Introduction: A crucial aspect of information security is the secure disposal or re-use of equipment.  Organizations must have proper policies, procedures, and guidelines in place to ensure that data is not compromised when disposing of or re-using storage media and ICT equipment.  Failure to do so can lead to data […]

Introduction: Information is one of the most important assets of an organization, and securing it should be a top priority.  While many security measures are put in place to protect information while it’s on-premises, it’s also essential to ensure the security of equipment and assets when they are off-premises.  A.11.2.6 […]

Introduction: Information assets have become crucial for organizations. Information technology (IT) equipment and storage media contain valuable information that should be protected against unauthorized access, theft, or loss.  Therefore, it is important to ensure that proper policies and procedures are in place for the removal of such assets from the […]

Introduction: In the current era of technology, the IT infrastructure plays a critical role in the functioning of any organization.  It is important to ensure that the supporting utilities and equipment are functioning properly to minimize the risk of downtime and potential losses.  In this article, we will discuss one […]

Introduction: In the digital era, data is the backbone of organizations. Therefore, it is essential to protect the physical infrastructure that supports the data and IT systems.  This is where cabling security comes into play.  Cabling security is the protection of the physical infrastructure that supports data and IT systems.  […]

Introduction: The uninterrupted supply of power and proper cooling is critical for the smooth operation of shared or critical IT systems.  Facilities and electrical engineers must ensure that the electrical power arrangements for computer rooms, network closets, and other locations housing IT equipment are reliable and of high quality.  They […]

Introduction: Information and communication technology (ICT) equipment is the backbone of most businesses, making it imperative to secure and protect it against various physical and environmental threats.  Organizations must evaluate the risks associated with these threats and implement controls that minimize the risks to ICT equipment.  ISO/IEC 27001 A.11.2.1 is […]

Introduction: Physical security is a crucial aspect of information security, which is often overlooked.  The physical security measures protect an organization’s assets and personnel against theft, unauthorized access, and damage.  ISO 27001 provides a set of standards to evaluate an organization’s physical security controls.  A.11.1.6 Delivery and loading areas are […]

Introduction: Physical security is a critical aspect of any organization’s security program.  It is the first line of defense against external and internal threats to an organization’s assets, including data, people, and infrastructure. Physical security measures include access controls, video surveillance, alarm systems, and fire protection systems, among others. ISO/IEC […]

Introduction: The security of an organization’s physical environment is crucial for protecting its assets and maintaining business continuity.  In ISO/IEC 27001:2013, Annex A.11 covers the physical and environmental security aspects of information security management. In this article, we will focus on A.11.1.4, which deals with protecting against external and environmental […]