The general controls for an IT system should include controls over the physical environment of the system. The physical environment includes the location, operating environment, and backup systems of the IT system. Natural disasters can easily destroy or disrupt IT system operations. IT systems should be installed in locations that are least likely to be affected by natural disasters.
A large IT system must be located in a building that controls dust, temperature, and humidity. A fire prevention system should use a gas, such as halon gas, that eliminates oxygen in the room. The computer system should also have both an uninterruptible power supply (UPS) and an emergency power supply.
In the case of an electrical power failure, backup power supplies such as UPS and EPS can keep the IT system operating at least until individual applications and data can be saved and gradually shut down. Hardware and data in an IT system are also vulnerable to damage, destruction, or theft if an unauthorized person can physically access them. Large-scale IT systems should be protected by physical access controls.
Auto314