DCS-04: Secure Media Transportation Policy and Procedures

Control Family:

Datacenter Security

CSF v1.1 References:

PF v1.0 References:

Info icon.

Control is new to this version of the control set and incorporates the following items from the previous version: GRM-06: Policy, GRM-09: Policy Reviews.

Control Statement

Establish, document, approve, communicate, apply, evaluate and maintain policies and procedures for the secure transportation of physical media. Review and update the policies and procedures at least annually.

Implementation Guidance

Secure transportation of physical media should include secure information-handling policies and procedures for storage, packaging by internal or external personnel (third-parties, such as couriers), internal delivery, packaging for external mail or courier services, and shipping tracking.

Auditing Guidance

  1. Examine the organization's policy and procedures for secure transportation of physical media.
  2. Determine if policy has been approved, communicated, and reviewed.

[csf.tools Note: For more information on the Cloud Controls Matrix, visit the CSA Cloud Controls Matrix Homepage.]

Cloud Control Matrix is Copyright 2023 Cloud Security Alliance.