iso17799

Facility and site selection is difficult task to do. There are a lot of criteria that to be avoided or to be prioritize. Selecting the best location from the physical security perspective is a complex task. Before doing this selection process, it's better if you review or go through the checklist and list of criteria of the best facility and location selection.

For each criteria you can create a simple scoring system and based on the calculation you can choose the best facility and site that suit you. Below list of physical security guideline.

- Avoid the iconic, trophy, historic, listed, or high-profile sites and/or locations near such sites

- Avoid the uncontrolled public facilities for vehicles (e.g., tunnels, parking areas, etc.) directly beneath or adjacent to the site

- Seek maximum setback from the street on all facades

- Seek maximum physical separation from neighboring buildings

- Seek convenient external assembly points

- Seek close proximity to emergency services

- Seek easy access to major roads or arteries

- Seek sole building occupancy or sole floor occupancy at a minimum

Download Free ISO 27001 Information Security Management Questionnaire Certification as per ISO 27001

The purpose of this ISO 27001 Information Security Management Questionnaire Certification is to collate information within the scope of the project meeting in order to prepare a quotation and assist the certification body in contract review. It forms part of the audit documentation. The statements will be verified during audit stage

ISMS responsibility for the ISMS
- has been fully and separately regulated on all levels (e.g. independent ISMS representative)
- to some extent includes supervisory, cross-site functions (e.g. at operating level)
- is administered at all levels by the persons responsible for the other MS

Download Free ISO 27001 Wireless LAN Security Checklist

This checklist consist more than 50 Wireless Network Security Controls that cover from Management, Technical and Operational side. Download the checklist for more detail controls:
Management Recommendations
1. Develop an agency security policy that addresses the use of wireless technology, including 802.11.
2. Ensure that users on the network are fully trained in computer security awareness and the risks associated with wireless technology.
3. Perform a risk assessment to understand the value of the assets in the agency that need protection.
4. Ensure that the client NIC and AP support firmware upgrade so that security patches may be deployed as they become available (prior to purchase).
5. Perform comprehensive security assessments at regular and random intervals (including validating that rogue APs do not exist in the 802.11 WLAN) to fully understand the wireless network security posture.

Technical Recommendations
1. Understand and make sure that all default parameters are changed.

Download free IT Security Assessment Tools, this tools covering several domain that very useful to be asses during the IT Security Assessment Process. The domain that covered in this tools are:
- Organization reliance on IT
- Risk Management
- People
- Process
- Technology

Download free ISO/IEC 27003 Information Technology Security Techniques. This free Information security management system implementation guidance (draft) is update from ISO 27000 series which including ISO 27001, ISO 27002 and ISO 27003.

The scope of ISO/IEC 27003 is to "provide practical guidance for designing and implementing an information security management system in accordance with ISO/IEC 27001. This document begins with the process of obtaining management approval to define a project to implement the ISMS.