How To Manage Keys At Trent University
|
|
- Marsha Powers
- 3 years ago
- Views:
Transcription
1 POLICY ACCESS CONTROL Category: Approval: Responsibility: Date: Operations & Governance PVP Vice President Administration Date initially approved: September 1, 2005 Date of last revision: April 2012 Definitions: Change Keys keys that allow access into a single room, or a suite of two or three rooms all keyed alike eg. An office or office area. Master Keys keys that allow access into a group of rooms or buildings. Generally, a Grand Master will allow access to all doors on a single keyway; a Master will allow access to all rooms in a building or a number of common function doors in one or more buildings eg, residence rooms, mechanical spaces; a Sub Master will allow access to number of functionally or organizationally related rooms in a building such as all spaces controlled by a University Department. Shift keys one or more keys that are issued to an employee for the duration of their work shift to allow them access to spaces that are not occupied and/or controlled solely by them. For example, several sub-masters to allow a custodian access to all spaces in a building for cleaning. Purpose/Reason for Policy: The purpose of the Access Control Policy is to: protect the personal safety of faculty, staff and students. safeguard both university and privately owned material assets. clearly define the approved procedures and authorities for access control at Trent University. Scope of this Policy: This policy applies to all Trent owned infrastructure and access control systems. It applies to all employees, students, contractors and visitors who require key or card access to Trent infrastructure. Policy Statement: It is the policy of Trent University to safeguard persons and property by controlling access to university buildings so that only authorized users of a space have access to that space. To minimize the risk of lost or stolen keys, Trent University will work towards installing card access systems on all external doors. We will also operate a decentralized key/card access system that places the authority and responsibility for maintaining internal building security through effective key/card control at the departmental level. The Access Control Supervisor will assist departments in establishing and maintaining a key/card access system. 1
2 Responsibilities: VPs, AVPs, Deans, Associate Deans, Department Chairs and Directors are the Designated Access Control Authority for the facilities allocated to their unit. They may delegate the authority to request and control keys/access cards and/or requisition changes to locks to a staff member using the Access Control Delegated Authority Form (Appendix 1), which is to be submitted to the Director, Risk Management. All requests for master keys must be approved by the appropriate Vice-President, AVP or Dean and the Director, Risk Management. Requests for sub-master keys must be approved by all AVPs, Directors or Department Chairs who control spaces that can be accessed by the sub-master. The Director, Risk Management is responsible to approve the selection of cost effective access control hardware and software (standard locking system) to provide appropriate physical security commensurate with the risk inherent in each location. The Director, Risk Management will ensure adherence to this policy and has the authority to deny any requests for keys/cards that contravene the intent of this policy or compromise the security of the university. Such denials may be appealed to the Vice President Administration. The Director, Risk Management is responsible to ensure department key control practices are audited when required. The audit will, as a minimum, verify that unused keys/cards are securely stored, that keys are properly signed out and recovered, that all individuals with keys/cards still have a bona fide requirement for those keys and that the department only retains keys for spaces allocated to that department. The Locksmith and Locksmith assistants are responsible for the maintenance, repair and replacement of door lock cylinders and lock sets. They are responsible to receive key/card and lock change requests, ensure that the requests are signed by a valid Authority and perform the requested work within a reasonable time frame. The Locksmith is responsible to maintain up to date records of all keys produced, issued, returned and destroyed, as well as the keyways and codes for all locking devices installed throughout the university, with the exception of desks, cabinets etc. The Designated/Delegated Authorities (hereafter referred to as the Authority ) are responsible to secure keys/cards that have not been issued. The Authority is responsible to keep a record of all keys issued to faculty, staff, students, contractors and visitors and ensure that those keys are returned when the individual is no