Navigate

CCI-000921

CCI-000921 Definition

The organization controls ingress/egress to the facility where the information system resides using one or more organization-defined physical access control systems/devices or guards.

Status
Type	CheckType.policy

Master Assessment Datasheet

Implementation Guidance

Validation Procedures

Related Controls

The controls below (if any) were marked by NIST as being related to CCI-000921.

Control	Description
PE-3	The organization: a: Enforces physical access authorizations at [one of ] by; 1: Verifying individual access authorizations before granting access to the facility; and 2: Controlling ingress/egress to the facility using [one or more of " {{ insert: param, pe-3_prm_3 }} "/"guards"]; b: Maintains physical access audit logs for [one of ]; c: Provides [one of ] to control access to areas within the facility officially designated as publicly accessible; d: Escorts visitors and monitors visitor activity [one of ]; e: Secures keys, combinations, and other physical access devices; f: Inventories [one of ] every [one of ]; and g: Changes combinations and keys [one of ] and/or when keys are lost, combinations are compromised, or individuals are transferred or terminated.

Control

Description

PE-3

The organization:

a: Enforces physical access authorizations at [one of ] by;
- 1: Verifying individual access authorizations before granting access to the facility; and
- 2: Controlling ingress/egress to the facility using [one or more of " {{ insert: param, pe-3_prm_3 }} "/"guards"];

b: Maintains physical access audit logs for [one of ];

c: Provides [one of ] to control access to areas within the facility officially designated as publicly accessible;

d: Escorts visitors and monitors visitor activity [one of ];

e: Secures keys, combinations, and other physical access devices;

f: Inventories [one of ] every [one of ]; and

g: Changes combinations and keys [one of ] and/or when keys are lost, combinations are compromised, or individuals are transferred or terminated.