Diese Präsentation wurde erfolgreich gemeldet.
Wir verwenden Ihre LinkedIn Profilangaben und Informationen zu Ihren Aktivitäten, um Anzeigen zu personalisieren und Ihnen relevantere Inhalte anzuzeigen. Sie können Ihre Anzeigeneinstellungen jederzeit ändern.

Control a.11 and a.11.1 - by software outsourcing company in India

This presentation describes the about ISO Control a.11 and a.11.1 by software outsourcing company in India
http://www.ifourtechnolab.com/

  • Als Erste(r) kommentieren

  • Gehören Sie zu den Ersten, denen das gefällt!

Control a.11 and a.11.1 - by software outsourcing company in India

  1. 1. iFour ConsultancyControl A.11 and A.11.1
  2. 2.  Control A.11  A.11.1 : Secure areas  A.11.1.1  A.11.1.2  A.11.1.3  A.11.1.4  A.11.1.5  A.11.1.6  References Contents Custom eCommerce Solution Providershttp://www.ifourtechnolab.com
  3. 3. Control A.11 Physical and environmental security Takes care of both physical and environmental security of an organization Two sub-controls:  A.11.1 : Secure areas  A.11.2 : Equipment  Physical security includes security guards, biometric machines etc  Environmental security includes disaster recovery from earthquake, fire etc Custom eCommerce Solution Providershttp://www.ifourtechnolab.com
  4. 4.  Control objective of A.11.1 :  To prevent unauthorized physical access, damage and interference to the organization’s information and information processing facilities.  Security breach of this control can be there if someone gets unauthorized access to secure areas.  Areas like data centre are critical because of storage of critical information. So, it should be highly secured. Control A.11.1 Secure areas Custom eCommerce Solution Providershttp://www.ifourtechnolab.com
  5. 5. A.11.1.1 : Physical security perimeter  Safety measures should be taken across physical security perimeter to protect areas from any unauthorized access. Control objective:  Security perimeters shall be defined and used to protect areas that contain either sensitive or critical information and information processing facilities. Custom eCommerce Solution Providershttp://www.ifourtechnolab.com
  6. 6.  Control objective:  Secure areas shall be protected by appropriate entry controls to ensure that only authorized personnel are allowed access.  Physical entry controls include:  Password  Passphrase  Biometric  Smart card A.11.1.2 : Physical entry controls Custom eCommerce Solution Providershttp://www.ifourtechnolab.com
  7. 7. A.11.1.3 : Securing offices, rooms and facilities  Control objective:  Physical security for offices, rooms and facilities shall be designed and applied.  Physical security includes:  Security guard  Swipe-in/Swipe-out  Luggage scan  Biometric Custom eCommerce Solution Providershttp://www.ifourtechnolab.com
  8. 8. A.11.1.4 : Protecting against external and environmental threats  Control Objective:  Physical protection against natural disasters, malicious attack or accidents shall be designed and applied.  External threats include:  Earthquake  Tsunami  Environmental threats include:  Global warming  Fire Custom eCommerce Solution Providershttp://www.ifourtechnolab.com
  9. 9.  Control Objective:  Procedures for working in secure areas shall be designed and applied.  Procedures:  CCTV cameras installation  Body scan of people working there  Biometric A.11.1.5 : Working in secure areas Custom eCommerce Solution Providershttp://www.ifourtechnolab.com
  10. 10.  Control Objective:  Access points such as delivery and loading areas and other points where unauthorized persons could enter the premises shall be controlled and, if possible, isolated from information processing facilities to avoid unauthorized access.  Unauthorized access:  Shoulder surfing  Theft of employee ID card  Social Engineering A.11.1.6 : Delivery and loading areas Custom eCommerce Solution Providershttp://www.ifourtechnolab.com
  11. 11. References http://www.slideshare.net/null0x00/iso-27001-2013-changes http://www.bsigroup.com/LocalFiles/en-GB/iso-iec-27001/resources/BSI- ISO27001-transition-guide-UK-EN-pdf.pdf https://en.wikipedia.org/wiki/ISO/IEC_27001:2013 http://www.iso27001security.com/html/27001.html Custom eCommerce Solution Providershttp://www.ifourtechnolab.com
  12. 12. iFour Consultancy Services  Visit these websites for more details: http://www.ifour-consultancy.com http://www.ifourtechnolab.com THANK YOU!!! Custom eCommerce Solution Providershttp://www.ifourtechnolab.com

×