Entry into the IT department
1 - I will like to know if iso 27001 standard talks about a single point of entry into the IT department. I will like to know if ISO27001 talks about multiple entry into the IT department and best practice.
2 - if not, what standard should I look out for
Assign topic to the user
1 - I will like to know if iso 27001 standard talks about a single point of entry into the IT department. I will like to know if ISO27001 talks about multiple entries into the IT department and best practices.
I’m assuming that by “single point of entry into the IT department” you mean physical access to the department.
Considering that, ISO 27001 does not provide specifics about the implementation of security controls. It only provides a general description of the controls.
In general terms, physical single and multiple points of entry into the IT department fall into Annex A control A.11.1.2 (Physical entry controls), as ways to implement this control.
For further information, see:
- Physical security in ISO 27001: How to protect the secure areas https://advisera.com/27001academy/blog/2015/03/23/physical-security-in-iso-27001-how-to-protect-the-secure-areas/
2 - if not, what standard should I look out for
For guidance on the implementation of ISO 27001 security controls, you should look for ISO 27002, which provides guidance on the implementation of ISO 27001 Annex A controls.
This article will provide you with further explanation about ISO 27002:
- ISO 27001 vs. ISO 27002 https://advisera.com/27001academy/knowledgebase/iso-27001-vs-iso-27002/
Comment as guest or Sign in
Sep 08, 2022