NIST SP 800-171 & CMMC 2.0 Control 3.10.4 Requirement:

Maintain audit logs of physical access.

NIST SP 800-171 & CMMC 2.0 3.10.4 Requirement Explanation:

Ensure that only authorized persons have accessed your facilities. You can detect suspicious activity by reviewing when someone has accessed your facilities. An example of suspicious access is an employee entering the office late at night.

Example NIST SP 800-171 & CMMC 2.0 3.10.4 Implementation:

Maintain a written or digital record of who has entered your company's facility. Require employees to sign in at a sign-in sheet when entering and exiting your facilities. You can alternatively install a key card entry system. This allows you to track when and where an employee has entered your facilities

NIST SP 800-171 & CMMC 2.0 3.10.4 Scenario(s):

- Scenario 1:

Your company installed a key card system at the entry to your facility. Only employees with a key card can enter. When an employee enters with a key card the id associated with their card and the time they accessed the facility is recorded.

- Scenario 2:

John receives a visitor to the office. His visitor signs in at reception and is given a visitor's badge. When the visitor leaves John escorts him to reception and has him sign out. John also takes possession of the visitor's badge.

Discover Our NIST SP 800-171 & CMMC 2.0 Solutions:


Compliance Accelerator

Power through compliance. Meet and maintain your NIST SP 800-171 & CMMC 2.0 compliance requirements.

Quantum Assessor

Transform your business. Create new revenue streams and provide scalability for your NIST SP 800-171 and CMMC 2.0 services.

Supply Chain Verifier

Trust is everything. Verify, monitor, and support subcontactor compliance.