1. Home
  2. FedRAMP
  3. PE-6

BRACKETOLOGY | FEDRAMP

PE-6: MONITORING PHYSICAL ACCESS

  • FedRAMP Baseline Membership PE-6:
  • LOW
  • MODERATE
  • HIGH

FedRAMP Bracketology

Use the FedRAMP Control Membership information above to determine if a control or control enhancement is required for each Impact Baseline — LOW, MODERATE, or HIGH

Click on the panel below each control or control enhancement to review the FedRAMP Impact Baseline-specific control configuration requirements for each of the [BRACKETS] in each control and/or control enhancement.

Review and use Additional Requirements and Guidance to build FedRAMP-compliant controls for your risk-based cybersecurity program.

To change the baseline view in the panel, click on LOW, MODERATE, or HIGH when the panel is open

Panels only appear where there are [BRACKETS] in the control or enhancement or where there is FedRAMP-specific requirements or guidance available.

The organization:

    • a. Monitors physical access to the facility where the information system resides to detect and respond to physical security incidents;
    • b. Reviews physical access logs [Assignment: organization-defined frequency] and upon occurrence of [Assignment: organization-defined events or potential indications of events]; and
    • c. Coordinates results of reviews and investigations with the organizational incident response capability.

Click Low | Moderate | High below to see FedRAMP control configuration information. It's in BOLD.

The organization:

  • a. Monitors physical access to the facility where the information system resides to detect and respond to physical security incidents;
  • b. Reviews physical access logs at least monthly and upon occurrence of organization-defined events or potential indications of events; and
  • c. Coordinates results of reviews and investigations with the organizational incident response capability.

The organization:

  • a. Monitors physical access to the facility where the information system resides to detect and respond to physical security incidents;
  • b. Reviews physical access logs at least monthly and upon occurrence of organization-defined events or potential indications of events; and
  • c. Coordinates results of reviews and investigations with the organizational incident response capability.

The organization:

  • a. Monitors physical access to the facility where the information system resides to detect and respond to physical security incidents;
  • b. Reviews physical access logs at least monthly and upon occurrence of organization-defined events or potential indications of events; and
  • c. Coordinates results of reviews and investigations with the organizational incident response capability.

SUPPLEMENTAL GUIDANCE

Organizational incident response capabilities include investigations of and responses to detected physical security incidents. Security incidents include, for example, apparent security violations or suspicious physical access activities. Suspicious physical access activities include, for example: (i) accesses outside of normal work hours; (ii) repeated accesses to areas not normally accessed; (iii) accesses for unusual lengths of time; and (iv) out-of-sequence accesses.

CONTROL ENHANCEMENTS

PE-6 (1) MONITORING PHYSICAL ACCESS | INTRUSION ALARMS/SURVEILLANCE EQUIPMENT
  • FedRAMP Baseline Membership PE-6 (1):
  • MODERATE
  • HIGH

The organization monitors physical intrusion alarms and surveillance equipment.

Supplemental Guidance: NONE

PE-6 (2) MONITORING PHYSICAL ACCESS | AUTOMATED INTRUSION RECOGNITION / RESPONSES

The organization employs automated mechanisms to recognize [Assignment: organization-defined classes/types of intrusions] and initiate [Assignment: organization-defined response actions].

Supplemental Guidance: NONE

RELATED CONTROLS: PE-6 (2)

PE-6 (3) MONITORING PHYSICAL ACCESS | VIDEO SURVEILLANCE

The organization employs video surveillance of [Assignment: organization-defined operational areas] and retains video recordings for [Assignment: organization-defined time period].

Supplemental Guidance:

This control enhancement focuses on recording surveillance video for purposes of subsequent review, if circumstances so warrant (e.g., a break-in detected by other means). It does not require monitoring surveillance video although organizations may choose to do so. Note that there may be legal considerations when performing and retaining video surveillance, especially if such surveillance is in a public location.

PE-6 (4) MONITORING PHYSICAL ACCESS | MONITORING PHYSICAL ACCESS TO INFORMATION SYSTEMS
  • FedRAMP Baseline Membership PE-6 (4):
  • HIGH

The organization monitors physical access to the information system in addition to the physical access monitoring of the facility as [Assignment: organization-defined physical spaces containing one or more components of the information system].

Click Low | Moderate | High below to see FedRAMP control configuration information. It's in BOLD.

There are no FedRAMP-specific requirements if this control is used for a LOW Impact system.

There are no FedRAMP-specific requirements if this control is used for a MODERATE Impact system.

There are no FedRAMP-specific requirements if this control is used for a HIGH Impact system.


Supplemental Guidance:

This control enhancement provides additional monitoring for those areas within facilities where there is a concentration of information system components (e.g., server rooms, media storage areas, communications centers).

RELATED CONTROLS: PE-6 (4)

REFERENCES:

  • NO REFERENCES