longer authorized to have access to the space. Authorities must ensure individuals who are not faculty, staff or students at Trent University read and sign the Key Holder Agreement (Appendix 2) when they are issued university keys/cards. Students, staff and faculty are to be informed by the Authority that they are required to read and comply with this policy when their keys/cards are issued. Authorities requesting a change or upgrade to the standard locking system such as re-keying, replacing lock sets and cylinders or installation of a different security system such as electronic (keypad), biometric or card access, are responsible to cover the cost of the change and the ongoing cost of maintaining the upgraded locking system from their departmental operating budget, unless the Director, Risk Management determines that the upgrade is required for the university to maintain appropriate security. The criteria for approving upgrades to the standard locking system are if the space is multi-occupant (4 or more) and/or if the space contains extremely sensitive, vulnerable, dangerous or valuable contents that cannot be effectively secured by the standard locking system. The department is also responsible for the cost of replacing lost, stolen, broken or worn keys and the cost of re-keying in the event of lost or stolen keys. The department may recover these costs at their discretion from the individual who has signed out the keys. Keyholders. Keys to University spaces issued to individuals affiliated with the university remain the property of Trent University. Upon receipt of a key/card, the individual key/card holder agrees: a. to the proper use and care of the key/card; b. not to loan, duplicate or use the key/card in any unauthorized manner; 2
3 c. to return it to the issuing authority upon demand. All Trent community members are responsible to refrain from installing unauthorized locking devices on university doors. To ensure access in the event of an emergency, no campus area may be secured except by a locking device approved by the Locksmith. Keys to filing cabinets, desks, cabinets, lockers etc. will remain the responsibility of the person in charge of the area. Space allocation authorities are responsible to provide up to date lists annually to the Director, Risk Management of rooms and spaces allocated to each department/unit on campus. They are also to advise the Director, Risk Management of any changes to those lists as they occur. Contact Officer Director, Risk Management Date for Next Review 2015 May 01 Related Policies, Procedures and Guidelines Policies Superseded by This Policy Campus Card Policy N/A 3
4 APPENDIX B PROCEDURE ACCESS CONTROL Contact Officer Director, Risk Management Purpose To detail the procedures for obtaining, safeguarding and disposing of keys and key cards, and effecting repairs or changes to access control hardware. Procedure Designated or delegated authority A Trent University Key Request Form (Appendix 3) must be completed and signed by the Authority for all key/card requests. Forms can be found at The completed form must be submitted to keys@trentu.ca or by fax to as per the instructions on the form. PROCEDURE authority Keyholder When the locksmith completes an order, the Authority will be informed to make pick up arrangements. The Authority will sign out the keys to individual recipients, keeping a written record of each key issue and informing the recipient of their responsibilities under this policy. A sample Key Control Record is attached at Appendix 4. A downloadable database called Simkey, which is compatible with the locksmith s key control database, is available at Username is Trent and password is University. The Key Holder Agreement Form (Appendix 2) must be completed before keys are issue to any individuals who are not Trent University faculty, staff or students. All lost or stolen building keys/cards must be reported to Campus Security and the appropriate Authority. The Authority will complete a Key Request Form (Appendix 3) if replacement keys are required and a will locksmith@trentu.ca to initiate lock cylinder changes or other lock related work as required. The Authority may consult the Access Control Supervisor or the Director, Risk Management to reach a mutual decision on lock changes based on the risk involved. Lost or stolen cards will be immediately deprogrammed. Costs associated with the missing key/card are born by the issuing department who may in turn assess these costs against the individual who lost the key/card. It is recommended that departments create internal policies to clearly outline who is responsible for the cost of replacing lost keys/cards, any contingent changes to locks and/or any damages or losses to Trent property resulting from the loss of the key/card. 3 Authorities Authorities will ensure that individuals return their keys/cards when they are no longer affiliated with the department, or when they are no longer authorized to access a particular room or building. Returned keys may 4
