>myctrl.tools
Preferences
Under active development Content is continuously updated and improved
Compare

PE-2(3)Physical Access Authorizations | Restrict Unescorted Access

IL6

>Control Description

Restrict unescorted access to the facility where the system resides to personnel with [Selection (one or more): security clearances for all information contained within the system; formal access authorizations for all information contained within the system; need for access to all information contained within the system; organization-defined physical access authorizations].

>DoD Impact Level Requirements

No specific parameter values or requirements for this impact level.

>Discussion

Individuals without required security clearances, access approvals, or need to know are escorted by individuals with appropriate physical access authorizations to ensure that information is not exposed or otherwise compromised.

>Related Controls

PS-2
PS-6

>Assessment Interview Topics

Questions assessors commonly ask

Process & Governance:

  • What policies and procedures govern the implementation of restrict unescorted access for the organization's facilities?
  • Who is responsible for overseeing and maintaining restrict unescorted access controls?
  • How frequently are restrict unescorted access controls reviewed and updated?
  • What process exists for granting exceptions to restrict unescorted access requirements?
  • How does the organization ensure accountability for restrict unescorted access across all facility locations?

Technical Implementation:

  • What technologies or systems technically implement restrict unescorted access?
  • How are these systems configured to meet the control requirements?
  • What monitoring or alerting capabilities exist for restrict unescorted access?
  • How do restrict unescorted access systems integrate with other physical security infrastructure?
  • What redundancy or backup mechanisms support restrict unescorted access?

Evidence & Documentation:

  • Provide documented policies and procedures for restrict unescorted access.
  • Provide evidence of restrict unescorted access implementation and configuration.
  • Provide logs, records, or reports demonstrating restrict unescorted access activities over the past 90 days.
  • Provide testing, maintenance, or inspection records for restrict unescorted access from the past year.
  • Provide evidence of restrict unescorted access reviews, audits, or assessments.

Ask AI

Configure your API key to use AI features.