SPARC

Physical and Environmental Protection

Catalog: Electronic (OSCAL) Version of NIST SP 800-53 Rev 5.2.0 Controls and SP 800-53A Rev 5.2.0 Assessment Procedures | Controls: 108

← Back to Catalog

Control ID

Title / Statement

Priority

Baseline Impact

PE-01

Policy and Procedures 9 params

a. Develop, document, and disseminate to {{ insert: param, pe-1_prm_1 }}: 1. {{ insert: param, pe-01_odp.03 }} physical and environmental protection policy that: (a) Addresses purpose, ...

► View parameters

Param ID	Label	Constraint / Choices
pe-1_prm_1	organization-defined personnel or roles	Organization-defined
pe-01_odp.01	personnel or roles	personnel or roles to whom the physical and environmental protection policy is to be disseminated is/are defined;
pe-01_odp.02	personnel or roles	personnel or roles to whom the physical and environmental protection procedures are to be disseminated is/are defined;
pe-01_odp.03		Select one-or-more: organization-level; mission/business process-level; system-level
pe-01_odp.04	official	an official to manage the physical and environmental protection policy and procedures is defined;
pe-01_odp.05	frequency	the frequency at which the current physical and environmental protection policy is reviewed and updated is defined;
pe-01_odp.06	events	events that would require the current physical and environmental protection policy to be reviewed and updated are def...
pe-01_odp.07	frequency	the frequency at which the current physical and environmental protection procedures are reviewed and updated is defined;
pe-01_odp.08	events	events that would require the physical and environmental protection procedures to be reviewed and updated are defined;

—

PE-02

Physical Access Authorizations 1 param

a. Develop, approve, and maintain a list of individuals with authorized access to the facility where the system resides; b. Issue authorization credentials for facility access; c. Review the ...

► View parameters

Param ID	Label	Constraint / Choices
pe-02_odp	frequency	frequency at which to review the access list detailing authorized facility access by individuals is defined;

—

PE-02(01)

Access by Position or Role

Authorize physical access to the facility where the system resides based on position or role.

—

PE-02(02)

Two Forms of Identification 1 param

Require two forms of identification from the following forms of identification for visitor access to the facility where the system resides: {{ insert: param, pe-02.02_odp }}.

► View parameters

Param ID	Label	Constraint / Choices
pe-02.02_odp	list of acceptable forms of identification	a list of acceptable forms of identification for visitor access to the facility where the system resides is defined;

—

PE-02(03)

Restrict Unescorted Access 2 params

Restrict unescorted access to the facility where the system resides to personnel with {{ insert: param, pe-02.03_odp.01 }}.

► View parameters

Param ID	Label	Constraint / Choices
pe-02.03_odp.01		Select one-or-more: security clearances for all information contained within the system; formal access authorizations for all information contained within the system; need for access to all information contained within the system; {{ insert: param, pe-02.03_odp.02 }}
pe-02.03_odp.02	physical access authorizations	physical access authorizations for unescorted access to the facility where the system resides are defined (if selected);

—

PE-03

Physical Access Control 11 params

a. Enforce physical access authorizations at {{ insert: param, pe-03_odp.01 }} by: 1. Verifying individual access authorizations before granting access to the facility; and 2. Controlling...

► View parameters

Param ID	Label	Constraint / Choices
pe-3_prm_9	organization-defined frequency	Organization-defined
pe-03_odp.01	entry and exit points	entry and exit points to the facility in which the system resides are defined;
pe-03_odp.02		Select one-or-more: {{ insert: param, pe-03_odp.03 }} ; guards
pe-03_odp.03	systems or devices	physical access control systems or devices used to control ingress and egress to the facility are defined (if selected);
pe-03_odp.04	entry or exit points	entry or exit points for which physical access logs are maintained are defined;
pe-03_odp.05	physical access controls	physical access controls to control access to areas within the facility designated as publicly accessible are defined;
pe-03_odp.06	circumstances	circumstances requiring visitor escorts and control of visitor activity are defined;
pe-03_odp.07	physical access devices	physical access devices to be inventoried are defined;
pe-03_odp.08	frequency	frequency at which to inventory physical access devices is defined;
pe-03_odp.09	frequency	frequency at which to change combinations is defined;
pe-03_odp.10	frequency	frequency at which to change keys is defined;

