Lajvar Created: Jun 09, 2021 Last commented: Jun 10, 2021

Physical and environmental security

If the organization has remote work for all employees, it does not have a physical environment and all processes are worked in the cloud, do these controls apply to the organization? A.11.2.1 Equipment siting and protection A.11.2.2 Supporting utilities A.11.2.3 Cabling security Thank you in advance.

Tags: Physical and environmental security

0 0

Assign topic to the user

Select user

Expert

Rhand Leal Jun 10, 2021

Please note that in your stated scenario employees will still have to use some sort of equipment (company or employee’s owned equipment) to access the company’s processes from somewhere (e.g., from an employee’s house or hotel), so you need to perform a risk assessment to identify if there are any relevant risk that requires the implementation of such controls.

This article will provide you a further explanation about remote work:

How to apply information security controls in teleworking according to ISO 27001 https://advisera.com/27001academy/blog/2021/10/27/how-to-use-iso-27001-to-secure-data-when-working-remotely/

This material will also help you regarding remote work:

Checklist of cyber threats & safeguards when working from home (PDF) https://info.advisera.com/27001academy/free-download/checklist-of-cyber-threats-and-safeguards-when-working-from-home

Quote

0 0

Comment as guest or Sign in

HTML tags are not allowed

Name *

Email *

I accept the Privacy and Terms

Notify me when someone replies

Jun 09, 2021

Jun 10, 2021

Expert Advice Community