Install and maintain redundant power supplies for critical facilities.

Back

Install and maintain redundant power supplies for critical facilities.

CONTROL ID
06355

CONTROL TYPE
Configuration

CLASSIFICATION
Preventive

SUPPORTING AND SUPPORTED CONTROLS

This Control directly supports the implied Control(s):

Establish, implement, and maintain organizational facility continuity plans., CC ID: 02224

This Control has the following implementation support Control(s):

Install and maintain Emergency Power Supply shutdown devices or Emergency Power Supply shutdown switches., CC ID: 01439
Install and maintain dedicated power lines to critical facilities., CC ID: 06357
Run primary power lines and secondary power lines via underground diverse path feeds to organizational facilities, as necessary., CC ID: 06696
Install electro-magnetic shielding around all electrical cabling., CC ID: 06358
Install electrical grounding equipment., CC ID: 06359

SELECTED AUTHORITY DOCUMENTS COMPLIED WITH

F68: The organization shall use different power supply facilities between a computer system and devices with significantly varying loads to ensure a stable supply of electric power to the computer systems. F73: The organization shall ensure the air-conditioning facilities have a sufficient capacity … (F68, F73, FISC Security Guidelines on Computer Systems for Banking and Related Financial Institutions, 7th Edition)
Information processing facilities should be protected from power failures and other disruptions caused by failures in supporting utilities. (§ 7.11 Control, ISO/IEC 27002:2022, Information security, cybersecurity and privacy protection â Information security controls, Third Edition)
Identify multiple power sources. (App A Objective 6:2b, FFIEC Business Continuity Planning (BCP) IT Examination Handbook, November 2019)
Alternate energy sources (e.g., generators and multiple power grids). (App A Objective 6:7a, FFIEC Business Continuity Planning (BCP) IT Examination Handbook, November 2019)
Continued maintenance of generators. (App A Objective 6:7c, FFIEC Business Continuity Planning (BCP) IT Examination Handbook, November 2019)
Consideration of long-term alternate power supply to provide operational capability during extended power outages. (App A Objective 13:9d Bullet 2, FFIEC Information Technology Examination Handbook - Architecture, Infrastructure, and Operations, June 2021)
Use of independent electrical feeds drawing from separate power grids and automatic fail-over to a live power source, where multiple feeds or backup power generators are used. (App A Objective 13:9d Bullet 4, FFIEC Information Technology Examination Handbook - Architecture, Infrastructure, and Operations, June 2021)