i. The scope of this audit involves the verification of the physical security controls over the data center. This includes the management and protection of the data center itself as well as the information residing within. While the scope included the verification of physical security controls (security, environmental, electrical, fire & safety) to the entry of the data center and its information, it did not include the actual application of these controls or any access controls related to any particular program, system, or device. 2. Planning
ii. The Operations & Systems Administration of UNC-Wilmington manages and operates the central computer systems and storage infrastructure for the university. This involves staying current with the appropriate technologies while providing support for the academic research computing environment. The data center is the facility used to physically house the main computer systems and its associated components. This center usually includes redundant/back-up power supplies, data communication connections, environmental controls, and security devices. c. Overview
iii. We were introduced to the data center and its features by Tony Copeland, Director of Operations & Systems Administration and Ellen Gurganious, Systems Administrator of the IT Systems Division. This involved a power point presentation of the data center and all of its physical security controls. A Q&A session was conducted and we were able to form specific tasks for the actual tour. Our plan was to use the information provided from the session to verify the appropriate controls were in place, it did not involve the actual application of these controls. 3. Field Work (Testing)
d. Upon arrival to the data center, we were given a tour of the building and the center itself that lasted around 15 minutes. The objective of this was...