Implementing ISO 27001
Assign topic to the user
Answer:
ISO 27001 is a standard focused on protection of information, so possible applications of ISO 27001 for this organization (if I understood correctly, it provides physical security services) are:
- protection of sensitive information known by physical security guards about facilities, processes or people from their clients (e.g. through which route will the money be delivered, how it will be protected, and who will be driving), by means of training and employment contract clauses.
- provision of proper physical protection of information of their clients (e.g., equipment and methods for protection of their premises, or during assets transportation, etc.).
These articles will provide you further explanation about potential controls:
- Physical security in ISO 27001: How to protect the secure areas https://advisera.com/27001academy/blog/2015/03/23/physical-security-in-iso-27001-how-to-protect-the-secure-areas/
- What to consider in security terms and conditions for employees according to ISO 27001 https://advisera.com/27001academy/blog/2018/05/23/what-to-consider-in-security-terms-and-conditions-for-employees-according-to-iso-27001/
For a overview about ISO 27001 Implementation, I suggest you these materials:
- ISO 27001 implementation checklist https://advisera.com/27001academy/knowledgebase/iso-27001-implementation-checklist/
- ISO 27001: An overview of the ISMS implementation process [free webinar] https://advisera.com/27001academy/webinar/iso-27001-overview-isms-implementation-process-free-webinar-demand/
Comment as guest or Sign in
Aug 12, 2019