Logical and physical access controls are implemented to protect assets that are important to the delivery of the function, where feasible, at least in an ad hoc manner
Context and Guidance: Cybersecurity controls are implemented to manage the risks associated with unauthorised and/or inappropriate levels of access to IT, OT, and information assets, including physical assets. Logical controls may be administrative (e.g., policies, procedures), operational (e.g., system maintenance, capacity management), and technical (e.g., authentication schemes, system logging). Physical controls may also be administrative (e.g., policies, procedures), operational (e.g., fences, locks, signage), and technical (e.g., electronic badge readers, motion detectors, entry point logging).
Related Practices • Input From: Implementing ASSET-1a and ASSET-2a provides input that may be useful for implementing this practice. • Progression: This practice is part of a practice progression. Practice progressions are groups of related practices that represent increasingly complete or more advanced implementations of an activity. The practices in this progression include: ARCHITECTURE-3a, ARCHITECTURE-3b, ARCHITECTURE-3c, ARCHITECTURE-3d, ARCHITECTURE-3h, ARCHITECTURE-3k.