1.8 KiB
| implementation-status | control-origination | ||
|---|---|---|---|
|
|
pe-8 - [catalog] Visitor Access Records
Control Statement
-
[a] Maintain visitor access records to the facility where the system resides for time period;
-
[b] Review visitor access records frequency ; and
-
[c] Report anomalies in visitor access records to personnel.
Control guidance
Visitor access records include the names and organizations of individuals visiting, visitor signatures, forms of identification, dates of access, entry and departure times, purpose of visits, and the names and organizations of individuals visited. Access record reviews determine if access authorizations are current and are still required to support organizational mission and business functions. Access records are not required for publicly accessible areas.
Control assessment-objective
visitor access records for the facility where the system resides are maintained for time period; visitor access records are reviewed frequency; visitor access records anomalies are reported to personnel.
What is the solution and how is it implemented?
Implementation a.
Customer applications fully inherit this control from cloud.gov.
Implementation b.
Customer applications fully inherit this control from cloud.gov.
Implementation c.
Customer applications fully inherit this control from cloud.gov.