Environmental IA Controls - Emergency Power Shut-Off (EPO)
An XCCDF Rule
Description
A lack of an emergency shut-off switch or a master power switch for electricity to IT equipment could cause damage to the equipment or injury to personnel during an emergency. REFERENCES: DOD 5220.22-M (NISPOM), Incorporating Change 2, 18 May 2016 Chapter 5, Section 1, paragraph 5-104 NIST Special Publication 800-53 (SP 800-53), Rev 4, Controls: PE-10 and PE-10(1) NIST SP 800-12, An Introduction to Computer Security: The NIST Handbook NIST SP 800-100 Information Security Handbook: A Guide for Managers NFPA 79 & OSHA Emergency Stop Requirement
- ID
- SV-245744r1008534_rule
- Version
- EC-01.02.01
- Severity
- Medium
- Updated
Remediation Templates
A Manual Procedure
1. A master power switch or emergency cut-off switch for the IT equipment must be located inside the IT area near the main entrance.
2. The emergency switch must be properly labeled.
3. The emergency switch must be protected by a cover to prevent accidental shut-off of the power.
NOTE: Per NFPA 76 and OSHA Emergency Stop Requirements the EPO shall be bright yellow with red button, an emergency push button, "e-stop" or emergency stop/disconnection is required where there is a risk of an emergency or potential unsafe condition for equipment or for the operator. The switch shall be continually operable, readily accessible, and initiated via a single human action via a mechanical latching mechanism.