
"It's absolutely critical to any organisation," said Jeremy Ward, director of Services development for Symantec and the survey's author.
"Unless you know what your assets are, unless you know where your assets and unless you know how crucial they are to your business, then you can't even begin to assess or manage your risks," said Ward.
The security vendor published in its first IT Risk Management Report this week at the RSA Security conference in San Francisco.
The poor knowledge of network topology bodes badly for a company's ability to comply with government regulations and prevent security breaches.
The survey questioned 528 people worldwide in roles ranging from IT executives, IT staff and professionals.
Respondents in general didn't seem very confident in their ability to thwart future incidents. Two third of said that they anticipate a major regulatory incident within the next one to five years and 58 per cent expects a major data loss as the result of a system outage, corruption of data or security breach in one to five years.