Back

Establish, implement, and maintain a clear screen policy.


CONTROL ID
12436
CONTROL TYPE
Technical Security
CLASSIFICATION
Preventive

SUPPORTING AND SUPPORTED CONTROLS



This Control directly supports the implied Control(s):
  • Establish, implement, and maintain physical security controls for distributed assets., CC ID: 00718

There are no implementation support Controls.


SELECTED AUTHORITY DOCUMENTS COMPLIED WITH



  • A clear desk policy for papers and removable storage media and a clear screen policy for information processing facilities shall be adopted. (A.11.2.9 Control, ISO 27001:2013, Information Technology - Security Techniques - Information Security Management Systems - Requirements, 2013)
  • A clear desk policy for papers and removable storage media and a clear screen policy for information processing facilities should be adopted. (§ 11.2.9 Control, ISO/IEC 27002:2013(E), Information technology — Security techniques — Code of practice for information security controls, Second Edition)
  • Clear desk rules for papers and removable storage media and clear screen rules for information processing facilities should be defined and appropriately enforced. (§ 7.7 Control, ISO/IEC 27002:2022, Information security, cybersecurity and privacy protection — Information security controls, Third Edition)