PE-3(2): Facility / Information System Boundaries

CSF v1.1 References:

Threats Addressed:

Baselines:

(Not part of any baseline)

Next Version:

Control Statement

The organization performs security checks [Assignment: organization-defined frequency] at the physical boundary of the facility or information system for unauthorized exfiltration of information or removal of information system components.

Supplemental Guidance

Organizations determine the extent, frequency, and/or randomness of security checks to adequately mitigate risk associated with exfiltration.