The purpose of Environmental Control is to establish and manage an appropriate level of physical, environmental, and geographical controls to support the resilient operations of services in organizational facilities.
Facilities are a subset of the physical plant assets of the organization that are relied upon to execute a service. They are hubs of activity where many of the organization’s services intersect, such as office buildings and warehouses. Facilities can be owned by the organization but just as often are leased from an external provider, and they may even encompass workers’ homes and other locations where high-value services are physically executed.
People, information, and technology assets “live” within a physical facility—they provide the physical space for the actions of people (people work in offices), the use and storage of information (such as in file rooms and on servers), and the operation of technology components (such as in data centers and server farms). Because of its nature as an activity hub, when a facility is disrupted, there is often a widespread cascading effect on the operability of these other assets, impacting mission assurance of associated services and possibly translating to a failure to achieve organizational goals and objectives.
As a complicating factor, organizations frequently execute their services in facilities that they do not own or control. These arrangements sometimes also mean that the organization’s assets are co-located with the assets of other organizations. This presents challenges not only for facilities management but for ensuring the operational resilience of services that depend on these facilities to meet their missions.
The Environmental Control process area addresses the importance of facilities in the operational resilience of services as well as the unique issues that facility assets inherit because of their geographical location and the environment in which they operate. In this process area, facility assets are prioritized according to their value in supporting high-value organizational services. Physical, technical, and administrative controls that sustain the operational viability of facility assets are selected, implemented, and managed, and the effectiveness of these controls is monitored. In addition, facility risks are identified and mitigated in an attempt to prevent disruption where possible. Because a facility is intricately tied to the geographical location in which it operates, the unique dependencies of the facility on its adjacent environment are identified and actively managed.
The establishment and management of resilience requirements for facility assets are performed in the Resilience Requirements Development and Resilience Requirements Management process areas.
The identification, definition, and management of facility assets are addressed in the Asset Definition and Management process area.
The risk management cycle for facility assets is addressed in the Risk Management process area.
The management of the internal control system that ensures the protection of facility assets is addressed in the Controls Management process area.
The selection, implementation, and management of access controls for facility assets are performed in the Access Management process area.
The development of service continuity plans for facilities is performed in the Service Continuity process area.
The establishment and management of relationships with external entities to ensure the resilience of services that are executed in facilities they own and operate are addressed in the External Dependencies Management process area.
Facility assets are prioritized to ensure resilience of high-value services that they support.
In this goal, the organization establishes the subset of facility assets (from its facility asset inventory) on which it must focus operational resilience activities because of their importance to the sustained operation of essential services.
In many cases, all facility assets may be considered of high value to the organization. However, from a risk and resilience perspective, these assets must be prioritized. Prioritization establishes the facility assets that are of most value to the organization (based on their support for high-value services) and for which protective controls and sustainability measures are required. Failure to prioritize facility assets may lead to inadequate operational resilience of high-value assets and excessive levels of operational resilience for non-high-value assets.
Facility assets are prioritized relative to their importance in supporting the delivery of high-value services.
The prioritization of facility assets must be performed in order to ensure that the organization properly directs its operational resilience resources to the assets that most directly contribute to the services supporting the organization’s mission. These assets require the organization’s direct attention because their interruption or disruption has the potential to cause significant organizational consequences.
Facility asset prioritization is performed relative to related services—that is, facility assets associated with high-value services are those that must be most highly prioritized for operational resilience activities. However, the organization can use other criteria to establish high-priority facility assets, such as the following:
• the use of the facility asset in the general management and control of the organization (corporate headquarters, primary data centers, etc.)
• facility assets that are important to supporting more than one service
• the value of the asset in directly supporting the organization’s achievement of critical success factors and strategic objectives
• the organization’s tolerance for “pain”—the degree to which it can suffer a loss or destruction of the facility asset and continue to meet its mission
Typically, the organization selects a subset of facility assets from its asset inventory; however, it is feasible that the organization may compile a list of high-value facility assets based on risk or other factors. However, failure to select assets from the organization’s asset inventory poses additional risk that some high-value facility assets may never have been inventoried. (The identification, definition, management, and control of organizational assets are addressed in the Asset Definition and Management process area.)
Typical work products
Subpractices
Facilities assets that are essential to the successful operation of organizational services should be included on the list of facility assets. (An inventory of high-value facilities is established in practice ADM:SG1.SP1 in the Asset Definition and Management process area.) This list may suffice for this subpractice or may be expanded if necessary.
