Back

Protect physical assets with earthquake-resistant mechanisms.


CONTROL ID
06360
CONTROL TYPE
Physical and Environmental Protection
CLASSIFICATION
Preventive

SUPPORTING AND SUPPORTED CONTROLS



This Control directly supports the implied Control(s):
  • Establish, implement, and maintain physical security controls for distributed assets., CC ID: 00718

There are no implementation support Controls.


SELECTED AUTHORITY DOCUMENTS COMPLIED WITH



  • F21: The organization should protect personnel and computer systems against damage from earthquakes by providing for the prevention of fallen or broken items inside the building. F35: The organization shall protect personnel and computer systems against damage from earthquakes, including providing p… (F21, F35, F36, F50, F51, F66, F78, F95, F100, F118, F127, FISC Security Guidelines on Computer Systems for Banking and Related Financial Institutions, 7th Edition)
  • Ceilings, partitioning walls, lighting fixtures, and screens should be protected with proper precautions against falling and damage in the event of earthquake. (F95.1., FISC Security Guidelines on Computer Systems for Financial Institutions, Ninth Edition, Revised March 2020)
  • Clocks, security cameras, notice boards, and decorations should be installed in proper places other than near the lines of flow of persons and space above the terminal devices, or they should be installed securely enough to eliminate possible falling. (F95.2. ¶ 1, FISC Security Guidelines on Computer Systems for Financial Institutions, Ninth Edition, Revised March 2020)
  • It is recommended to take proper precautions against earthquakes in order to protect terminal devices against possible malfunction due to falling, dislocation, or overturning of furniture and fixtures near the terminal devices in the event of an earthquake. (F100.1. ¶ 1, FISC Security Guidelines on Computer Systems for Financial Institutions, Ninth Edition, Revised March 2020)
  • In addition, for lines that are likely to cause interference to online systems in the event of an earthquake, it is recommended to take proper provisions against vibration, moving, and overturning. (F100.1. ¶ 2, FISC Security Guidelines on Computer Systems for Financial Institutions, Ninth Edition, Revised March 2020)
  • In cases when free access floors are used for installation of servers, it is recommended to take proper similar precautions against earthquake as specified in [F36]. (F127.1., FISC Security Guidelines on Computer Systems for Financial Institutions, Ninth Edition, Revised March 2020)
  • Air-conditioning facilities generate vibration during operation, and therefore, relevant pieces of equipment, ducts, and pipes should be designed vibration-proof depending on the installation positions. (F73.7., FISC Security Guidelines on Computer Systems for Financial Institutions, Ninth Edition, Revised March 2020)
  • In addition, to ensure the uninterrupted operation of each device for air-conditioning facilities in the event of earthquake, it is recommended to use the equipment designed earthquake-resistant to meet the requirements for installation and operation. (F78.1. ¶ 2, FISC Security Guidelines on Computer Systems for Financial Institutions, Ninth Edition, Revised March 2020)
  • It is recommended to take measures to prevent the terminal from moving and falling. (F118.1. ¶ 1, FISC Security Guidelines on Computer Systems for Financial Institutions, Ninth Edition, Revised March 2020)
  • To reduce the risks from environmental threats, hazards and opportunities for unauthorized access equipment shall be located away from locations subject to high probability environmental risks and supplemented by redundant equipment located a reasonable distance. (RS-06, The Cloud Security Alliance Controls Matrix, Version 1.3)