The clean desk/clear screen policy requires that workplaces are tidied when left (no confidential documents visible) and screens are locked (no unattended sessions).
ISO 27001 Annex A control A.7.7 (Clear Desk and Clear Screen) explicitly defines this requirement. In practice, it covers: storing confidential documents in lockable cabinets, no passwords on sticky notes, automatic screen lock after inactivity (typically 5-15 minutes), keyboard shortcuts for manual locking (Windows: Win+L, Mac: Ctrl+Cmd+Q), and shredding documents no longer needed. The policy is one of the most visible daily security measures and is frequently checked during physical audits.