5 be retained by the Authority for reissue to the replacement staff member, unless they have an employee number stamped on them. In such cases, the key is to be returned to the Locksmith for re-stamping. As well, Authorities will promptly return all keys/cards to the locksmith that are no longer required by that department. Examples include reductions in staff or a reallocation of space. Authority Only the locksmith or a contractor authorized by the Access Control Supervisor are authorized to re-key, repair and relocate university lock cylinders or arrange the installation of new locking systems. All repairs or additions to any locking device, key or door hardware will be controlled by the Risk Management Department and documented with a work request to locksmith@trentu.ca. Authorities Contractors requiring access to specific areas on campus may be issued keys by Campus Security, Physical Resources or Information Technology. The Authority for a department sponsoring contractor work may request single keys or contractor rings made up of a number of keys using the key request form (Appendix 3). The requester will indicate that these keys are for contractor use. Master keys will not normally be issued to contractors unless approved by the appropriate Vice President, the Director, Risk Management and Director of Physical Resources or Information Technology. When the locksmith produces the keys, the key ring is to be locked to reduce the chances of loss and print do not duplicate on each key. The entire key set, with each key itemized, will be issued to and signed for by the requesting department authority. The department is then responsible to secure these sets and issue them to contractors in accordance with the following procedures: a. the contracting authority provides the name of the company and/or tradesperson contracted to do the work as well as the areas to which they are to have access and the duration of that access. b. the contractor/tradesperson provides photo ID to verify that they are employees of the contracted firm. c. the contractor signs a key holder agreement form (Appendix 2) and signs for each key/key ring. d. the issuing authority advises the contractor of when and where to return the keys and ensures that the keys are returned as required. If the contractor arrives when the Parking Office is closed, they will contact the on duty Security Officer by phone to arrange return or issue of keys. 8.2 If a sponsoring department requires Campus Security to issue keys or access contractors on their behalf, they will provide the information in para 8.1.a to Campus Security, along with the appropriate keys (where applicable). Authority 8.3 Shift Keys are useful for employees who require access to university spaces in excess of their normal workplace, such as security officers, custodians, residence staff, PRD staff, IT staff and anyone who needs a master key or building master to perform their duties. These keys are not to be removed from Trent property because the impact of 5
6 them being lost or stolen is significant. The risk of criminal acts, including crimes against persons, and the cost of re-keying an entire building or buildings are high. These keys are not issued to a specific individual, rather they are placed on a locked key chain, secured within the department and signed out for a shift and returned at the end of that shift. Key holders may be permanently issued a single building and/or office key to access the shift keys. Shift keys may be issued by an individual or though an automated key watcher system. 8.4 Master Keys are to be treated with the greatest care and not to be issued to individuals unless approved by the appropriate Vice President, AVP or Dean and the Director, Risk Management. Individuals in permanent possession of Master keys must provide a Canadian Police Information Certificate (police records check) to the Director, Risk Management before the keys are issued. Master keys will normally be treated as shift keys and remain on site in a secure key lockup when the regular user is not at work. Grand Master keys will not be issued to anyone other than the locksmith and Campus Security. All master keys will be stamped do not duplicate. Date Approved Approval Authority Date of Commencement Month Day Year PVPs, VP, Dean, Director, etc. Year Month Day Amendment Dates List the dates the policy has been amended (Year Month Day ) Date for Next Review Related Policies, Procedures and Guidelines Year Month Day Name and link to related policies, procedures and guidelines 6
