compliance controls are associated with this Policy definition 'Employ automatic emergency lighting' (aa892c0d-2c40-200c-0dd8-eac8c4748ede)
| Control Domain |
Control |
Name |
MetadataId |
Category |
Title |
Owner |
Requirements |
Description |
Info |
Policy# |
| FedRAMP_High_R4 |
PE-12 |
FedRAMP_High_R4_PE-12 |
FedRAMP High PE-12 |
Physical And Environmental Protection |
Emergency Lighting |
Shared |
n/a |
The organization employs and maintains automatic emergency lighting for the information system that activates in the event of a power outage or disruption and that covers emergency exits and evacuation routes within the facility.
Supplemental Guidance: This control applies primarily to facilities containing concentrations of information system resources including, for example, data centers, server rooms, and mainframe computer rooms. Related controls: CP-2, CP-7.
References: None. |
link |
1 |
| FedRAMP_Moderate_R4 |
PE-12 |
FedRAMP_Moderate_R4_PE-12 |
FedRAMP Moderate PE-12 |
Physical And Environmental Protection |
Emergency Lighting |
Shared |
n/a |
The organization employs and maintains automatic emergency lighting for the information system that activates in the event of a power outage or disruption and that covers emergency exits and evacuation routes within the facility.
Supplemental Guidance: This control applies primarily to facilities containing concentrations of information system resources including, for example, data centers, server rooms, and mainframe computer rooms. Related controls: CP-2, CP-7.
References: None. |
link |
1 |
| ISO27001-2013 |
A.11.2.2 |
ISO27001-2013_A.11.2.2 |
ISO 27001:2013 A.11.2.2 |
Physical And Environmental Security |
Supporting utilities |
Shared |
n/a |
Equipment shall be protected from power failures and other disruptions caused by failures in supporting utilities. |
link |
3 |
|
mp.if.3 Fitting-out of premises |
mp.if.3 Fitting-out of premises |
404 not found |
|
|
|
n/a |
n/a |
|
18 |
|
mp.if.4 Electrical energy |
mp.if.4 Electrical energy |
404 not found |
|
|
|
n/a |
n/a |
|
8 |
| NIST_SP_800-53_R4 |
PE-12 |
NIST_SP_800-53_R4_PE-12 |
NIST SP 800-53 Rev. 4 PE-12 |
Physical And Environmental Protection |
Emergency Lighting |
Shared |
n/a |
The organization employs and maintains automatic emergency lighting for the information system that activates in the event of a power outage or disruption and that covers emergency exits and evacuation routes within the facility.
Supplemental Guidance: This control applies primarily to facilities containing concentrations of information system resources including, for example, data centers, server rooms, and mainframe computer rooms. Related controls: CP-2, CP-7.
References: None. |
link |
1 |
| NIST_SP_800-53_R5 |
PE-12 |
NIST_SP_800-53_R5_PE-12 |
NIST SP 800-53 Rev. 5 PE-12 |
Physical and Environmental Protection |
Emergency Lighting |
Shared |
n/a |
Employ and maintain automatic emergency lighting for the system that activates in the event of a power outage or disruption and that covers emergency exits and evacuation routes within the facility. |
link |
1 |
| SOC_2 |
A1.2 |
SOC_2_A1.2 |
SOC 2 Type 2 A1.2 |
Additional Criteria For Availability |
Environmental protections, software, data back-up processes, and recovery infrastructure |
Shared |
The customer is responsible for implementing this recommendation. |
Identifies Environmental Threats — As part of the risk assessment process, management identifies environmental threats that could impair the availability of the
system, including threats resulting from adverse weather, failure of environmental
control systems, electrical discharge, fire, and water.
• Designs Detection Measures — Detection measures are implemented to identify
anomalies that could result from environmental threat events.
• Implements and Maintains Environmental Protection Mechanisms — Management
implements and maintains environmental protection mechanisms to prevent and
mitigate environmental events.
• Implements Alerts to Analyze Anomalies — Management implements alerts that are
communicated to personnel for analysis to identify environmental threat events.
• Responds to Environmental Threat Events — Procedures are in place for responding to environmental threat events and for evaluating the effectiveness of those policies and procedures on a periodic basis. This includes automatic mitigation systems
(for example, uninterruptable power system and generator backup subsystem).
• Communicates and Reviews Detected Environmental Threat Events — Detected environmental threat events are communicated to and reviewed by the individuals responsible for the management of the system and actions are taken, if necessary.
• Determines Data Requiring Backup — Data is evaluated to determine whether
backup is required.
• Performs Data Backup — Procedures are in place for backing up data, monitoring
to detect backup failures, and initiating corrective action when such failures occur.
• Addresses Offsite Storage — Backup data is stored in a location at a distance from
its principal storage location sufficient that the likelihood of a security or environmental threat event affecting both sets of data is reduced to an appropriate level.
• Implements Alternate Processing Infrastructure — Measures are implemented for
migrating processing to alternate infrastructure in the event normal processing infrastructure becomes unavailable. |
|
13 |
| SWIFT_CSCF_v2022 |
9.3 |
SWIFT_CSCF_v2022_9.3 |
SWIFT CSCF v2022 9.3 |
9. Ensure Availability through Resilience |
Service bureaux must ensure that the service remains available for their customers in the event of a disturbance, a hazard, or an incident. |
Shared |
n/a |
Service bureaux must ensure that the service remains available for their customers in the event of a disturbance, a hazard, or an incident. |
link |
7 |