Title Page
-
ICT Infrastructure Compliance Check List
Instructions
-
1. The purpose of this form is to facilitate the assessment of Defence or Defence Industry ICT infrastructure to determine its suitability to store and process ICT information. Once completed the form will allow CIOG regional authorities to assess the infrastructure as being compliant or non-compliant with current ICT security documentation.
2. The Compendium document that accompanies this form is designed as a quick reference to the items on this form. The majority of line numbers on this form has a corresponding line number in the Compendium document which expands on and provides examples of the requirement.
3. Each line entry must have one of the check boxes filled in to be complete.
4. If there is not enough room on the form, please attach a separate list with the relevant line number annotated. If there are more than one Comms room, please annotate the relevant entry with the room number(s).
5. Listing of terms and acronyms used in this document and accompanying Compendium as they pertain to this document only. Some common terms used in this document and Compendium to this document are not listed below. -
Term Meaning
A/V Audio Visual
ANE Active Network Equipment
Comms Communication
DIE Defence Information Environment
DPN Defence Protected Network
DRICTS Directorate of Regional Information Communications Technology Services
DRN Defence Restricted Network
DSMS Defence Service Management System
DSN Defence Secret Network
Fly Lead Lead used in Patch Panels
ICT Information Communication Technology
LC (Lucent Connector) Miniaturised Fibre Connector
LCC Lockable Commercial Cabinet
MUTO Multi-User Telecommunications Outlet
N/A Not Applicable
POC Point of Contact
PSAV Protective Security Advisory Visit
RJ45 Standard Ethernet Connector
SAD ICT Infrastructure Self-Assessment Document
SC Standard Connector/Subscriber Connector for Fibre
SME Subject Matter Expert
TCA1 Telecommunications Cabling Advice 1. Compliant cabling
TCA2 Telecommunications Cabling Advice 2. Non-compliant cabling.
Whitelist Published ICT Infrastructure Whitelists -
6. Explanatory Notes:
a. Each line of the Compliance Check List is to be completed.
b. Date Format is to be: dd/mm/yyyy
7. Details of CIOG staff member requesting the data. -
Name:
-
Appointment:
-
Phone Number:
-
Select date
Site Information
-
01. Site:
-
Building Number:
-
ANE Room Number/Name:
-
Network Type
-
DPN
-
DSN
-
Date of Inspection
-
Unit (Tenant)
-
Name and Contact Detais of Site/Unit POC:
Documents/Data Requirements
-
DRICTS will complete this section. (Information form the SAD will assist with the below).
-
02. Has a SAD been sent out to the SO of the occupier of the building
-
03. Has the completed SAD been returned
-
04. Previous ICT Inspection report(s) available
-
05. Has there been any changes to physical aspects of the building
-
06. Current copy of Physical Security available
-
07. Has there been any changes to the ICT infrastructure
-
08. For any new ICT installs, is a TCA1 or Equivalent available
-
09. Is there a TCA2 or Equivalent available
Building Floor Plan
-
10. Is there a current floor plan available? Either hard copy or link
-
Does the floor plan contain the below items as a minimum:
-
Title:
-
Date:
-
Legend:
-
Lead in to Building
-
Location of Comms Room(s)
-
Cable pathways (Where practical)
-
Location of ICT outlets
-
Location of ICT cabinets
-
Location of other items in Comms Room (if practical). e.g. other cabinets
-
Comment:
-
11. Is a new Floor Plan Required?
-
Commnet: (Comments should include additional information if required)
Additional Information
-
Following information is to be gathered by the Data Collector. (May consist of photographs or require comments)
-
12. Building entry Pit marker plate:
-
Photo if required
-
Comment: (Comments should include additional information if required)
-
13. Lead-in Pit- Lid on
-
Photo if required
-
Comment: (Comments should include additional information if required)
-
14. Lead-in Pit Locking mechanism
-
Photo if required
-
Comment: (Comments should include additional information if required)
