Sharing a server cabinet - is this compliant with ISO 27001?
Assign topic to the user
ISO 27001 does not mention anything about sharing a server cabinet; however it does require you to assess the risks, and apply appropriate controls.
In other words, if you share a server cabinet with a business unit that is not within the scope of your ISO 27001 implementation, you have to treat such business unit as an external party, and regulate your relationship with them through an agreement. See also this article: 6-step process for handling supplier security according to ISO 27001 https://advisera.com/27001academy/blog/2014/06/30/6-step-process-for-handling-supplier-security-according-to-iso-27001/
Therefore, if you resolve this situation with strict agreement with this business unit, you will still be compliant with ISO 27001.
Comment as guest or Sign in
Jan 12, 2016