PES-01.1: Physical Security Plan (PSP)

PES-01.1 · Physical Security Plan (PSP)

Control Description

Mechanisms exist to document a Physical Security Plan (PSP), or similar document, to summarize the implemented security controls to protect physical access to technology assets, as well as applicable risks and threats.

Control Question

Assessment question for control validation

Does the organization document a Site Security Plan (SitePlan) for each server and communications room to summarize the implemented security controls to protect physical access to technology assets, as well as applicable risks and threats?

Control Weighting

Validation Cadence

Annual

NIST CSF Function

Identify

Supply Chain Risk Management (SCRM) Tiers

Applicable SCRM tier levels for this control

Tier 1 - Strategic

Tier 2 - Operational

Additional Metadata

Applicability (Process):

Errata & Additional Notes

- renamed - wordsmithed control