Scribd
Upload
85 views3 pages

Security Policy 19 Physical Access Control

This document discusses physical access control policies for facilities housing information systems. It defines information systems and display mechanisms. The policy aims to limit physical access to authorized personnel only by controlling access points and requiring authentication. A list of authorized personnel will be maintained and visitors must be authorized and escorted. The purpose is to prevent unauthorized physical access that could compromise security.

Uploaded by

leav Darany
Copyright
© © All Rights Reserved
We take content rights seriously. If you suspect this is your content, claim it here.
Available Formats
Download as DOCX, PDF, TXT or read online on Scribd
85 views3 pages

Security Policy 19 Physical Access Control

This document discusses physical access control policies for facilities housing information systems. It defines information systems and display mechanisms. The policy aims to limit physical access to authorized personnel only by controlling access points and requiring authentication. A list of authorized personnel will be maintained and visitors must be authorized and escorted. The purpose is to prevent unauthorized physical access that could compromise security.

Uploaded by

leav Darany
Copyright
© © All Rights Reserved
We take content rights seriously. If you suspect this is your content, claim it here.
Available Formats
Download as DOCX, PDF, TXT or read online on Scribd
You are on page 1/ 3

A Veteran Led

Offensive & Defensive PHYSICAL ACCESS CONTROL


Cyber Security Company

Definitions
Information systems: Is any combination of information technology and
individuals’ activities using that technology, to support operations
management.
Display mechanisms: A monitor on which to view output from an
information system.

PurpleSec, LLC
Last Updated: April 30, 2021
Sales@purplesec.us | Request A Consultation
A Veteran Led
Offensive & Defensive PHYSICAL ACCESS CONTROL
Cyber Security Company

Overview
Physical access controls define who is allowed physical access to
{COMPANY-NAME} facilities that house information systems, to the
information systems within those facilities, and/or the display mechanisms
associated with those information systems. Without physical access
controls, the potential exits exists that information systems could be
illegitimately, physically accessed and the security of the information they
house could be compromised.
Purpose
This policy applies to all facilities of {COMPANY-NAME}, within which
information systems or information system components are housed.
Specifically, it includes:
• Data centers or other facilities for which the primary purpose is the
housing of IT infrastructure
• Data rooms or other facilities, within shared purpose facilities, for
which one of the primary purposes is the housing of IT
infrastructure
• Switch and wiring closets or other facilities, for which the primary
purpose is not the housing of IT infrastructure

PurpleSec, LLC
Last Updated: April 30, 2021
Sales@purplesec.us | Request A Consultation
A Veteran Led
Offensive & Defensive PHYSICAL ACCESS CONTROL
Cyber Security Company

Policy Detail
Access to facilities, information systems, and information system display
mechanisms will be limited to authorized personnel only. Authorization will
be demonstrated with authorization credentials (badges, identity cards, etc.)
that have been issued by {COMPANY-NAME}.
Access to facilities will be controlled at defined access points with the use of
card readers and locked doors. Before physical access to facilities,
information systems, or information system display mechanisms is allowed,
authorized personnel are required to authenticate themselves at these
access points. The delivery and removal of information systems will also be
controlled at these access points. No equipment will be allowed to enter or
leave the facility, without prior authorization, and all deliveries and
removals will be logged.
A list of authorized personnel will be established and maintained so that
newly authorized personnel are immediately appended to the list and those
personnel who have lost authorization are immediately removed from the
list. This list shall be reviewed and, where necessary, updated on at least an
annual basis.
If visitors need access to the facilities that house information systems or to
the information systems themselves, those visitors must have prior
authorization, must be positively identified, and must have their
authorization verified before physical access is granted. Once access has
been granted, visitors must be escorted, and their activities monitored at all
times.

PurpleSec, LLC
Last Updated: April 30, 2021
Sales@purplesec.us | Request A Consultation

You might also like

pFad - Phonifier reborn

Pfad - The Proxy pFad of © 2024 Garber Painting. All rights reserved.

Note: This service is not intended for secure transactions such as banking, social media, email, or purchasing. Use at your own risk. We assume no liability whatsoever for broken pages.


Alternative Proxies:

Alternative Proxy

pFad Proxy

pFad v3 Proxy

pFad v4 Proxy