Navigate

PE-5

PE-5: Access Control for Output Devices

Control physical access to output from [output devices that require physical access control to output are defined;] to prevent unauthorized individuals from obtaining the output.

Supplemental

Controlling physical access to output devices includes placing output devices in locked rooms or other secured areas with keypad or card reader access controls and allowing access to authorized individuals only, placing output devices in locations that can be monitored by personnel, installing monitor or screen filters, and using headphones. Examples of output devices include monitors, printers, scanners, audio devices, facsimile machines, and copiers.

CIA Levels
Confidentiality	moderate
Integrity	unknown
Availability	unknown

Overlays
CMMC, DAF Baseline, Int-A, Int-B, Int-C, Privacy (high), Privacy (moderate)

CSF Categories
PR.AC-2

Related Controls

The controls below (if any) were marked by NIST as being related to PE-5.

Control	Description
PE-2	a: Develop, approve, and maintain a list of individuals with authorized access to the facility where the system resides; b: Issue authorization credentials for facility access; c: Review the access list detailing authorized facility access by individuals [frequency at which to review the access list detailing authorized facility access by individuals is defined;] ; and d: Remove individuals from the facility access list when access is no longer required.
PE-3	a: Enforce physical access authorizations at [entry and exit points to the facility in which the system resides are defined;] by: 1: Verifying individual access authorizations before granting access to the facility; and 2: Controlling ingress and egress to the facility using [one or more of "{{ insert: param, pe-03_odp.03 }} "/"guards"]; b: Maintain physical access audit logs for [entry or exit points for which physical access logs are maintained are defined;]; c: Control access to areas within the facility designated as publicly accessible by implementing the following controls: [physical access controls to control access to areas within the facility designated as publicly accessible are defined;]; d: Escort visitors and control visitor activity [circumstances requiring visitor escorts and control of visitor activity are defined;]; e: Secure keys, combinations, and other physical access devices; f: Inventory [physical access devices to be inventoried are defined;] every [frequency at which to inventory physical access devices is defined;] ; and g: Change combinations and keys [one of ] and/or when keys are lost, combinations are compromised, or when individuals possessing the keys or combinations are transferred or terminated.
PE-4	Control physical access to [system distribution and transmission lines requiring physical access controls are defined;] within organizational facilities using [security controls to be implemented to control physical access to system distribution and transmission lines within the organizational facility are defined;].
PE-18	Position system components within the facility to minimize potential damage from [physical and environmental hazards that could result in potential damage to system components within the facility are defined;] and to minimize the opportunity for unauthorized access.

Enhancements

The controls below (if any) add on to the requirements of PE-5.

Control	Description
PE-5(1)
PE-5(2)	Link individual identity to receipt of output from output devices.
PE-5(3)

Related CCIs

The CCIs below are tied to PE-5.

CCI	Definition
CCI-000937	Control physical access to output from organization-defined output devices to prevent unauthorized individuals from obtaining the output.