Guest
Physical and environmental security
If the organization has remote work for all employees, it does not have a physical environment and all processes are worked in the cloud, do these controls apply to the organization?
A.11.2.1 Equipment siting and protection
A.11.2.2 Supporting utilities
A.11.2.3 Cabling security
Thank you in advance.
Assign topic to the user
Expert
Rhand Leal
Jun 10, 2021
Please note that in your stated scenario employees will still have to use some sort of equipment (company or employee’s owned equipment) to access the company’s processes from somewhere (e.g., from an employee’s house or hotel), so you need to perform a risk assessment to identify if there are any relevant risk that requires the implementation of such controls.
This article will provide you a further explanation about remote work:
- How to apply information security controls in teleworking according to ISO 27001 https://advisera.com/27001academy/blog/2021/10/27/how-to-use-iso-27001-to-secure-data-when-working-remotely/
This material will also help you regarding remote work:
- Checklist of cyber threats & safeguards when working from home (PDF) https://info.advisera.com/27001academy/free-download/checklist-of-cyber-threats-and-safeguards-when-working-from-home
Comment as guest or Sign in
Jun 09, 2021
Jun 10, 2021
Jun 10, 2021