-
15. Is entry pit secured with SCEC lock?
-
Photo if required
-
Comment: (Comments should include additional information if required)
-
16. Lead in cabling showing wall penetration - External
-
Photo if required
-
Comment: (Comments should include additional information if required)
-
17. Lead in cabling showing Wall and/or Floor penetration - Internal
-
Photo if required
-
Comment: (Comments should include additional information if required)
-
18. Cabinet Classification Label
-
Photo if required
-
Comment: (Comments should include additional information if required)
-
19. Comms Cabinet – Front – Door Closed
-
Photo if required
-
Comment: (Comments should include additional information if required)
-
20. Comms Cabinet – Rear – Door Closed
-
Add media
-
Comment: (Comments should include additional information if required)
-
21. Comms Cabinet - Front - Door Open
-
Photo if required
-
Comment: (Comments should include additional information if required)
-
22. Comms Cabinet - Rear - Door open
-
Add media
-
Comment: (Comments should include additional information if required)
-
23. Comms Cabinet – Cable Entry/Exit –External
-
Add media
-
Comment: (Comments should include additional information if required)
-
24. Comms Cabinet – Cable Entry/Exit – Internal
-
Add media
-
Comment: (Comments should include additional information if required)
-
25. Comms Cabinet - Door Lock & Mechanism - Internal
-
Add media
-
Comment: (Comments should include additional information if required)
-
26. Comms Cabinet - Door Lock & Mechanism - External
-
Add media
-
Comment: (Comments should include additional information if required)
-
27. Photo of Cabinet side locking device (if fitted) - Internal
-
Add media
-
Comment: (Comments should include additional information if required)
-
28. Comms Cabinet - Power outlet
-
Add media
-
Comment: (Comments should include additional information if required)
-
29. Comms Cabinet power rail
-
Add media
-
Comment: (Comments should include additional information if required)
-
30. Comms Cabinet numbering label
-
Add media
-
Comment: (Comments should include additional information if required)
-
31. Fobots and patch panels labelling.
-
Add media
-
Comment: (Comments should include additional information if required)
-
32. Cabinets are the correct security classification for network and location<br>Class B/C /Lockable Commercial Grade(LLC)
-
DPN
-
B
-
C
-
DSN
-
B
-
C
-
Comment: (Comments should include additional information if required)
-
33. Cabinet has fans installed
-
DPN
-
DSN
-
Comment: (Comments should include additional information if required)
-
34. Different security levels of active equipment are correctly separated
-
Add media
-
Comment: (Comments should include additional information if required)
-
35. Completed, durable Record Books are in cabinet and/or patch panels
-
Add media
-
Comment: (Comments should include additional information if required)
-
36. Positioning of cabinet allows door to open fully to allow access for staff to work within the cabinet
-
Add media
-
Comment: (Comments should include additional information if required)
-
37. Lighting systems adequately for staff to work within the cabinet(s)
-
Add media
-
Comment: (Comments should include additional information if required)
-
38. Is there Spare capacity in Cabinet for future rack expansion
-
Add media
-
Comment: (Comments should include additional information if required)
-
39. Is there Spare port capacity in switch for future expansion
-
Add media
-
Comment: (Comments should include additional information if required)
-
40. Is the cabinet secured to the floor or wall
-
Add media
-
Comment: (Comments should include additional information if required)
-
41. Is there a earthing strap visible
-
Add media
-
Comment: (Comments should include additional information if required)
-
42. Typical horizontal cabling run including any internal wall penetrations
-
Add media
-
Comment: (Comments should include additional information if required)
-
43. Typical horizontal cabling run bends
-
Add media
-
Comment: (Comments should include additional information if required)
-
44. Junction box(s)
-
Add media
-
Comment: (Comments should include additional information if required)
-
45. There a visible separation between DIE and non DIE systems (simulators, etc)
-
Add media
-
Comment: (Comments should include additional information if required)
-
46.If cable trays are used, are distances between network cable classifications appropriate
-
Add media
-
Comment: (Comments should include additional information if required)
-
47. Correct cabling type and colours are used
-
Add media
-
Comment: (Comments should include additional information if required)