—

PE-03(01)

System Access 1 param

Enforce physical access authorizations to the system in addition to the physical access controls for the facility at {{ insert: param, pe-03.01_odp }}.

► View parameters

Param ID	Label	Constraint / Choices
pe-03.01_odp	physical spaces	physical spaces containing one or more components of the system are defined;

—

PE-03(02)

Facility and Systems 1 param

Perform security checks {{ insert: param, pe-03.02_odp }} at the physical perimeter of the facility or system for exfiltration of information or removal of system components.

► View parameters

Param ID	Label	Constraint / Choices
pe-03.02_odp	frequency	the frequency at which to perform security checks at the physical perimeter of the facility or system for exfiltratio...

—

PE-03(03)

Continuous Guards 1 param

Employ guards to control {{ insert: param, pe-03.03_odp }} to the facility where the system resides 24 hours per day, 7 days per week.

► View parameters

Param ID	Label	Constraint / Choices
pe-03.03_odp	physical access points	physical access points to the facility where the system resides are defined;

—

PE-03(04)

Lockable Casings 1 param

Use lockable physical casings to protect {{ insert: param, pe-03.04_odp }} from unauthorized physical access.

► View parameters

Param ID	Label	Constraint / Choices
pe-03.04_odp	system components	system components to be protected from unauthorized physical access are defined;

—

PE-03(05)

Tamper Protection 3 params

Employ {{ insert: param, pe-03.05_odp.01 }} to {{ insert: param, pe-03.05_odp.02 }} physical tampering or alteration of {{ insert: param, pe-03.05_odp.03 }} within the system.

► View parameters

Param ID	Label	Constraint / Choices
pe-03.05_odp.01	anti-tamper technologies	anti-tamper technologies to be employed are defined;
pe-03.05_odp.02		Select one-or-more: detect; prevent
pe-03.05_odp.03	hardware components	hardware components to be protected from physical tampering or alteration are defined;

—

PE-03(06)

Facility Penetration Testing

—

PE-03(07)

Physical Barriers

Limit access using physical barriers.

—

PE-03(08)

Access Control Vestibules 1 param

Employ access control vestibules at {{ insert: param, pe-03.08_odp }}.

► View parameters

Param ID	Label	Constraint / Choices
pe-03.08_odp	locations	locations within the facility where access control vestibules are to be employed are defined;

—

PE-04

Access Control for Transmission 2 params

Control physical access to {{ insert: param, pe-04_odp.01 }} within organizational facilities using {{ insert: param, pe-04_odp.02 }}.

► View parameters

Param ID	Label	Constraint / Choices
pe-04_odp.01	system distribution and transmission lines	system distribution and transmission lines requiring physical access controls are defined;
pe-04_odp.02	security controls	security controls to be implemented to control physical access to system distribution and transmission lines within t...

—

PE-05

Access Control for Output Devices 1 param

Control physical access to output from {{ insert: param, pe-05_odp }} to prevent unauthorized individuals from obtaining the output.

► View parameters

Param ID	Label	Constraint / Choices
pe-05_odp	output devices	output devices that require physical access control to output are defined;

—

PE-05(01)

Access to Output by Authorized Individuals

—

PE-05(02)

Link to Individual Identity

Link individual identity to receipt of output from output devices.

—

PE-05(03)

Marking Output Devices

—

PE-06

Monitoring Physical Access 2 params

a. Monitor physical access to the facility where the system resides to detect and respond to physical security incidents; b. Review physical access logs {{ insert: param, pe-06_odp.01 }} and up...

