Specifying Information Security Requirements for New Hardware

The purchase of new computers and peripherals requires careful consideration of your business needs because it is usually expensive to make subsequent changes.

To view the related Policy click      


  • The system must have adequate capacity or else it may not be able to process your data.

  • Estimate the current and potential load on the system.
  • For critical applications ensure that the system is reliable and of high quality.
  • Select a supplier with a proven 'track record', who is likely to be in business for the life of the hardware.


  • Data must be adequately protected; otherwise there is a risk of loss or accidental / malicious damage.

  • Determine the type of safeguards necessary for the information concerned and ensure that the hardware is capable of supporting the required features, e.g. the type of operating system and attached devices. See Classifying Information and Data.


  • Where hardware maintenance is poor or unreliable, you greatly increase the risk to the organisation, because, in the event of failure, processing could simply STOP.

  • Choose a supplier with a proven 'track record', who is likely to be in business for the life of the hardware.
  • Take out a maintenance contract at the time of purchase with a suitable response time in the event of a failure. See Service Level Agreement.

  • The system must be sufficiently 'resilient' to avoid unplanned down-time, which can have an immediate negative impact on your organisation.

  • Determine your organisation's tolerance to system non-availability (seconds, minutes, hours or days?), and approach the design of your hardware configuration accordingly.
  • Consider the use of mirrored disks to guard against disk failures; duplicate processors in case of processor failure; duplicate configurations; and the use of an Uninterrupted Power Supply (UPS) and standby generators.

Previous PageTop of this pageNext Page

Information Security Policies from US$595


Use of the guidance contained within RUSecure™ is subject to the End User Licence Agreement
This site created with EasyHTMLHelp(tm) for MS Word


Next PageUpPrevious Page