| 💼 52a authorisation, registration and regular review of users and associated transfer mechanisms and devices, including printers, telephony and video conferencing equipment. Users with a greater level of access to sensitive data would be subject to increased scrutiny; | | | | | no data |
| 💼 52b appropriate blocking, filtering and monitoring of electronic transfer mechanisms, websites and printing; | | | | | no data |
| 💼 52c appropriate encryption, cleansing and auditing of devices; | | 9 | 9 | | no data |
| 💼 52d appropriate segmentation of data, based on sensitivity and access needs; | | 10 | 10 | | no data |
| 💼 52e monitoring for unauthorised software and hardware (e.g. key loggers, password cracking software, wireless access points, business implemented technology solutions); | | 9 | 9 | | no data |
| 💼 52f appropriate removal of sensitive data after recovery tests are concluded. | | | | | no data |