SAS70 audit for Data Center

60 pts.
Tags:
Auditing
DataCenter
IT audit
SAS 70
The electrical network that feeds the access points, CCTV cameras, intruder detectors, etc. must need to be independent from the electrical system that feeds the computing equipment? Is it right to ask if the logs of access point are backed up and kept in a secure place? what about the videos that cameras are recording? those have to be backed up and store? The data network by were the access points sends the information has to be independent from the data network of the computing equipment? Independent=physicaly independent. Thanks,

Answer Wiki

Thanks. We'll let you know when a new response is added.

This sounds like a highly secure (military grade) level network. Is that the case?

Physically separate may not necessarily be the right answer as a network can be logically separated using techniques like:

encryption
separate subnet
different protocol

Are you being challenged to provide this separation or are you doing the auditing?

In the IT trenches? So am I – read my <a href=”http://itknowledgeexchange.techtarget.com/it-trenches”>IT-Trenches blog</a>

Discuss This Question: 4  Replies

 
There was an error processing your information. Please try again later.
Thanks. We'll let you know when a new response is added.
Send me notifications when members answer or reply to this question.

REGISTER or login:

Forgot Password?
By submitting you agree to receive email from TechTarget and its partners. If you reside outside of the United States, you consent to having your personal data transferred to and processed in the United States. Privacy
  • Beatrix Kiddo
    I'm doing the auditoring,
    60 pointsBadges:
    report
  • Beatrix Kiddo
    Consider the risks to the organization and/or data for separation of networks/services. Also consider costs vs value of systems/data. The logical vs physical separation may be the best approach. Physical separation can be more expensive and create additional management overhead. Logical separation also has management overhead but may be easier to cost-justify.
    0 pointsBadges:
    report
  • Beatrix Kiddo
    In the case of an IPS with several SLAs would be a good idea to consider a separation?
    60 pointsBadges:
    report
  • Beatrix Kiddo
    Depends on reliability of the IPS and ability to meet the SLA's. Cost of additional IPS's or staff support should also be considered for separate systems.
    0 pointsBadges:
    report

Forgot Password

No problem! Submit your e-mail address below. We'll send you an e-mail containing your password.

Your password has been sent to:

To follow this tag...

There was an error processing your information. Please try again later.

REGISTER or login:

Forgot Password?
By submitting you agree to receive email from TechTarget and its partners. If you reside outside of the United States, you consent to having your personal data transferred to and processed in the United States. Privacy

Thanks! We'll email you when relevant content is added and updated.

Following