Guest post Created: Jan 12, 2016 Last commented: Jan 12, 2016

Definition of Physical and Tehnical security and responsibilities

Glad I am join to this community. Here is my question: What is your definition of Physical and Tehnical security? What are areas which belongs to Physical and Technical security? How Financial institution should organise those security areas? I have not found specific definition, also I am not sure how responsibility should be delegated between CISO, CIO, Tehnical department... Physical access control, alarm central, antifire control, money transfer, UPS...Does it belongs to Physical or Tehnical security? Who is responsible?

0 0

Assign topic to the user

Select user

Guest

DejanK Jan 12, 2016

"Technical security" is a term usually not used in English; for physical security, ISO 27001 defines as objective the following: "To prevent unauthorized physical access, damage and interference to the organizations information and information processing facilities." and "To prevent loss, damage, theft or compromise of assets and interruption to the organizations operations."

You should perform risk assessment and based on the results define your secure areas and protect them accordingly. The responsibility for physical security can vary from company to company - in traditional companies this is usually the responsibility of Security manager (who has no relationship with information security), while more modern approach would be to have Corporate security function which covers both information security and physical security, but also e.g. health & safety.

Quote

0 0

Comment as guest or Sign in

HTML tags are not allowed

Name *

Email *

I accept the Privacy and Terms

Notify me when someone replies

Jan 12, 2016

Expert Advice Community