{"id":5116,"date":"2023-01-16T09:15:37","date_gmt":"2023-01-16T09:15:37","guid":{"rendered":"https:\/\/www.imsm.com\/south-africa\/?p=5116"},"modified":"2023-11-07T14:45:17","modified_gmt":"2023-11-07T14:45:17","slug":"does-iso-27001-cover-physical-security","status":"publish","type":"post","link":"https:\/\/www.imsm.com\/south-africa\/news\/does-iso-27001-cover-physical-security\/","title":{"rendered":"Does ISO 27001 cover physical security?"},"content":{"rendered":"
ISO\/IEC 27001<\/span><\/a> is the international standard for maintaining an Information Security Management System (ISMS). Implementing an ISMS is essential for any business that aims to be securely protected against security risks or data breaches.\u00a0<\/span>\u00a0<\/span><\/p>\n ISO\/IEC 27001<\/a> will enable your business to keep its information and data, whether it\u2019s customer, staff, or supplier data, secure from potential threats.<\/span>\u00a0<\/span><\/p>\n These potential threats can include the following:<\/span>\u00a0<\/span><\/p>\n The ISO\/IEC 27001<\/a> standard aims to reduce the probability of possible threats occurring in your business. Processes will be implemented according to ISO\/IEC 27001<\/a>, allowing your organisation to identify hazards and take corrective actions to prevent them.<\/span>\u00a0<\/span><\/p>\n Physical and environmental security refers to your organisation\u2019s precautions to prevent physical threats. Your organisation must be protected from any danger that could happen, no matter how big or small.<\/span>\u00a0<\/span><\/p>\n Threats directed at your organisation from your physical environment can cause irreversible reputational damage and harm the safety of your clients, customers, staff, and suppliers.\u00a0<\/span>\u00a0<\/span><\/p>\n Physical threats can include:<\/span><\/span>\u00a0<\/span><\/p>\n ISO\/IEC 27001<\/a> enables your organisation to look within its physical environment and understand where there are potential non-conformities within your company. With ISO\/IEC 27001\u2019s<\/a> policies, your organisation can improve and build upon the current framework you already have to establish a system with minimised flaws.<\/span>\u00a0<\/span><\/p>\n An example would be implementing a policy in which data is double-checked and stored in a location where select authorised individuals can access it. Preventative actions and strategies are in place for those who do not have access to this data to minimise the probability of threats.<\/span>\u00a0<\/span><\/p>\n\n
What do we mean by physical and environmental security?<\/span><\/span>\u00a0<\/span><\/h2>\n
\n