STIGhubSTIGhub
STIGsRMF ControlsCompare
STIGhub— A free STIG search and compliance tool·STIGs updated 3 days ago
Powered by Pylon·Privacy·Terms·© 2026 Beacon Cloud Solutions, Inc.
← All Controls

PE-6

Physical and Environmental ProtectionRev 5organization

Monitoring Physical Access

Baselines:LowModerateHigh

Control Statement

a. Monitor physical access to the facility where the system resides to detect and respond to physical security incidents; b. Review physical access logs [Assignment: frequency] and upon occurrence of [Assignment: events] ; and c. Coordinate results of reviews and investigations with the organizational incident response capability.

Supplemental Guidance

Physical access monitoring includes publicly accessible areas within organizational facilities. Examples of physical access monitoring include the employment of guards, video surveillance equipment (i.e., cameras), and sensor devices. Reviewing physical access logs can help identify suspicious activity, anomalous events, or potential threats. The reviews can be supported by audit logging controls, such as [AU-2](#au-2) , if the access logs are part of an automated system. Organizational incident response capabilities include investigations of physical security incidents and responses to the incidents. Incidents include security violations or suspicious physical access activities. Suspicious physical access activities include accesses outside of normal work hours, repeated accesses to areas not normally accessed, accesses for unusual lengths of time, and out-of-sequence accesses.

Related Controls (8)

AU-2AU-6AU-9AU-12CA-7CP-10IR-4IR-8

CCI Identifiers (7)

CCI-000940Defines a frequency for reviewing physical access logs.CCI-000941Coordinate results of reviews and investigations with the organization's incident response capability.CCI-000938The organization monitors physical access to the information system to detect and respond to physical security incidents.CCI-000939Review physical access logs in accordance with organization-defined frequency.CCI-002939Monitor physical access to the facility where the system resides to detect and respond to physical security incidents.CCI-002940Review physical access logs upon occurrence of organization-defined events or potential indications of events.CCI-002941Defines events or potential indications of events requiring review of physical access logs.

Linked STIG Checks (0)

No STIG checks reference this control.