Secure areas of the organization cannot be accessed unnoticed. The premises are protected by appropriate access control. Only authorized persons have access to the secure areas.
Visitors shall have access to secure areas only with permission, after they are appropriately identified and their access rights shall be limited to the necessary facilities. All visits are recorded in the visitor log. In addition, staff have guidelines about safe operating in connection with visits.
Equipment should be serviced at intervals recommended by the supplier and in accordance with the supplier's specifications.
External support staff, such as maintenance or cleaning staff, will only be granted access to the necessary security areas and confidential data processing services they need. Access rights for external support staff are reviewed regularly.