Resolve Asset Quantity Uncertainty

Executive Overview

A major Department of Defense (DoD) and Intelligence Community (IC) program was unable to obtain Authorization because assessors could not verify that the organization’s IT systems had an accurate, complete accounting of hardware and software assets on the customer’s various environments.

InSequence was brought in to resolve asset quantity uncertainty, a fundamental obstacle preventing cyber assurance and ITSM reliability. Through a structured gap analysis, InSequence established a repeatable, measurable process for ensuring data accuracy across multiple asset, cybersecurity, and service management systems.

Through its analysis and implementation effort, InSequence:

• Identified 5% of assets were not present in the asset database.
• Found 10% of assets were present in the asset database but missing from key cybersecurity and identity systems.
• Quantified a 15% overall delta between actual assets in the environment and those reflected across systems.
• Established continuous processes that reduced discrepancies to less than 0.5%.

This work provided the foundation for cyber assurance, ITSM accuracy, and lifecycle visibility, ultimately enabling ATO for one of the most complex and highly secured enterprise IT systems ever deployed in the IC.

The Problem – Asset Quantity Uncertainty

The program’s Authorization was blocked when third-party assessors determined that no single system of record could be trusted to represent all assets accurately. Conflicting data across Active Directory, HBSS, ACAS, Splunk, and Flexera (which already included MECM, Citrix, and App-V data) made it impossible to establish a definitive baseline.

Without agreement on how many assets existed or where they were, the environment failed to meet the IC’s strict security control requirements.

The Approach

The prime contractor enlisted InSequence to diagnose and resolve the discrepancies.

Phase 1: Discovery and Data Review

InSequence Asset Management Engineers began by validating the assessors’ concerns and reviewing the data across multiple systems. They quickly confirmed inconsistencies and set out to establish a trusted baseline.

Because technical access and personnel coordination were significant barriers, InSequence worked with both government and contractor leadership to secure the necessary access and participation.

InSequence identified multiple key findings:

1. Duplicate IP-based scanning: ACAS scans were IP-based, meaning multi-homed systems and virtual IPs distorted counts. Integration with DNS and IPAM was needed to ensure an accurate view of assets.
2. Disconnected enclaves: Air-gapped and special-access networks were unmanaged in AD, creating blind spots.
3. Visibility gaps: HBSS and Splunk lacked full network reach, leaving assets unreported.
4. Partial deployments: MECM and HBSS were not consistently deployed.
5. Stale records: Many assets in AD and HBSS were inactive or outdated.
6. Dynamic environment: Systems frequently moved, appeared, or disappeared, making static baselines unreliable.

The following graphic depicts the conceptual findings of phase 1 – not a single tool was correct. Each had gaps, and some assets were missed by every tool.

Phase 2: Implementation and Process Design

InSequence recommended and executed a three-part solution to ensure ongoing asset accuracy.

1. Continuous Gap Analysis

Custom scripts and data integration routines were built to continuously compare records from AD, HBSS, ACAS, Splunk, and Flexera. These were used to generate a Gap Analysis Report and a KPI dashboard that provided real-time insight into data completeness and drove corrective actions across systems.

2. Centralized Data Normalization

All asset data was consolidated into Flexera, which served as the normalization and deduplication engine. Gap KPIs were maintained, feeding actionable feedback to operations teams and populating the Configuration Management Database (CMDB) with trusted data.

3. Integration with IT Lifecycle (IMACD) Processes

Asset lifecycle events (installs, moves, adds, changes, and disposals) were linked with ITSM processes and procurement processes (Deltek CostPoint) to ensure continuous data integrity. Monthly audits validated that asset statuses remained synchronized across systems.

Results and Impact

By establishing accurate, measurable asset awareness, InSequence enabled the program to:

• Reconcile discrepancies across five major data systems.
• Reduce asset tracking error rates from 15% to under 0.5%.
• Achieve and maintain a verifiable, auditable inventory baseline.
• Satisfy Authorization requirements for Confidentiality: High, Integrity: High, and Availability: Moderate covering over 500 security controls.

This became the highest-authorized enterprise IT system ever built within the Intelligence Community, and InSequence’s continuous gap analysis process provided a foundational data for its cyber, ITSM, and asset management operations.

Key Takeaways for Other Programs

Programs struggling with asset visibility, ITSM accuracy, or ATO readiness can learn from this effort. In order to resolve asset uncertainty you must consider that:

• Inventory completeness is foundational to all cyber and IT governance functions.
• Multiple tools ≠ single source of truth; data normalization is critical.
• Continuous monitoring, not one-time reconciliation, sustains compliance.
• Process integration between ITSM, CMDB, and cybersecurity tools ensures long-term reliability.

InSequence’s proven approach helps defense and intelligence organizations turn asset uncertainty into measurable control, enabling confident, compliant operations in the most demanding environments.

Learn More

If you are interested in learning more about how we are able to deliver certainty for understanding assets (hardware and software), setup a discussion. We are happy to share our experience!