Professional Documents
Culture Documents
Document Id.
Id.:: ISPolicy039
ISguide
Version No.
No.: : 3.0
1.0
Released on
on: : 18/07/17
22/05/06
Review History
Document History
Ver. Release DCR Ref. Description of Authored/ Reviewed Approved
No. Date Change Revised By By
By
1.0 09/06/06 DCR/002 Final release QA Group ISMS CISO
Forum
2.0 01/06/09 DCR/ISMS ISMS Periodic QAG ISMS CISO
/066 Review Forum
2.0 07/04/11 NA ISMS Periodic QAG ISMS CISO
Review Forum
2.0 01/06/12 NA ISMS Periodic QAG ISMS CISO
Review Forum
2.1 09/08/12 DCR/ISMS Classification QAG ISMS CISO
/105 changed to Forum
Internal
2.2 01/01/14 DCR/ISMS RSI Logo ISMS Manager CISO
/112 Updated Team QAG
3.0 15/06/15 DCR/ISMS Document ISMS Manager CISO
/122 revised and Team QAG
updated as per
ISO 27001:2013
3.0 15/06/15 DCR/ISMS Annual Review- ISMS Sr. CISO
/132 22/06/16 Team Manager
QAG
3.0 18/07/17 DCR/ISMS Annual Review ISMS AVP CISO
/136 Team Admin
Notes:
Only controlled hardcopies of the document shall have signatures on them.
This is an internal document. Unauthorized access or copying is prohibited.
Uncontrolled when printed unless signed by approving authority.
Table of Contents
1. Overview ........................................................................................................... 5
2. Objective ........................................................................................................... 5
3. Scope................................................................................................................ 5
4. Policy ................................................................................................................ 5
4.1 Secure Areas .................................................................................................. 5
4.1.1 Physical Security Perimeter ......................................................................... 5
4.1.2 Physical Entry Controls ................................................................................ 5
4.1.3 Securing Offices, Rooms and Facilities ....................................................... 6
4.1.4 Protecting against external and environmental threats ............................. 6
4.1.5 Working in Secure Areas .......................................................................... 6
4.1.6 Delivery and Loading Areas ...................................................................... 6
4.2 Equipment Security ...................................................................................... 6
4.2.1 Equipment siting and protection ................................................................ 6
4.2.2 Supporting Utilities .................................................................................... 7
4.2.3 Cabling Security ........................................................................................ 7
4.2.4 Equipment Maintenance ........................................................................... 7
4.2.5 Removal of Assets .................................................................................... 7
4.2.6 Security of Equipment and Assets Off-Premises ...................................... 8
4.2.7 Secure Disposal or Reuse of Equipment .................................................. 8
4.2.8 Unattended User Equipment ........................................................................ 8
4.2.9 Clear Desk and Clear Screen Policy ............................................................ 8
1. Overview
This document outlines management’s intent to prevent unauthorized physical access,
damage, and interference to the RSI’s premises and information processing facilities
2. Objective
To prevent unauthorized physical access, damage, and interference to the
organization’s premises and information.
To prevent loss, damage, theft or compromise of assets and interruption to the
organization’s activities.
3. Scope
This policy applies to all employees, third party personnel and contractors at RSI’s
premises.
4. Policy
Environmental conditions shall be monitored to ensure that they do not have adverse
effects on the operation of information processing facilities. All storage media having
non-public information shall be physically protected.
All equipments shall be maintained regularly as per the manufacturers recommended
service intervals and specifications.