System Room Security & Low Voltage (ELV) ISO/IEC 27001 KVKK

SUCCESS STORY

Customer: Türkiye Petrolleri Offshore Technology Center (TP-OTC)  |  Contractor: NESIL  |  Scope: End-to-end design, installation and commissioning of System Room integration, Security Systems and Low Voltage (ELV) infrastructure

Nearly 0
Unplanned downtime
+
Energy improvement
RTO/RPO improved
Audit
No major findings

1) Executive Summary

At TP-OTC, the security and low-voltage components of the system room hosting critical workloads were modernised and brought up to enterprise standards. The project ensured that the access security, surveillance, environmental monitoring and structured cabling layers operate integrated and redundantly with the system room infrastructure. After implementation, planned maintenance outages were minimised, energy efficiency and operational visibility increased, and KVKK and ISO/IEC 27001 controls were strengthened.
Outage Management
Maintenance windows became manageable without service impact
Resilience
RTO/RPO targets improved, DR scenarios verified
Energy
20%+ improvement through cooling and ELV optimisation

Confidentiality Note: For security reasons, sensitive information such as IP blocks, device brand/model lists, door/reader topologies, camera placements and alarm rules is not shared.

2) Customer and Scope

  • Industry: Energy — research & operations
  • Criticality: 24/7 production-support systems, ERP and field connections
  • Security Systems (ELV): Card access & turnstiles, rack/cabinet-level access, CCTV (IP), recording monitoring/retention, alarm & incident management, intrusion detection
  • Low Voltage: Structured copper/fibre cabling, patching & labelling, environmental monitoring (temperature, smoke, water, door), BMS/EMS integrations
  • System Room Integration: Bidirectional integration with network and power/cooling infrastructures; layout and cable routing optimisation aligned with containment strategies

3) Challenges

  • Risk of production impact during maintenance due to endpoints without N+1 redundancy
  • High MTTR caused by disorganised cabling and poor labelling
  • Camera/access infrastructure with limited central visibility and alarm floods (false positives)
  • KVKK and ISO/IEC 27001 evidence being kept in a scattered manner

4) Solution Architecture (Standards-Aligned)

Access Control
Two-factor (card+PIN/role), micro-segmented access at rack level, visitor management and audit trail retention
CCTV
IP-based high-resolution surveillance; multiple angles in critical areas; KVKK-compliant retention; masking and authorisation-based access
Alarm & Incident
Correlation of environmental sensors, door contacts and UPS/CRAC statuses on a single panel; SMS/e-mail/escalation delivery
Low Voltage
Structured cabling per TIA-568/942 principles; colour-coded, labelled patch management; fibre backbone redundancy
System Room
Cable routing aligned with the hot/cold aisle strategy; layout based on airflow and ease of maintenance
Compliance
ISO/IEC 27001:2022 & 27002:2022; KVKK processes; TS EN 50173 (cabling), TS EN 50132 (CCTV), TS EN 54 (fire detection integrations)
  • ISO/IEC 27001:2022 & 27002:2022 — Physical and environmental security controls
  • KVKK — Camera recording processes, privacy notices, retention periods and access principles
  • TS EN 50173 — In-building cabling standard
  • TS EN 50132 — CCTV systems
  • TS EN 54 — Integration with fire detection and alarm systems

5) Implementation Governance

  • Project Management: RACI, risk register, CAB, weekly progress report
  • Seamless Transition: Staged migration; transitions outside peak hours; rollback plans
  • Commissioning & Testing: Authorisation matrix, CCTV quality/retention tests, alarm drill, power/cooling outage simulations, failover/failback
  • Documentation: As-built drawings, numbering & label schemes, maintenance plans, procedures, training material

6) Measurable Added Value

Continuity
Service impact during planned maintenance dropped to a negligible level
Energy
20%+ consumption improvement through cooling & ELV optimisation
Security
False alarm rate decreased; incident response time shortened
  • Audit: No major findings in physical/environmental controls; audit trails in one place
  • Operations: MTTR reduced through labelling and visualised topology; team efficiency increased

7) KVKK and Information Security Perspective

  • Camera Recordings: Privacy notices and retention periods; authorisation-based image access; transfer & masking policies
  • Access Logs: Integrated retention of card/turnstile and rack access records; immutable record principles
  • Incident Management: Correlation of sensor and security events with SIEM/ITSM; updating of breach notification flows

8) Deliverables

#ItemContent
1As-Built & Label SetsDrawings, numbering and label schemes
2Access Authorisation MatricesRole-privilege, user lifecycle procedure
3CCTV PrinciplesPlacement, retention, access and masking
4Alarm & Incident ScenariosCall chain and escalation flows
5Maintenance PlansUPS/CRAC/ELV plans, spare parts and SLA recommendations
6Training & HandbookTraining session and documentation for the operations team

9) Sustainability and Operations

  • Periodic Maintenance: Annual/6-monthly plans for UPS/CRAC and ELV equipment
  • Drills: DR and power/cooling scenario tests; alarm ageing/clearing policy
  • Continuous Improvement: KPIs (uptime, alarm hygiene, MTTR, energy index)
  • Review: Quarterly operations and security assessments

10) Confidentiality and Approval

This text has been prepared to summarise the success without sharing sensitive technical details, for security reasons. If deemed necessary, a written approval procedure will be operated for the use of the brand/logo and the quotation in external channels.

Let's Start Your System Room and ELV Transformation Together

For your critical workloads, let's design the uninterrupted, scalable and compliant infrastructure together.