PE-6: Monitoring Physical Access
Control Family:
PF v1.0 References:
Previous Version:
- NIST Special Publication 800-53 Revision 4:
- PE-6: Monitoring Physical Access
Control Statement
- Monitor physical access to the facility where the system resides to detect and respond to physical security incidents;
- Review physical access logs [Assignment: organization-defined frequency] and upon occurrence of [Assignment: organization-defined events or potential indications of events]; and
- Coordinate results of reviews and investigations with the organizational incident response capability.
Supplemental Guidance
Physical access monitoring includes publicly accessible areas within organizational facilities. Examples of physical access monitoring include the employment of guards, video surveillance equipment (i.e., cameras), and sensor devices. Reviewing physical access logs can help identify suspicious activity, anomalous events, or potential threats. The reviews can be supported by audit logging controls, such as AU-2, if the access logs are part of an automated system. Organizational incident response capabilities include investigations of physical security incidents and responses to the incidents. Incidents include security violations or suspicious physical access activities. Suspicious physical access activities include accesses outside of normal work hours, repeated accesses to areas not normally accessed, accesses for unusual lengths of time, and out-of-sequence accesses.
Control Enhancements
PE-6(1): Intrusion Alarms and Surveillance Equipment
Baseline(s):
- Moderate
- High
Monitor physical access to the facility where the system resides using physical intrusion alarms and surveillance equipment.
PE-6(2): Automated Intrusion Recognition and Responses
Baseline(s):
Recognize [Assignment: organization-defined classes or types of intrusions] and initiate [Assignment: organization-defined response actions] using [Assignment: organization-defined automated mechanisms].
PE-6(3): Video Surveillance
Baseline(s):
Employ video surveillance of [Assignment: organization-defined operational areas]; Review video recordings [Assignment: organization-defined frequency]; and Retain video recordings for [Assignment: organization-defined time period].
PE-6(4): Monitoring Physical Access to Systems
Baseline(s):
- High
Monitor physical access to the system in addition to the physical access monitoring of the facility at [Assignment: organization-defined physical spaces containing one or more components of the system].