Ensure the facility has duplicate telecom feeds for key systems.

UCF ID: 00726
Control Type: Process or Activity
Status: Live

Supporting and supported controls

This control directly supports:

There are no supporting controls.

Authority documents complied with:

FFIEC IT Examination Handbook – Operations, July 2004, Pg 18, Exam Tier I Obj 7.1, Exam Tier II Obj D.1; Protection of Assets Manual, ASIS International, Pg 7-I-5, Revised Volume 4 1-I-25; NISPOM - National Industrial Security Program Operating Manual (DoD 5220.22-M) February 26, 2006, February 28, 2006, § 5-904; The Standard of Good Practice for Information Security, NW5.2.2(c); ISO/IEC 17799 Code of Practice for Information Security Management, 2005, § 9.2.2; ISO/IEC 27002 Code of practice for information security management, 2005, § 9.2.2

Banking and Finance Guidance

Operations centers should have telecommunications feeds from different vendors. The feeds should be traced to ensure there is not a single point of failure or redundancy with different vendors using the same cables. [Pg 18, Exam Tier I Obj 7.1, Exam Tier II Obj D.1, FFIEC IT Examination Handbook – Operations, July 2004]

US Federal Security Guidance

Intrusion Detection Systems' alarm signals must have two independent transmission routes to the monitoring station. [§ 5-904, NISPOM - National Industrial Security Program Operating Manual (DoD 5220.22-M) February 26, 2006, February 28, 2006]

ISO Guidance

Two diverse routes should be used to connect the telecommunications equipment to the utility provider. This redundancy will prevent the organization from losing voice services if one path is damaged or lost. [§ 9.2.2, ISO/IEC 17799 Code of Practice for Information Security Management, 2005]

Two diverse routes should be used to connect the telecommunications equipment to the utility provider. This redundancy will prevent the organization from losing voice services if one path is damaged or lost. [§ 9.2.2, ISO/IEC 27002 Code of practice for information security management, 2005]

General Guidance

For large installations or highly protected facilities, two physically separated telecommunications paths to the telephone center should be used. [Pg 7-I-5, Revised Volume 4 1-I-25, Protection of Assets Manual, ASIS International]

Telephone exchanges should be protected by having a duplicate set of telephone exchanges available. [NW5.2.2(c), The Standard of Good Practice for Information Security]


Copyright 2005-2009 Unified Compliance Framework™. All rights reserved.


Site and content © Copyright 2003-2009 Network Frontiers, LLC. All rights reserved.