, sector, and framework obligations.
Built for you
Multi-client standardised registers with continuous discovery. One view across all customers.
Learn moreVulnerability, incident, and risk records attached directly to assets. Full traceability.
Learn morePre-assessment evidence documentation. Scope definition backed by live data.
Learn moreCommon questions
Fig operates as a governance layer above your existing tools. It adds compliance tracking and ownership documentation without replacing your CMDB.
Fig connects directly to AWS, Azure, and GCP via API integrations and continuously discovers new resources as they are provisioned.
Yes. Multi-tenant isolation ensures each client environment is separated while providing portfolio-level visibility for MSPs.
Most organisations see a complete initial register within 48 hours of connecting their first integrations. Cloud resources appear within minutes. On-premise discovery depends on agent deployment, but the majority of clients have full coverage within a week.
Fig tracks the full lifecycle. When an asset is marked for decommissioning, it moves through an approval workflow, retains its compliance history, and is archived with a timestamped record. Auditors can still access historical evidence for decommissioned assets.
Next step
Book a walkthrough tailored to your frameworks and tooling.
We only load non-essential analytics and advertising tags after explicit consent. You can review our cookie register in the cookie policy section and update your choice at any time via “Cookie settings” in the footer.