Physical Security Policy
Physical Security Policy
SECURITY
POLICY
1
© Distributed by Resilify.io under a Creative Commons Share Alike License.
Physical Security Policy
Version Control
Owner Version Edited By Date Change History
IS Rep 0.1 Assent 14/10/2019 First Draft
Distribution
Held Format Location Comments
By
User Digital / Physical
Status
X Status Approved By Date
X Working DD/MM/YYYY
Draft
Provisional Approval
Publication
Classification
Confidential
X Restricted
Unclassified
Relevance to Standard
License
2
© Distributed by Resilify.io under a Creative Commons Share Alike License.
Contents
2.0 Policy___________________________________________________________________________________________4
2.1 Secure Perimeter______________________________________________________________________________________4
2.2 End of Day Routine____________________________________________________________________________________4
2.3 Physical Entry_________________________________________________________________________________________4
2.4 Issue of Fobs___________________________________________________________________________________________5
2.5 Lost/Damaged Fobs___________________________________________________________________________________5
2.6 Return of Fobs_________________________________________________________________________________________5
2.7 Access Fob Reviews___________________________________________________________________________________5
2.8 Logging & Monitoring_________________________________________________________________________________6
3
© Distributed by Resilify.io under a Creative Commons Share Alike License.
Physical Security Policy
1.0 Overview
1.1 Principles
Need-to-know; you are only granted access to the information you need
to perform your tasks (different tasks/roles mean different need-to-know
and hence different access profile).
2.0 Policy
The last person to leave has responsibilities for securing the premises at
the end of the day and must ensure:
4
© Distributed by Resilify.io under a Creative Commons Share Alike License.
Do not permit people to tail-gate through open doors.
All visitors and third parties must report to reception and sign in.
For lost fobs, an incident investigation will take place to determine any
additional threats.
5
© Distributed by Resilify.io under a Creative Commons Share Alike License.
Employees may be asked to confirm that fobs issued to them are still in
their possession.
The physical access control system records when fobs are used, and at
which control points. This can be linked to your employee id.
This log information may be used to investigate incidents and in line with
the disciplinary policy.
Disciplinary Policy
Clear Desk and Screen Policy.
6
© Distributed by Resilify.io under a Creative Commons Share Alike License.