Even if an organization has a robust vulnerability management program in place along with good scanning tools, it is important to know whether or not all assets are getting scanned. The scanner coverage metric measures the ratio of all known assets in the organization to those that actually get scanned. Assets could be in form of infrastructure components, such as operating system, databases, and so on, or application code blocks as well. Data for this metric can be published and compared on a quarterly basis, with the value for every quarter ideally greater than the previous one.