The prioritization of facility assets is necessary so that the organization can ensure it focuses protection and sustainability activities on facilities that have the most potential for impacting the organization if they are disrupted or destroyed.
Unlike other organizational assets, facilities tend to be “hubs” of services; that is, many services tend to be performed in or supported by a single facility. An example of this would be a data center where many application systems (and their associated hardware, software, and network components) support a number of organizational services. Because the loss of a facility can have widespread cascading effects on a number of services, the organization should consider this strongly when prioritizing facility assets. One means for supporting this criterion is to review the mapping between services and facility assets. (The association of services to facility assets is performed in practice ADM:SG2.SP1 in the Asset Definition and Management process area.) This information may also be gathered as the result of a business impact analysis activity at the organizational unit level.
Facility assets that specifically support the organization’s service continuity plans are identified and established.
Some facility assets are specifically designated to support the organization’s ability to execute service continuity plans. They provide physical locations where people can work temporarily, information can be stored and retrieved when needed, and technology components such as systems, hardware, and software can be operated. In many cases, resilience-focused assets may be owned by the organization (i.e., the organization may have a secondary data center) or may be contracted for and provided by an external provider (such as the use of a shared data center to recover systems and networks).
A resilience-focused asset may also serve as a primary facility that has been designated as a recovery site during an incident. For example, an organization may have two geographically dispersed data centers where day-to-day processing occurs; however, when an incident affects one of the data centers, the other is capable of being used to support operations of the other for a specified time period. When this occurs, primary facilities also are designated as resilience facilities, increasing the need for protection and sustainability.
Typical work products
Subpractices
These facility assets should include those that would be required for the successful execution of service continuity plans and service restoration plans.
Administrative, technical, and physical controls for facility assets are identified, implemented, monitored, and managed.
Facility assets are one of the most tangible and visible assets of the organization. They provide a physical presence to the organization and are the intersection point for people, processes, and technologies that fuel organizational services. Thus, the availability of facilities is important to the viability of organizational services—an organization has only to close an office building for one day to realize that many job functions go unperformed during such a disruption, no matter the cause.
Facility assets present unique challenges for managing operational resilience. Facility assets are often leased from external business partners, and therefore the organization may not have direct control or influence over their protection or sustainability. Facility assets also often take non-traditional forms. For example, in a distributed workforce employees may work at home, whereby their home location becomes an extension of the organization’s physical plant.
Facility assets are also uniquely connected to their immediate environment in that their operational resilience is often dependent on the resilience of public services (police, fire, ambulance, and first responders) and infrastructure (electricity, gas, water, telecommunications). Because organizations have very little if any control over the immediate environment, managing operational resilience for facilities may require extensive considerations of redundancy, co-location, geographical dispersion, etc.
Protecting facility assets from vulnerabilities, threats, and risks requires that the organization develop appropriate resilience requirements for these assets and follow through with the development, implementation, and management of an appropriate level of administrative, technical, and physical controls to manage the conditions that could cause disruption of these assets. The organization selects and designs controls based on the facility asset’s resilience requirements and the conditions that require availability of the facilities. The effectiveness of these controls is monitored on a regular basis to ensure that they meet the facility asset’s resilience requirements.
The establishment and management of relationships with external entities to ensure the resilience of services that are executed in facilities they own and operate are addressed in the External Dependencies Management process area.
Resilience requirements that have been defined are assigned to facility assets.
Resilience requirements form the basis for the actions that the organization takes to protect and sustain facility assets. These requirements are established commensurate with the value of an asset to services that it supports. The resilience requirements for facility assets must be assigned to the assets so that the appropriate type and level of protective controls can be designed, implemented, and monitored to meet the requirements.
Resilience requirements for facility assets are developed in the Resilience Requirements Development process area. However, facility asset resilience requirements may not be formally defined or they may be assumed to be the responsibility of the facility asset owner (if the organization is not the owner). The assignment of these requirements is necessary as a foundational step for controls management.
Subpractices
Resilience requirements for a facility asset are likely to be concentrated on the availability of the facility. The requirements must take into consideration the shared use of the facility both within the organization (as more than one service is likely to be performed in the facility) as well as outside of the organization (as a leased facility may be shared with other organizations that have differing resilience requirements).
Administrative, technical, and physical controls that are required to meet the established resilience requirements are identified and implemented.
