Mechanisms exist to regularly review assets for compliance with the organization’s cybersecurity and privacy policies and standards.