Safety procedures – KIT ISO 27001:2024

The “safety procedures” of the ISO 27001:2024 management system are characterized by the presence of technical controls that express their effectiveness provided they are integrated into the same process.

The safety procedures are:

Controls applied

  • Access control
  • Identity management
  • Authentication information
  • Access rights
  • User terminal devices
  • Privileged access rights
  • Restriction of access to information
  • Access to source code
  • Secure authentication

Applied controls:

  • Physical security perimeters
  • Physical access
  • Security of offices, rooms and facilities
  • Physical security monitoring
  • Protection against physical and environmental threats
  • I work in safe areas
  • Clean workspace and screen
  • Positioning and protection of equipment
  • Security of off-site assets
  • Storage media
  • Support services
  • Cable safety

Controls applied

  • Clock synchronization
  • Using privileged utility programs
  • Installing software on operating systems
  • Network security
  • Network Services Security Control
  • Network segregation
  • Web filtering
  • Using encryption

Controls applied

  • Planning and preparation for information security incident management
  • Evaluation and decision on information security events
  • Information security incident response
  • Learning from information security incidents
  • Collecting evidence
  • Information security during destruction
  • ICT readiness for business continuity

Safety procedures and technical personnel

These procedures, as part of the functioning of the information security management system, unlike what happens with business procedures, oversee processes controlled by technical personnel such as:

  • L’Asset manager
  • The System Administrator
  • The person responsible for the information system
  • Il data protection officer – DPO 

In the information security plan of the ISO 27001:204 procedures document kit, all the controls required by Annex (appendix) A of ISO/IEC 27001:2024 have been considered .


ISO 27001:2024


Complete package of manual, management procedures, safety procedures, forms, management applications, checklists and attachments.

All ready-made and fully editable and customizable content. System with integrated management of information security controls provided for in Annex A of ISO 27001 in its new 2024 version. Declaration of applicability and Information security plan.