► View parameters

Param ID	Label	Constraint / Choices
pe-06_odp.01	frequency	the frequency at which to review physical access logs is defined;
pe-06_odp.02	events	events or potential indication of events requiring physical access logs to be reviewed are defined;

—

PE-06(01)

Intrusion Alarms and Surveillance Equipment

Monitor physical access to the facility where the system resides using physical intrusion alarms and surveillance equipment.

—

PE-06(02)

Automated Intrusion Recognition and Responses 3 params

Recognize {{ insert: param, pe-06.02_odp.01 }} and initiate {{ insert: param, pe-06.02_odp.02 }} using {{ insert: param, pe-06.02_odp.03 }}.

► View parameters

Param ID	Label	Constraint / Choices
pe-06.02_odp.01	classes or types of intrusions	classes or types of intrusions to be recognized by automated mechanisms are defined;
pe-06.02_odp.02	response actions	response actions to be initiated by automated mechanisms when organization-defined classes or types of intrusions are...
pe-06.02_odp.03	automated mechanisms	automated mechanisms used to recognize classes or types of intrusions and initiate response actions (defined in [PE-0...

—

PE-06(03)

Video Surveillance 3 params

(a) Employ video surveillance of {{ insert: param, pe-06.03_odp.01 }}; (b) Review video recordings {{ insert: param, pe-06.03_odp.02 }} ; and (c) Retain video recordings for {{ insert: param,...

► View parameters

Param ID	Label	Constraint / Choices
pe-06.03_odp.01	operational areas	operational areas where video surveillance is to be employed are defined;
pe-06.03_odp.02	frequency	frequency at which to review video recordings is defined;
pe-06.03_odp.03	time period	time period for which to retain video recordings is defined;

—

PE-06(04)

Monitoring Physical Access to Systems 1 param

Monitor physical access to the system in addition to the physical access monitoring of the facility at {{ insert: param, pe-06.04_odp }}.

► View parameters

Param ID	Label	Constraint / Choices
pe-06.04_odp	physical spaces	physical spaces containing one or more components of the system are defined;

—

PE-07

Visitor Control

—

PE-08

Visitor Access Records 3 params

a. Maintain visitor access records to the facility where the system resides for {{ insert: param, pe-08_odp.01 }}; b. Review visitor access records {{ insert: param, pe-08_odp.02 }} ; and c. ...

► View parameters

Param ID	Label	Constraint / Choices
pe-08_odp.01	time period	time period for which to maintain visitor access records for the facility where the system resides is defined;
pe-08_odp.02	frequency	the frequency at which to review visitor access records is defined;
pe-08_odp.03	personnel	personnel to whom visitor access records anomalies are reported to is/are defined;

—

PE-08(01)

Automated Records Maintenance and Review 3 params

Maintain and review visitor access records using {{ insert: param, pe-8.1_prm_1 }}.

► View parameters

Param ID	Label	Constraint / Choices
pe-8.1_prm_1	organization-defined automated mechanisms	Organization-defined
pe-08.01_odp.01	automated mechanisms	automated mechanisms used to maintain visitor access records are defined;
pe-08.01_odp.02	automated mechanisms	automated mechanisms used to review visitor access records are defined;

—

PE-08(02)

Physical Access Records

—

PE-08(03)

Limit Personally Identifiable Information Elements 1 param

Limit personally identifiable information contained in visitor access records to the following elements identified in the privacy risk assessment: {{ insert: param, pe-08.03_odp }}.

► View parameters

Param ID	Label	Constraint / Choices
pe-08.03_odp	elements	elements identified in the privacy risk assessment to limit personally identifiable information contained in visitor ...

—

PE-09

Power Equipment and Cabling

Protect power equipment and power cabling for the system from damage and destruction.

