Implementing Physical Protection

The auditor should always remember electronic attacks are the greatest concern because the intruder usually goes undetected and is almost never caught. Physical barriers are frequently used to protect physical assets. Earlier in the chapter, we discussed the creation of a map displaying access routes and locked doors. After risk assessment, the next step is to improve physical protection.

Let’s review a few of the common techniques for increasing physical protection:

Closed-Circuit Television Closed-circuit television can provide real-time monitoring or audit logs of past activity. Access routes are frequently monitored by using closed-circuit television. The auditor may be interested in the image quality and ...

Get CISA® Certified Information Systems Auditor®: Study Guide, Third Edition now with the O’Reilly learning platform.

O’Reilly members experience live online training, plus books, videos, and digital content from nearly 200 publishers.