This snapshot taken on 04/08/2009, shows web content selected for preservation by The National Archives. External links, forms and search boxes may not work in archived websites.
 
 

ISO/IEC 27002 Section 5

The Information Security Standard ISO/IEC 27002 is divided into eleven main sections. Section 5 is Physical and Environmental Security.

Physical and Environmental Security

This section details any physical aspects of access control to information and information systems. Ensuring that there is a proper environment for systems, records and staff is essential for maintaining confidentiality, integrity and availability of information.

The following aspects should be considered:

  • Protection
    • of information and information systems from the elements is as important as protecting them from unauthorised people
    • of physical access, which should be restricted to authorised personnel. IT equipment is tempting to thieves, and can be damaged by accidents or sabotage

 

  • Maintenance
    • of the physical operating environment in a computer server room is as important as ensuring that paper records are not subject to damage by mould, fire or fading.
    • of supporting equipment such as air conditioning plant or mains services

 

Physical controls can be difficult to manage as they rely to some extent on building structure, but good physical security can be very effective.

Use links below for further information:

ISO/IEC 27002 Section 1 
ISO/IEC 27002 Section 2 
ISO/IEC 27002 Section 3 
ISO/IEC 27002 Section 4 
ISO/IEC 27002 Section 6 
ISO/IEC 27002 Section 7
ISO/IEC 27002 Section 8 
ISO/IEC 27002 Section 9 
ISO/IEC 27002 Section 10 
ISO/IEC 27002 Section 11
ISO/IEC 27002 Explained

If you would like more background information about information security standards  follow this link.

© Crown copyright2009