(a)(1) Standard: Facility access controls. Implement policies and procedures to limit physical access to its electronic information systems and the facility or facilities in which they are housed, while ensuring that properly authorized access is allowed.
The Facility access controls standard includes four (4) implementation specifications:
- (i) Contingency operations (Addressable).
- (ii) Facility security plan (Addressable).
- (iii) Access control and validation procedures (Addressable).
- (iv) Maintenance records (Addressable).