Physical and Environmental Security Policy Template
The purpose of the policy is to prevent unauthorized physical access, damage and interference to the organization’s information and information processing facilities.
All company owned or leased premises or locations deemed in scope by the ISO 27001 scope statement. Out of scope is third party and supplier physical and environmental security.
Physical and environmental security policy is built on the principle of exceeding Health and Safety regulation whilst protecting the most sensitive physical assets based on risk.
Physical and Environmental Security Policy Template Contents
Document Contents Page 3
Physical and Environmental Security Policy 5
Physical Security Perimeter 5
Secure Areas 6
Employee Access 7
Visitor Access 7
Delivery and Loading Areas 8
Network Access Control 9
Cabling Security 9
Equipment Siting and Protection 10
Policy Compliance 12
Compliance Measurement 12
Continual Improvement 12