Physical access privileges are reviewed and updated
Context and Guidance: Constant change in the operational environment creates the potential that at any time the current level of physical access provided to persons (as reflected in access privileges) may not match the level of need based on current physical access requirements. The organisation should define a schedule for regular review of physical access privileges to ensure that the requirements they have set for their assets are being implemented through proper assignment of physical access privileges and implementation of corresponding physical access controls. Certain temporary events such as projects or incident responses may require granting situation-based privileged physical access. A physical access review should be a necessary step in the closeout process of those events.
Related Practices • Input From: Implementing ARCHITECTURE-3a provides input that may be useful for implementing this practice. • Progression: This practice is part of a practice progression. Practice progressions are groups of related practices that represent increasingly complete or more advanced implementations of an activity. The practices in this progression include: ACCESS-3b, ACCESS-3h, ACCESS-3i.