Description
The organization controls physical access to the information system by authenticating visitors before authorizing access to the facility where the information system resides other than areas designated as publicly accessible.\n
Supplemental Guidance
Government contractors and others with permanent authorization credentials are not considered visitors. Personal Identity Verification (PIV) credentials for federal employees and contractors conform to FIPS 201, and the issuing organizations for the PIV credentials are accredited in accordance with the provisions of NIST Special Publication 800-79.\n
Enhancements
(1) The organization escorts visitors and monitors visitor activity, when required.\n
Compliance Mappings
ISO 17799 (legacy)
9.1.2
COBIT 4.1 (legacy)
DS12.3