Include coordination amongst entities in the physical and environmental protection policy.

Back

CONTROL ID
14173

CONTROL TYPE
Establish/Maintain Documentation

CLASSIFICATION
Preventive

SUPPORTING AND SUPPORTED CONTROLS

This Control directly supports the implied Control(s):

Establish, implement, and maintain a physical and environmental protection policy., CC ID: 14030

There are no implementation support Controls.

SELECTED AUTHORITY DOCUMENTS COMPLIED WITH

Maintenance and inspection communication meeting (P51.4. ¶ 1(2), FISC Security Guidelines on Computer Systems for Financial Institutions, Ninth Edition, Revised March 2020)
When penetrating a TOP SECRET audio secure room, the Australian Security Intelligence Organisation is consulted and all directions provided are complied with. (Control: ISM-0198; Revision: 3, Australian Government Information Security Manual, June 2023)
When penetrating a TOP SECRET audio secure room, the Australian Security Intelligence Organisation is consulted and all directions provided are complied with. (Control: ISM-0198; Revision: 3, Australian Government Information Security Manual, September 2023)
A physical and environmental protection policy that addresses purpose, scope, roles, responsibilities, management commitment, coordination among organizational entities, and compliance; and (PE-1a.1., StateRAMP Security Controls Baseline Summary Category 1, Version 1.1)
A physical and environmental protection policy that addresses purpose, scope, roles, responsibilities, management commitment, coordination among organizational entities, and compliance; and (PE-1a.1., StateRAMP Security Controls Baseline Summary Category 2, Version 1.1)
A physical and environmental protection policy that addresses purpose, scope, roles, responsibilities, management commitment, coordination among organizational entities, and compliance; and (PE-1a.1., StateRAMP Security Controls Baseline Summary Category 3, Version 1.1)
A physical and environmental protection policy that addresses purpose, scope, roles, responsibilities, management commitment, coordination among organizational entities, and compliance; and (PE-1a.1., StateRAMP Security Controls Baseline Summary High Sensitivity Level, Version 1.1)
A physical and environmental protection policy that addresses purpose, scope, roles, responsibilities, management commitment, coordination among organizational entities, and compliance; and (PE-1a.1. High Baseline Controls, FedRAMP Baseline Security Controls, 8/28/2018)
A physical and environmental protection policy that addresses purpose, scope, roles, responsibilities, management commitment, coordination among organizational entities, and compliance; and (PE-1a.1. Low Baseline Controls, FedRAMP Baseline Security Controls, 8/28/2018)
A physical and environmental protection policy that addresses purpose, scope, roles, responsibilities, management commitment, coordination among organizational entities, and compliance; and (PE-1a.1. Moderate Baseline Controls, FedRAMP Baseline Security Controls, 8/28/2018)
Addresses purpose, scope, roles, responsibilities, management commitment, coordination among organizational entities, and compliance; and (PE-1a.1(a), FedRAMP Security Controls High Baseline, Version 5)
Addresses purpose, scope, roles, responsibilities, management commitment, coordination among organizational entities, and compliance; and (PE-1a.1(a), FedRAMP Security Controls Low Baseline, Version 5)
Addresses purpose, scope, roles, responsibilities, management commitment, coordination among organizational entities, and compliance; and (PE-1a.1(a), FedRAMP Security Controls Moderate Baseline, Version 5)
Addresses purpose, scope, roles, responsibilities, management commitment, coordination among organizational entities, and compliance; and (PE-1a.1(a), Control Baselines for Information Systems and Organizations, NIST SP 800-53B, High Impact Baseline, October 2020)
Addresses purpose, scope, roles, responsibilities, management commitment, coordination among organizational entities, and compliance; and (PE-1a.1(a), Control Baselines for Information Systems and Organizations, NIST SP 800-53B, Low Impact Baseline, October 2020)
Addresses purpose, scope, roles, responsibilities, management commitment, coordination among organizational entities, and compliance; and (PE-1a.1(a), Control Baselines for Information Systems and Organizations, NIST SP 800-53B, Moderate Impact Baseline, October 2020)
Addresses purpose, scope, roles, responsibilities, management commitment, coordination among organizational entities, and compliance; and (PE-1a.1(a), Cybersecurity Supply Chain Risk Management Practices for Systems and Organizations, NIST Special Publication 800-161, Revision 1, Appendix A, C-SCRM Baseline Controls)
