iso27001

Facility and site selection is difficult task to do. There are a lot of criteria that to be avoided or to be prioritize. Selecting the best location from the physical security perspective is a complex task. Before doing this selection process, it's better if you review or go through the checklist and list of criteria of the best facility and location selection.

For each criteria you can create a simple scoring system and based on the calculation you can choose the best facility and site that suit you. Below list of physical security guideline.

- Avoid the iconic, trophy, historic, listed, or high-profile sites and/or locations near such sites

- Avoid the uncontrolled public facilities for vehicles (e.g., tunnels, parking areas, etc.) directly beneath or adjacent to the site

- Seek maximum setback from the street on all facades

- Seek maximum physical separation from neighboring buildings

- Seek convenient external assembly points

- Seek close proximity to emergency services

- Seek easy access to major roads or arteries

- Seek sole building occupancy or sole floor occupancy at a minimum

Download Free ISO 27001 Information Security Management Questionnaire Certification as per ISO 27001

The purpose of this ISO 27001 Information Security Management Questionnaire Certification is to collate information within the scope of the project meeting in order to prepare a quotation and assist the certification body in contract review. It forms part of the audit documentation. The statements will be verified during audit stage

ISMS responsibility for the ISMS
- has been fully and separately regulated on all levels (e.g. independent ISMS representative)
- to some extent includes supervisory, cross-site functions (e.g. at operating level)
- is administered at all levels by the persons responsible for the other MS

Download Free ISO 27001 Wireless LAN Security Checklist

This checklist consist more than 50 Wireless Network Security Controls that cover from Management, Technical and Operational side. Download the checklist for more detail controls:
Management Recommendations
1. Develop an agency security policy that addresses the use of wireless technology, including 802.11.
2. Ensure that users on the network are fully trained in computer security awareness and the risks associated with wireless technology.
3. Perform a risk assessment to understand the value of the assets in the agency that need protection.
4. Ensure that the client NIC and AP support firmware upgrade so that security patches may be deployed as they become available (prior to purchase).
5. Perform comprehensive security assessments at regular and random intervals (including validating that rogue APs do not exist in the 802.11 WLAN) to fully understand the wireless network security posture.

Technical Recommendations
1. Understand and make sure that all default parameters are changed.

Download free ISO 27001 Media Handling and Protection Audit Policy and Procedures
Objectives:
- The organization develops and documents media protection policy and procedures;
- The organization disseminates media protection policy and procedures to appropriate elements within the organization;
- Responsible parties within the organization periodically review media protection policy and procedures; and
- The organization updates media protection policy and procedures when organizational review indicates updates are required.

Download free ITIL Security Management Checklist Tools. This simple Checklist used to identify type of IT security incident such as:
- Unauthorized access attempt from locations external to the facility
- Unauthorized access attempt internal to the facility
- Unauthorized monitoring
- Malicious code
- Virus attack