Ansible Tower - Physical and Environmental Protection

Control responses for NIST 800-53 rev4.


Requirements Traceability Matrix

Control Name Status
PE-1 Physical And Environmental Protection Policy And Procedures

not applicable

PE-2 Physical Access Authorizations

not applicable

PE-2 (1) Access By Position / Role

not applicable

PE-2 (2) Two Forms Of Identification

not applicable

PE-2 (3) Restrict Unescorted Access

not applicable

PE-3 Physical Access Control

not applicable

PE-3 (1) Information System Access

not applicable

PE-3 (2) Facility / Information System Boundaries

not applicable

PE-3 (3) Continuous Guards / Alarms / Monitoring

not applicable

PE-3 (4) Lockable Casings

not applicable

PE-3 (5) Tamper Protection

not applicable

PE-3 (6) Facility Penetration Testing

not applicable

PE-4 Access Control For Transmission Medium

not applicable

PE-5 Access Control For Output Devices

not applicable

PE-5 (1) Access To Output By Authorized Individuals

not applicable

PE-5 (2) Access To Output By Individual Identity

not applicable

PE-5 (3) Marking Output Devices

not applicable

PE-6 Monitoring Physical Access

not applicable

PE-6 (1) Intrusion Alarms / Surveillance Equipment

not applicable

PE-6 (2) Automated Intrusion Recognition / Responses

not applicable

PE-6 (3) Video Surveillance

not applicable

PE-6 (4) Monitoring Physical Access To Information Systems

not applicable

PE-7 Visitor Control

not applicable

PE-8 Visitor Access Records

not applicable

PE-8 (1) Automated Records Maintenance / Review

not applicable

PE-8 (2) Physical Access Records

not applicable

PE-9 Power Equipment And Cabling

not applicable

PE-9 (1) Redundant Cabling

not applicable

PE-9 (2) Automatic Voltage Controls

not applicable

PE-10 Emergency Shutoff

not applicable

PE-10 (1) Accidental / Unauthorized Activation

not applicable

PE-11 Emergency Power

not applicable

PE-11 (1) Long-Term Alternate Power Supply - Minimal Operational Capability

not applicable

PE-11 (2) Long-Term Alternate Power Supply - Self-Contained

not applicable

PE-12 Emergency Lighting

not applicable

PE-12 (1) Essential Missions / Business Functions

not applicable

PE-13 Fire Protection

not applicable

PE-13 (1) Detection Devices / Systems

not applicable

PE-13 (2) Suppression Devices / Systems

not applicable

PE-13 (3) Automatic Fire Suppression

not applicable

PE-13 (4) Inspections

not applicable

PE-14 Temperature And Humidity Controls

not applicable

PE-14 (1) Automatic Controls

not applicable

PE-14 (2) Monitoring With Alarms / Notifications

not applicable

PE-15 Water Damage Protection

not applicable

PE-15 (1) Automation Support

not applicable

PE-16 Delivery And Removal

not applicable

PE-17 Alternate Work Site

not applicable

PE-18 Location Of Information System Components

not applicable

PE-18 (1) Facility Site

not applicable

PE-19 Information Leakage

not applicable

PE-19 (1) National Emissions / Tempest Policies And Procedures

not applicable

PE-20 Asset Monitoring And Tracking

not applicable




PE-1: Physical And Environmental Protection Policy And Procedures

The organization: a. Develops, documents, and disseminates to [Assignment: organization-defined personnel or roles]: 1. A physical and environmental protection policy that addresses purpose, scope, roles, responsibilities, management commitment, coordination among organizational entities, and compliance; and 2. Procedures to facilitate the implementation of the physical and environmental protection policy and associated physical and environmental protection controls; and b. Reviews and updates the current: 1. Physical and environmental protection policy [Assignment: organization-defined frequency]; and 2. Physical and environmental protection procedures [Assignment: organization-defined frequency].

PE-1 Control Response Information
Implementation Status:

not applicable

PE-1: What is the solution and how is it implemented?

This control is outside the scope of Ansible Tower configuration.




PE-2: Physical Access Authorizations

The organization: a. Develops, approves, and maintains a list of individuals with authorized access to the facility where the information system resides; b. Issues authorization credentials for facility access; c. Reviews the access list detailing authorized facility access by individuals [Assignment: organization-defined frequency]; and d. Removes individuals from the facility access list when access is no longer required.

PE-2 Control Response Information
Implementation Status:

not applicable

PE-2: What is the solution and how is it implemented?

This control is outside the scope of Ansible Tower configuration.




PE-2 (1): Access By Position / Role

“The organization authorizes physical access to the facility where the information system resides based on position or role.”

PE-2 (1) Control Response Information
Implementation Status:

not applicable

PE-2 (1): What is the solution and how is it implemented?

This control is outside the scope of Ansible Tower configuration.




PE-2 (2): Two Forms Of Identification

“The organization requires two forms of identification from [Assignment: organization-defined list of acceptable forms of identification] for visitor access to the facility where the information system resides.”

PE-2 (2) Control Response Information
Implementation Status:

not applicable

PE-2 (2): What is the solution and how is it implemented?

This control is outside the scope of Ansible Tower configuration.




PE-2 (3): Restrict Unescorted Access

“The organization restricts unescorted access to the facility where the information system resides to personnel with [Selection (one or more): security clearances for all information contained within the system; formal access authorizations for all information contained within the system; need for access to all information contained within the system; [Assignment: organization-defined credentials]].”

PE-2 (3) Control Response Information
Implementation Status:

not applicable

PE-2 (3): What is the solution and how is it implemented?

This control is outside the scope of Ansible Tower configuration.




PE-3: Physical Access Control

The organization: a. Enforces physical access authorizations at [Assignment: organization-defined entry/exit points to the facility where the information system resides] by; 1. Verifying individual access authorizations before granting access to the facility; and 2. Controlling ingress/egress to the facility using [Selection (one or more): [Assignment: organization-defined physical access control systems/devices]; guards]; b. Maintains physical access audit logs for [Assignment: organization-defined entry/exit points]; c. Provides [Assignment: organization-defined security safeguards] to control access to areas within the facility officially designated as publicly accessible; d. Escorts visitors and monitors visitor activity [Assignment: organization-defined circumstances requiring visitor escorts and monitoring]; e. Secures keys, combinations, and other physical access devices; f. Inventories [Assignment: organization-defined physical access devices] every [Assignment: organization-defined frequency]; and g. Changes combinations and keys [Assignment: organization-defined frequency] and/or when keys are lost, combinations are compromised, or individuals are transferred or terminated.

PE-3 Control Response Information
Implementation Status:

not applicable

PE-3: What is the solution and how is it implemented?