The organization must implement an internal control system that protects the continued operation of facility assets commensurate with their role in supporting organizational services. Controls are the methods, policies, and procedures that the organization uses to provide an acceptable level of protection over high-value assets such as facilities. They typically fall into three categories: administrative (or managerial), technical, and physical, the latter of which is most typically associated with facilities.
• Administrative controls (often called “management” controls) ensure alignment to management’s intentions and include such work products as governance, policy, training and awareness, pre-employment screening, and the development and implementation of service continuity plans. Administrative controls for facilities include policies on who can enter facilities, when, and under what conditions or criteria.
• Technical controls are the technical manifestation of protection methods for facility assets. Most prominently, they include access controls such as card-controlled entry gates and appropriate lighting or fencing, but they can also include such hardware artifacts as encryption.
• Physical controls manage the physical access to facility assets. These controls typically include artifacts such as picture IDs, locks on file room doors, and other physical barrier methods. By far, physical controls are the most pervasive type of protective controls applied to facilities and are often associated with security activities.
Operational resilience for facilities involves a thorough consideration of several types of controls. These include not only access controls but controls that address the viability and operability of a facility in its geographical location and immediate environment. Because facilities lack sufficient portability (in contrast with information assets and some technology assets), controls that prevent a facility from being impacted by vulnerabilities and threats in its immediate environment must be considered and implemented.
Typical work products
Subpractices
A specific subset of controls should be considered during the design, construction, or leasing of facility assets. These controls are typically technical or physical in nature and are focused on sustaining the operability and viability of facilities, thus contributing to a facility’s operational resilience.
Operational and environmental risks to facility assets are identified and managed.
The management of risk for facility assets is the specific application of risk management tools, techniques, and methods to the facility assets whether or not they are owned by the organization. Facility assets are more prone to certain types of operational risk, particularly external conditions such as failures of public infrastructure and natural disasters. In addition, because facility assets are often not in the direct control of the organization (because they are leased or shared), the organization may be exposed to additional risks that would generally be detectable and controllable if the organization owned and maintained them. As hubs of activities and services, facility assets are subject to risks that can result in widespread and cascading consequences to the organization.
Risks to facility assets are periodically identified and assessed.
Operational risks that can affect facility assets must be identified and mitigated in order to actively manage the resilience of these assets and, more important, the resilience of services to which these assets are associated. Special attention should be given to operational risks such as natural disasters and environmental conditions to which facilities are typically prone.
The identification of facility asset risks forms a baseline from which a continuous risk management process can be established and managed.
The subpractices included in this practice are generically addressed in goals RISK:SG3 and RISK:SG4 in the Risk Management process area.
Typical work products
Subpractices
Determining which facility assets to include in regular risk management activities depends on many factors, including the value of the asset to the organization, its resilience requirements, and the ownership and control of the facility.
Identification of risk for facilities requires an examination of the types of threats, vulnerabilities, events, or incidents to which the facility may be subjected. The types of events or incidents that could occur at a given facility may be based on the history of previous events at that site or a similar site, events that may be common to the type of service, or natural disasters particular to certain geography. Operational risks should be identified in this context so that mitigation actions are more focused and directed. Types of facility asset threats, vulnerabilities, events, and incidents to consider may include
• non-criminal events such as human-made and natural disasters
• crime-related events such as theft, trespassing, and sabotage
• the demographic/social/political climate in which the facility is located
• geographical proximity to other high-value organizational facilities
• people, including those who might have detailed knowledge about the facility asset
Risk mitigation strategies for facility assets are developed and implemented.
The mitigation of facility asset risk involves the development of strategies that seek to minimize the risk to an acceptable level. This includes reducing the likelihood of risks to facility assets, minimizing exposure to these risks, developing service continuity plans to keep the asset viable during times of disruption or to provide a suitable substitute facility, and developing recovery and restoration plans to address the consequences of realized risk. In the case of facility assets, restoration may be a more extensive consideration—for example, restoration may mean that a new facility must be constructed or acquired, therefore recovery operations in a temporary or leased facility may be needed for a longer period of time. This temporary arrangement can also bring additional risk to the organization that must be addressed until restoration has been accomplished.
Risk mitigation for facility assets requires the development and implementation of risk mitigation plans (which may include the development of new or revision of existing facility asset controls) and the monitoring of these plans for effectiveness.
The subpractices included in this practice are generically addressed in goal RISK:SG5 in the Risk Management process area.
