ABSTRACT
The physical (environmental) security domain addresses the common physical, environmental, and procedural risks that may exist in the environment in which the information system is managed. It also addresses physical and procedural defensive and recovery strategies, countermeasures, and resources, including the corporate physical infrastructure, security policies and procedures, physical security tools, and the organization’s staff.
