zydronium/manage.get.gov
1
0
Fork 0
mirror of https://github.com/cisagov/manage.get.gov.git synced 2025-08-05 01:11:55 +02:00
Code Issues Projects Releases Packages Wiki Activity
manage.get.gov/docs/compliance/dist/system-security-plans/ato/pe-6.md
Logan McDonald 1d3dfdb8d5
Add compliance documentation to source control (#116) 
* add initial setup of compliance-trestle
2022-09-14 08:46:43 -04:00

2.6 KiB
Raw Blame History

implementation-status control-origination
c-not-implemented
c-inherited-cloud-gov
c-inherited-cisa
c-common-control
c-system-specific-control

pe-6 - [catalog] Monitoring Physical Access

Control Statement

  • [a] Monitor physical access to the facility where the system resides to detect and respond to physical security incidents;

  • [b] Review physical access logs frequency and upon occurrence of events ; and

  • [c] Coordinate results of reviews and investigations with the organizational incident response capability.

Control guidance

Physical access monitoring includes publicly accessible areas within organizational facilities. Examples of physical access monitoring include the employment of guards, video surveillance equipment (i.e., cameras), and sensor devices. Reviewing physical access logs can help identify suspicious activity, anomalous events, or potential threats. The reviews can be supported by audit logging controls, such as AU-2 , if the access logs are part of an automated system. Organizational incident response capabilities include investigations of physical security incidents and responses to the incidents. Incidents include security violations or suspicious physical access activities. Suspicious physical access activities include accesses outside of normal work hours, repeated accesses to areas not normally accessed, accesses for unusual lengths of time, and out-of-sequence accesses.

Control assessment-objective

physical access to the facility where the system resides is monitored to detect and respond to physical security incidents; physical access logs are reviewed frequency; physical access logs are reviewed upon occurrence of events; results of reviews are coordinated with organizational incident response capabilities; results of investigations are coordinated with organizational incident response capabilities.

What is the solution and how is it implemented?

Implementation a.

Add control implementation description here for item pe-6_smt.a

Implementation b.

Add control implementation description here for item pe-6_smt.b

Implementation c.

Add control implementation description here for item pe-6_smt.c