Typical work products
Subpractices
Service continuity plans that involve the use of temporary or leased facilities while restoration can be completed for a facility may result in residual risk. This risk should be characterized and addressed in the risk management cycle if necessary.
The operational environment of the facility is controlled to ensure its availability.
The availability of a facility—the most important challenge for the operational resilience of facilities—is dependent on several factors. First, the facility must provide access to people (both inside and outside of the organization) who need to use it to perform their job responsibilities and prevent access from those who do not have a legitimate need. Second, the facility must be operationally viable—it must be structurally sound, fit for purpose, and connected to vital services such as electricity, water, and telecommunications. Finally, availability of a facility is tied to its geographical location. Any event that affects the surrounding environment of the facility can impede access (and egress to some extent).
Certain operational risks, such as the following, can significantly affect the availability of a facility in supporting high-value services:
• Electronic or physical access systems can be compromised, allowing unauthorized access that may affect the availability of the facility (particularly if it is destroyed in some way) or preventing access by authorized individuals.
• Geographical events specific to the facility can occur, including hurricanes, tornadoes, winter storms, and other natural events.
• Sociopolitical events can prevent people and business partners from accessing the facility because of dangerous conditions or because of perceived danger (such as when a bomb threat is issued).
• The systems and the structures of the facility can fail, thereby rendering the facility unusable for a period of time.
• The public infrastructure that the facility depends upon can fail, thereby causing the facility to be unusable for a period of time.
• Business partners (who own or manage facilities that the organization leases or shares with other organizations) may fail to ensure the availability of their facilities, thereby posing cascading risks to the organization.
Unfortunately, facilities cannot be easily duplicated or replicated, so ensuring their availability (or more important, preserving their ability to support high-value services) is problematic. In addition, because facilities are high-cost assets, strategies for ensuring their availability are often more difficult and costly than those that are focused on information assets, technology, and in some cases, people.
To effectively control the operational environment for facilities, the organization must perform several activities. Foremost, the organization must plan for facility sustainability to ensure the continued operation of the facility (or the ability to replicate and sustain the continued operation of the facility). In addition, the organization must address the environmental conditions of the facility (to ensure that it remains viable) and consider the challenges presented by the facility’s geographical environment, including its access to public and private services and infrastructure.
The availability of high-value facilities is ensured through sustainability planning.
Because facilities operate as hubs for services, planning for the continued operation of a facility—or in many cases, the replication of functionality at a redundant or backup facility—is a critical activity in ensuring operational resilience.
An organization has several options when performing sustainability planning for facilities. The most costly option is to construct or acquire a redundant facility that would back up an existing facility in a seamless way if disrupted. This is not always a valid option because of cost and co-location, proximity, and geographical dispersion issues. Less costly options may involve the alternate use of other organization-owned facilities (if possible) or the use of shared space (either leased space or shared services). Options that include the use of externally owned facilities bring additional risks that must be considered. Finally, instead of full facility redundancy, the organization may consider only those elements that must be made redundant (such as providing an organization-controlled source of power or telecommunications) that would render a facility usable for an acceptable specific period of time.
Facility sustainability planning is typically performed as part of developing service continuity plans for services or may be instantiated in continuity plans specifically focused on high-value facilities regardless of their use. The actions that the organization needs to take to ensure that services can be executed when facilities are disrupted are included in service continuity plans. In addition to providing facility redundancy and backup, additional issues such as “return to work” considerations may be addressed and included in facility continuity plans.
The development and management of service continuity plans are addressed in the Service Continuity process area. This practice may not be able to be completed unless considerations of the practices in the Service Continuity process area have been made.
Considerations for “return to work” issues are addressed in the People Management process area.
Typical work products
Subpractices
Business impact analysis can help the organization to identify high-value facilities for which service continuity plans must be developed and implemented. This analysis may concentrate on reviewing the business impact of loss of services due to the loss of a facility or specifically focus on the facility itself and its associated services and the impact of their loss on the organization.
Depending on the organization’s focus, service continuity plans can be specifically developed for high-value facilities (which would affect associated services) or may be developed from a services viewpoint (which addresses facilities as an associated asset).
Environmental conditions of facility assets are maintained.
The environmental condition of a facility is important for keeping it viable and operational. Failure to monitor and correct conditions may affect the availability of the facility to support the services that are convergent there. These are examples of systems that can affect environmental conditions:
• HVAC systems must be fully operational to ensure the comfort of workers as well as to keep technical equipment from overheating and failing.
