Back

Disseminate and communicate the physical and environmental protection policy to interested personnel and affected parties.


CONTROL ID
14169
CONTROL TYPE
Communicate
CLASSIFICATION
Preventive

SUPPORTING AND SUPPORTED CONTROLS



This Control directly supports the implied Control(s):
  • Establish, implement, and maintain a physical and environmental protection policy., CC ID: 14030

There are no implementation support Controls.


SELECTED AUTHORITY DOCUMENTS COMPLIED WITH



  • A physical and environmental protection policy that addresses purpose, scope, roles, responsibilities, management commitment, coordination among organizational entities, and compliance; and (PE-1a.1., StateRAMP Security Controls Baseline Summary Category 1, Version 1.1)
  • A physical and environmental protection policy that addresses purpose, scope, roles, responsibilities, management commitment, coordination among organizational entities, and compliance; and (PE-1a.1., StateRAMP Security Controls Baseline Summary Category 2, Version 1.1)
  • A physical and environmental protection policy that addresses purpose, scope, roles, responsibilities, management commitment, coordination among organizational entities, and compliance; and (PE-1a.1., StateRAMP Security Controls Baseline Summary Category 3, Version 1.1)
  • A physical and environmental protection policy that addresses purpose, scope, roles, responsibilities, management commitment, coordination among organizational entities, and compliance; and (PE-1a.1., StateRAMP Security Controls Baseline Summary High Sensitivity Level, Version 1.1)
  • A physical and environmental protection policy that addresses purpose, scope, roles, responsibilities, management commitment, coordination among organizational entities, and compliance; and (PE-1a.1. High Baseline Controls, FedRAMP Baseline Security Controls, 8/28/2018)
  • A physical and environmental protection policy that addresses purpose, scope, roles, responsibilities, management commitment, coordination among organizational entities, and compliance; and (PE-1a.1. Low Baseline Controls, FedRAMP Baseline Security Controls, 8/28/2018)
  • A physical and environmental protection policy that addresses purpose, scope, roles, responsibilities, management commitment, coordination among organizational entities, and compliance; and (PE-1a.1. Moderate Baseline Controls, FedRAMP Baseline Security Controls, 8/28/2018)
  • [Selection (one or more): organization-level; mission/business process-level; system-level] physical and environmental protection policy that: (PE-1a.1., FedRAMP Security Controls High Baseline, Version 5)
  • [Selection (one or more): organization-level; mission/business process-level; system-level] physical and environmental protection policy that: (PE-1a.1., FedRAMP Security Controls Low Baseline, Version 5)
  • [Selection (one or more): organization-level; mission/business process-level; system-level] physical and environmental protection policy that: (PE-1a.1., FedRAMP Security Controls Moderate Baseline, Version 5)
  • [Selection (one or more): organization-level; mission/business process-level; system-level] physical and environmental protection policy that: (PE-1a.1., Control Baselines for Information Systems and Organizations, NIST SP 800-53B, High Impact Baseline, October 2020)
  • [Selection (one or more): organization-level; mission/business process-level; system-level] physical and environmental protection policy that: (PE-1a.1., Control Baselines for Information Systems and Organizations, NIST SP 800-53B, Low Impact Baseline, October 2020)
  • [Selection (one or more): organization-level; mission/business process-level; system-level] physical and environmental protection policy that: (PE-1a.1., Control Baselines for Information Systems and Organizations, NIST SP 800-53B, Moderate Impact Baseline, October 2020)
  • [Selection (one or more): organization-level; mission/business process-level; system-level] physical and environmental protection policy that: (PE-1a.1., Cybersecurity Supply Chain Risk Management Practices for Systems and Organizations, NIST Special Publication 800-161, Revision 1, Appendix A, C-SCRM Baseline Controls)
  • [Selection (one or more): organization-level; mission/business process-level; system-level] physical and environmental protection policy that: (PE-1a.1., Cybersecurity Supply Chain Risk Management Practices for Systems and Organizations, NIST Special Publication 800-161, Revision 1, Appendix A, C-SCRM Level 1 Controls)
  • [Selection (one or more): organization-level; mission/business process-level; system-level] physical and environmental protection policy that: (PE-1a.1., Cybersecurity Supply Chain Risk Management Practices for Systems and Organizations, NIST Special Publication 800-161, Revision 1, Appendix A, C-SCRM Level 2 Controls)
  • [Selection (one or more): organization-level; mission/business process-level; system-level] physical and environmental protection policy that: (PE-1a.1., Cybersecurity Supply Chain Risk Management Practices for Systems and Organizations, NIST Special Publication 800-161, Revision 1, Appendix A, C-SCRM Level 3 Controls)
  • A physical and environmental protection policy that addresses purpose, scope, roles, responsibilities, management commitment, coordination among organizational entities, and compliance; and (PE-1a.1. Low Baseline Controls, Guide to Industrial Control Systems (ICS) Security, Revision 2)
  • A physical and environmental protection policy that addresses purpose, scope, roles, responsibilities, management commitment, coordination among organizational entities, and compliance; and (PE-1a.1. Moderate Baseline Controls, Guide to Industrial Control Systems (ICS) Security, Revision 2)
  • A physical and environmental protection policy that addresses purpose, scope, roles, responsibilities, management commitment, coordination among organizational entities, and compliance; and (PE-1a.1. High Baseline Controls, Guide to Industrial Control Systems (ICS) Security, Revision 2)
  • A physical and environmental protection policy that addresses purpose, scope, roles, responsibilities, management commitment, coordination among organizational entities, and compliance; and (PE-1a.1., Security and Privacy Controls for Federal Information Systems and Organizations, NIST SP 800-53, High Impact Baseline, Revision 4)
  • A physical and environmental protection policy that addresses purpose, scope, roles, responsibilities, management commitment, coordination among organizational entities, and compliance; and (PE-1a.1., Security and Privacy Controls for Federal Information Systems and Organizations, NIST SP 800-53, Low Impact Baseline, Revision 4)
  • A physical and environmental protection policy that addresses purpose, scope, roles, responsibilities, management commitment, coordination among organizational entities, and compliance; and (PE-1a.1., Security and Privacy Controls for Federal Information Systems and Organizations, NIST SP 800-53, Moderate Impact Baseline, Revision 4)
  • A physical and environmental protection policy that addresses purpose, scope, roles, responsibilities, management commitment, coordination among organizational entities, and compliance; and (PE-1a.1., Security and Privacy Controls for Federal Information Systems and Organizations, NIST SP 800-53, Revision 4)
  • [Selection (one or more): organization-level; mission/business process-level; system-level] physical and environmental protection policy that: (PE-1a.1., Security and Privacy Controls for Information Systems and Organizations, NIST SP 800-53, Revision 5)
  • [Selection (one or more): organization-level; mission/business process-level; system-level] physical and environmental protection policy that: (PE-1a.1., Security and Privacy Controls for Information Systems and Organizations, NIST SP 800-53, Revision 5.1.1)
  • A physical and environmental protection policy that addresses purpose, scope, roles, responsibilities, management commitment, coordination among organizational entities, and compliance; and (PE-1a.1., Supply Chain Risk Management Practices for Federal Information Systems and Organizations, NIST Special Publication 800-161, April 2015)
  • A physical and environmental protection policy that addresses purpose, scope, roles, responsibilities, management commitment, coordination among organizational entities, and compliance; and (PE-1a.1., TX-RAMP Security Controls Baseline Level 1)
  • A physical and environmental protection policy that addresses purpose, scope, roles, responsibilities, management commitment, coordination among organizational entities, and compliance; and (PE-1a.1., TX-RAMP Security Controls Baseline Level 2)