When to use this
Use this procedure template to define how premises are monitored for unauthorized physical access.
Related controls
- A.7.4 Physical Security Monitoring
- A.6.8 Information Security Event Reporting
- A.5.25 Assessment and Decision on Information Security Events
Procedure definition
| Area/system monitored | Monitoring method | Monitoring hours | Alert recipient | Response target | Escalation route | Evidence retained |
|---|---|---|---|---|---|---|
| TBD | Alarm/CCTV/access alert/patrol/service | 24x7 / business hours | TBD | TBD | Facilities -> security -> incident manager | TBD |
Response steps
- Receive and record alert.
- Verify whether the alert is likely false or real.
- Dispatch appropriate responder.
- Escalate according to severity and affected area.
- Notify information security if information/assets may be affected.
- Preserve relevant evidence.
- Record closure and corrective actions.
- Update false alarm register if applicable.
- Template
- Iso27001
- Physical controls
- Monitoring
Note Metadata
Aliases: Physical Monitoring Procedure
Source: 90 Templates/Physical Security Monitoring Procedure.md
Related Notes
- ISO 27001 A.5.25 - Assessment and Decision on Information Security Events
- ISO 27001 A.6.8 - Information Security Event Reporting
- ISO 27001 A.7.4 - Physical Security Monitoring
- A.7 Physical Controls MOC
- A.7.4 Audit Evidence Pack
- A.7 Physical Controls Implementation Guide
- A.7 Physical Controls Audit Guide
- A.7 Physical Controls Implementation Audit Risk Mapping
- ISO 27002 Annex A Control Interpretation Map
- A.7.4 Audit Checklist
- Physical Security Alarm Test Record
- Templates MOC