Professional Documents
Culture Documents
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
#
1
2
3
4
5
6
7
III.Networking Infrastructure
#
1
2
3
4
5
6
7
8
9
Information Systems Infrastructure Datacenter Management Checklist
Does the bank have more than 1 active and operational datacenter sites?
Does the datacenter supported by power redundancy such as UPS, Generator, and even multiple power substitution?
Does the bank have access control to make the datacenter secure?
Does the bank have video Surveillance to make the datacenter secure?
Does the datacenter remove any windows that has access to outside?
Are datacenter visitors and personnels aware of eating, drinking, and smoking in the datacenter not permitted?
Does the environmental sensor log the temperature and humidity of the datacenter?
Is the datacenter have a dedicated NOC operator 24hrs and 7days (24/7)?
thevisitors
Does all NOC incorporate fire, power, weather,
signed Non-Disclosure Agreement temperature, and humidity
(NDA) and approved monitoring
by the systems/tools
datacenter management in place?
before entering to
the datacenter?
Does a contact information of visitors, cleaning staffs, service engineer, maintenance technicians is registered properly
while entering and leaving of datacenter?
Does the bank have disaster recovery plan in place for datacenter?
Does the datacenter equipment’s named, labelled and numbered using standards?
man-made
Is the datacenter infrastructure protected against natural andhazards?
environmental hazards like floods, earthquakes, and extreme
weather conditions?
Are there procedures in place for the safe disposal of old equipment in the datacenter?
Have you performed regular preventive maintenance checks for the datacenter equipment?
Are the datacenter facilities physically secured to prevent unauthorized access?
Have you been trained on emergency response procedures?
Questions crafted
Do you have from afor
a standard setpatching
of security
andrequirments per Storage
updating security, and computing
operating systems and software applications on computing
systems?
Do you have a standard in place for managing user accounts and passwords on computing systems?
Do you have a standard in place for monitoring computing systems for potential security incidents?
Does the computing personnel have predefined roles and responsibilities?
Do you have a standard in place for backing up data on computing systems?
Do you have a standard in place for securely disposing of old or unused computing systems?
Do you have a standard in place for responding to and mitigating vulnerablities on computing systems?
III.Networking Infrastructure
Questions crafted from a set of security requirments per Network and Infrastructure
Do you
Have use
you network monitoring
conducted tools to detect
regular vulnerability potentialand
assessments security breaches
penetration or cyber
testing threats?
to identify potential weaknesses in your
network infrastructure?
Does the infrastructure personnel have predefined roles and responsibilities?
Do you have a disaster recovery plan in place in case of a cyber-attack or data breach?
Do you have a standard in place for regularly updating and patching network devices and software?
Have you implemented access controls to limit unauthorized access to sensitive data and systems?
Do you regularly review and analyze network logs to identify potential security incidents?
Do you have a standard in place for responding to and mitigating vulnerablities?
Have you implemented network segmentation to restrict access to sensitive data and systems?
Response by number
Possible Response
(Yes,Partial,NO) Weightage II.Computing and Storage Infrastructure 5 1
III.Networking Infrastructure 7 2
summary 36 7
4
4
24
yes Partial No
5
yes Partial No
III.Networking Infrastructure
Possible Response 2
(Yes,Partial,NO) Weightage
Possible Response
(Yes,Partial,NO) Weightage
yes Partial No
r Best practices
weight
No out of outcome number average Rate Ratio Rank status
1
6 34 0 0 0.00 0.00%
1
1 7 0 0 0.00 0.00%
0 9 0 0 0.00 0.00%
1
7 50 0
y Operations
Sectors
yes
Partial
No III.Networking Infrastructure 7
S
yes
Partial
No III.Networking Infrastructure 7
24
No
5
No
structure
Rate
100.00%
90.00%
7
80.00%
70.00%
No
60.00%
50.00%
40.00%
30.00%
60.00%
50.00%
40.00%
30.00%
20.00%
10.00%
0.00%
ns
it o
r a
pe
O
y
c ilit In
F a
a ge
ter tor
n S
Ce d
a an
D at g
tin
I. u
p
Com
I I.
status
astructure 7 2 0
astructure 7 2 0
astructure 5 1 1
Operations 24 4 6
0 5 10 15 20 25 30 35
0 5 10 15 20 25 30 35
ns e e
ur ur
ct u ct
stru str
r a f r a
f
In In
e g
r ag r kin
o o
St w
d et
an I .N
g II
tin
p u
Com
.
II Sectors
yes
Partial
No
35 40
Rates
35 40
Rates