This objective ensures your organization has formally documented which physical access records must be reviewed, how often they’re reviewed, and who is responsible. This supports your ability to detect unauthorized physical access to CUI systems or areas through a structured review process.