-
48. Are there tamper proof seals present
-
Add media
-
Comment: (Comments should include additional information if required)
-
49. Tamper proof seal register(when required) present and up to date
-
Comment: (Comments should include additional information if required)
-
50. Who holds and maintains the seal register (when required)
-
Comment: (Comments should include additional information if required)
-
51. Terminations the correct type for network (DRN LC/RJ45, DSN SC)
-
Add media
-
Comment: (Comments should include additional information if required)
-
52. Outlets are easily accessible and visible
-
Add media
-
Comment: (Comments should include additional information if required)
-
53. User outlet enclosures are complete
-
Add media
-
Comment: (Comments should include additional information if required)
-
54. In Muto's, is cabling outer sheath visible for 25mm
-
Add media
-
Comment: (Comments should include additional information if required)
-
55. Outlets are labelled correctly
-
Add media
-
Comment: (Comments should include additional information if required)
-
56. All fly leads colouring and connection compliant
-
Add media
-
Comment: (Comments should include additional information if required)
-
57. Are there other Network present, ie Engineering system, Training networks etc. If yes, briefly describe
-
Comment: (Comments should include additional information if required)
-
58. If other network(s) cabling/conduit are present, what colour(s) are the cabling/conduit.
-
Comment: (Comments should include additional information if required)
-
59. Are other network(s) clearly labelled
-
Comment: (Comments should include additional information if required)
-
60. Other photos as requested by SME/SAM
-
Add media
-
Comment: (Comments should include additional information if required)
-
61. If cabinets are shared with other departments, does CIOG control the cabinet(S)
-
Comment: (Comments should include additional information if required)
-
62. On a defence site, is the facility within an inner fenced compound
-
Comment: (Comments should include additional information if required)
-
63. If facility is not on a defence site, is the facility within a Defence or Defence Industry controlled space.
-
Comment: (Comments should include additional information if required)
-
64. Is the site a shared site? ie Commonwealth and non Defence organisation
-
Comment: (Comments should include additional information if required)
-
65. Is the facility a multi-use facility? ie social/uncleared function etc
-
Comment: (Comments should include additional information if required)
-
66. Is the facility staffed 24/7
-
Comment:
-
67. Are there sufficient Fly leads available
-
Comment:
-
General Information If there are any other items the Data Collector considers as unusual or should be indentified by either photograph or written description. Any other item that is considered worthy of mention should be described
-
Comment: (Comments should include additional information if required)
Data Collector Details
-
Name:
-
Signature:
-
Date:
SAO Comments
-
Does the facility meet Current CIOG ICT Compliance Requirements
-
If infrastructure is compliant and/or can be risk managed, details to be entered here or attach further document.
-
Comments:
-
If the infrastructure is non-compliant, details to be entered here or attached further document
-
Comments:
Recommendation by SME
-
Does the facility meet current CIOG ICT Compliance Requirements
-
If no, can the Compliance requirements be satisfied by risk assessment.
-
If infrastructure is compliant and/or can be risk managed, details to be entered here or attached.
-
If the infrastructure is non-compliant, details to be entered here or attached.
-
The building identified in this document has undergone an ICT Infrastructure Compliance Check and my recommendation is this building is Compliant/Non Compliant (Delete relevant entry) with current Defence ICT Security Doctrine.
-
Name:
-
Signature:
-
Date:
Service Assurance Manager
-
I certify the building identified in this document has undergone an ICT Infrastructure Compliance Check and is deemed as being Compliant/Non-Compliant with current Defence ICT Security Doctrine.
-
Name:
-
Signature:
-
Date:
Document Repository
-
Hard copy documents scanned. (Hard copy returned to originator or destroyed after scanning).
-
Soft copies of documents lodged in Objective
-
Links to all external documents entered into Objective
-
Photographs entered into Objective
-
DSMS Job reference:
-
DSMS job updated with all information including links to documents used for this decision
-
Infrastructure Whitelist has been updated