myctrl.tools
Compare

PE-6(2)Automated Intrusion Recognition And Responses

>Control Description

Recognize organization-defined classes or types of intrusions and initiate organization-defined response actions using organization-defined automated mechanisms.

>Supplemental Guidance

Response actions can include notifying selected organizational personnel or law enforcement personnel. Automated mechanisms implemented to initiate response actions include system alert notifications, email and text messages, and activating door locking mechanisms. Physical access monitoring can be coordinated with intrusion detection systems and system monitoring capabilities to provide integrated threat coverage for the organization.

>Related Controls

SI-4

>Assessment Interview Topics

Questions assessors commonly ask

Process & Governance:

  • What policies and procedures govern the implementation of automated intrusion recognition and responses for the organization's facilities?
  • Who is responsible for overseeing and maintaining automated intrusion recognition and responses controls?
  • How frequently are automated intrusion recognition and responses controls reviewed and updated?
  • What process exists for granting exceptions to automated intrusion recognition and responses requirements?
  • How does the organization ensure accountability for automated intrusion recognition and responses across all facility locations?

Technical Implementation:

  • What technologies or systems technically implement automated intrusion recognition and responses?
  • How are these systems configured to meet the control requirements?
  • What monitoring or alerting capabilities exist for automated intrusion recognition and responses?
  • How do automated intrusion recognition and responses systems integrate with other physical security infrastructure?
  • What redundancy or backup mechanisms support automated intrusion recognition and responses?

Evidence & Documentation:

  • Provide documented policies and procedures for automated intrusion recognition and responses.
  • Provide evidence of automated intrusion recognition and responses implementation and configuration.
  • Provide logs, records, or reports demonstrating automated intrusion recognition and responses activities over the past 90 days.
  • Provide testing, maintenance, or inspection records for automated intrusion recognition and responses from the past year.
  • Provide evidence of automated intrusion recognition and responses reviews, audits, or assessments.

Ask AI

Configure your API key to use AI features.