The Practice of Designing and Applying Physical Security Controls in the Light of the Requirements Set in the International Standard ISO/IEC 27001

Adequate protection of information and information systems requires careful planning and implementation of a large number of controls by businesses. In many cases, they do it by applying an information security framework, most often the international standard ISO/IEC 27001. There are instructions in the standard which deal with developing the physical security of information systems. This study discusses design and operational considerations that may help security professionals to develop physical security systems that meet the standard requirements.