MHM Home Page
 Web Links
 Site Map
 Contact Us
About Us Services SAS 70 Industries Meet Our People Careers Locations Media Center
What is a SAS 70 Audit?
Who can perform a SAS 70 Audit?
The Benefits
Our Expertise
The Readiness Process
Example Control Objectives

Physical and Environmental Control

Controls provide reasonable assurance that access to the physical environment at the Company and to its data center is limited to properly authorized individuals and that environmental controls are established to detect, prevent, and control destruction due to environmental extremes.

  • All equipment within the main computer room is connected to an uninterruptible power supply device (UPS).
  • Physical and environmental controls have been installed to protect the data center.
  • The offsite storage facility has adequate security and environmental controls.
  • Virus protection is installed and is constantly updated.
  • A redundant system is available in the event of a failure. Firewall server functions exist and prevent unauthorized access to the network.
  • Unauthorized users are restricted from performing various server administration functions.
  • To prevent external server attacks and tracking of Internet activity, internal Internet Protocol addresses are not transmitted across the Internet.
  • Numeric keypads limit access to certain locations in the facility, such as the payment posting and IT suites.
  • All visitors are routed through reception area and are not allowed access without an authorized escort.
  • All employees must wear an employee ID badge at all times.

<< Back to Example Control Objectives

  
Home | About Us | Services | SAS 70 | Industries | Meet Our People | Careers | Locations | Media Center | Web Links | Site Map
Please visit our new Conrad Government Services Division website

Copyright © 2008 MHM PC