• Fire suppression systems must be active to prevent fire damage and to ensure staff safety.
• Dust and air control systems must provide purified air required for production processes, particularly if “clean room” conditions are necessary.
• Power conditioning systems must condition power to ensure consistent delivery and the avoidance of “spikes.”
• Security systems must be able to monitor the facility and provide authenticated access to authorized staff.
• Water systems must provide potable water for drinking purposes and other water for supporting production processes (such as for chillers for equipment and for air conditioning).
Maintaining environmental conditions includes the performance of regular maintenance activities. The criteria used to establish guidelines for maintenance are relative to the value of the related services supported by the assets that are located in the facility. The organization may use other criteria to establish guidelines for maintenance, such as
• corrective maintenance (i.e., correcting and repairing problems that degrade the operational capability of the facility services)
• preventive maintenance (i.e., preventing potential facility problems from occurring through preplanned activities)
• adaptive maintenance (i.e., adapting the facility to a different operating environment)
• perfective maintenance (i.e., developing or acquiring an additional or improved operational capability of the facility)
Subpractices
Maintenance staff should be subject to the organization’s standards for authorizing and providing access. (The management of access controls is addressed in the Access Management process area.)
Maintenance records should be retained for all facility control equipment and stored appropriately with access only to authorized individuals. Risks related to control systems and their maintenance may need additional analysis and resolution.
These activities may result in additions or revisions to existing service continuity plans or may require separate plans to be developed. Actions that are required for service continuity planning should be identified and executed as part of this activity.
Maintenance activities can result in often-undetected vulnerabilities to information assets. All controls over information assets should be reaffirmed before maintenance is performed, and information access and modification logs should be checked after maintenance is performed.
Appropriate controls over information assets are addressed in the Knowledge and Information Management process area.
Dependencies on public services for facility assets are identified and managed.
Because they are geographically static, facilities rely on public services that are in operation in the immediate environment in which the facilities exist. These public services may be vital to a facility’s continued operation during a disruption and, by default, to the services that are performed in the facility. Thus, a thorough consideration of these services must be given for service continuity planning and incorporated into requisite service continuity plans.
Public services generally include services that are specific to the geographical region of the facility and are financed by public funds. (In some cases, depending on the organization and its size, these services may have been privatized and therefore may be financed by and under the direct control of the organization.) Public services include
• fire response and rescue services
• local and, in some cases, federal law enforcement (police, National Guard, FBI, etc.)
• emergency management services, including paramedics and first responders
• other services, such as animal control
Identifying and managing dependencies on public services may be performed as part of the organization’s service continuity planning process or in the development of specific service continuity plans. (The development and management of service continuity plans are addressed in the Service Continuity process area.)
Typical work products
Subpractices
Typically, this activity results from business impact analysis. However, it can be included as part of service continuity planning or facility asset definition, depending on the organization. A resulting list of public services for each facility should be documented and made available for inclusion in service continuity plans as appropriate.
Dependencies on public infrastructure for facility assets are identified and managed.
Facility assets are a primary point where an organization intersects physically with its geographical environment. Facilities are vitally dependent on public infrastructure and services to operate and to remain viable. These services include
• telecommunications and telephone services
• electricity, natural gas, and other energy sources
• water and sewer services
• trash collection and disposal, and other support services
These dependencies must be carefully evaluated for several reasons. First, the organization must be prepared to address the loss of these services, which can affect organizational services that are supported by a facility. Second, the organization may need to consider the resilience of public services when developing service continuity plans for a facility—the inability to retain telecommunications, power, or water services may adversely impact the organization’s ability to execute the facility’s service continuity plan. Consideration of these public services may also cause the organization to make decisions about capital improvements (such as implementing backup power systems) that would be necessary to ensure a minimal level of operational resilience for the facility.
Typical work products
Subpractices
Remember that these dependencies may be internal as well as external, particularly when the organization has control over certain aspects of facility infrastructure such as power or telecommunications that it provides for its own operations.
Typically, this activity results from business impact analysis. However, it can be included as part of service continuity planning or facility asset definition, depending on the organization. A resulting list of public infrastructure providers for each facility should be documented and made available for inclusion in service continuity plans as appropriate.
This practice may result in updates to existing service continuity plans or in the development of actions and activities that seek to provide an acceptable minimum level of redundancy in certain public infrastructure services.
The retirement of a facility is planned for to minimize operational impact.
