// Level 3 · Controls

Physical and Environmental Protection

NIST SP 800-53 Rev 5 Physical and Environmental Protection controls.

PE-01Medium

Policy and Procedures

Develop, document, and disseminate to [parameter]:

PE-02Medium

Physical Access Authorizations

Develop, approve, and maintain a list of individuals with authorized access to the facility where the system resides;

PE-03Medium

Physical Access Control

Enforce physical access authorizations at [parameter] by:

PE-04Medium

Access Control for Transmission

Control physical access to [parameter] within organizational facilities using [parameter].

PE-05Medium

Access Control for Output Devices

Control physical access to output from [parameter] to prevent unauthorized individuals from obtaining the output.

PE-06Medium

Monitoring Physical Access

Monitor physical access to the facility where the system resides to detect and respond to physical security incidents;

PE-07Medium

Visitor Control

PE-08Medium

Visitor Access Records

Maintain visitor access records to the facility where the system resides for [parameter];

PE-09Medium

Power Equipment and Cabling

Protect power equipment and power cabling for the system from damage and destruction.

PE-10Medium

Emergency Shutoff

Provide the capability of shutting off power to [parameter] in emergency situations;

PE-11Medium

Emergency Power

Provide an uninterruptible power supply to facilitate [parameter] in the event of a primary power source loss.

PE-12Medium

Emergency Lighting

Employ and maintain automatic emergency lighting for the system that activates in the event of a power outage or disruption and that covers emergency exits and evacuation routes within the facility.

PE-13Medium

Fire Protection

Employ and maintain fire detection and suppression systems that are supported by an independent energy source.

PE-14Medium

Environmental Controls

Maintain [parameter] levels within the facility where the system resides at [parameter] ; and

PE-15Medium

Water Damage Protection

Protect the system from damage resulting from water leakage by providing master shutoff or isolation valves that are accessible, working properly, and known to key personnel.

PE-16Medium

Delivery and Removal

Authorize and control [parameter] entering and exiting the facility; and

PE-17Medium

Alternate Work Site

Determine and document the [parameter] allowed for use by employees;

PE-18Medium

Location of System Components

Position system components within the facility to minimize potential damage from [parameter] and to minimize the opportunity for unauthorized access.

PE-19Medium

Information Leakage

Protect the system from information leakage due to electromagnetic signals emanations.

PE-20Medium

Asset Monitoring and Tracking

Employ [parameter] to track and monitor the location and movement of [parameter] within [parameter].

PE-21Medium

Electromagnetic Pulse Protection

Employ [parameter] against electromagnetic pulse damage for [parameter].

PE-22Medium

Component Marking

Mark [parameter] indicating the impact level or classification level of the information permitted to be processed, stored, or transmitted by the hardware component.

PE-23Medium

Facility Location

Plan the location or site of the facility where the system resides considering physical and environmental hazards; and