VI. REGIDORES Y EMPLEADOS PÚBLICOS DE LAS CORPORACIONES LOCALES
2. PERSONAL AL SERVICIO DE LAS ENTIDADES LOCALES
Objective: To prevent unauthorized physical access, damage and interference to the organization’s information and information processing facilities.
11.1.1 Physical security perimeter
2013
Control 2014
Security perimeters shall be defined and used to protect areas that contain either sensitive or critical 2015
information and information processing facilities. 2016
The organization shall control all physical access points (including designated entry/exit points) to 2017
the facility where the IACS resides (except for those areas within the facility officially designated 2018
as publicly accessible) and verifies individual access authorizations before granting access to the 2019
facility. The organization controls access to areas officially designated as publicly accessible, as 2020
appropriate, in accordance with the organization’s assessment of risk. 2021
The organization controls physical access to the IACS independent of the physical access controls 2022
for the facility. Identity verification is required for entry to the most secured IACS spaces. 2023
Implementation guidance 2024
The following guidelines should [ENH11]be considered and implemented where appropriate for
2025
physical security perimeters: 2026
a) security perimeters should be defined, and the siting and strength of each of the perimeters 2027
should depend on the security requirements of the assets within the perimeter and the results 2028 of a risk assessment; 2029 This document is a WORKING DRAFT of an ISA99 committee work product. It may not be accurate of complete and is subject to change without notice. It is provided SOLELY for the purpose of review in support of further development of committee work products. This document may not be copied, distributed to others, or offered for further reproduction or for sale.
b) perimeters of a building or site containing information processing facilities should be physically 2030
sound (i.e. there should be no gaps in the perimeter or areas where a break-in could easily 2031
occur); the exterior roof, walls and flooring of the site should be of solid construction and all 2032
external doors should be suitably protected against unauthorized access with control 2033
mechanisms, (e.g. bars, alarms, locks etc.); doors and windows should be locked when 2034
unattended and external protection should be considered for windows, particularly at ground 2035
level; The organization uses physical access devices (e.g., keys, locks, combinations, card 2036
readers) and/or guards to control entry to facilities containing IACS. 2037
c) a manned reception area or other means to control physical access to the site or building should 2038
be in place; access to sites and buildings should be restricted to authorized personnel only; 2039
d) physical barriers should, where applicable, be built to prevent unauthorized physical access 2040
and environmental contamination; 2041
e) all fire doors on a security perimeter should be alarmed, monitored and tested in conjunction 2042
with the walls to establish the required level of resistance in accordance with suitable regional, 2043
national and international standards; they should operate in accordance with the local fire code 2044
in a failsafe manner; 2045
f) suitable intruder detection systems should be installed to national, regional or international 2046
standards and regularly tested to cover all external doors and accessible windows; unoccupied 2047
areas should be alarmed at all times; cover should also be provided for other areas, e.g. 2048
computer room or communications rooms; 2049
g) information processing facilities managed by the organization should be physically separated 2050
from those managed by external parties. 2051
h) The organization secures keys, combinations, and other access devices and inventories 2052
those devices regularly. The organization changes combinations and keys: (i) periodically; 2053
and (ii) when keys are lost, combinations are compromised, or individuals are transferred 2054
or terminated. Workstations and associated peripherals connected to (and part of) an 2055
organizational IACS may be located in areas designated as publicly accessible with access 2056
to such devices being appropriately controlled. The organization considers IACS safety and 2057
security interdependencies. The organization considers access requirements in emergency 2058
situations. During an emergency-related event, the organization may restrict access to 2059
IACS facilities and assets to authorized individuals only. 2060
i) This requirement enhancement, in general, applies to server rooms, communications 2061
centers, telecommunication spaces, control rooms, instrument rack rooms, remote control 2062
rooms or any other areas within a facility containing large concentrations of IACS 2063
components or components with a higher impact level than that of the majority of the facility. 2064
The intent is to provide an additional layer of physical security for those areas where the 2065
organization may be more vulnerable due to the concentration of IACS components or the 2066
impact level of the components. The requirement enhancement is not intended to apply to 2067
workstations or peripheral devices that are typically dispersed throughout the facility and 2068
used routinely by organizational personnel. 2069
Other information 2070
Physical protection can be achieved by creating one or more physical barriers around the 2071
organization’s premises and information processing facilities. The use of multiple barriers gives 2072
additional protection, where the failure of a single barrier does not mean that security is immediately 2073
compromised. 2074
A secure area may be a lockable office or several rooms surrounded by a continuous internal physical 2075
security barrier. Additional barriers and perimeters to control physical access may be needed between 2076
areas with different security requirements inside the security perimeter. Special attention to physical 2077
access security should be given in the case of buildings holding assets for multiple organizations. 2078 This document is a WORKING DRAFT of an ISA99 committee work product. It may not be accurate of complete and is subject to change without notice. It is provided SOLELY for the purpose of review in support of further development of committee work products. This document may not be copied, distributed to others, or offered for further reproduction or for sale.
