1.1 KiB
1.1 KiB
Physical security in ISO 27001
The article (or control) that deals explicitly with identifying secure areas, which are required to be protected, is Control 7.1, "Physical security perimeters,".
This control is categorized under Clause 7, "Physical controls," of ISO/IEC 27002.
The purpose of Control 7.1 is "To prevent unauthorized physical access, damage and interference to the organization’s information and other associated assets".
The guidance for this control explicitly states that:
- Security perimeters should be defined and used to protect areas that contain information and other associated assets.
- The definition, siting, and strength of each perimeter should be in accordance with the information security requirements related to the assets within the perimeter.
- A secure area can be considered a lockable office or several rooms surrounded by a continuous internal physical security barrier.
Following the definition of secure perimeters (7.1), Control 7.2, "Physical entry," then addresses how these secure areas should be protected by appropriate entry controls and access points.