7 APPENDIX C GUIDELINE TEMPLATE NAME OF GUIDELINE Contact Officer Provide the position title rather than the name of a person Purpose A statement about the purpose of the guideline. Guideline Actual guideline. Related Policies / Procedures Name and link to related policies, procedures and guidelines. Links Links to relevant documentation, forms, explanatory notes. Date Approved Approval Authority Year Month Day Board, Senate, PVPs, VP, Dean, Director, etc. 7
Security, Access Management and Key Control Policy and Procedures
1 Policy Security, Access Management and Key Control Policy 1.1.1 The goal of the Vice President, Business Affairs and Facilities and Services is to provide a safe, comfortable, secure learning environment
More informationFACILITIES MANAGEMENT DEPARTMENT
FACILITIES MANAGEMENT DEPARTMENT Policy Title: Key Control and Card Access Policy Policy Number D-12 Section: Safety and Security Effective Date: April 12, 2007 Last Review: April 12, 2007 Purpose: The
More informationAccess Control Regulations
Access Control Regulations 6 August 2008 1 TABLE OF CONTENTS I. Regulations... 3 II. Introduction... 3 III. Definitions... 3 IV. Single Access Control Alarm Coordinator (SACC)... 4 V. Access to Closed
More informationKEY / CARD ACCESS CONTROL POLICY FOR FACULTY, STAFF AND STUDENTS
Facilities Management Revised 4/12/2010 KEY / CARD ACCESS CONTROL POLICY FOR FACULTY, STAFF AND STUDENTS I. Purpose II. Scope The purpose of the Key/ Card Access Control Policy is to provide reasonable
More informationCAMPUS KEY POLICY. Gerry, Bomotti, Senior Vice President for Finance and Business
Gerry, Bomotti, Senior Vice President for Finance and Business 1. PURPOSE The purpose of this policy is to provide optimal physical security and safety for building occupants and to protect the assets
More informationUniversity of Nevada, Reno. UNR Building Access Cards and Key Control Procedures 1
University of Nevada, Reno Building Access Cards and Key Control Procedures PURPOSE The purpose of this document is to specify procedures for obtaining access to facilities using card keys and hard keys,
More informationPOLICY TEMPLATE. Date initially approved: November 5, 2013 Date of last revision: same
POLICY TEMPLATE Video Surveillance Category: Approval: Responsibility: Date: Operations PVP VP Finance and Administration Date initially approved: November 5, 2013 Date of last revision: same Definitions:
More informationDepending on building design and layout, access points will operate in the following manner:
Scope Electronic Access Guidelines AG-101 The scope of the keyless access upgrade project is to provide increased security and public safety by deploying electronic access controls, door status monitoring/security
More informationPHYSICAL ACCESS CONTROL
Contact: Administrative Services Issued: June 24, 2013 Supersedes: Keys - Administration and Control of Keys, September 2007; and Keys - Issuance and Retrieval, March 1986 Pages: 13 OVERVIEW PHYSICAL ACCESS
More informationAUTHORITY: ORS 276.021, ORS 276.210 and other related provisions of chapter 276.
NUMBER 125-6-215 ISSUING DIVISION: FACILITIES DIVISION APPROVAL: Laurie A. Warner, Administrator EFFECTIVE DATE July 01, 2003 SUBJECT: Building Security Access Controls PAGE 1 OF 7 AUTHORITY: ORS 276.021,
More informationKey and Lock Change Guidelines
Applies to: All University Employees Issued: August 2013 TABLE OF CONTENTS I. PURPOSE:... 2 II. DEFINITIONS:.2 III. BACKGROUND:... 5 IV. GUIDELINES:... 5 1. Key Request:.5 2. Key Control: 10 3. Key Fabrication/Completion:.
More informationUniversity Policies. Policy: Procedures. Responsibilities:
University Policies Policy Name: Lock, Key and Electronic Ef f ective D ate: Ju l y 15, A ccess Control 2009 Custodian of Policy: Dean of Students Last Review : July, 2000 N ext Review : September, 2014
More informationThe Internet and e-mail 2 Acceptable use 2 Unacceptable use 2 Downloads 3 Copyrights 3 Monitoring 3. Computer Viruses 3
Table of Contents 1 Acceptable use 1 Violations 1 Administration 1 Director and Supervisor Responsibilities 1 MIS Director Responsibilities 1 The Internet and e-mail 2 Acceptable use 2 Unacceptable use
More informationUNIVERSITY EQUIPMENT
Authority: History: Source of Authority: 05.164 Related Links: Responsible Office: UNIVERSITY EQUIPMENT Vice Chancellor for Business Affairs Effective September 20, 1994; Updated October 16, 1995; Updated
More informationCaldwell Community College and Technical Institute
Caldwell Community College and Technical Institute Employee Computer Usage Policies and Procedures I. PURPOSE: The purpose of this section is to define the policies and procedures for using the administrative
More information2.09 Key and Card Access Systems Approved by Executive Committee: 8/17/04
2.09 Key and Card Access Systems Approved by Executive Committee: 8/17/04 A. Keys 1) Sul Ross State University maintains a centralized key and lock system to enhance the control and security of property
More informationWhat is the general purpose for this policy? What are objectives for this policy? How is access control on the campus divided?