—

PE-09(01)

Redundant Cabling 1 param

Employ redundant power cabling paths that are physically separated by {{ insert: param, pe-09.01_odp }}.

► View parameters

Param ID	Label	Constraint / Choices
pe-09.01_odp	distance	distance by which redundant power cabling paths are to be physically separated is defined;

—

PE-09(02)

Automatic Voltage Controls 1 param

Employ automatic voltage controls for {{ insert: param, pe-09.02_odp }}.

► View parameters

Param ID	Label	Constraint / Choices
pe-09.02_odp	critical system components	the critical system components that require automatic voltage controls are defined;

—

PE-10

Emergency Shutoff 2 params

a. Provide the capability of shutting off power to {{ insert: param, pe-10_odp.01 }} in emergency situations; b. Place emergency shutoff switches or devices in {{ insert: param, pe-10_odp.02 }}...

► View parameters

Param ID	Label	Constraint / Choices
pe-10_odp.01	system or individual system components	system or individual system components that require the capability to shut off power in emergency situations is/are d...
pe-10_odp.02	location	location of emergency shutoff switches or devices by system or system component is defined;

—

PE-10(01)

Accidental and Unauthorized Activation

—

└ pe-10a

Provide the capability of shutting off power to {{ insert: param, pe-10_odp.01 }} in emergency situations;

—

└ pe-10b

Place emergency shutoff switches or devices in {{ insert: param, pe-10_odp.02 }} to facilitate access for authorized personnel; and

—

└ pe-10c

Protect emergency power shutoff capability from unauthorized activation.

—

PE-11

Emergency Power 1 param

Provide an uninterruptible power supply to facilitate {{ insert: param, pe-11_odp }} in the event of a primary power source loss.

► View parameters

Param ID	Label	Constraint / Choices
pe-11_odp		Select one: an orderly shutdown of the system; transition of the system to long-term alternate power

—

PE-11(01)

Alternate Power Supply — Minimal Operational Capability 1 param

Provide an alternate power supply for the system that is activated {{ insert: param, pe-11.01_odp }} and that can maintain minimally required operational capability in the event of an extended loss...

► View parameters

Param ID	Label	Constraint / Choices
pe-11.01_odp		Select one: manually; automatically

—

PE-11(02)

Alternate Power Supply — Self-contained 2 params

Provide an alternate power supply for the system that is activated {{ insert: param, pe-11.02_odp.01 }} and that is: (a) Self-contained; (b) Not reliant on external power generation; and (c) ...

► View parameters

Param ID	Label	Constraint / Choices
pe-11.02_odp.01		Select one: manually; automatically
pe-11.02_odp.02		Select one: minimally required operational capability; full operational capability

—

└ pe-11.2.(a)

Self-contained;

—

└ pe-11.2.(b)

Not reliant on external power generation; and

—

└ pe-11.2.(c)

Capable of maintaining {{ insert: param, pe-11.02_odp.02 }} in the event of an extended loss of the primary power source.

—

PE-12

Emergency Lighting

Employ and maintain automatic emergency lighting for the system that activates in the event of a power outage or disruption and that covers emergency exits and evacuation routes within the facility.

—

PE-12(01)

Essential Mission and Business Functions

Provide emergency lighting for all areas within the facility supporting essential mission and business functions.

—

PE-13

Fire Protection

Employ and maintain fire detection and suppression systems that are supported by an independent energy source.

—

PE-13(01)

Detection Systems — Automatic Activation and Notification 2 params

Employ fire detection systems that activate automatically and notify {{ insert: param, pe-13.01_odp.01 }} and {{ insert: param, pe-13.01_odp.02 }} in the event of a fire.

► View parameters

Param ID	Label	Constraint / Choices
pe-13.01_odp.01	personnel or roles	personnel or roles to be notified in the event of a fire is/are defined;
pe-13.01_odp.02	emergency responders	emergency responders to be notified in the event of a fire are defined;

—

PE-13(02)

Suppression Systems — Automatic Activation and Notification 2 params

(a) Employ fire suppression systems that activate automatically and notify {{ insert: param, pe-13.02_odp.01 }} and {{ insert: param, pe-13.02_odp.02 }} ; and (b) Employ an automatic fire suppr...

