ISO27001:2005 A9 Physical & Environmental Security

Anonymous

ISO27001:2005 A9 Physical & Environmental Security

Use this Template

Print as PDF

Use this Template

Go digital today!

Convert your paper checklists into digital forms

Scan this QR code to use this paper checklist on your smartphone or tablet or visit https://safetyculture.com/

app-store-download

play-store-download

Scannable QR Code to download App

Information

Audit Title
Document No.
Client / Site
Conducted on
Prepared by
Location
Personnel

A9 Physical and Environmental Security

A9.1 Secure Areas

A9.1.1 Are security perimeters (e.g. walls, card-controlled entry gates or manned reception desks) used to protect areas which contain information and information processing facilities?
A9.1.2 Are secure areas protected by appropriate entry controls to ensure only authorised personnel are allowed access?
A9.1.3 Are physical security for offices, rooms and facilities designed and applied?
A9.1.4 Is physical protection against damage from fire, flood, earthquake, explosion, civil unrest and other forms of natural or man-made disaster designed and applied?
A9.1.5 Are physical protection and guidelines for working in secure areas designed and applied?
A9.1.6 Are access points such as delivery and loading areas (& other points) where unauthorised persons may enter the premises controlled, and if possible, isolated from information processing facilities to avoid unauthorised access?

A9.2 Equipment Security

A9.2.1 Is equipment sited or protected to reduce risks from environmental threats and hazards and opportunities for unauthorised access?
A9.2.2 Is equipment protected from power failures and other disruptions caused by failures in supporting utilities?
A9.2.3 Are power and telecommunications cabling carrying data or supporting information protected from interception or damage?
A9.2.4 Is equipment correctly maintained to ensure it continued availability and integrity?
A9.2.5 Is security applied to off-site equipment taking into account the different risks of working outside the organisations premises?
A9.2.6 Are all items of equipment containing storage media checked to ensure that any sensitive data and licensed s/w has been removed or securely overwritten prior to disposal or re-use?
A9.2.7 Is there a mechanism to ensure that equipment, information or s/w are not taken off-site without prior authorisation?

Major non-conformances

List any MAJOR non-conformances

Minor non-Conformances

List all MINOR non-conformances

Observations and opportunities for improvemement

List any observations or opportunities for improvement
Sign off the audit

ISO27001:2005 A9 Physical & Environmental Security

Anonymous

ISO27001:2005 A9 Physical & Environmental Security

Use this Template

Print as PDF

The templates available in our Public Library have been created by our customers and employees to help get you started using SafetyCulture's solutions. The templates are intended to be used as hypothetical examples only and should not be used as a substitute for professional advice. You should seek your own professional advice to determine if the use of a template is permissible in your workplace or jurisdiction. You should independently determine whether the template is suitable for your circumstances.

Related checklists

Incident Report

26,811 Downloads

Daily Temperature Log

Daily Temperature Log

20,437 Downloads

Heavy Vehicle Inspection

Heavy Vehicle Inspection

19,778 Downloads

Employee File Checklist

10,142 Downloads

Mine Site Safety Inspection

Mine Site Safety Inspection

9,529 Downloads

Food Safety & HACCP Audit

Food Safety & HACCP Audit

7,991 Downloads

6,824 Downloads

Residence Inn Guest room inspection

6,621 Downloads

6,492 Downloads

Injury, Accident, Incident Report

6,405 Downloads