Applicable

(Y)es / (N)o

(C)onfidentiality

(I)ntegrity

(A)vailability

RPN

(C+I+A)

(S)atisfactory

L1

M2

H3

L1

M2

H3

L1

M2

H3

(O)ther than satisfactory +##

pe-13(4)

fire protection  | inspections

assessment objective:

Determine if the organization:  

pe-13(4)[1]  

defines the frequency of inspections to be conducted on the facility by authorized and qualified inspectors;

pe-13(4)[2]

ensures that the facility undergoes inspections by authorized and qualified inspectors with the organization-defined frequency;

pe-13(4)[3]

defines a time period to resolve deficiencies identified when the facility undergoes such inspections; and

pe-13(4)[4]

resolves identified deficiencies within the organization-defined time period.

potential assessment methods and objects:

Examine: [select from: Physical and environmental protection policy; procedures addressing fire protection; security plan; facility housing the information system; inspection plans; inspection results; inspect reports; test records of fire suppression and detection devices/systems; other relevant documents or records].

Interview: [select from: Organizational personnel with responsibilities for planning, approving, and executing fire inspections; organizational personnel with information security responsibilities].