AUTOMATED PHYSICAL ACCESS CONTROLS

Transcription

1 Cour Pénale Internationale International Criminal Court Administrative Instruction ICC/AI/2007/004 Date: 19/06/2007 AUTOMATED PHYSICAL ACCESS CONTROLS The Registrar, for the purposes of establishing access groups and access rights for the movement of personnel within the ICC premises, promulgates the following: Explanatory note to the Administrative Instruction The Security & Safety Section has been asked to implement physical access restrictions at floors and certain critical areas. In order to provide the authority for the SSS to implement such restrictions and ensure a manageable implementation, the SSS has drafted the present A.I. The physical access restrictions support the segregation of duties between the Organs and certain organisational units that follows from their potential conflict of interests. The restrictions also support the protection of critical areas such as technical installations, vaults and court rooms. [irinci}>li'* for physical /jarss /vs/r;vfio;/s The main criterion to determine if access will be granted is the genuine and permanent 'need to be': Does a group of workers need 24/7 unaccompanied, unrestricted and uninvited access to a floor or area? An occasional need to access a floor or area may not warrant a permanent access privilege. Workers with a permanent 'need to be' are in general the workers employed in the respective floors or areas. In addition, there will be other workers with permanent need to have immediate and unescorted access to the respective floors or areas. F.xamples of such workers are ICI' network administrators, security officers and certain general service staff. The absence of a professional need for permanent access does not mean a group of workers is not allowed access to a floor or area. Workers may still be allowed access but cannot open certain entrances with their badges. Thus, their access is subject to the discretion of the staff of the floors and areas the worker seeks access to. A word of caution ICC RESTRICTED Page 1 of 8

2 The Arc was not designed tor the Court and the Court has been retrofitted into the Arc. The access restrictions are managed by a software application with rather limited administrative capabilities. Not every access restriction desired may be technically or operationally possible to implement. For instance, the transit routes of workers to locations (for which they have a permanent need to access) may conflict with the access restrictions as desired by the organizational units along the same transit route. The physical access restrictions available at the Arc provide a relative low level of granularity. Section 1 Definitions 1.1. AAFP - Area Access Focal Point, a senior officer authorised to approve access rights requests for Staff to an Area under their responsibility ACFP - Access Control Focal Point, a senior officer that acts as the point within an organ to liaises with the SSS with regards to request for access to parts of the building 1.3. AIMS - Access and Intrusion Management System; the brand of the system in use at the Court to implement automated physical access controls Area- A floor, wing, vault or set of offices for which dedicated access rules are enforced through automated physical access controls Organizational Unit - An Organ, Division, Office, Section, Team or Unit PAID - The Pass & Identification office located at the Arc and staffed by SSS Staff - For the purposes of this Administrative Instruction, the term "staff" shall include all staff and individuals affiliated with or having a contractual relationship with the Court, such as elected officials, independent contractors, gratis personnel, interns, consultants, volunteers, interpreters, and other contractual personnel who are entrusted with authorised access to ICC Information in the course of performing their official duties. Note: Klected officials are exempt from the regular disciplinary process but not from compliance with the administrative processes of the Court SSS - Security & Safety Section of the Court. Section 2 Purpose 2.1. The International Criminal Court ("the Court") seeks to provide a safe and secure working environment in which the specific requirements for security, safety, independence, confidentiality and integrity of the judicial and administrative processes of the Organs are considered, established and maintained. Note: the physical access restrictions are put in place for the same reasons as the access restrictions in applications and network folders. ICC RESTRICTED Page 2 of 8

3 2.2. The purpose of this Administrative Instruction is to establish and maintain the protocols and division of access rights and to set out procedures for ensuring the accountability of afforded access rights This Administrative Instruction shall apply to all Staff and visitors who have been accorded physical access rights to the Court This Administrative Instruction shall apply to Court facilities that are equipped with automated physical access controls Physical access restrictions should not restrict Staff movement further than necessary for adequate security. They should be applied with caution and reason as they can impact on business efficiency and may lower the user-friendliness of the Court premises. Note: Physical access restrictions provide a low granularity and do not replace good practices as locking doors, filing documents and locking computers when absent Operational control and responsibility for programming, monitoring, interrogation and all other actions that may have an effect on the access control measures of the Court is delegated to the Chief of Security & Safety on behalf of the Registrar. Section 3 Areas 3.1. Access control shall be based on a set of Areas where each Area is defined through the set of Staff with a 'need to be' which is a permanent requirement to have unrestricted and uninvited access to the Area The main principle for the definition of Areas shall be the internal organization of the Court In order to restrict Staff movement no further than required for adequate security, Areas shall be defined as wide as possible, but as narrow as necessary. Applying too narrow an Area may impair the efficiency of the activities of the Court. Conversely, defining too wide an Area may create a risk of compromise The main Areas of the Court shall be defined by Annex A Every Area shall have a designated Area Access Focal Point (AAFP) for the purposes of approving access rights for Staff to the Area under their responsibility. Note: Fach Area has 1 'owner' and that owner is represented by the AAt-'P Any suggested amendment of Areas shall be communicated to the Chief of SSS in a timely manner, i.e. minimum of 1 week in advance of the date when the change is anticipated to take effect. Where a requested amendment necessitates alteration to or installation of new A1MSrelated infrastructure, such as badge readers, cabling, or door-set alterations, such a request should be communicated at least 3 months in advance of the anticipated date of implementation to both GSS and SSS Requested amendments are naturally governed by wider technical, operational and budgetary considerations and hence implementation cannot be guaranteed. Section 4 ICC RESTRICTED Page 3 of 8