FAQ What is the general purpose for this policy? The general purpose for the Master Key Policy is the protection of lives and property of the campus community. What are objectives for this policy? To ensure
More information8.1.6 POLICY ON KEYS AND OTHER BUILDING ACCESS DEVICES. Policy Statement COLLEGE OF CHARLESTON POLICY ON
OFFICIAL POLICY 8.1.6 POLICY ON KEYS AND OTHER BUILDING ACCESS DEVICES 03/21/11 Policy Statement COLLEGE OF CHARLESTON POLICY ON KEYS AND OTHER BUILDING ACCESS DEVICES 1.0 PURPOSE OF POLICY The purpose
More informationAccount Management Standards
Account Management Standards Overview These standards are intended to guide the establishment of effective account management procedures that promote the security and integrity of University information
More informationTitle: Data Security Policy Code: 1-100-200 Date: 11-6-08rev Approved: WPL INTRODUCTION
Title: Data Security Policy Code: 1-100-200 Date: 11-6-08rev Approved: WPL INTRODUCTION The purpose of this policy is to outline essential roles and responsibilities within the University community for
More informationEAA Policy for Accepting and Handling Credit and Debit Card Payments ( Policy )
EAA Policy for Accepting and Handling Credit and Debit Card Payments ( Policy ) Background Due to increased threat of identity theft, fraudulent credit card activity and other instances where cardholder
More informationPolicy on Privileged Access
Policy on Privileged Access Reference: CNS-P-GEN-PRIV-ACCESS Revision: D Supersedes: Purpose: Source: System Administrator Best Practice Guideline The purpose of this policy is to prevent inappropriate
More informationR345, Information Technology Resource Security 1
R345, Information Technology Resource Security 1 R345-1. Purpose: To provide policy to secure the private sensitive information of faculty, staff, patients, students, and others affiliated with USHE institutions,
More informationKEY AND LOCK POLICY Physical Plant Division April 2003
Physical Plant Division April 2003 Revised June 2003 Revised March 2004 Revised August 2004 APRIL 2003 (Revision: February 2004) Table of Contents Page A. Objective 1 B. General 1 C. Responsibilities 1
More informationGuideline on Access Control
CMSGu2011-08 Mauritian Computer Emergency Response Team CERT-MU SECURITY GUIDELINE 2011-02 Enhancing Cyber Security in Mauritius Guideline on Access Control National Computer Board Mauritius Version 1.0
More informationBEConnected User Agreement
BEConnected User Agreement Page 1 of 5 INTRODUCTION This is a legal document between you and the owner ( Belmont College ) of the Apple ipad tablet ( ipad ) in connection with the delivery of an ipad to
More informationNew River Community College. Information Technology Policy and Procedure Manual
New River Community College Information Technology Policy and Procedure Manual 1 Table of Contents Asset Management Policy... 3 Authentication Policy... 4 Breach Notification Policy... 6 Change Management
More informationKEY, SWIPE CARD AND ELECTRONIC FOB POLICY
KEY, SWIPE CARD AND ELECTRONIC FOB POLICY DOCUMENT CONTROL Version: 3 Ratified by: Risk Management Group Date Ratified: 30 th April 2014 Name of originator / author: Head of Health, Safety & Security Name
More informationAGREEMENT FOR ACCESS TO PROTECTED HEALTH INFORMATION BETWEEN WAKE FOREST UNIVERSITY BAPTIST MEDICAL CENTER AND
AGREEMENT FOR ACCESS TO PROTECTED HEALTH INFORMATION BETWEEN WAKE FOREST UNIVERSITY BAPTIST MEDICAL CENTER AND THIS AGREEMENT for Access to Protected Health Information ( PHI ) ( Agreement ) is entered
More informationMontclair State University. HIPAA Security Policy
Montclair State University HIPAA Security Policy Effective: June 25, 2015 HIPAA Security Policy and Procedures Montclair State University is a hybrid entity and has designated Healthcare Components that
More informationFLORIDA ATLANTIC UNIVERSITY. Property Policy
FLORIDA ATLANTIC UNIVERSITY Property Policy 2014 1 Table of Contents 1. PURPOSE 2. INTRODUCTION 3. DEFINITIONS 3.1. Property 3.2. Property Manager 3.3. Accountable Officer 3.4. Surplus 3.5. Salvage 3.6.
More informationAdministration Procedure
Administration Procedure Complete Procedure Title: Procedures related to Tracking, Loss, Damage and Disposition of University Assets Approved by: Assistant Vice President Administration and CFO Date of
More informationSUBJECT: SECURITY OF ELECTRONIC MEDICAL RECORDS COMPLIANCE WITH THE HEALTH INSURANCE PORTABILITY AND ACCOUNTABILITY ACT OF 1996 (HIPAA)
UNIVERSITY OF PITTSBURGH POLICY SUBJECT: SECURITY OF ELECTRONIC MEDICAL RECORDS COMPLIANCE WITH THE HEALTH INSURANCE PORTABILITY AND ACCOUNTABILITY ACT OF 1996 (HIPAA) DATE: March 18, 2005 I. SCOPE This
More informationHIPAA Information Security Overview
HIPAA Information Security Overview Security Overview HIPAA Security Regulations establish safeguards for protected health information (PHI) in electronic format. The security rules apply to PHI that is
More informationHIPAA SECURITY RULES FOR IT: WHAT ARE THEY?
