Physical and Environmental Security
This section describes access controls and environmental facilities for data centers and other critical IT equipment areas. It contains the following sub-sections:

7.1 Secure areas - describes the need for concentric layers of physical controls to protect sensitive IT facilities from unauthorized access.

7.2 Equipment security - critical IT equipment, cabling etc. should be protected against physical damage, fire, flood, theft etc., both on- and off-site. Mains power supplies should be secured. IT equipment should be maintained and disposed of securely.

7.3 General controls - describes the need for clear-desk and clear-screen policies, and authorization processes for removal of IT assets from site.

Recently Changed
Certification (ages ago)
risk treatment plan (ages ago)
Spanish (ages ago)