NIST 800-53 REV 5 • PHYSICAL AND ENVIRONMENTAL PROTECTION

PE-6(4)Monitoring Physical Access to Systems

Monitor physical access to the system in addition to the physical access monitoring of the facility at {{ insert: param, pe-06.04_odp }}.

CMMC Practice Mapping

No direct CMMC mapping

NIST 800-171 Mapping

No direct NIST 800-171 mapping

Related Controls

No related controls listed

Supplemental Guidance

Monitoring physical access to systems provides additional monitoring for those areas within facilities where there is a concentration of system components, including server rooms, media storage areas, and communications centers. Physical access monitoring can be coordinated with intrusion detection systems and system monitoring capabilities to provide comprehensive and integrated threat coverage for the organization.

Practitioner Notes

Beyond monitoring the facility itself, this enhancement requires monitoring physical access specifically to your information systems — individual server racks, network closets, or equipment cabinets within the facility.

Example 1: Install individual rack-level access controls (electronic locks with logging) on server cabinets. Use solutions like Chatsworth Products or Rittal intelligent rack locks that log who opened which cabinet and when. Forward access logs to your monitoring system.

Example 2: Place a camera directly covering your server rack area. When combined with badge reader logs on the server room door, you can correlate who entered the room with what activity occurred at the racks. Review recordings whenever unexpected access is logged.

More Physical and Environmental Protection Controls

PE-1 Policy and Procedures PE-2 Physical Access Authorizations PE-2(1) Access by Position or Role PE-2(2) Two Forms of Identification