Entry control. The rooms in which personal data are processed or data processing systems are installed may not be freely accessible. They must be locked when employees are away. Entry authorizations must be assigned in a regulated procedure on a need-to-know basis and are generally monitored in terms of whether they are necessary. Rooms in which data processing systems (datacenter, server, network distributor, etc.) are located must have particular entry protections and may be accessible only to employees in IT administration (management, if necessary). Alternately, the devices must be stored in suitable and locked cabinets. Visitors and non-company individuals must be registered in a documented procedure and monitored while visiting the offices. The company has implemented the requirement as follows: Locked building Locked offices Electronic security locking system Mechanical security locking system Documented key assignment process Visitor registration Area-dependent authorization IDs Locked server rooms with electronic entry control Locked server cabinets Alarm system for building / offices Alarm system for server room Electronic entry control
Appears in 4 contracts
Samples: Data Protection Agreement, www.bhs-world.com, www.bhs-world.com
