Joint task force transformation initiative
PE-14 TEMPERATURE AND HUMIDITY CONTROLS
Yüklə 5,64 Mb.
|
- Bu səhifədəki naviqasiya:
- P1 LOW PE-14
- P1 LOW PE-15
- P2 LOW PE-16
| |
P1 | LOW PE-14 | MOD PE-14 | HIGH PE-14 |
PE-15 WATER DAMAGE PROTECTION
Control: The organization protects the information system from damage resulting from water leakage by providing master shutoff or isolation valves that are accessible, working properly, and known to key personnel.
Supplemental Guidance: This control applies primarily to facilities containing concentrations of information system resources including, for example, data centers, server rooms, and mainframe computer rooms. Isolation valves can be employed in addition to or in lieu of master shutoff valves to shut off water supplies in specific areas of concern, without affecting entire organizations. Related control: AT-3.
Control Enhancements:
-
water damage protection | automation support
The organization employs automated mechanisms to detect the presence of water in the vicinity of the information system and alerts [Assignment: organization-defined personnel or roles].
Supplemental Guidance: Automated mechanisms can include, for example, water detection sensors, alarms, and notification systems.
References: None.
Priority and Baseline Allocation:
-
P1
LOW PE-15
MOD PE-15
HIGH PE-15 (1)
PE-16 DELIVERY AND REMOVAL
Control: The organization authorizes, monitors, and controls [Assignment: organization-defined types of information system components] entering and exiting the facility and maintains records of those items.
Supplemental Guidance: Effectively enforcing authorizations for entry and exit of information system components may require restricting access to delivery areas and possibly isolating the areas from the information system and media libraries. Related controls: CM-3, MA-2, MA-3, MP-5, SA-12.
Control Enhancements: None.
References: None.
Priority and Baseline Allocation:
-
P2
LOW PE-16
MOD PE-16
HIGH PE-16
PE-17 ALTERNATE WORK SITE
Control: The organization:
-
Employs [Assignment: organization-defined security controls] at alternate work sites; -
Assesses as feasible, the effectiveness of security controls at alternate work sites; and -
Provides a means for employees to communicate with information security personnel in case of security incidents or problems.
Supplemental Guidance: Alternate work sites may include, for example, government facilities or private residences of employees. While commonly distinct from alternative processing sites, alternate work sites may provide readily available alternate locations as part of contingency operations. Organizations may define different sets of security controls for specific alternate work sites or types of sites depending on the work-related activities conducted at those sites. This control supports the contingency planning activities of organizations and the federal telework initiative. Related controls: AC-17, CP-7.
Control Enhancements: None.
References: NIST Special Publication 800-46.
Priority and Baseline Allocation:
Yüklə 5,64 Mb.
Dostları ilə paylaş: