Auditing Data Centers


A data center is a facility that is designed to house an organization's critical systems. These systems are made up of computer hardware, an operating system, and applications. Applications are leveraged to support specific operational functions such as order fulfillment, customer relationship management (CRM), and accounting. Figure 4-1 shows the relationships among data center facilities, system platforms, applications, and business processes.

image from book
Figure 4-1: Data-processing hierarchy.

As you can see, data-processing facilities are at the foundation of the hierarchy, which is why it is so important that they have the necessary controls to mitigate risk. Major center threats include

  • Natural threats such as weather events, flooding, earthquakes, or fire

  • Man-made threats such as terrorist incidents, riots, theft, or sabotage

  • Environmental hazards such as extreme temperatures or humidity

  • Loss of utilities such as electrical power or telecommunications

You will notice that most of these threats are physical in nature. The remainder of this chapter will be spent on the various controls that mitigate these threats.



IT Auditing. Using Controls to Protect Information Assets
It Auditing: Using Controls to Protect Information Assets [IT AUDITING -OS N/D]
ISBN: B001TI1HNG
EAN: N/A
Year: 2004
Pages: 159

flylib.com © 2008-2017.
If you may any questions please contact us: flylib@qtcs.net