Failure to conduct fire inspections and correct any discrepancies could result in hazardous situations leading to a possible fire and loss of service. REFERENCES: 32 CFR 117 and 32 CFR 2001 and 2003 as well as DOD Manual 5220.32 Volume 1 NIST Special Publication 800-53 (SP 800-53), Rev 4, Controls: PE-13(4) NIST SP 800-12, An Introduction to Computer Security: The NIST Handbook NIST SP 800-100, Information Security Handbook: A Guide for Managers
Check fire marshal inspection reports and documentation that verifies discrepancies are addressed and corrected. Inspections must be conducted on at least an annual basis. NOTES: 1. In general this should be applied to major IT equipment areas (generally computer rooms with raised floor space containing servers and communications equipment). The requirement should not be applied to administrative/office space. 2. Also, this requirement should not be applied to a tactical environment, unless it is a fixed computer facility supporting missions in a Theater of Operations. The standards to be applied for applicability in a tactical environment are: 1) The facility containing the computer room has been in operation over 1-year. 2) The facility is "fixed facility" - a hard building made from normal construction materials - wood, steel, brick, stone, mortar, etc. 3. Even if there is no finding the reviewer should note in the report the date the last fire marshal or similar inspection was conducted with a summary of results. This information could be useful during subsequent inspections.
Periodic fire marshal inspections of (IT) computing facilities must be conducted (minimum annually) and discrepancies noted during the inspections must be promptly addressed.