Description

The University monitors physical access to the information system to detect and respond to physical security incidents.

Applicability

  • This Control applies to facilities that house moderate or high impact information resources.

Implementation

  • 1

    The facility manager, or designee, is responsible for:

    • 1.1

      Monitoring physical access to facilities where information resources reside to detect and respond to physical security incidents;

    • 1.2

      Reviewing physical access logs periodically based on risk management decisions; and

    • 1.3

      Coordinating results of reviews and investigations with the university incident response capability.