Navigate

CCI-000948

CCI-000948 Definition

Review visitor access records in accordance with organization-defined frequency.

Status
Type	CheckType.policy

Master Assessment Datasheet

Implementation Guidance

The organization being inspected/assessed conducts reviews of visitor access records every 30 days and must establish and maintain a documented audit trail within the authorization lifecycle. DoD has defined the frequency as every 30 days.

Validation Procedures

The organization conducting the inspection/assessment obtains and examines the audit documentation of visitor access record review to ensure the inspected organization is conducting reviews every 30 days. DoD has defined the frequency as every 30 days.

Compelling Evidence

1.) Facility access control policy and procedures 2.) Audit trail

Related Controls

The controls below (if any) were marked by NIST as being related to CCI-000948.

Control	Description
PE-8	The organization: a: Maintains visitor access records to the facility where the information system resides for [organization-defined time period]; and b: Reviews visitor access records [organization-defined frequency].