CMMC 2.0 • LEVEL 2 • PHYSICAL PROTECTION

PE.L2-3.10.2Monitoring Physical Access

Monitor physical access to the facility where the system resides to detect and respond to physical security incidents. Review physical access logs minimum 3 yearsCMMC/STIG and upon occurrence of visitor logs, access badge issuance/termination records, PACS logs, maintenance and delivery personnel records, and key/combination issuance recordsCMMC/STIG.

NIST 800-171 Mapping

NIST 800-53 Controls

PE-2

Assessment Objectives

  • physical access to the facility where the system resides is monitored to detect physical security incidents.
  • physical security incidents are responded to.
  • physical access logs are reviewed minimum 3 yearsCMMC/STIG .
  • physical access logs are reviewed upon occurrence of visitor logs, access badge issuance/termination records, PACS logs, maintenance and delivery personnel records, and key/combination issuance recordsCMMC/STIG.

Practitioner Notes

Practitioner commentary coming soon.

Related CMMC 2.0 Practices

PE.L1-3.10.1 Physical Access Authorizations PE.L1-3.10.3 Escort Visitors and Monitor Visitor Activity PE.L1-3.10.4 Maintain Audit Logs of Physical Access PE.L1-3.10.5 Control and Manage Physical Access Devices