DE.CM-2: Physical Environment Monitoring
Physical security is inseparable from cybersecurity. DE.CM-2 requires continuous monitoring of your physical environment to detect potential threats before they compromise your systems. Understanding and implementing this control is essential for organizations seeking comprehensive threat detection and response capabilities.
What this means
DE.CM-2 requires organizations to establish and maintain monitoring of their physical environment to identify cybersecurity-relevant events. This includes surveillance of data centers, server rooms, network closets, and other critical infrastructure locations. The goal is to detect unauthorized access attempts, environmental hazards, tampering, and other physical threats that could compromise confidentiality, integrity, or availability of your systems and data.
How to comply
- 1.Install and maintain physical surveillance systems (CCTV) in critical areas including data centers, server rooms, and network equipment locations
- 2.Implement access control systems with logging capabilities to track entry and exit to sensitive physical spaces
- 3.Monitor environmental conditions including temperature, humidity, and power systems in server rooms and network closets
- 4.Establish alerting mechanisms for unauthorized access attempts or environmental threshold violations
- 5.Conduct regular reviews of physical monitoring logs to identify and investigate anomalies
- 6.Document monitoring procedures, personnel responsible, and escalation paths for detected events
- 7.Integrate physical monitoring with your incident response procedures
- 8.Maintain audit trails of all monitoring system access and configuration changes
Evidence auditors look for
- CCTV system installation records and camera placement diagrams for critical areas
- Access control logs showing entries and exits to sensitive facilities with timestamps
- Environmental monitoring dashboards displaying temperature, humidity, and power metrics
- Alert notification records demonstrating real-time detection of unauthorized access
- Physical security incident reports and investigation documentation
- Monitoring system maintenance and testing records
- Policies and procedures governing physical environment monitoring
- Integration documentation showing connection between physical and cybersecurity monitoring
Frequently asked questions
When will FAQs be available?
The FAQ for this control is currently being prepared.
GRCWatch automates physical monitoring log aggregation and anomaly detection, flagging unauthorized access attempts and environmental violations in real time while maintaining audit-ready evidence for DE.CM-2 demonstrations.
See how GRCWatch handles this control automatically
Start free trial