CobiT definition:
Protection for computer equipment and personnel requires well-designed and well-managed physical facilities. The process of managing the physical environment includes defining the physical site requirements, selecting appropriate facilities, and designing effective processes for monitoring environmental factors and managing physical access. Effective management of the physical environment reduces business interruptions from damage to computer equipment and personnel.
Control over the IT process of
Manage the physical environment
that satisfies the business requirement for IT of
protecting computer assets and business data and minimising the risk of business disruption
by focusing on
providing and maintaining a suitable physical environment to protect IT assets from access, damage or theft
is achieved by
- Implementing physical security measures
- Selecting and managing facilities
and is measured by
- Amount of downtime arising from physical environment incidents
- Number of incidents due to physical security breaches or failures
- Frequency of physical risk assessment and reviews
Control objectives:
DS12 Manage the Physical Environment
DS12.1 Site Selection and Layout
DS12.2 Physical Security Measures
DS12.3 Physical Access
DS12.4 Protection Against Environmental Factors
DS12.5 Physical Facilities Management
Check out the links for details on the control objectives.
Related posts:
- DS5 Ensure Systems Security CobiT definition: The need to maintain the integrity of information and protect IT assets requires a security management process. This...
- DS11 Manage Data CobiT definition: Effective data management requires identifying data requirements. The data management process also includes the establishment of effective procedures...
- DS13 Manage Operations CobiT definition: Complete and accurate processing of data requires effective management of data processing procedures and diligent maintenance of hardware....
- DS8 Manage Service Desk and Incidents CobiT definition: Timely and effective response to IT user queries and problems requires a well-designed and well-executed service desk and...
- DS9 Manage the Configuration CobiT definition: Ensuring the integrity of hardware and software configurations requires the establishment and maintenance of an accurate and complete...
