An HSM can only operate securely if its environment provides the procedural security that it requires and if its security enforcing functions are utilised appropriately.
Recommendations for procedural security are as follows:
1. The product environment must be audited regularly to ensure that the appropriate set of procedures (satisfying the requirements laid down in this text`) is in place and is being used.
2. A mechanism must be in place to enable corrective action to be taken if any procedure is not being observed or is failing.
3. The auditor must be independent of the operator of the product.