#2 on the CIS security controls top 20 list is an “inventory and control of software assets”.  While there are several reasons why this is an important control to have in place, most organizations do not have one. Here are a few of the main reasons I feel a software asset list is important for every organization to have. Hopefully these key points will help security/compliance professionals provide the justification they need to get a software asset list on the roadmap to complete.