PE-5(2): Access To Output By Individual Identity

Control Family:

Physical And Environmental Protection

Parent Control:

PE-5: Access Control For Output Devices

Priority:

P2: Implement P2 security controls after implementation of P1 controls.

CSF v1.1 References:

PR.AC-2

Threats Addressed:

Information Disclosure

Baselines:

(Not part of any baseline)

Next Version:

NIST Special Publication 800-53 Revision 5:
PE-5(2): Link to Individual Identity

Control Statement

The information system:

Controls physical access to output from [Assignment: organization-defined output devices]; and
Links individual identity to receipt of the output from the device.

Supplemental Guidance

Controlling physical access to selected output devices includes, for example, installing security functionality on printers, copiers, and facsimile machines that allows organizations to implement authentication (e.g., using a PIN or hardware token) on output devices prior to the release of output to individuals.