Expert Advice Community

Home / ISO 27001 & 22301 / Physical security Policy

Guest

Physical security Policy

ISO 27001 & 22301
  Quote
Guest
Guest post Created:   Jan 12, 2016 Last commented:   Jan 12, 2016

Physical security Policy

ISO 27001 & 22301
Hi Dejan, I have a doubt. For ISo 27001:2013, 11.1.3 refers to CCTV controls. Does it mean it directly?. If CCTV is not recording is that an Incident? Also if CCTV details and other Access Control events are not backed up is this an Incident? Can you please explain Why?  it compensatory controls and how to resolve it?   Thanks, Vijay
0 0

Assign topic to the user

ISO 27001 DOCUMENTATION TOOLKIT

Step-by-step implementation for smaller companies.

ISO 27001 DOCUMENTATION TOOLKIT

Step-by-step implementation for smaller companies.
Guest
Guest post Jan 12, 2016

Hi Vijay

- CCTV is not a requirement in ISO 27001. You should implement this cotnrol when the risk assessment pushes you to it.

- The two issues you present is not an incident, but a non conformity. An incident is 'en event that prevents you from reaching your objectives'.

- I do not really understand what you mean by 'compensating controls' in this case. if you provide more details I'll be able to answer.

Regards

Jaan-Luc

Quote
0 0

Comment as guest or Sign in

HTML tags are not allowed

Jan 12, 2016

Jan 12, 2016

Suggested Topics
Guest user Created:   Jan 12, 2016 ISO 27001 & 22301
Replies: 1
0 0

Physical security policy and malware policy
Guest user Created:   Dec 01, 2022 ISO 27001 & 22301
Replies: 3
0 0

ISO 27001 change process: 2013 to 2022
Ash Created:   Jan 21, 2024 ISO 27001 & 22301
Replies: 1
0 0

ISO 27001 Internal Audits