The information system may be rated asset by asset (plus dependencies) or by security domains.


You are always requested to rate the essential assets.


valuation / assets + dependencies

the value of the essential assets is applied to all the assets in the domain.


valuation / domains

the value is distributed according to dependencies between assets.


Domain valuation is faster, while dependencies are more precise.


valuation / mix: assets + dependencies + domains

if the asset has dependencies, use them to get value; otherwise, by domain.