PE.L1-3.10.5 Manage Physical Access

This document provides self-assessment guidance for conducting Cybersecurity Maturity Model Certification (CMMC) assessments for Level 1.

This agency guide is a comprehensive treatment on the control and management of physical access devices. The guide addresses cost-effectiveness, performance-measurement, and the planning and managing of physical security resources. Section 5.4 is a short section that addresses Operation and Maintenance of Physical Security Resources.

This entry summarizes some of the preventive and detective controls for physical security and discusses some minimum physical security requirements.

This link provides a sample policy checklist designed to examine compliance with Federal regulations that have not changed since that time. This standard speaks to EPHI data, but it can be adapted to other regulated data like CUI (see Section 4 – Maintenance Records).

This user guide provides information and recommended procedures for establishing key and lock programs.

This policy provides a comprehensive example demonstrating how to protect the privacy and security of sensitive information and prevent the unauthorized use or misuse of data through the control and use of physical access devices (see Section PE-3).

This SANS whitepaper provides a broad overview of the importance of physical security as it intersects with cybersecurity.

This article provides insight into protecting the physical infrastructure and describes five key areas where physical security controls need to be in place.