4 Access Groups and Access Rights 4.1. Staff shall be granted access rights to Areas in line with the organizational unit in which they are employed and shall be granted access to the required work locations to reflect the function in which they are engaged. Access to the locations of other organizational units will not be granted automatically Each Organ shall be responsible for the provision of accurate and timely information on access groups and rights within the respective Organizational Unit to the Security & Safety Section (SSS) Each Organ shall designate an Access Control Focal Point (ACFP) for the purposes of requesting access rights for Staff under his/her responsibility. Note: Each Organ and Critical Area may choose to refine itselt into organizational units with regards to administration of requests for physical access, but shall provide a single point of contact with regards to the SSS The Access Groups of the Court shall be defined by Annex B. Note: All persons within a specific group are afforded equal access rights irrespective of role: all persons within such group are afforded equal access rights A request for extended access rights or the amendment or cancellation of access rights shall be provided in writing by the requesting ACFP, with the approval (in writing) of the AAFP of the Area, to the Chief of Security & Safety 2 working days in advance of anticipated implementation. Such amendment or cancellation of access rights may be based on: (a) Change of function and/ responsibility of staff; (b) Transfer of the staff member to a different Organizational Unit;. (c) Completion of employment; (d) Loss of access card; (e) Other reasonable grounds provided by the respective Staff, Human resources Section, the ACFP, the AAFP or a Head of Organ. Note: It is the 'owner' of the Area that takes the decision; hence, approval (in writing) must be sought. The SSS will act as a delegated 'owner' for certain areas such as the basement. Section 5 AIMS 5.1. AIMS shall be used as the main tool to ensure a basic level of physical segregation. The protection provided by AIMS may be increased by other means of access control, if required AIMS shall be routinely monitored, operated and controlled by the SSS of the Court, primarily via the computer interface provided at PAID The AIMS infrastructure shall be maintained and technically supported by the General Services Section (GSS) of the Court and necessary external contractors. The establishment and management of the necessary supporting contracts shall be the responsibility of GSS. Thus, the SSS shall be deemed to be the system "operator" and shall advise on the operational use of ICC RESTRICTED Page 4 of 8

5 AIMS, consistent with other security and safety considerations. GSS shall be considered the system "owner" for the purpose of maintenance, engineering and technical support The SSS shall establish a diagrammatic matrix of AIMS access groups, mapping defined access groups against badge reader access for engineering purposes. The AIMS matrix is constructed with and may only be adjusted by the SSS The AIMS matrix will provide the foundation for engineering, planning and control purposes. Note: The matrix holds the complex details of which doors can be opened with badges and needs a central administration. This provision is not prejudicial to the right of the 'area owners' to approve or disapprove access. Section 6 System Interrogation & Data Disclosure 6.1. Information on staff movements retained by AIMS will not ordinarily be made available to non-sss staff. Access by SSS staff shall be where there is a genuine "need to know". Note: An example of a genuine "need to know" would be the reconciliation of the manual logs entries on the vaults with the actual recorded badge activities with the vaults. Please mind that AIMS is not, for example, an attendance monitoring system Requests for access to AIMS data shall be made in writing to the Chief of SSS by at least a Section or Division Head. Such information will only be made available if the matter requiring further investigation has been reported to SSS. Applications for disclosure shall be assessed and authorised by the Chief of SSS To promote compliance with security regulations, AIMS data may be audited by authorised SSS personnel and disclosed to specific parties in connection with such written security regulations, for example, those regulations and procedures governing the protection of sensitive information, or specially restricted areas, such as the Court vaults. AIMS data disclosed for this purpose shall be treated with all due discretion and confidentiality by the receiving organizational unit. Section 7 Alignment with safety procedures 7.1. Any proposed changes to the placement of the hardware of the Physical Access Control System must first be risk-assessed by the Safety Officer of the SSS to ensure integration and alignment with safety procedures and general compliance with host country fire and safety regulations. The advice and agreement of the Safety Officer shall be paramount. Section 8 AIMS Cards ICC RESTRICTED Page 5 of 8

6 8.1. AIMS cards that have been inactive on the system for a period of eight weeks or more shall be disabled from AIMS by SSS. PAID shall actively review AIMS records for this purpose Staff holding an AIMS card that is nearing expiration, and their respective ACFP, shall be notified by two weeks before expiration by PAID Staff holding an AIMS card that is nearing expiration, and their respective ACFP, may request by for postponement of the expiration with another 2 months Loss or theft of AIMS cards shall be reported as soon possible to the SSS. The staff member will assist the SSS in completion of a Security Incident Report pertaining to the loss or theft Lost/stolen cards shall be disabled by SSS and the staff member shall be issued with a replacement card as soon as practicable thereafter during normal PAID working hours PAID shall be located at the entrance of the Arc building and be open during the normal business days of the Court from Staff that has misplaced their AIMS card, shall be provided with a temporary AIMS card that gives access to their Organ, but not to any other Area, with the exception of Security Staff and General Services Staff. Section 9 Final Provisions 9.1. Irrespective of AIMS, it remains the general duty of care of Staff to take reasonable steps to protect (e.g. 'not to put at risk') the assets of the Court, for example, by locking offices, safeguarding keys, protecting information, reporting incidents, adhering to established security policies and generally taking reasonable care in the execution of their duty. Note: This provision is added to make staff aware that access restrictions on floors and designated areas do not replace good practices such as a clear desk and/or locked door policy Users wishing to request exemptions to any provisions of this Administrative Instruction should do so through their supervisors by written communication to Information Security Unit of the Security and Safety Section This Administrative instruction shall be applied from the date of its signature. 'l/ls^*ts\ Bruno Cathala Registrar "" ICC RESTRICTED Page 6 of 8