PE-18(1) — Facility Site

This enhancement considers the security of the facility site itself — its geographic location and surrounding environment — when planning where to locate system components.

Example 1: When selecting a new facility or data center location, evaluate the risk from natural hazards (flood zone, earthquake zone, tornado alley), proximity to high-risk targets (military bases, chemical plants), and crime rates in the area. Document this risk assessment.

Example 2: Review FEMA flood maps and local hazard assessments before leasing or purchasing a facility. Avoid locations in 100-year flood plains. Consider proximity to emergency services (fire station, hospital). Include site risk factors in your risk management documentation.