Scribd Logo
Upload

Welcome to Scribd!

  • Auditing Data Centers Checklist For Auditing Data Centers

    Uploaded by

    adiss defnaa
    63 views2 pages
    This document provides a checklist for auditing data centers with 40 items to review. The checklist includes reviewing physical security measures like access controls and alarms, environmental controls like temperature and humidity, electrical systems like backup power, fire safety systems, and operational procedures like disaster recovery planning and staff training. The goal is to evaluate risks and ensure adequate protection of the data center facilities, equipment, and operations.

    Original Description:

    Original Title

    2Auditing Data Centers

    Copyright

    © © All Rights Reserved

    Available Formats

    DOCX, PDF, TXT or read online from Scribd

    Did you find this document useful?

    Is this content inappropriate?

    Report this Document
    This document provides a checklist for auditing data centers with 40 items to review. The checklist includes reviewing physical security measures like access controls and alarms, environmental controls like temperature and humidity, electrical systems like backup power, fire safety systems, and operational procedures like disaster recovery planning and staff training. The goal is to evaluate risks and ensure adequate protection of the data center facilities, equipment, and operations.

    Copyright:

    © All Rights Reserved
    Download as DOCX, PDF, TXT or read online from Scribd
    Flag for inappropriate content
    Download as docx, pdf, or txt
    63 views2 pages

    Auditing Data Centers Checklist For Auditing Data Centers

    Uploaded by

    adiss defnaa
    This document provides a checklist for auditing data centers with 40 items to review. The checklist includes reviewing physical security measures like access controls and alarms, environmental controls like temperature and humidity, electrical systems like backup power, fire safety systems, and operational procedures like disaster recovery planning and staff training. The goal is to evaluate risks and ensure adequate protection of the data center facilities, equipment, and operations.

    Copyright:

    © All Rights Reserved
    Download as DOCX, PDF, TXT or read online from Scribd
    Flag for inappropriate content
    Download as docx, pdf, or txt
    of 2

    Auditing Data Centers

    Checklist for Auditing Data Centers


    1. Review data center exterior lighting, building orientation, signage, fences, and neighborhood
    characteristics to identify facility-related risks.
    2. Research the data center location for environmental hazards and to determine the distance to
    emergency services.
    3. Review data center doors and walls to determine whether they protect data center facilities
    adequately.
    4. Evaluate physical authentication devices to determine whether they are appropriate and are
    working properly.
    5. Ensure that physical access control procedures are comprehensive and being followed by
    data center and security staff.
    6. Ensure that intrusion alarms and surveillance systems are protecting the data center from
    physical intrusion.
    7. Review security guard building round logs and other documentation to evaluate the
    effectiveness of the security personnel function.
    8. Verify that sensitive areas within the data center are secured adequately. Ensure that all
    computer processing equipment essential to data center operations (such as hardware
    systems, power supply breakers, and so on) is located within the computer processing room
    or in a secure area
    9. Verify that heating, ventilation, and air-conditioning (HVAC) systems maintain constant
    temperatures within the data center.
    10. Ensure that a water alarm system is configured to detect water in high-risk areas of the data
    center.
    11. Determine whether the data center has redundant power feeds.
    12. Verify that ground-to-earth exists to protect computer systems.
    13. Ensure that power is conditioned to prevent data loss.
    14. Verify that battery backup systems are providing continuous power during momentary black-
    outs and brown-outs.
    15. Ensure that generators protect against prolonged power loss and are in good working
    condition.
    16. Evaluate the usage and protection of emergency power-off (EPO) switches.
    17. Ensure that data center building construction incorporates appropriate fire suppression
    features.
    18. Ensure that data center personnel are trained in hazardous materials (hazmat) handling and
    storage and that hazmat procedures are appropriate. Also determine whether data center
    personnel are trained in how to respond to a fire emergency.
    19. Verify that fire extinguishers are strategically placed throughout the data center and are
    maintained properly.
    20. Ensure that fire suppression systems are protecting the data center from fire.
    21. Verify that fire alarms are in place to protect the data center from the risk of fire.
    22. Review the alarm monitoring console(s), reports, and procedures to verify that alarms are
    monitored continually by data center personnel.
    23. Verify that network, operating system, and application monitoring provides adequate
    information to identify potential problems for systems located in the data center.
    24. Ensure that roles and responsibilities of data center personnel are clearly defined.
    25. Verify that duties and job functions of data center personnel are segregated appropriately.
    26. Ensure that emergency response procedures address reasonably anticipated threats.
    27. Verify that data center facility-based systems and equipment are maintained properly.
    28. Ensure that data center personnel are trained properly to perform their job functions.
    29. Ensure that data center capacity is planned to avoid unnecessary outages.
    30. Verify that procedures are present to ensure secure storage and disposal of electronic media.
    31. Review and evaluate asset management for data center equipment.
    32. Ensure that hardware redundancy (redundancy of components within a system) is used to
    provide high availability where required.
    33. Verify that duplicate systems are used where very high system availability is required.
    34. Ensure that backup procedures and capacity are appropriate for respective systems
    35. Verify that systems can be restored from backup media.
    36. Ensure that backup media can be retrieved promptly from off-site storage facilities.
    37. Ensure that a disaster recovery plan (DRP) exists and is comprehensive and that key
    employees are aware of their roles in the event of a disaster.
    38. Ensure that disaster recovery plans are updated and tested regularly.
    39. Verify that parts inventories and vendor agreements are accurate and current.
    40. Ensure that emergency operations plans address various disaster scenarios adequately

    You might also like