Addresses purpose, scope, roles, responsibilities, management commitment, coordination among organizational entities, and compliance; and (PE-1a.1(a), Cybersecurity Supply Chain Risk Management Practices for Systems and Organizations, NIST Special Publication 800-161, Revision 1, Appendix A, C-SCRM Level 1 Controls)
Addresses purpose, scope, roles, responsibilities, management commitment, coordination among organizational entities, and compliance; and (PE-1a.1(a), Cybersecurity Supply Chain Risk Management Practices for Systems and Organizations, NIST Special Publication 800-161, Revision 1, Appendix A, C-SCRM Level 2 Controls)
Addresses purpose, scope, roles, responsibilities, management commitment, coordination among organizational entities, and compliance; and (PE-1a.1(a), Cybersecurity Supply Chain Risk Management Practices for Systems and Organizations, NIST Special Publication 800-161, Revision 1, Appendix A, C-SCRM Level 3 Controls)
A physical and environmental protection policy that addresses purpose, scope, roles, responsibilities, management commitment, coordination among organizational entities, and compliance; and (PE-1a.1. Low Baseline Controls, Guide to Industrial Control Systems (ICS) Security, Revision 2)
A physical and environmental protection policy that addresses purpose, scope, roles, responsibilities, management commitment, coordination among organizational entities, and compliance; and (PE-1a.1. Moderate Baseline Controls, Guide to Industrial Control Systems (ICS) Security, Revision 2)
A physical and environmental protection policy that addresses purpose, scope, roles, responsibilities, management commitment, coordination among organizational entities, and compliance; and (PE-1a.1. High Baseline Controls, Guide to Industrial Control Systems (ICS) Security, Revision 2)
A physical and environmental protection policy that addresses purpose, scope, roles, responsibilities, management commitment, coordination among organizational entities, and compliance; and (PE-1a.1., Security and Privacy Controls for Federal Information Systems and Organizations, NIST SP 800-53, High Impact Baseline, Revision 4)
A physical and environmental protection policy that addresses purpose, scope, roles, responsibilities, management commitment, coordination among organizational entities, and compliance; and (PE-1a.1., Security and Privacy Controls for Federal Information Systems and Organizations, NIST SP 800-53, Low Impact Baseline, Revision 4)
A physical and environmental protection policy that addresses purpose, scope, roles, responsibilities, management commitment, coordination among organizational entities, and compliance; and (PE-1a.1., Security and Privacy Controls for Federal Information Systems and Organizations, NIST SP 800-53, Moderate Impact Baseline, Revision 4)
A physical and environmental protection policy that addresses purpose, scope, roles, responsibilities, management commitment, coordination among organizational entities, and compliance; and (PE-1a.1., Security and Privacy Controls for Federal Information Systems and Organizations, NIST SP 800-53, Revision 4)
Addresses purpose, scope, roles, responsibilities, management commitment, coordination among organizational entities, and compliance; and (PE-1a.1(a), Security and Privacy Controls for Information Systems and Organizations, NIST SP 800-53, Revision 5)
Addresses purpose, scope, roles, responsibilities, management commitment, coordination among organizational entities, and compliance; and (PE-1a.1(a), Security and Privacy Controls for Information Systems and Organizations, NIST SP 800-53, Revision 5.1.1)
A physical and environmental protection policy that addresses purpose, scope, roles, responsibilities, management commitment, coordination among organizational entities, and compliance; and (PE-1a.1., Supply Chain Risk Management Practices for Federal Information Systems and Organizations, NIST Special Publication 800-161, April 2015)
Conduct outreach to neighboring businesses to coordinate security efforts. Also conduct outreach to neighboring residences to provide facility security awareness. (Table 1: Outreach Enhanced Security Measures Cell 2, Pipeline Security Guidelines)
A physical and environmental protection policy that addresses purpose, scope, roles, responsibilities, management commitment, coordination among organizational entities, and compliance; and (PE-1a.1., TX-RAMP Security Controls Baseline Level 1)
A physical and environmental protection policy that addresses purpose, scope, roles, responsibilities, management commitment, coordination among organizational entities, and compliance; and (PE-1a.1., TX-RAMP Security Controls Baseline Level 2)