CONTROL TYPE Physical and Environmental Protection
CLASSIFICATION Preventive
SUPPORTING AND SUPPORTED CONTROLS
This Control directly supports the implied Control(s):
Establish, implement, and maintain a physical security program., CC ID: 11757
This Control has the following implementation support Control(s):
Separate network patch panels in different network cabinets according to security classification of data being carried over the cables., CC ID: 08637
Assign access to network patch panels on a need to know basis., CC ID: 08638
SELECTED AUTHORITY DOCUMENTS COMPLIED WITH
To protect the computer equipment and telecommunications equipment against possible adverse effects even in the event of short circuit, leakage of electricity, broken wires, and other accidents in the power cables for any equipment other than the computer systems, it is necessary to ensure that the … (F67.1. ¶ 1, FISC Security Guidelines on Computer Systems for Financial Institutions, Ninth Edition, Revised March 2020)
Provide a dedicated distribution board for computer devices, and take measures to prevent its current-carrying part from being touched by outsiders; for example, install the distribution board in a computer room and cover the current-carrying part with steel plates that can be locked. (F67.4., FISC Security Guidelines on Computer Systems for Financial Institutions, Ninth Edition, Revised March 2020)
In order to minimize impact on the computer system, it should have a dedicated distribution board. For how to prepare a dedicated distribution board, refer to [F67]. (F124.2. ¶ 1(3), FISC Security Guidelines on Computer Systems for Financial Institutions, Ninth Edition, Revised March 2020)
approval from the TOP SECRET system's authorising officer is obtained prior to installation. (Security Control: 0217; Revision: 4; Bullet 3, Australian Government Information Security Manual, March 2021)
approval from the TOP SECRET system's authorising officer is obtained prior to installation. (Control: ISM-0217; Revision: 5; Bullet 3, Australian Government Information Security Manual, June 2023)
approval from the TOP SECRET system's authorising officer is obtained prior to installation. (Control: ISM-0217; Revision: 5; Bullet 3, Australian Government Information Security Manual, September 2023)
Hardening / patching / maintenance of OSs and applications IAW industry standards. DoD SRGs and STIGS or DoD-accepted equivalents must be used if the service is private or community cloud used by DoD. For Information Assurance (IA) Vulnerability Management (IAVM) message compliance, the CSP will be … (Section 5.10.3.1 ¶ 2 Bullet 5, Department of Defense Cloud Computing Security Requirements Guide, Version 1, Release 3)
