Physical and Environmental Security Policy

Physical and Environmental Security Policy

The purpose of the Physical and Environmental Security Policy is to prevent unauthorized physical access to Company facilities, information assets and information systems, as well as to address physical and environmental threats that can harm the confidentiality, integrity and availability of Company information and information systems.

The following categories are covered:

a. Physical and Environmental Security General Issues

b. Site Selection

c. Facility Construction and Design

d. Monitoring and Controlling Physical Access

e. Controlling Incoming and Outgoing Object

f. Workplace Security

CONTENT

1. OVERVIEW
1.1 PROCEDURE OWNER
1.2 CLASSIFICATION
1.3 APPLICABLE REGULATIONS
1.4 RELATED [COMPANY] NORMS AND PROCEDURES
1.5 OBJECTIVES
1.6 AUDIENCE AND SCOPE
1.7 DOCUMENT SUPPORT
2. DEFINITIONS & ABBREVIATIONS
3. GENERAL SPECIFICATIONS
3.1 PHYSICAL PROTECTION OF STAFF
3.2 PHYSICAL PROTECTION OF CRITICAL INFORMATION ASSETS
3.3 SAFE EVACUATION PROCEDURES
4. SITE SELECTION
4.1 AVOID SITES VULNERABLE TO NATURAL DISASTERS
4.2 AVOID SITES VULNERABLE TO DAMAGE CAUSED BY INDIVIDUALS
4.3 SELECTION OF A SITE THAT CAN BE EASILY ACCESSED BY THE EMERGENCY SERVICES
5. FACILITY CONSTRUCTION AND DESIGN
5.1 RESPONSIBILITY FOR DEFINING PHYSICAL SECURITY MEASURES
5.2 PHYSICAL SECURITY PERIMETER
5.3 AVOID POSTING EXTERNAL SIGNS THAT REVEAL BUILDING FUNCTIONS
5.4 PROTECTION OF EXTERNAL ACCESS POINTS
5.5 PHYSICAL SECURITY ZONES
5.6 INTERNAL PROTECTION OF CRITICAL AND SENSITIVE AREAS
5.7 FIRE PREVENTION MEASURES
5.8 FIRE SUPPRESSION AND CONTROL
5.9 DAMAGE PREVENTION FROM FLOODS AND WATERLEAKAGE
5.10 DAMAGE SUPPRESSION FROM FLOODS AND WATER LEAKAGE
5.11 PROTECTION FROM OTHER NATURAL DISASTERS
5.12 UNINTERRUPTED POWER SUPPLY
5.13 CABLING SECURITY
5.14 ENVIRONMENTAL CONDITIONS
6. MONITORING AND CONTROLLING PHYSICAL ACCESS
6.1 RESPONSIBILITY FOR DEFINING PHYSICAL ACCESS PROCEDURES
6.2 CONTROLLING ACCESS TO BUILDINGS
6.3 LIMITED ACCESS TO INTERNAL AREAS
6.4 TEMPORARY IDENTIFICATION TOKENS
6.5 LOSS OF EMPLOYEE IDENTIFICATION TOKENS
6.6 MAINTAINING A BUILDING ACCESS RECORD
6.7 VISITOR ACCESS CONTROL
6.8 VISITOR IDENTIFICATION TOKENS
6.9 VISITOR ESCORT AND SUPERVISION
6.10 CONTINUOUS MONITORING OF SENSITIVE AREAS
6.11 REVOCATION OF PHYSICAL ACCESS RIGHTS
6.12 REGULAR REVIEW OF PHYSICAL ACCESS RIGHTS
7. CONTROLLING INCOMING AND OUTGOING OBJECTS
7.1 CONTROLLING INCOMING OBJECTS
7.2 REMOVAL OF EQUIPMENT
7.3 OFF-PREMISES SECURITY FOR INFORMATION ASSETS
8. WORKPLACE SECURITY
8.1 WORKING BEYOND OFFICIAL BUSINESS HOURS
8.2 PROTECTION OF INFORMATION SYSTEMS FROM PUBLIC VIEW
8.3 PROTECTION OF INFORMATION ASSETS IN OFFICES AND WORKING AREAS
8.4 PROTECTION OF IT SYSTEMS
8.5 REMOVAL OF IT EQUIPMENT WITHIN THE COMPANY
8.6 SAFE DESTRUCTION OF SENSITIVE AND CRITICAL INFORMATION
9. EXCEPTIONS
10. FINAL CONSIDERATIONS
10.1 DISCIPLINARY ACTIONS AGAINST PROCEDURE VIOLATION
10.2 DOCUMENT REVISION

Pages: 16

Review Physical and Environmental Security Policy.

Your email address will not be published. Required fields are marked *

Related Products:

€359.99

Purchase

This bundle contains all the products listed in the Physical and Environmental section. Take advantage of the 25% OFF when buying the bundle!

€79.99

Purchase

The purpose of this Business Continuity Plan Procedure is to provide an effective, fit-for-purpose, predefined and documented framework and process to enable the Business Continuity Management of the Company’s Mission Critical Activities and their dependencies.

€49.99

Purchase

The Compliance with Legal Requirements Policy is designed to avoid breaches of any criminal and civil law, statutory, regulatory or contractual obligations and of any security requirements.

Get  Your Free Sample

Please use the form below to subscribe to our list and receive a free procedure template!
GET YOUR FREE TEMPLATE
>
close-link