CLEAR DESK &
SCREEN
POLICY
1
© Distributed by Resilify.io under a Creative Commons Share Alike License.
�Clear Desk & Screen Policy
Version Control
Owner Version Edited By Date Change History
IS Rep 0.1 Assent 19/01/2016 First Draft
Distribution
Held Format Location Comments
By
User Digital / Physical
Status
X Status Approved By Date
X Working DD/MM/YYYY
Draft
Provisional Approval
Publication
Classification
X Confidential
Restricted
Unclassified
Relevance to Standard
Standard Clause Title
[ISO 27001:2013] [A11.2.9] [Clear Desk & Screen Policy]
License
Licensed by Assent Risk Management via Resilify.io Under a Creative Commons Share Alike License.
2
© Distributed by Resilify.io under a Creative Commons Share Alike License.
�Contents
Clear Desk & Screen Policy________________________________________________________________________2
Contents_______________________________________________________________________________________________3
Clear Desk & Screen Policy________________________________________________________________________4
1.0 Overview______________________________________________________________________________________4
2.0 Policy___________________________________________________________________________________________4
2.1 Clear Desk Policy During Working Hours___________________________________________________________4
2.2 Clear Desk Policy Outside of Office Hours___________________________________________________________4
2.3 Classification of Information_________________________________________________________________________4
2.4 Clear Screen Policy____________________________________________________________________________________5
2.5 Visitors & 3rd Parties at the Workstation____________________________________________________________5
3.0 Related Policies_______________________________________________________________________________5
3
© Distributed by Resilify.io under a Creative Commons Share Alike License.
�Clear Desk & Screen Policy
1.0 Overview
This policy sets out the controls to protect the organisation’s information assets
whilst they are in use.
2.0 Policy
2.1 Clear Desk Policy During Working Hours
It is accepted that during working hours you may need easy access to
information in order to perform your role.
However, the classification of this information should be considered when
leaving information on your desk, in trays or otherwise unprotected.
When walking away from your desk for a period of more than 5 minutes,
all confidential information should be removed from sight and locked away.
Other classifications of information may be left on the desk, providing there
is reasonable protection to prevent unauthorized access or other
disruption or loss.
2.2 Clear Desk Policy Outside of Office Hours
Outside of office hours, all information, regardless of classification,
should be locked away to prevent unauthorized access and reduce the
fire hazard.
2.3 Classification of Information
Please refer to our Classification procedure.
4
© Distributed by Resilify.io under a Creative Commons Share Alike License.
� 2.4 Clear Screen Policy
It is accepted that during working hours you may need to access digital
information in order to perform your role.
This may involve accessing information from various systems using
multiple windows.
When you have finished using a system or window, the account should
be logged out and the window closed.
When leaving your desk for any period, the computer should be locked
and require a password to reactivate.
2.5 Visitors & 3rd Parties at the Workstation
Occasionally there may be visitors or other 3rd parties on site. In these
cases, staff should consider the information that can be overlooked,
overheard, or otherwise gleamed by those 3rd parties.
In situations where 3rd parties need to join you at your workstation, close
all software screens (windows) down and turn over any paper documents
that are confidential in nature.
3.0 Related Policies
Classification & Handling
5
© Distributed by Resilify.io under a Creative Commons Share Alike License.
