Yes
No
In Progress
Is the equipment protected from power failures by using redundant power supplies such
a.
as multiple feeds, uninterruptible power supply (ups), backup generator etc.?
3. Equipment Maintenance
Is maintenance carried out only by authorized personnel?
a.
Is the equipment covered by insurance, and are the insurance requirements are satisfied?
b.
4. Securing of equipment offsite
any equipment usage outside an organization =s premises for information processing have
a.
Does
to be authorized by the management?
Is the security provided for equipment while outside the premises equal to or more than
b.
the security provided inside the premises?
5. Secure disposal or re-use of equipment
Are storage devices containing sensitive information either physically destroyed or securely
a.
over written?
General Controls
1. Removal of property
Can equipment, information or software be taken offsite without appropriate authorization?
a.
b.
Are spot checks or regular audits conducted to detect unauthorized removal of property?
c.
Are individuals aware of these types of spot checks or regular audits?
Communications and Operations Management
Operational Procedure and responsibilities
1. Documented Operating procedures
Does the Security Policy identify any Operating procedures such as Back-up, Equipment
a.
maintenance etc.?