Find Resources and Connect with members on topics that interest you.

AI - Acquire and Implement

PO - Plan and Organize

DS - Deliver and Support

Please sign in to see your topics.

Subscribe to this discussion

Developing a Physical,Environmental and Logical security policy for a newly build data center?

I would like to know is there any standard templates/ documents related to the development
of a physical , environmental and logical security policy for a newly build data center. I would also
like to understand the method of doing risk assessment for a data center and auditing  procedures?
You must sign in to rate content.
(1 ratings)

Comments

RE: Developing a Physical,Environmental and Logical security policy for a newly build data center?

There is an invaluable resource available in the ISACA E-library,.. IT Auditing; Using Controls to protect information assets. Chapter 4 of this book addresses auditing Data Centers and thus  points you in the right direction on things to do and look out for when auditing a DC. For the first part of your  question, templates for physical,environmental and logical security, you are best advised to visit the sans website. I have found it very useful with respect to policy templates for various areas in an IT organisation. I do hope you find this helpfull.
lamdSocial at 6/1/2011 9:55:02 AM Quote
You must sign in to rate content.
(2 ratings)

RE: Developing a Physical,Environmental and Logical security policy for a newly build data center?

Thanks for the valuable information . The book IT Auditing; Using Controls to protect information assets provides a good foundation to start with . i also referred to SANS documentation which is also elaborate and good.
 
nasubLively at 6/3/2011 2:49:55 AM Quote
You must sign in to rate content.
(Unrated)

RE: Developing a Physical,Environmental and Logical security policy for a newly build data center?

Reference can also be made to ISO27002. This guideline to ISO 27001 standard provides guidance on Logical access and Physical and environmental Security and can be used to develop the policies.
Helly263Energizer at 7/3/2015 5:24:02 AM Quote
You must sign in to rate content.
(Unrated)

RE: Developing a Physical,Environmental and Logical security policy for a newly build data center?

Another standard that is widely used on the federal government side is NIST 800-53A with CNSSI 1253 overlays. The PE controls should cover what you are looking for.
Daniel001Lively at 10/7/2015 12:16:44 PM Quote
You must sign in to rate content.
(Unrated)

RE: Developing a Physical,Environmental and Logical security policy for a newly build data center?

You can refer Hardening Guidelines
Rupesh156Social at 10/13/2015 6:56:32 AM Quote
You must sign in to rate content.
(Unrated)

RE: Developing a Physical,Environmental and Logical security policy for a newly build data center?

Now as per ISO 27001:2013 You can make Risk Register
Rupesh156Social at 10/13/2015 6:58:05 AM Quote
You must sign in to rate content.
(Unrated)

RE: Developing a Physical,Environmental and Logical security policy for a newly build data center?

For Auditing Procedures, You can refer various materials on ISACA.
Rupesh156Social at 10/13/2015 7:00:26 AM Quote
You must sign in to rate content.
(Unrated)

RE: Developing a Physical,Environmental and Logical security policy for a newly build data center?

For Auditing Procedures, You can refer various materials on ISACA.
Rupesh156Social at 10/13/2015 7:00:26 AM Quote
You must sign in to rate content.
(Unrated)

RE: Developing a Physical,Environmental and Logical security policy for a newly build data center?

Now as per ISO 27001:2013 You can make Risk Register
Rupesh156Social at 10/13/2015 6:58:05 AM Quote
You must sign in to rate content.
(Unrated)

RE: Developing a Physical,Environmental and Logical security policy for a newly build data center?

You can refer Hardening Guidelines
Rupesh156Social at 10/13/2015 6:56:32 AM Quote
You must sign in to rate content.
(Unrated)

RE: Developing a Physical,Environmental and Logical security policy for a newly build data center?

Another standard that is widely used on the federal government side is NIST 800-53A with CNSSI 1253 overlays. The PE controls should cover what you are looking for.
Daniel001Lively at 10/7/2015 12:16:44 PM Quote
You must sign in to rate content.
(Unrated)

RE: Developing a Physical,Environmental and Logical security policy for a newly build data center?

Reference can also be made to ISO27002. This guideline to ISO 27001 standard provides guidance on Logical access and Physical and environmental Security and can be used to develop the policies.
Helly263Energizer at 7/3/2015 5:24:02 AM Quote
You must sign in to rate content.
(Unrated)

RE: Developing a Physical,Environmental and Logical security policy for a newly build data center?

Thanks for the valuable information . The book IT Auditing; Using Controls to protect information assets provides a good foundation to start with . i also referred to SANS documentation which is also elaborate and good.
 
nasubLively at 6/3/2011 2:49:55 AM Quote
You must sign in to rate content.
(Unrated)

RE: Developing a Physical,Environmental and Logical security policy for a newly build data center?

There is an invaluable resource available in the ISACA E-library,.. IT Auditing; Using Controls to protect information assets. Chapter 4 of this book addresses auditing Data Centers and thus  points you in the right direction on things to do and look out for when auditing a DC. For the first part of your  question, templates for physical,environmental and logical security, you are best advised to visit the sans website. I have found it very useful with respect to policy templates for various areas in an IT organisation. I do hope you find this helpfull.
lamdSocial at 6/1/2011 9:55:02 AM Quote
You must sign in to rate content.
(2 ratings)

RE: Developing a Physical,Environmental and Logical security policy for a newly build data center?

There is an invaluable resource available in the ISACA E-library,.. IT Auditing; Using Controls to protect information assets. Chapter 4 of this book addresses auditing Data Centers and thus  points you in the right direction on things to do and look out for when auditing a DC. For the first part of your  question, templates for physical,environmental and logical security, you are best advised to visit the sans website. I have found it very useful with respect to policy templates for various areas in an IT organisation. I do hope you find this helpfull.
lamdSocial at 6/1/2011 9:55:02 AM Quote
You must sign in to rate content.
(2 ratings)

RE: Developing a Physical,Environmental and Logical security policy for a newly build data center?

Thanks for the valuable information . The book IT Auditing; Using Controls to protect information assets provides a good foundation to start with . i also referred to SANS documentation which is also elaborate and good.
 
nasubLively at 6/3/2011 2:49:55 AM Quote
You must sign in to rate content.
(Unrated)

RE: Developing a Physical,Environmental and Logical security policy for a newly build data center?

Reference can also be made to ISO27002. This guideline to ISO 27001 standard provides guidance on Logical access and Physical and environmental Security and can be used to develop the policies.
Helly263Energizer at 7/3/2015 5:24:02 AM Quote
You must sign in to rate content.
(Unrated)

RE: Developing a Physical,Environmental and Logical security policy for a newly build data center?

Another standard that is widely used on the federal government side is NIST 800-53A with CNSSI 1253 overlays. The PE controls should cover what you are looking for.
Daniel001Lively at 10/7/2015 12:16:44 PM Quote
You must sign in to rate content.
(Unrated)

RE: Developing a Physical,Environmental and Logical security policy for a newly build data center?

You can refer Hardening Guidelines
Rupesh156Social at 10/13/2015 6:56:32 AM Quote
You must sign in to rate content.
(Unrated)

RE: Developing a Physical,Environmental and Logical security policy for a newly build data center?

Now as per ISO 27001:2013 You can make Risk Register
Rupesh156Social at 10/13/2015 6:58:05 AM Quote
You must sign in to rate content.
(Unrated)

RE: Developing a Physical,Environmental and Logical security policy for a newly build data center?

For Auditing Procedures, You can refer various materials on ISACA.
Rupesh156Social at 10/13/2015 7:00:26 AM Quote
You must sign in to rate content.
(Unrated)

Leave a Comment

* required

You must login to leave a comment.