The scope of this audit* include the physical and environmental protection of the data centre and information resources residing within.

IT physical security defines the various measures or controls that protect an organisation from a loss of computer processing capabilities caused by theft, fire, flood, intentional destruction, unintentional damage, mechanical equipment failure and power failures.

Physical security measures should be sufficient to deal with foreseeable threats.

The audit mainly focuses on determining whether:

• The customer has identified physical and environmental threats to the data centre;
• Assessed the risk or impact presented by these threats;
• Determined the feasibility of implementing physical and environmental controls to address the risks;
• Implemented appropriate controls;
• and Re-assess risks periodically.

Audit work include:

• Interviews with key ICT personnel;
• Walkthroughs and inspections of the facilities;
• Observations;
• Review of documentation;
• Reviewing physical controls over security threats such as doorways, card key locks and access systems, monitoring functions, CCTV, and the physical layout of the data centre;
• Reviewing controls over environmental threats such as moisture and flooding, fire and heat, power surges and outages, and man-made threats such as food, beverages, physical contact or disruption

Our ‘executive style' report will conclude with recommendations.

Please call or email us today for more information.

* The scope doesn't include access controls to operating systems, or access controls related to any particular application, database, or system, and exclude network devices such as hubs, routers, switches, and firewalls.