When to use this
Use this register to map critical facilities, services, and equipment to required supporting utilities and continuity expectations.
Related controls
- A.7.11 Supporting Utilities
- A.5.30 ICT Readiness for Business Continuity
- A.7.8 Equipment Siting and Protection
Register
| Facility/service | Utility dependency | Availability requirement | Current protection | Required runtime/service level | Owner | Evidence location | Gap/action |
|---|---|---|---|---|---|---|---|
| TBD | Power/cooling/water/telecoms/fire protection/emergency lighting/BMS | TBD | UPS/generator/redundant link/alarm | TBD | TBD | TBD | TBD |
Review checklist
- Critical information processing facilities are listed.
- Utility dependencies are identified.
- Required operating period is defined.
- Dependent loads such as cooling are included.
- Provider/supplier dependencies are documented.
- Risk acceptance is recorded where redundancy is not implemented.
- Template
- Iso27001
- Physical controls
- Supporting utilities
Note Metadata
Aliases: Utility Dependency Register
Source: 90 Templates/Supporting Utility Dependency Register.md
Related Notes
- ISO 27001 A.5.30 - ICT Readiness for Business Continuity
- ISO 27001 A.7.11 - Supporting Utilities
- ISO 27001 A.7.8 - Equipment Siting and Protection
- A.7 Physical Controls MOC
- A.7.11 Audit Evidence Pack
- A.7 Physical Controls Implementation Guide
- A.7 Physical Controls Audit Guide
- A.7 Physical Controls Implementation Audit Risk Mapping
- ISO 27002 Annex A Control Interpretation Map
- A.7.11 Audit Checklist
- Supporting Utility Inspection and Test Log
- Templates MOC