PO

Physical & Environmental Management Policy

Internal Page 1 of 5
PO

Revision & Version History:

Version Effective Date Author Reviewed Approved By Remarks

 New Policy
Manager- Information Structure
th Line Manager
3.0 13 Apr 2018 Security & ITSC  Incorporated
Head IT
Governance RBI Directives
for NBFC
Manager- Information
th Line Manager  Annual Review
4.0 12 April 2019 Security & ITSC
Head IT - No Changes
Governance

Internal Page 2 of 5
PO / 007

Table of Contents

1 Purpose ......................................................................................................................................................................... 4

2 Scope ............................................................................................................................................................................. 4

3 Policy Statement ............................................................................................................................................................ 4

4 Policy Statements .......................................................................................................................................................... 4

Data Center ...................................................................................................................................................................... 4

Branch and other HDBFS premises .................................................................................................................................... 4

Internal Page 3 of 5
PO / 007

1 PURPOSE
The main purpose is to establish a formal, structured and precise process for Physical Security Access to HDBFS premises
in accordance with HDBFS Information Security requirements.

2 SCOPE
All employees, part-time workers, visitors and those who are employed /deployed by third party to perform work on
HDBFS premises are covered by this policy and must comply with associated policies and procedures.

3 POLICY STATEMENT

To establish the entry / exit controls and minimize the risk of potential physical threats, HDBFS has laid down this policy.

4 POLICY STATEMENTS

DATA CENTER
 Only authorized staff members shall have ongoing access to data-center and HDBFS back offices e.g. SOC / NOC
rooms.
 All entry exits to data centers shall be monitored with a CCTV.
 Data center and storage room areas which are used to store IT equipments shall be temperature and humidity
controlled.
 Data center and storage rooms’ environmental conditions shall be monitored regularly to comply with the
information security requirements of HBDFS.

BRANCH AND OTHER HDBFS PREMISES

 A manned reception area or other means to control physical access to the site or building shall be in place.
 The date and time of entry and departure of visitors shall be recorded, and all visitors shall be escorted by
HDBFS’s staff within HDBFS premises
 HDBFS employees are advised to wear and display their ID cards within the HDBFS premises.
 Visitor’s registers for all accesses granted shall be securely maintained and presented when required for
compliance purposes.
 Visitors are advised to wear and display their visitor cards within the HDBFS premises.
 Staff members interacting with visitors and third-party personnel shall be responsible for their activities within
premises.
 Access rights to secure areas shall be regularly reviewed, updated, modified and revoked when necessary.
 Photography in HDBFS premises secure areas shall not be allowed unless authorized.
 The security staff managing the physical access to the premises shall to perform their duties diligently.

Internal Page 4 of 5
PO / 007

Approvals:

Name Signature

Mr. Bhavesh Zaveri

Mr. Ramesh G.

Internal Page 5 of 5