The retirement of a facility can have widespread and unintended effects on the resilience of organizational services. If it is not appropriately planned and executed, temporary or permanent disruptions in operations can result. This is particularly true for facilities because they serve as a convergence point for many organizational services. Thus, the organization must carefully plan and execute the retirement of a facility (and the cut-over to a new facility, if planned) so that disruption can be minimized and any potential impacts can be identified in advance and appropriately mitigated. In some cases, this may require the organization to develop special-purpose service continuity plans (or enhance existing plans) to address the unique issues that may result from retirement.
Typical work products
Subpractices
This practice applies not only to facilities that the organization owns but also to the retirement of a service contract for an outside facility that the organization leases or shares with another organization.
As part of the plan, the organization should identify and document the services that will be affected by the facility retirement and include the stakeholders of these services in the planning process.
These plans are developed to ensure that potential problems that arise in the retirement of the facility do not affect the operational resilience of services that rely on the facility. These plans may be temporary or sufficiently generic that they can be used whenever facilities are retired.
This may include any facility training manuals, service continuity plans, maintenance records, and other documents that may have to be referenced by the organization in the future.
This includes monitoring the retirement for any potential problems and executing service continuity plans where necessary.
Refer to the Generic Goals and Practices document in Appendix A for general guidance that applies to all process areas. This section provides elaborations relative to the application of the Generic Goals and Practices to the Environmental Control process area.
The operational resilience management system supports and enables achievement of the specific goals of the Environmental Control process area by transforming identifiable input work products to produce identifiable output work products.
Perform the specific practices of the Environmental Control process area to develop work products and provide services to achieve the specific goals of the process area.
Elaboration:
Specific practices EC:SG1.SP1 through EC:SG4.SP5 are performed to achieve the goals of the environmental control process.
Environmental control is institutionalized as a managed process.
Establish and maintain governance over the planning and performance of the environmental control process.
Refer to the Enterprise Focus process area for more information about providing sponsorship and oversight to the environmental control process.
Elaboration:
Elaboration:
Establish and maintain the plan for performing the environmental control process.
Elaboration:
The plan for performing the environmental control process is created to ensure that facility assets remain available and viable to support organizational services. The plan must address the resilience requirements of the facility assets, dependencies of services on these facility assets, and consideration of multiple asset owners and custodians at various levels of the organization. In addition, because facilities have a strong geographical connection, the plan must extend to external stakeholders that can enable or adversely affect facility resilience.
Elaboration:
Special consideration in the plan may have to be given to the establishment, implementation, and maintenance of an internal control system for facility assets, as well as facility sustainability planning. These activities address the protection and sustainability of the facility asset commensurate with its resilience requirements.
Provide adequate resources for performing the environmental control process, developing the work products, and providing the services of the process.
Elaboration:
The diversity of activities required to protect and sustain all types of facility assets requires an extensive level of organizational resources and skills and a significant number of external resources (for example, as described in EC:SG4.SP3 for public services and in EC:SG4:SP4 for public infrastructure). In addition, these activities require a major commitment of financial resources (both expense and capital) from the organization.
Subpractices
Elaboration:
Refer to the Organizational Training and Awareness process area for information about training staff for resilience roles and responsibilities.
Refer to the Human Resource Management process area for information about acquiring staff to fulfill roles and responsibilities.
Elaboration:
At a minimum, funding must be available to support the establishment, implementation, and maintenance of an internal control system for facilities, as well as the development, implementation, testing, and execution of service continuity plans for facilities. In some cases, capital funding may be required for projects that enhance or support the protection and sustainability of facilities, which may result in developing additional facilities or establishing contracts with external entities to provide or support facilities when needed.
Refer to the Financial Resource Management process area for information about budgeting for, funding, and accounting for environmental control. Refer to the External Dependencies Management process area for information about establishing and managing relationships with external entities.
Because of the extensive level of controls that have to be implemented and managed, necessary tools, techniques, and methods will be diverse. An example of a necessary tool for managing the environmental control process for facilities is a physical access system (such as a card reader, biometric device, or proximity reader).
In addition, developing and maintaining the facility inventory may require tools, techniques, and methods that allow for asset documentation and profiling, reporting, and updating on a regular basis. The need for these tools may be greater if the asset inventory is developed across many organizational units and must be aggregated at the enterprise level. The facility asset inventory database should be searchable and expandable to include additional information such as documentation of associated services and the asset’s resilience requirements.
