This sample policy is designed to help organizations prevent unauthorized access, damage and interference to business premises and information.

In this sample, organizations must use security perimeters to protect areas that contain information processing facilities; secure areas must be protected by appropriate entry controls to ensure that only authorized personnel are allowed access; secure areas must be created in order to protect offices, rooms and facilities with special security requirements; and additional controls and guidelines for working in secure areas must be used to enhance the security provided by the physical controls protecting the secure areas.