Are temperature and humidity levels maintained within the facility where the information system resides at firm accepted levels?
Is the hosting facility able to protect the information system from damage resulting from water leakage by providing master shutoff or isolation valves that are accessible, working properly, and known to key personnel?
Does the hosting facility authorize, monitor, and control the delivery of firm IT assets entering and exiting the facility and maintain records of those items?
Is physical access to the facility where information system reside monitored to detect and respond to physical security incidents?
Are physical access logs reviewed quarterly?
Does the hosting facility employ and maintain automatic emergency lighting for the information system that activates in the event of a power outage, or disruption that covers emergency exits and evacuation routes within the facility?
Does the hosting facility employ and maintain fire suppression and detection devices/systems for the information systems that are supported by an independent energy source?
Is access to the facility where the information systems resides limited by: 1) verifying individual access authorizations before granting access to the facility and 2) controlling ingress/ egress to the facility using access cards and professional security guards?
Are physical access logs for approved entry and exit points kept and maintained?
Are visitors escorted and monitored at all times?