Navigate

CCI-000915

CCI-000915 Definition

The organization defines the frequency with which to review the access list detailing authorized facility access by individuals.

Status
Type	CheckType.policy

Master Assessment Datasheet

Implementation Guidance

DoD has defined the frequency as every 90 days.

Validation Procedures

The organization being inspected/assessed is automatically compliant with this CCI because they are covered at the DoD level. DoD has defined the frequency as every 90 days.

Compelling Evidence

Automatically Compliant

Related Controls

The controls below (if any) were marked by NIST as being related to CCI-000915.

Control	Description
PE-2	The organization: PE-2a.: Develops, approves, and maintains a list of individuals with authorized access to the facility where the information system resides; PE-2b.: Issues authorization credentials for facility access; PE-2c.: Reviews the access list detailing authorized facility access by individuals [Assignment: organization-defined frequency]; and PE-2d.: Removes individuals from the facility access list when access is no longer required.

Control

Description

PE-2

The organization:

PE-2a.: Develops, approves, and maintains a list of individuals with authorized access to the facility where the information system resides;

PE-2b.: Issues authorization credentials for facility access;

PE-2c.: Reviews the access list detailing authorized facility access by individuals [Assignment: organization-defined frequency]; and

PE-2d.: Removes individuals from the facility access list when access is no longer required.