Home/BoK/Templates/Crown Jewel Registry Template
Back to Hub
Last Reviewed: 2026-06-25
Reviewer Role: Insider Risk / Legal / Privacy review
Advanced Asset
Assets ModuleInteractive Sheet

Crown Jewel Registry Template

A crown jewel registry identifies data, systems, facilities, intellectual property, and business processes whose compromise or misuse would create outsized harm.

Primary Audience & Scope

Data owners, business owners, security leaders, risk teams

When to Use

  • Starting or updating a related process.
  • Preparing a downloadable template or checklist.
  • Documenting a repeatable review.

Interactive Work Area

Fill or track items interactively and copy out to your Clipboard

Template Table Structure

FieldReader input / completion prompt
Asset name
Business owner
Data owner/steward
Asset category
Business impact
Sensitivity drivers
Access populations
Systems/locations
Approved sharing channels
Current controls
Monitoring coverage
Review date

Checklist Audit List

0% Done(0/5)
Check
Checklist item

Name only assets with material business impact.

Evidence: Owner / date / evidence

Assign business owner and data owner.

Evidence: Owner / date / evidence

Document access populations.

Evidence: Owner / date / evidence

Map protection and monitoring coverage.

Evidence: Owner / date / evidence

Review after business, system, or ownership change.

Evidence: Owner / date / evidence

What Completion Looks Like

  • 1Required fields completed.
  • 2Owner and review date captured.
  • 3Legal/privacy review performed where relevant.
  • 4Output linked to related procedure or risk register.

Insider Risk Capability Framework™ (IRCF™) Alignment

Programmatic RelevanceProvides a reusable artifact for accountable insider risk work.
Non-legal-advice Compliance NoteThis resource is a planning aid and does not provide legal advice. Organizations should adapt it to their policies, jurisdictions, labor obligations, privacy requirements, contracts, and risk appetite. Sensitive monitoring, investigation, employment, evidence, legal hold, and employee-data activities should be reviewed by appropriate Legal, Privacy, HR, Compliance, and labor stakeholders before use.

Operationalize This Template in RiskTKO®

Use RiskTKO® or request ITMG® support to adapt this template, align it to the Insider Risk Capability Framework™, and connect the output to measurable exposure reduction. Sensitive Data Inventory Checklist