The application of physical controls, especially for the secure areas, should be adapted to the technical 2079
and economic circumstances of the organization, as set forth in the risk assessment. 2080
Especially in energy transmission and distribution systems, and in the area of distributed 2081
generation, the components are distributed across decentralized sites. Equipment is situated in 2082
control and technical rooms within the organization’s building and in peripheral sites. Sometimes 2083
the equipment is situated on third-party premises or in public environments. It is not normally 2084
possible to achieve a comprehensive level of physical protection for peripheral and potential 2085
unmanned sites, therefore the residual risk must be assessed and mitigated where necessary, by 2086
means of supplementary measures.[JDG12] 2087
11.1.2 Physical entry controls
2088
Control 2089
Secure areas shall be protected by appropriate entry controls to ensure that only authorized personnel 2090
are allowed access to the IACS. The organization escorts visitors and monitors visitor activity. 2091
Implementation guidance 2092
The following guidelines should be considered: 2093
a) the date and time of entry and departure of visitors should be recorded, and all visitors should 2094
be supervised unless their access has been previously approved; they should only be granted 2095
access for specific, authorized purposes and should be issued with instructions on the security 2096
requirements of the area and on emergency procedures. The identity of visitors should be 2097
authenticated by an appropriate means; 2098
b) access to areas where confidential information is processed or stored should be restricted to 2099
authorized individuals only by implementing appropriate access controls, e.g. by implementing 2100
a two-factor authentication mechanism such as an access card and secret PIN; 2101
c) a physical log book or electronic audit trail of all access should be securely maintained and 2102
monitored; 2103
d) all employees, contractors and external parties should be required to wear some form of visible 2104
identification and should immediately notify security personnel if they encounter unescorted 2105
visitors and anyone not wearing visible identification; 2106
e) external party support service personnel should be granted restricted access to secure areas 2107
or confidential information processing facilities only when required; this access should be 2108
authorized and monitored; 2109
f) access rights to secure areas should be regularly reviewed and updated, and revoked when 2110
necessary (see 9.2.4 and 9.2.5). 2111
g) Personnel without permanent authorization or permanent duties, including physical access 2112
to an IACS, are considered a visitor. 2113
11.1.3 Securing offices, rooms and facilities
2114
Control 2115
Physical security for offices, rooms and facilities shall be designed and applied. 2116
Implementation guidance 2117
The following guidelines should be considered to secure offices, rooms and facilities: 2118
a) key facilities should be sited to avoid access by the public; 2119
b) where applicable, buildings should be unobtrusive and give minimum indication of their 2120
purpose, with no obvious signs, outside or inside the building, identifying the presence of 2121
information processing activities; 2122 This document is a WORKING DRAFT of an ISA99 committee work product. It may not be accurate of complete and is subject to change without notice. It is provided SOLELY for the purpose of review in support of further development of committee work products. This document may not be copied, distributed to others, or offered for further reproduction or for sale.
c) facilities should be configured to prevent confidential information or activities from being visible 2123
and audible from the outside. Electromagnetic shielding should also be considered as 2124
appropriate; 2125
d) directories and internal telephone books identifying locations of confidential information 2126
processing facilities should not be readily accessible to anyone unauthorized. 2127
11.1.4 Protecting against external and environmental threats
2128
Control 2129
Physical protection against natural disasters, malicious attack or accidents should be designed and 2130
applied. 2131
Implementation guidance 2132
Specialist advice should be obtained and followed on how to avoid damage from fire, flood, 2133
earthquake, explosion, hazardous events, civil unrest and other forms of natural or man-made disaster 2134
occurring onsite or at neighboring premises. 2135
a) hazardous[GTD13] or combustible materials should be stored at a safe distance from a 2136
secure area. Bulk supplies such as stationery should not be stored within the same secure 2137
area as the IACS.; 2138
b) fallback equipment and back-up media should be sited at a safe distance to avoid damage 2139
from a disaster affecting the main site; 2140
c) appropriate firefighting equipment should be provided and suitably placed; 2141
d) site location should be selected or appropriate countermeasures should be employed to 2142
minimize impact due to internal or external explosion or fire; 2143
e) appropriate electric design should be developed to minimize impact of electromagnetic 2144
radiation, lightning and provide backup power supply (see 9.2.2 for uninterruptible power 2145
supply); and 2146
f) appropriate environment control to minimize impact of dust, humidity, corrosion and entry 2147
of rodents. 2148
11.1.5 Working in secure areas
2149
Control 2150
Procedures for working in secure areas shall be designed and applied. 2151
Implementation guidance 2152
The following guidelines should be considered: 2153
a) personnel should only be aware of the existence of, or activities within, a secure area on a 2154
need-to-know basis; 2155
b) unsupervised working in secure areas should be avoided both for safety reasons and to prevent 2156
opportunities for malicious activities; 2157
c) vacant secure areas should be physically locked and periodically reviewed; 2158
d) photographic, video, audio or other recording equipment, such as cameras in mobile devices, 2159
should not be allowed, unless authorized. 2160
The arrangements for working in secure areas include controls for the employees and external 2161
party users working in the secure area and they cover all activities taking place in the secure area. 2162 This document is a WORKING DRAFT of an ISA99 committee work product. It may not be accurate of complete and is subject to change without notice. It is provided SOLELY for the purpose of review in support of further development of committee work products. This document may not be copied, distributed to others, or offered for further reproduction or for sale.
11.1.6 Delivery and loading areas 2163
Control 2164
Access points such as delivery and loading areas and other points where unauthorized persons could 2165
enter the premises shall be controlled and, if possible, isolated from information processing facilities to 2166
avoid unauthorized access. 2167
Implementation guidance 2168
The following guidelines should be considered: 2169
a) access to a delivery and loading area from outside of the building should be restricted to 2170
identified and authorized personnel; 2171
b) the delivery and loading area should be designed so that supplies can be loaded and unloaded 2172
without delivery personnel gaining access to other parts of the building; 2173
c) the external doors of a delivery and loading area should be secured when the internal doors 2174
are opened; 2175
d) incoming material should be inspected and examined for explosives, chemicals or other 2176
hazardous materials, before it is moved from a delivery and loading area; 2177
e) incoming material should be registered in accordance with asset management procedures(see 2178
8) on entry to the site; 2179
f) incoming and outgoing shipments should be physically segregated, where possible; 2180
g) incoming material should be inspected for evidence of tampering enroute. If such tampering is 2181
discovered it should be immediately reported to security personnel. 2182
11.2 Equipment