PR.AA-06—Physical access to assets is managed, monitored, and enforced commensurate with risk
>Control Description
This identity management, authentication, and access control subcategory ensures that physical access to assets is managed, monitored, and enforced commensurate with risk. Key activities include: Use security guards, security cameras, locked entrances, alarm systems, and other physical controls to monitor facilities and restrict access; Employ additional physical security controls for areas that contain high-risk assets; Escort guests, vendors, and other third parties within areas that contain business-critical assets.
>Cross-Framework Mappings
NIST SP 800-53 r5
via NIST CSF 2.0 Concept Crosswalk>Informative References
Official NIST mappings to external frameworks and standards. Source: NIST CSF 2.0
CCMv4.0
DCS-03
DCS-07
DCS-09
DCS-10
DCS-12
DCS-14
HRS-04
LOG-12
+3 more
CRI Profile v2.0
PR.AA-06
PR.AA-06.01
PR.AA-06.02
CSF v1.1
PR.AC-2
PR.PT-4
ISO/IEC 27001:2022
Mandatory Clause: None
Annex A Controls: 7.1
Annex A Controls: 7.2
Annex A Controls: 7.3
Annex A Controls: 7.4
Annex A Controls: 7.12
NICE Framework
DD-WRL-001
IO-WRL-005
OG-WRL-013
OG-WRL-014
PCI DSS
9.3.1.1
9.2.4
9.2.3
9.5.1.2
SCF
PES-01
PES-02
PES-02.1
PES-03
SP 800-171 Rev 3
03.10.01
03.10.02
03.10.07
03.10.08
SP 800-218
PO.5.2
SP 800-53 Rev 5.1.1
PE-02
PE-03
PE-04
PE-05
PE-06
PE-08
PE-18
PE-19
+1 more
SP 800-53 Rev 5.2.0
PE-02
PE-03
PE-04
PE-05
PE-06
PE-08
PE-18
PE-19
+1 more
Ask AI
Configure your API key to use AI features.