Control A.11.2.4
When looking at control 11.2.4, does this apply to all equipment? Or, just equipment crucial to business continuity? We do not have any equipment owned by the company other than laptops, so we are just looking to see what we need to do in terms of servicing our equipment.
Assign topic to the user
Control A.11.2.4 - Equipment maintenance applies to all equipment in the ISMS scope.
Considering that, this control may be applied either to your laptops (where you will have to implement the control) or to the equipment provided to you by your supplier (e.g., WiFi router as part of the leased office where you work).
For further information about applying this control, see:
- How to implement equipment physical protection according to ISO 27001 A.11.2 https://advisera.com/27001academy/blog/2016/04/26/how-to-implement-equipment-physical-protection-according-to-iso-27001-a-11-2-part-2/
- 6-step process for handling supplier security according to ISO 27001 https://advisera.com/27001academy/blog/2014/06/30/6-step-process-for-handling-supplier-security-according-to-iso-27001/
Comment as guest or Sign in
Sep 29, 2022