Expert Advice Community

Guest

Compliance with the access control policy

  Quote
Guest
Guest user Created:   May 22, 2020 Last commented:   May 22, 2020

Compliance with the access control policy

Hi, quick question now that you have the COVID-19 how do you stay in compliance with your access control policy? (meaning access cards, biometrics, etc)

0 0

Assign topic to the user

ISO 27001 DOCUMENTATION TOOLKIT

Step-by-step implementation for smaller companies.

ISO 27001 DOCUMENTATION TOOLKIT

Step-by-step implementation for smaller companies.

Expert
Rhand Leal May 22, 2020

COVID-19 represents a significant change in the organizational context, so according to ISO 27001, clause 8.3, you must perform a risk assessment to identify if new risks have arisen (e.g., related to access control when working from home), or if current risks have changed. Based on the results of this new risk assessment you can decide if the access control policy needs change or not. This way you can ensure your access control policy will continue compliant with standards requirements.

Specifically about the use of cards and biometrics, maybe you should consider implementing an alternative way of identification and authentication (e.g., locks with keys only) in pair with video monitoring, or adopting cleaning practices in the input devices, according to manufacturers' recommendations. 

This article will provide you a further explanation about risk assessment and risk treatment:

These materials will also help you regarding risk assessment and risk treatment:

Quote
0 0

Comment as guest or Sign in

HTML tags are not allowed

May 22, 2020

May 22, 2020

Suggested Topics

Ash Created:   Jan 21, 2024 ISO 27001 & 22301
Replies: 1
0 0

ISO 27001 Internal Audits

Guest user Created:   Oct 04, 2023 ISO 27001 & 22301
Replies: 1
0 0

Conformio questions