Here are a few of the standards, guidelines and methods we apply to develop and implement a Physical Security for IT program.
Some references are links to HTML pages on other websites, and open in a new web page. Other references are Adobe PDF file downloads (download instructions follow below).To download a document file to your computer, right-click on a the filename link then select:
- Save Target As... (in Internet Explorer)
- Save Link Target As... (in Netscape)
- Save Link As... (in FireFox or Google Chrome)
Files that are 1 MB or larger have their size listed next to the file name.
|ANSI/ASIS PAP.1-2012 Security Management Standard
This standard for Physical Asset Protection (PAP) is available free to ASIS International members. One purpose for the standard is to provide a foundation for a converged approach to security (which advocates that all areas of Physical and Information security work together. The Standard is applicable to organizations of all sizes across all sectors: private, public and not-for-profit.
|BOOK: Physical Security for IT
Written by an IT security expert, Michael Herbschloe, this is the only book that thoroughly addresses physical protection for IT systems.
Contains the Cisco Powered Network Program Data Center Best Practices Checklist
Based upon SAS 70 audit practice.
OCTAVE Allegro is a free assessment method intended for self-directed application, by individuals who have never performed an information asset risk assessment. That is why the method is very clearly documented, and why the documentation contains worksheets, questionnaires and forms to guide assessors through each assessment action. It also contains the work product from an example assessment. This helps you to see if you are doing too much or too little. The link above will take you to the page from which the OCTAVE Allegro materials can be downloaded.
OCTAVE Allegro consists of eight steps organized into four phases: