Protecting against external and environmental threats

Do you have a template that covers A11.1.1-4? If not, would you recommend that I create a new doc for those or append them to the Working in Secure Areas doc? We’re a small company (45 people) and I’m trying to keep the count down.

Answer:

Controls A.11.1.1 (Physical security perimeter) to A.11.1.4 (Protecting against external and environmental threats) are not commonly applicable on small companies, neither a policy to cover them is mandatory for ISO 27001, that's why a document covering them is not included in the toolkit.

Since you identified these controls are applicable to your context, and it refers to physical protection, we recommend you to create a new document, since the information on Procedures for Working in Secure Areas is not much related to it.

If you understand you need support to develop such document, you can schedule a meeting w ith one of our experts through this link: https://advisera.com/27001academy/consultation/

These articles will provide you further explanation about Protecting against external and environmental threats:
- How to protect against external and environmental threats according to ISO 27001 A.11.1.4 https://advisera.com/27001academy/blog/2016/01/25/how-to-protect-against-external-and-environmental-threats-according-to-iso-27001-a-11-1-4/