Successfully reported this slideshow.
We use your LinkedIn profile and activity data to personalize ads and to show you more relevant ads. You can change your ad preferences anytime.

Control a.11 and a.11.1 - by software outsourcing company in India

This presentation describes the about ISO Control a.11 and a.11.1 by software outsourcing company in India
http://www.ifourtechnolab.com/

  • Be the first to comment

  • Be the first to like this

Control a.11 and a.11.1 - by software outsourcing company in India

  1. 1. iFour ConsultancyControl A.11 and A.11.1
  2. 2.  Control A.11  A.11.1 : Secure areas  A.11.1.1  A.11.1.2  A.11.1.3  A.11.1.4  A.11.1.5  A.11.1.6  References Contents Custom eCommerce Solution Providershttp://www.ifourtechnolab.com
  3. 3. Control A.11 Physical and environmental security Takes care of both physical and environmental security of an organization Two sub-controls:  A.11.1 : Secure areas  A.11.2 : Equipment  Physical security includes security guards, biometric machines etc  Environmental security includes disaster recovery from earthquake, fire etc Custom eCommerce Solution Providershttp://www.ifourtechnolab.com
  4. 4.  Control objective of A.11.1 :  To prevent unauthorized physical access, damage and interference to the organization’s information and information processing facilities.  Security breach of this control can be there if someone gets unauthorized access to secure areas.  Areas like data centre are critical because of storage of critical information. So, it should be highly secured. Control A.11.1 Secure areas Custom eCommerce Solution Providershttp://www.ifourtechnolab.com
  5. 5. A.11.1.1 : Physical security perimeter  Safety measures should be taken across physical security perimeter to protect areas from any unauthorized access. Control objective:  Security perimeters shall be defined and used to protect areas that contain either sensitive or critical information and information processing facilities. Custom eCommerce Solution Providershttp://www.ifourtechnolab.com
  6. 6.  Control objective:  Secure areas shall be protected by appropriate entry controls to ensure that only authorized personnel are allowed access.  Physical entry controls include:  Password  Passphrase  Biometric  Smart card A.11.1.2 : Physical entry controls Custom eCommerce Solution Providershttp://www.ifourtechnolab.com
  7. 7. A.11.1.3 : Securing offices, rooms and facilities  Control objective:  Physical security for offices, rooms and facilities shall be designed and applied.  Physical security includes:  Security guard  Swipe-in/Swipe-out  Luggage scan  Biometric Custom eCommerce Solution Providershttp://www.ifourtechnolab.com
  8. 8. A.11.1.4 : Protecting against external and environmental threats  Control Objective:  Physical protection against natural disasters, malicious attack or accidents shall be designed and applied.  External threats include:  Earthquake  Tsunami  Environmental threats include:  Global warming  Fire Custom eCommerce Solution Providershttp://www.ifourtechnolab.com
  9. 9.  Control Objective:  Procedures for working in secure areas shall be designed and applied.  Procedures:  CCTV cameras installation  Body scan of people working there  Biometric A.11.1.5 : Working in secure areas Custom eCommerce Solution Providershttp://www.ifourtechnolab.com
  10. 10.  Control Objective:  Access points such as delivery and loading areas and other points where unauthorized persons could enter the premises shall be controlled and, if possible, isolated from information processing facilities to avoid unauthorized access.  Unauthorized access:  Shoulder surfing  Theft of employee ID card  Social Engineering A.11.1.6 : Delivery and loading areas Custom eCommerce Solution Providershttp://www.ifourtechnolab.com
  11. 11. References http://www.slideshare.net/null0x00/iso-27001-2013-changes http://www.bsigroup.com/LocalFiles/en-GB/iso-iec-27001/resources/BSI- ISO27001-transition-guide-UK-EN-pdf.pdf https://en.wikipedia.org/wiki/ISO/IEC_27001:2013 http://www.iso27001security.com/html/27001.html Custom eCommerce Solution Providershttp://www.ifourtechnolab.com
  12. 12. iFour Consultancy Services  Visit these websites for more details: http://www.ifour-consultancy.com http://www.ifourtechnolab.com THANK YOU!!! Custom eCommerce Solution Providershttp://www.ifourtechnolab.com

    Be the first to comment

    Login to see the comments

This presentation describes the about ISO Control a.11 and a.11.1 by software outsourcing company in India http://www.ifourtechnolab.com/

Views

Total views

251

On Slideshare

0

From embeds

0

Number of embeds

1

Actions

Downloads

39

Shares

0

Comments

0

Likes

0

×