From Traditional Security
Part of Vault/Secure Room Storage Standards - Access Control System Records Maintenance
Associated with IA controls: PECF-1, PEPF-2, PEPF-1, PECF-2
Failure to document procedures for removal of access and inadequate maintenance of access records for both active and removed persons could result in unauthorized persons having unescorted access to vaults, secure rooms or collateral classified open storage areas where classified information is processed and stored.
Requirements Summary: A procedure must be established for removal of an individual's authorization to enter the secure room area upon reassignment, transfer, or termination, or when the individual's access is suspended, revoked, or downgraded to a level lower than the former access level. Records shall be maintained reflecting active assignment of ID badge/card, PIN, level of access, and similar system-related records. Records concerning personnel removed from the system shall be retained for a minimum of 90 days. CHECKS: Check #1. Check to ensure that records relecting active assignment of ID badge/card, PIN, level of access, and similar system-related records are maintained. (CAT II) Check #2. Check to ensure there is a documented procedure for removal of persons from the Access Control System. (CAT III) Check #3. Check to ensure that records concerning personnel removed from the system are retained for a minimum of 90 days. (CAT III) TACTICAL ENVIRONMENT: This check is applicable where Vaults/Secure Rooms are used to protect classified materials or systems in a tactical environment. The only exception will be for urgent (short term) tactical operations or other contingency situations where fixed facilities and equipment are not yet present or incapable of being used.
1. Ensure there is a documented procedure for removal of persons from the Access Control System. 2. Ensure that records relecting active assignment of ID badge/card, PIN, level of access, and similar system-related records are maintained. 3. Ensure that records concerning personnel removed from the system are retained for a minimum of 90 days.
Lavender hyperlinks in small type off to the right (of CSS
class id, if you view the page source) point to
globally unique URIs for each document and item. Copy the
link location and paste anywhere you need to talk
unambiguously about these things.
You can obtain data about documents and items in other
formats. Simply provide an HTTP header Accept:
text/turtle or
Accept: application/rdf+xml.
Powered by sagemincer