Versions Compared

Key

  • This line was added.
  • This line was removed.
  • Formatting was changed.

...

To prevent unauthorized physical access or damage to the organization's information and information processing facilities.

Scope

All Triplics Ltd ecoPortal offices and locations. This Policy applies to all employees of Triplics LtdecoPortal, and to all external parties with physical access to Triplics Ltd ecoPortal owned or leased facilities.

...

Physical offices and processing facilities shall meet all local building codes for construction materials for walls, windows, doors, and access control mechanisms. Some interior zones may be identified as secure areas where physical access is further restricted to a subset of Triplics Ltd ecoPortal personnel; such as private offices, wiring closets, print and server rooms, and server racks.

...

Secure areas shall be protected by appropriate entry controls to ensure that only authorized personnel are allowed access. Where possible, Triplics Ltd ecoPortal access control systems shall be tied to a centralized system that provides granular access control for individual personnel. Access events shall be appropriately logged and reviewed as needed according to risk. Cameras and intrusion detection systems shall be used at facilities that store or process production data.

...

Visitors, delivery personnel, outside support technicians, and other external agents shall not be permitted access to secure areas without escort and/or appropriate oversight. Third-parties in secure areas shall sign in and out on a visitor log and shall be escorted or monitored by Triplics Ltd ecoPortal personnel. Triplics Ltd ecoPortal personnel observing unescorted visitors should approach the visitor, confirm their status, and ensure they return to approved areas, or report the observation to the responsible authority as needed. External party access to secure areas shall be confirmed with appropriate Triplics Ltd ecoPortal personnel prior to being granted access. Triplics Ltd ecoPortal personnel providing access to external parties into secure areas are responsible for ensuring that the third-party personnel adhere to all security requirements, and are accountable for all actions taken by outsiders they provide with access. Visitors may be allowed to work unescorted provided that the Triplics Ltd ecoPortal sponsoring party can ensure that they will not have unauthorized access to Triplics Ltd ecoPortal information systems, networks, or data.

...

Suppliers, vendors, and third-parties shall comply with Triplics Ltd ecoPortal physical security and environmental controls requirements. Triplics Ltd ecoPortal shall assess the adequacy of third-party physical security controls as part of the vendor management process, in accordance with the Third-Party Management Policy.

...