>myctrl.tools
Preferences
Under active development Content is continuously updated and improved
Compare

PE-3Physical Access Control

>Control Description

Physical access control should include individuals and enterprises engaged in the enterprise’s supply chain. A vetting process based on enterprise-defined requirements and policy should be in place prior to granting access to the supply chain infrastructure and any relevant elements. Access establishment, maintenance, and revocation processes should meet enterprise access control policy rigor. The speed of revocation for suppliers, developers, system integrators, external system service providers, and other ICT/OT-related service providers who need access to physical facilities and data centers – either enterprise-owned or external service provider-owned – should be managed in accordance with the activities performed in their contracts. Prompt revocation is critical when either individual or enterprise need no longer exists.

>Cross-Framework Mappings

SCF

PES-03
Compare

Ask AI

Configure your API key to use AI features.