PS-1 Office access

Estimated reading: 2 minutes 1201 views

What is PS-1 Office Access Control?

Office access control is about ensuring that if there is a physical office, the office is secured and protected against unauthorized access.

There are a few core parts to securing any physical office security system that can include deciding who enters the building, monitoring the workspace and ensuring it is safe and usable for the employees, securing the front doors with keys and alarms, installing surveillance cameras, etc. This can also include protecting the office from theft, physical damage, and environmental threats.

Available tools in the marketplace

The following listing is “crowdsourced” from our customer base or from external research. TrustCloud does not personally recommend any of the tools below, as we haven’t used them.

Johnson Controls

Available templates

TrustCloud has a curated list of templates, internally or externally sourced, to help you get started. Click on the link for a downloadable version.

  • An available template from secureFR
  • A copy of an available template policy from the Michigan

Control implementation

To implement this control,

  1. You have to define and document the practices to protect and secure your office or facility. The templates above, can provide guidance or help on how to define and document a policy.
  2. You need to implement physical controls to guard your office or facility. In an office, starting with a process for visitors is usually the first starting point. A visitor log to record office access and visitor badges is a good way to start.
  3. An automated physical security system can be implemented to record physical access to your office. Badges for employees, distinguished from visitor badges, can be installed.

What evidence do auditors look for?

Most auditors, at a minimum, are looking for the below-suggested action.

  1. Documented process for your physical security controls.
  2. A most recent visitor log or access entry log for your office

Evidence example

For the suggested action, an example is provided below:

  1. Documented process for your physical security controls.
    The following screenshot shows a documented process for security controls.
    PS 1 Office access 01
  2. A most recent visitor log or access entry log for your office.
    The following screenshot shows a visitor log template.
    PS 1 Office access 02

Join the conversation

You might also be interested in

Documentation Templates

Documentation Templates are documents that provide a content outline to meet certain documentation needs....

Data Backup Plan Template

The Data Backup Plan template helps you document in detail the data backup needs...

HR-13 Employee Handbook/Code of Conduct

HR-13 Employee Handbook or Code of Conduct communicates the organization’s values and ethics. It...

AUTH-1 Single Sign On (SSO)

Single Sign On (SSO) Control is a best practice recommendation for critical systems....

Security Incident Report Template

The Security Incident Report template helps you document the steps used to assess and...

BIZOPS-6 Disaster Recovery Testing

BIZOPS-6 Disaster Recovery Testing control refers to the exercise of identifying the critical systems...

PDP-10 SDLC – Separation of environments

PDP-10 SDLC Separation of Environments is important to maintain separate environments to develop, test,...

Privacy Committee Charter Template

Privacy Committee Charter serves as a foundational document, establishing the framework for the committee's...