Free ebook: NIS2 ready using ISO 27001 best practices
Download ebook
Topics
ISO 27001
NIS2
Getting started
Framework management
Product security
Settings & advanced
Trial and subscription
User management
Community
Documentation
Personnel guidelines
Reporting
Task management
GDPR
Internal auditing
Personnel security
Risk management
Working as a partner
Continuous improvement
Team collaboration
Show all topics
Webinars
ISO 27001: Build a cyber security plan, that gets you compliant
NIS2: Intro to NIS2 Directive and Cyberday
Show all webinars
Videos
Asset documentation
Continuously improving your ISMS
Cyberday overall intro
ISO 27001 and certification audit fundamentals
ISO 27001 and personnel awareness
ISO 27001 and risk management
ISO 27001 introduction
NIS2 introduction
Show all videos
Helps
Documentation
For admins
For partners
Frameworks
Guideline mgmt
Other features
Reporting
Setup and integrations
Task mgmt
User management
Show all helps
Blogs
Cannes Hospital data breach, the impact of AI and NIS2 evolution: the Cyberday product and news round-up 5/2024 🛡️
6 ways to assess security work effectiveness
Access Control & MFA (NIS2 21.2): Build A Solid Foundation with ISO 27001 Best Practices
Understanding HR Security Basics for ISO 27001 & NIS2 Compliance
Build your NIS2 measures for Business Continuity and Backups with ISO 27001
Show all blogs
Content library
Kiitos! Saat jatkossa uutiskirjeen sähköpostiisi joka perjantai.
Valitettavasti jotain meni pieleen. Voit olla yhteydessä tiimi@tietosuojamalli.fi.
Kiitos! Saat jatkossa uutiskirjeen sähköpostiisi joka perjantai.
Valitettavasti jotain meni pieleen. Voit olla yhteydessä tiimi@tietosuojamalli.fi.
Cyberday.ai
Get started
Login
Content library
ISO 27001

Kulunvalvonta

11.1.2
ISO 27001

Notification process in case of loss of physical identifiers

Critical
High
Normal
Low

Staff have instructions and tools to help them report a lost physical identifier (e.g. keychain, smart card, smart sticker).

See an example process description from task's page
Connected other frameworks and requirements:
11.1.2: Physical entry controls
ISO 27001
7.2: Physical entry
ISO 27001

Physical access control to building, offices and other premises

Critical
High
Normal
Low

Secure areas of the organization cannot be accessed unnoticed. The premises are protected by appropriate access control. Only authorized persons have access to the secure areas.

See an example process description from task's page
Connected other frameworks and requirements:
F04: Kulkuoikeuksien hallinta
11.1.2: Physical entry controls
ISO 27001
11.1.1: Physical security perimeter
ISO 27001
PR.AC-2: Physical access control
NIST CSF
DE.CM-2: The physical environment monitoring
NIST CSF

Visitor instructions and log

Critical
High
Normal
Low

Visitors shall have access to secure areas only with permission, after they are appropriately identified and their access rights shall be limited to the necessary facilities. All visits are recorded in the visitor log. In addition, staff have guidelines about safe operating in connection with visits.

See an example process description from task's page
Connected other frameworks and requirements:
F04: Kulkuoikeuksien hallinta
11.1.2: Physical entry controls
ISO 27001
PR.AC-2: Physical access control
NIST CSF
7.2: Physical entry
ISO 27001

Using keys and other IDs that produce electronic movement log

Critical
High
Normal
Low

It is not possible to move around the premises without tags that record the person's movements in an electronic logbook.

See an example process description from task's page
Connected other frameworks and requirements:
11.1.2: Physical entry controls
ISO 27001
7.2: Physical entry
ISO 27001

Using visible IDs

Critical
High
Normal
Low

People can't move around the organization's premises without a visible identifier.

See an example process description from task's page
Connected other frameworks and requirements:
11.1.2: Physical entry controls
ISO 27001
11.1.6: Delivery and loading areas
ISO 27001
7.2: Physical entry
ISO 27001

Limited access and monitoring of support staff

Critical
High
Normal
Low

External support staff, such as maintenance or cleaning staff, will only be granted access to the necessary security areas and confidential data processing services they need. Access rights for external support staff are reviewed regularly.

See an example process description from task's page
Connected other frameworks and requirements:
11.1.2: Physical entry controls
ISO 27001
F04: Kulkuoikeuksien hallinta
7.2: Physical entry
ISO 27001
No items found.

Subscribe to Academy today

Elevate Your Knowledge with Exclusive Access to Weekly Webinars, Video Courses, Help Articles, and Blogs.

Kiitos! Saat jatkossa uutiskirjeen sähköpostiisi joka perjantai.
Valitettavasti jotain meni pieleen. Voit olla yhteydessä tiimi@tietosuojamalli.fi.
Topics
User management
GDPR
Community
Task management
Risk management
Show all
Webinars
ISO 27001: Build a cyber security plan, that gets you compliant
NIS2: Intro to NIS2 Directive and Cyberday
Show all
Videos
ISO 27001 introduction
NIS2 introduction
ISO 27001 and certification audit fundamentals
Asset documentation
ISO 27001 and personnel awareness
Show all
Helps
Documentation
For partners
Other features
Reporting
Guideline mgmt
Show all
Blogs
Cannes Hospital data breach, the impact of AI and NIS2 evolution: the Cyberday product and news round-up 5/2024 🛡️
6 ways to assess security work effectiveness
Access Control & MFA (NIS2 21.2): Build A Solid Foundation with ISO 27001 Best Practices
Understanding HR Security Basics for ISO 27001 & NIS2 Compliance
Build your NIS2 measures for Business Continuity and Backups with ISO 27001
Show all
Content library
Open content libraryLabs
Kiitos! Saat jatkossa uutiskirjeen sähköpostiisi joka perjantai.
Valitettavasti jotain meni pieleen. Voit olla yhteydessä tiimi@tietosuojamalli.fi.