Professional Documents
Culture Documents
GO DIGITAL TODAY
A9.1.1 Are security perimeters (e.g. walls, card-controlled entry gates or manned reception
desks) used to protect areas which contain information and information processing
facilities?
Yes No N/A
A9.1.2 Are secure areas protected by appropriate entry controls to ensure only authorised
personnel are allowed access?
Yes No N/A
A9.1.3 Are physical security for offices, rooms and facilities designed and applied?
Yes No N/A
A9.1.4 Is physical protection against damage from fire, flood, earthquake, explosion, civil
unrest and other forms of natural or man-made disaster designed and applied?
Yes No N/A
https://public-library.safetyculture.io/products/iso270012005-a9-physical-and-environmental-security 1/5
9/15/21, 12:34 PM ISO27001:2005 A9 Physical & Environmental Security Checklist - SafetyCulture
A9.1.5 Are physical protection and guidelines for working in secure areas designed and
applied?
Yes No N/A
A9.1.6 Are access points such as delivery and loading areas (& other points) where
unauthorised persons may enter the premises controlled, and if possible, isolated from
information processing facilities to avoid unauthorised access?
Yes No N/A
A9.2.1 Is equipment sited or protected to reduce risks from environmental threats and
hazards and opportunities for unauthorised access?
Yes No N/A
A9.2.2 Is equipment protected from power failures and other disruptions caused by failures
in supporting utilities?
Yes No N/A
A9.2.3 Are power and telecommunications cabling carrying data or supporting information
protected from interception or damage?
Yes No N/A
https://public-library.safetyculture.io/products/iso270012005-a9-physical-and-environmental-security 2/5
9/15/21, 12:34 PM ISO27001:2005 A9 Physical & Environmental Security Checklist - SafetyCulture
Yes No N/A
A9.2.5 Is security applied to off-site equipment taking into account the different risks of
working outside the organisations premises?
Yes No N/A
A9.2.6 Are all items of equipment containing storage media checked to ensure that any
sensitive data and licensed s/w has been removed or securely overwritten prior to disposal
or re-use?
Yes No N/A
A9.2.7 Is there a mechanism to ensure that equipment, information or s/w are not taken off-
site without prior authorisation?
Yes No N/A
Major non-conformances
https://public-library.safetyculture.io/products/iso270012005-a9-physical-and-environmental-security 3/5
9/15/21, 12:34 PM ISO27001:2005 A9 Physical & Environmental Security Checklist - SafetyCulture
Enter text
Minor non-Conformances
Enter text
https://public-library.safetyculture.io/products/iso270012005-a9-physical-and-environmental-security 4/5
9/15/21, 12:34 PM ISO27001:2005 A9 Physical & Environmental Security Checklist - SafetyCulture
Enter text
Please note that this checklist is a hypothetical example and provides basic information only. It is not intended
to
take the place of, among other things,
workplace, health and safety advice; medical advice, diagnosis, or
treatment;
or other applicable laws. You should also seek your own professional advice to
determine if the use of such
checklist is
permissible in your workplace or jurisdiction.
https://public-library.safetyculture.io/products/iso270012005-a9-physical-and-environmental-security 5/5