Assign responsibility and authority for performing the environmental control process, developing the work products, and providing the services of the process.
Elaboration:
Of paramount importance in assigning responsibility for the environmental control process is the establishment of facility owners and custodians, which is described in ADM:SG1.SP3. Owners are responsible for establishing facility resilience requirements, ensuring these requirements are met by custodians, and identifying and remediating gaps where requirements are not being met. Owners may also be responsible for establishing, implementing, and maintaining an internal control system commensurate with meeting facility resilience requirements if this activity is not performed by a custodian.
Refer to the Human Resource Management process area for more information about establishing resilience as a job responsibility, developing resilience performance goals and objectives, and measuring and assessing performance against these goals and objectives.
Refer to the Asset Definition and Management process area for more information about establishing ownership and custodianship of facility assets.
Subpractices
Elaboration:
Responsibility and authority may extend to not only staff inside the organization, but to those with whom the organization has a contractual (custodial) agreement for managing facilities (including implementation and management of controls and facility sustainability).
Elaboration:
Train the people performing or supporting the environmental control process as needed.
Refer to the Organizational Training and Awareness process area for more information about training the people performing or supporting the process.
Refer to the Human Resource Management process area for more information about creating an inventory of skill sets, establishing a skill set baseline, identifying required skill sets, and measuring and addressing skill deficiencies.
Subpractices
Elaboration:
Elaboration:
Training may be particularly useful and necessary for asset owners who may not have the requisite skills for ensuring the protection and sustainability of facilities. Training may also be necessary for practitioners (such as security practitioners and maintenance contractors) who do not have specific experience in managing controls for facilities or in ensuring their sustainability.
Place designated work products of the environmental control process under appropriate levels of control.
Elaboration:
All work products related to facility administrative, technical, and physical controls (such as configurations, logs, policies, standards, records, etc.) should be placed under control.
In addition to the specific work products included throughout the environmental control process, additional work products such as facility control documentation, control logs and exception reports (including physical security system logs), fire inspection reports, surveillance tapes or recordings, facility visitor logs, and facility asset retirement records may be placed under control.
Identify and involve the relevant stakeholders of the environmental control process as planned.
Elaboration:
The primary stakeholders for the environmental control process are facility asset owners and custodians. In addition, EC:SG4.SP5 calls for involving stakeholders in planning for facility retirement.
Subpractices
Elaboration:
Because of the significant connection between facilities and their geographic environment, a substantial number of stakeholders are likely to be external to the organization.
Monitor and control the environmental control process against the plan for performing the process and take appropriate corrective action.
Refer to the Monitoring process area for more information about the collection, organization, and distribution of data that may be useful for monitoring and controlling processes.
Refer to the Measurement and Analysis process area for more information about establishing process metrics and measurement.
Refer to the Enterprise Focus process area for more information about providing process information to managers, identifying issues, and determining appropriate corrective actions.
Subpractices
Elaboration:
Discrepancies result when facility assets are acquired, modified, or retired but not reflected accurately in the facility asset inventory. Assets form the foundation for operational resilience management because they are the target of strategies to protect and sustain them. To the extent that the environmental control process results in inventory discrepancies, the organization’s overall ability to manage operational resilience is impeded.
Elaboration:
For facility assets, corrective action may require the revision of existing administrative, technical, and physical controls, development and implementation of new controls, or a change in the type of controls (preventive, detective, corrective, compensating, etc.).
Objectively evaluate adherence of the environmental control process against its process description, standards, and procedures, and address non-compliance.
Elaboration:
Review the activities, status, and results of the environmental control process with higher-level managers and resolve issues.
Refer to the Enterprise Focus process area for more information about providing sponsorship and oversight to the operational resilience management system.
Environmental control is institutionalized as a defined process.
Establish and maintain the description of a defined environmental control process.
Establishing and tailoring process assets, including standard processes, are addressed in the Organizational Process Definition process area.
Establishing process needs and objectives and selecting, improving, and deploying process assets, including standard processes, are addressed in the Organizational Process Focus process area.
Subpractices
Collect environmental control work products, measures, measurement results, and improvement information derived from planning and performing the process to support future use and improvement of the organization’s processes and process assets.
Establishing the measurement repository and process asset library is addressed in the Organizational Process Definition process area. Updating the measurement repository and process asset library as part of process improvement and deployment is addressed in the Organizational Process Focus process area.
Subpractices