► View parameters

Param ID	Label	Constraint / Choices
pe-13.02_odp.01	personnel or roles	personnel or roles to be notified in the event of a fire is/are defined;
pe-13.02_odp.02	emergency responders	emergency responders to be notified in the event of a fire are defined;

—

PE-13(03)

Automatic Fire Suppression

—

PE-13(04)

Inspections 2 params

Ensure that the facility undergoes {{ insert: param, pe-13.04_odp.01 }} fire protection inspections by authorized and qualified inspectors and identified deficiencies are resolved within {{ insert:...

► View parameters

Param ID	Label	Constraint / Choices
pe-13.04_odp.01	frequency	the frequency for conducting fire protection inspections on the facility is defined;
pe-13.04_odp.02	time period	a time period for resolving deficiencies identified by fire protection inspections is defined;

—

└ pe-13.2.(a)

Employ fire suppression systems that activate automatically and notify {{ insert: param, pe-13.02_odp.01 }} and {{ insert: param, pe-13.02_odp.02 }...

—

└ pe-13.2.(b)

Employ an automatic fire suppression capability when the facility is not staffed on a continuous basis.

—

PE-14

Environmental Controls 4 params

a. Maintain {{ insert: param, pe-14_odp.01 }} levels within the facility where the system resides at {{ insert: param, pe-14_odp.03 }} ; and b. Monitor environmental control levels {{ insert: p...

► View parameters

Param ID	Label	Constraint / Choices
pe-14_odp.01		Select one-or-more: temperature; humidity; pressure; radiation; {{ insert: param, pe-14_odp.02 }}
pe-14_odp.02	environmental control	environmental control(s) for which to maintain a specified level in the facility where the system resides are defined...
pe-14_odp.03	acceptable levels	acceptable levels for environmental controls are defined;
pe-14_odp.04	frequency	frequency at which to monitor environmental control levels is defined;

—

PE-14(01)

Automatic Controls 1 param

Employ the following automatic environmental controls in the facility to prevent fluctuations potentially harmful to the system: {{ insert: param, pe-14.01_odp }}.

► View parameters

Param ID	Label	Constraint / Choices
pe-14.01_odp	automatic environmental controls	automatic environmental controls to prevent fluctuations that are potentially harmful to the system are defined;

—

PE-14(02)

Monitoring with Alarms and Notifications 1 param

Employ environmental control monitoring that provides an alarm or notification of changes potentially harmful to personnel or equipment to {{ insert: param, pe-14.02_odp }}.

► View parameters

Param ID	Label	Constraint / Choices
pe-14.02_odp	personnel or roles	personnel or roles to be notified by environmental control monitoring when environmental changes are potentially harm...

—

└ pe-14a

Maintain {{ insert: param, pe-14_odp.01 }} levels within the facility where the system resides at {{ insert: param, pe-14_odp.03 }} ; and

—

└ pe-14b

Monitor environmental control levels {{ insert: param, pe-14_odp.04 }}.

—

PE-15

Water Damage Protection

Protect the system from damage resulting from water leakage by providing master shutoff or isolation valves that are accessible, working properly, and known to key personnel.

—

PE-15(01)

Automation Support 2 params

Detect the presence of water near the system and alert {{ insert: param, pe-15.01_odp.01 }} using {{ insert: param, pe-15.01_odp.02 }}.

► View parameters

Param ID	Label	Constraint / Choices
pe-15.01_odp.01	personnel or roles	personnel or roles to be alerted when the presence of water is detected near the system is/are defined;
pe-15.01_odp.02	automated mechanisms	automated mechanisms used to detect the presence of water near the system are defined;

—

PE-16

Delivery and Removal 3 params

a. Authorize and control {{ insert: param, pe-16_prm_1 }} entering and exiting the facility; and b. Maintain records of the system components.

