PE-3(2): Facility / Information System Boundaries

Control Family:

Physical And Environmental Protection

Parent Control:

PE-3: Physical Access Control

Priority:

P1: Implement P1 security controls first.

CSF v1.1 References:

PR.AC-2
DE.CM-2
DE.CM-7
DE.DP-3

Threats Addressed:

Information Disclosure

Baselines:

(Not part of any baseline)

Next Version:

NIST Special Publication 800-53 Revision 5:
PE-3(2): Facility and Systems

Control Statement

The organization performs security checks [Assignment: organization-defined frequency] at the physical boundary of the facility or information system for unauthorized exfiltration of information or removal of information system components.

Supplemental Guidance

Organizations determine the extent, frequency, and/or randomness of security checks to adequately mitigate risk associated with exfiltration.