PE-6: Monitoring Physical Access
Control Family:
PF v1.0 References:
Next Version:
- NIST Special Publication 800-53 Revision 5:
- PE-6: Monitoring Physical Access
Control Statement
The organization:
- Monitors physical access to the facility where the information system resides to detect and respond to physical security incidents;
- Reviews physical access logs [Assignment: organization-defined frequency] and upon occurrence of [Assignment: organization-defined events or potential indications of events]; and
- Coordinates results of reviews and investigations with the organizational incident response capability.
Supplemental Guidance
Organizational incident response capabilities include investigations of and responses to detected physical security incidents. Security incidents include, for example, apparent security violations or suspicious physical access activities. Suspicious physical access activities include, for example: (i) accesses outside of normal work hours; (ii) repeated accesses to areas not normally accessed; (iii) accesses for unusual lengths of time; and (iv) out-of-sequence accesses.
Control Enhancements
PE-6(1): Intrusion Alarms / Surveillance Equipment
Baseline(s):
- Moderate
- High
The organization monitors physical intrusion alarms and surveillance equipment.
PE-6(2): Automated Intrusion Recognition / Responses
Baseline(s):
The organization employs automated mechanisms to recognize [Assignment: organization-defined classes/types of intrusions] and initiate [Assignment: organization-defined response actions].
PE-6(3): Video Surveillance
Baseline(s):
The organization employs video surveillance of [Assignment: organization-defined operational areas] and retains video recordings for [Assignment: organization-defined time period].
PE-6(4): Monitoring Physical Access To Information Systems
Baseline(s):
- High
The organization monitors physical access to the information system in addition to the physical access monitoring of the facility as [Assignment: organization-defined physical spaces containing one or more components of the information system].