► View parameters

Param ID	Label	Constraint / Choices
pe-16_prm_1	organization-defined types of system components	Organization-defined
pe-16_odp.01	types of system components	types of system components to be authorized and controlled when entering the facility are defined;
pe-16_odp.02	types of system components	types of system components to be authorized and controlled when exiting the facility are defined;

—

└ pe-16a

Authorize and control {{ insert: param, pe-16_prm_1 }} entering and exiting the facility; and

—

└ pe-16b

Maintain records of the system components.

—

PE-17

Alternate Work Site 2 params

a. Determine and document the {{ insert: param, pe-17_odp.01 }} allowed for use by employees; b. Employ the following controls at alternate work sites: {{ insert: param, pe-17_odp.02 }}; c. A...

► View parameters

Param ID	Label	Constraint / Choices
pe-17_odp.01	alternate work sites	alternate work sites allowed for use by employees are defined;
pe-17_odp.02	controls	controls to be employed at alternate work sites are defined;

—

└ pe-17a

Determine and document the {{ insert: param, pe-17_odp.01 }} allowed for use by employees;

—

└ pe-17b

Employ the following controls at alternate work sites: {{ insert: param, pe-17_odp.02 }};

—

└ pe-17c

Assess the effectiveness of controls at alternate work sites; and

—

└ pe-17d

Provide a means for employees to communicate with information security and privacy personnel in case of incidents.

—

PE-18

Location of System Components 1 param

Position system components within the facility to minimize potential damage from {{ insert: param, pe-18_odp }} and to minimize the opportunity for unauthorized access.

► View parameters

Param ID	Label	Constraint / Choices
pe-18_odp	physical and environmental hazards	physical and environmental hazards that could result in potential damage to system components within the facility are...

—

PE-18(01)

Facility Site

—

PE-19

Information Leakage

Protect the system from information leakage due to electromagnetic signals emanations.

—

PE-19(01)

National Emissions Policies and Procedures

Protect system components, associated data communications, and networks in accordance with national Emissions Security policies and procedures based on the security category or classification of th...

—

└ pe-1a

Develop, document, and disseminate to {{ insert: param, pe-1_prm_1 }}:

—

└ pe-1a.1

{{ insert: param, pe-01_odp.03 }} physical and environmental protection policy that:

—

└ pe-1a.1.(a)

Addresses purpose, scope, roles, responsibilities, management commitment, coordination among organizational entities, and compliance; and

—

└ pe-1a.1.(b)

Is consistent with applicable laws, executive orders, directives, regulations, policies, standards, and guidelines; and

—

└ pe-1a.2

Procedures to facilitate the implementation of the physical and environmental protection policy and the associated physical and environmental prote...

—

└ pe-1b

Designate an {{ insert: param, pe-01_odp.04 }} to manage the development, documentation, and dissemination of the physical and environmental protec...

—

└ pe-1c

Review and update the current physical and environmental protection:

—

└ pe-1c.1

Policy {{ insert: param, pe-01_odp.05 }} and following {{ insert: param, pe-01_odp.06 }} ; and

—

└ pe-1c.2

Procedures {{ insert: param, pe-01_odp.07 }} and following {{ insert: param, pe-01_odp.08 }}.

—

PE-20

Asset Monitoring and Tracking 3 params

Employ {{ insert: param, pe-20_odp.01 }} to track and monitor the location and movement of {{ insert: param, pe-20_odp.02 }} within {{ insert: param, pe-20_odp.03 }}.

