Via a tweet from @ciscoDC tonight I also read a very interesting paper on data center security. It covers the physical side of security for a data center and related social engineering that can go on. I think so much effort is put into digital security and facility security, that the people and process side of the business get ignored. This paper does a very good job of conveying the importance of people and processes.
"A terrorist isn't likely to be walking in with guns blazing and take over the building, but rather play a game of invisibility and misdirection, taking advantage of the very nature of "good-willed" or ignorant individuals...these external tests can help identify these weak areas."
Check the paper out here.
Also along the process side of things -- check out an Uptime Institue paper on using ITIL to gain data center efficency.