From Traditional Security
Part of Visitor Control - To Facility or Organization
Associated with IA controls: PEVC-1, PEPF-2, PEPF-1
Failure to identify and control visitors could result in unauthorized personnel gaining access to the
Checks: Review visitor control procedures and implementation and ensure they include verification of clearance/investigation status, personal identification of visitor, registering of visitors, proper badging and escorts. NOTE 1: Traditional Security reviewers may evaluate implementation of the visitor process by reviewing how the review team was identified and badged. NOTE 2: Detailed audit logs of all facility visitors should be maintained for at least 90 days. Access Control System (ACS) electronic logs may be used to meet this requirement. NOTE 3: Additional interviews can be conducted with personnel handling the visitor control function. TACTICAL ENVIRONMENT: The check is applicable for fixed (established) tactical processing environments. Not applicable to a field/mobile environment.
Fixes: Review visitor control procedures and implementation and ensure they include verification of clearance/investigation status, personal identification of visitor, registering of visitors, proper badging and escorts. NOTE: Detailed audit logs of all facility visitors should be maintained for at least 90 days. Access Control System (ACS) electronic logs may be used to meet this requirement.
Lavender hyperlinks in small type off to the right (of CSS
class id, if you view the page source) point to
globally unique URIs for each document and item. Copy the
link location and paste anywhere you need to talk
unambiguously about these things.
You can obtain data about documents and items in other
formats. Simply provide an HTTP header Accept:
text/turtle or
Accept: application/rdf+xml.
Powered by sagemincer