► View parameters

Param ID	Label	Constraint / Choices
pe-20_odp.01	asset location technologies	asset location technologies to be employed to track and monitor the location and movement of assets is defined;
pe-20_odp.02	assets	assets whose location and movement are to be tracked and monitored are defined;
pe-20_odp.03	controlled areas	controlled areas within which asset location and movement are to be tracked and monitored are defined;

—

PE-21

Electromagnetic Pulse Protection 2 params

Employ {{ insert: param, pe-21_odp.01 }} against electromagnetic pulse damage for {{ insert: param, pe-21_odp.02 }}.

► View parameters

Param ID	Label	Constraint / Choices
pe-21_odp.01	protective measures	protective measures to be employed against electromagnetic pulse damage are defined;
pe-21_odp.02	system and system components	system and system components requiring protection against electromagnetic pulse damage are defined;

—

PE-22

Component Marking 1 param

Mark {{ insert: param, pe-22_odp }} indicating the impact level or classification level of the information permitted to be processed, stored, or transmitted by the hardware component.

► View parameters

Param ID	Label	Constraint / Choices
pe-22_odp	system hardware components	system hardware components to be marked indicating the impact level or classification level of the information permit...

—

PE-23

Facility Location

a. Plan the location or site of the facility where the system resides considering physical and environmental hazards; and b. For existing facilities, consider the physical and environmental haz...

—

└ pe-23a

Plan the location or site of the facility where the system resides considering physical and environmental hazards; and

—

└ pe-23b

For existing facilities, consider the physical and environmental hazards in the organizational risk management strategy.

—

└ pe-2a

Develop, approve, and maintain a list of individuals with authorized access to the facility where the system resides;

—

└ pe-2b

Issue authorization credentials for facility access;

—

└ pe-2c

Review the access list detailing authorized facility access by individuals {{ insert: param, pe-02_odp }} ; and

—

└ pe-2d

Remove individuals from the facility access list when access is no longer required.

—

└ pe-3a

Enforce physical access authorizations at {{ insert: param, pe-03_odp.01 }} by:

—

└ pe-3a.1

Verifying individual access authorizations before granting access to the facility; and

—

└ pe-3a.2

Controlling ingress and egress to the facility using {{ insert: param, pe-03_odp.02 }};

—

└ pe-3b

Maintain physical access audit logs for {{ insert: param, pe-03_odp.04 }};

—

└ pe-3c

Control access to areas within the facility designated as publicly accessible by implementing the following controls: {{ insert: param, pe-03_odp.0...

—

└ pe-3d

Escort visitors and control visitor activity {{ insert: param, pe-03_odp.06 }};

—

└ pe-3e

Secure keys, combinations, and other physical access devices;

—

└ pe-3f

Inventory {{ insert: param, pe-03_odp.07 }} every {{ insert: param, pe-03_odp.08 }} ; and

—

└ pe-3g

Change combinations and keys {{ insert: param, pe-3_prm_9 }} and/or when keys are lost, combinations are compromised, or when individuals possessin...

—

└ pe-6.3.(a)

Employ video surveillance of {{ insert: param, pe-06.03_odp.01 }};

—

└ pe-6.3.(b)

Review video recordings {{ insert: param, pe-06.03_odp.02 }} ; and

—

└ pe-6.3.(c)

Retain video recordings for {{ insert: param, pe-06.03_odp.03 }}.

—

└ pe-6a

Monitor physical access to the facility where the system resides to detect and respond to physical security incidents;

—

└ pe-6b

Review physical access logs {{ insert: param, pe-06_odp.01 }} and upon occurrence of {{ insert: param, pe-06_odp.02 }} ; and

—

└ pe-6c

Coordinate results of reviews and investigations with the organizational incident response capability.

—

└ pe-8a

Maintain visitor access records to the facility where the system resides for {{ insert: param, pe-08_odp.01 }};

—

└ pe-8b

Review visitor access records {{ insert: param, pe-08_odp.02 }} ; and

—

└ pe-8c

Report anomalies in visitor access records to {{ insert: param, pe-08_odp.03 }}.

—