Overview
Current signed procedures exist for controlling visitor access and maintaining a detailed log of all visitors to the computing facility.
Threat
Facility is at risk of unauthorized access if controlled visitor access is not maintained.
Guidance
1. Current signed procedures shall be in place for controlling visitor access.
2. Current signed procedures shall be in place for maintaining a detailed log of all visitors to the computing facility.
3. Visitor log shall be archived in a secure area for a set amount of time as established by security operating procedures.
DoD classifies this control in the subject area of “Physical and Environmental” with a impact of “High”.