4 / 8

Physical Access Restrictions

CC6 — Logical and Physical Access Controls · Not yet reviewed

Status

○ NOT STARTED ◑ IN PROGRESS ✓ IMPLEMENTED — NOT APPLICABLE

What this control requires

The entity restricts physical access to facilities and protected information assets (for example, data center facilities, backup media storage, and other sensitive locations) to authorized personnel to meet the entity's objectives.

Details

Risk Level

— LOW MEDIUM HIGH

Control Owner

Next Review Date

Notes — what's been done, what's missing, any gaps