Paper documents found in warehouse
Assign topic to the user
In a general way, the proper treatment of such information will depend on the results of risk assessment and applicable legal requirements.
For example, if the risks are low and there are no legal requirements, you do not need to apply specific protections for those documents. On the other hand, you may have a legal requirement (e.g., law, regulation, or contract) requiring the use of safes to protect such information.
In case you already have the Information Classification Policy implemented, you need to consider the information classification this information has, and the related treatments identified in the policy.
For further information, see:
- Information classification according to ISO 27001 https://advisera.com/27001academy/blog/2014/05/12/information-classification-according-to-iso-27001/
- Why is ISO 27001 applicable also for paper-based information? https://advisera.com/27001academy/blog/2019/01/21/why-is-iso-27001-applicable-also-for-paper-based-information/
Comment as guest or Sign in
Aug 31, 2021