>myctrl.tools
Preferences
Under active development Content is continuously updated and improved
Compare

PE-6Monitoring Physical Access

LI-SaaS
Low
Moderate
High

>Control Description

a

Monitor physical access to the facility where the system resides to detect and respond to physical security incidents;

b

Review physical access logs organization-defined frequency and upon occurrence of organization-defined events or potential indications of events; and

c

Coordinate results of reviews and investigations with the organizational incident response capability.

>FedRAMP Baseline Requirements

No FedRAMP-specific parameter values or requirements for this baseline.

>Discussion

Physical access monitoring includes publicly accessible areas within organizational facilities. Examples of physical access monitoring include the employment of guards, video surveillance equipment (i.e., cameras), and sensor devices. Reviewing physical access logs can help identify suspicious activity, anomalous events, or potential threats.

The reviews can be supported by audit logging controls, such as AU-2, if the access logs are part of an automated system. Organizational incident response capabilities include investigations of physical security incidents and responses to the incidents. Incidents include security violations or suspicious physical access activities.

Suspicious physical access activities include accesses outside of normal work hours, repeated accesses to areas not normally accessed, accesses for unusual lengths of time, and out-of-sequence accesses.

>Cross-Framework Mappings

SCF

PES-05
Compare

>Assessment Interview Topics

Questions assessors commonly ask

Process & Governance:

  • What policies govern physical access monitoring activities including surveillance and guard services?
  • How does the organization define monitoring requirements for different facility areas and security zones?
  • What is the process for reviewing physical access monitoring results and responding to anomalies?
  • How are monitoring activities coordinated with incident response and security operations?
  • What governance exists for maintaining and testing monitoring equipment and guard procedures?

Technical Implementation:

  • What surveillance systems are deployed (cameras, motion detectors, intrusion alarms)?
  • How is surveillance video recorded, stored, and retained?
  • What technical capabilities exist for real-time monitoring and alerting?
  • How are monitoring systems configured to cover all critical areas?
  • What redundancy and backup mechanisms exist for surveillance systems?

Evidence & Documentation:

  • Provide a facility diagram showing all physical access monitoring points (cameras, sensors, guard posts).
  • Provide sample surveillance footage or logs demonstrating monitoring coverage.
  • Provide evidence of monitoring system maintenance and testing.
  • Provide documentation of monitoring result reviews and anomaly responses from the past quarter.
  • Provide records showing integration between monitoring systems and security operations.

Ask AI

Configure your API key to use AI features.