HIPAA SECURITY RULES FOR IT: WHAT ARE THEY? HIPAA is a huge piece of legislation. Only a small portion of it applies to IT providers in healthcare; mostly the Security Rule. The HIPAA Security Rule outlines
More informationLAMAR STATE COLLEGE - ORANGE INFORMATION RESOURCES SECURITY MANUAL. for INFORMATION RESOURCES
LAMAR STATE COLLEGE - ORANGE INFORMATION RESOURCES SECURITY MANUAL for INFORMATION RESOURCES Updated: June 2007 Information Resources Security Manual 1. Purpose of Security Manual 2. Audience 3. Acceptable
More informationAppendix I. The City University of New York Policy on Acceptable Use of Computer Resources
Appendix I The City University of New York Policy on Acceptable Use of Computer Resources Introduction CUNY s computer resources are dedicated to the support of the university s mission of education, research
More informationASCINSURE SPECIALTY RISK PRIVACY/SECURITY PLAN July 15, 2010
ASCINSURE SPECIALTY RISK PRIVACY/SECURITY PLAN July 15, 2010 OBJECTIVE This Security Plan (the Plan ) is intended to create effective administrative, technical and physical safeguards for the protection
More informationBERKELEY COLLEGE DATA SECURITY POLICY
BERKELEY COLLEGE DATA SECURITY POLICY BERKELEY COLLEGE DATA SECURITY POLICY TABLE OF CONTENTS Chapter Title Page 1 Introduction 1 2 Definitions 2 3 General Roles and Responsibilities 4 4 Sensitive Data
More informationDEPARTMENTAL POLICY. Northwestern Memorial Hospital
Northwestern Memorial Hospital DEPARTMENTAL POLICY Subject: DEPARTMENTAL ADMINISTRATION Title: 1 of 11 Revision of: NEW Effective Date: 01/09/03 I. PURPOSE: This policy defines general behavioral guidelines
More informationOverview. Responsibility
Overview Property management is an important function at the University. Prudent inventory practices help protect the University s multi-million dollar investment in equipment, provide documentation needed
More informationOFFICE OF THE PREMIER ACCESS CONTROL POLICY
OFFICE OF THE PREMIER ACCESS CONTROL POLICY - 1 THE ACCESS CONTROL POLICY 1. Purpose 1.1 To propose for the introduction of an ID card policy for the Office of the Premier. 2. Background 2.1 The Office
More informationIT FACILITY STANDARD NO. 5 DATA CENTER & IT FACILITY ACCESS
Function Affected: IT Facilities including data centers and network rooms (BDFs and IDFs) Issued Date: 06/01/15 Issue Superseded: 12/15/13 Number of Pages: 6 I. Background The UCSF data centers and network
More informationBest Practices Provide Best Value When Implementing Key Control and Asset Management Systems
Attribute to: Fernando Pires VP, Sales and Marketing Morse Watchmans Best Practices Provide Best Value When Implementing Key Control and Asset Management Systems Abstract Key control and asset management
More information1.0 PREAMBLE... 2 2.0 WEB POLICY...
Name: Web Policy and Procedures Policy Number: 2-2003 Origin: Information Technology Systems & Support (ITSS) Approved: 28 July 2004 Issuing Authority: Executive Management Group Responsibility: Director,
More informationPOLICY TEMPLATE. Vice President, Finance and Administration
POLICY TEMPLATE Procurement, Lease, Maintenance and Use of Motor Vehicles Category: Approval: Responsibility: Date: Operations Vice President, Finance and Administration Vice President, Finance and Administration
More informationThis procedure is associated with BCIT policy 6700, Freedom of Information and Protection of Privacy.
Privacy Breach No.: 6700 PR2 Policy Reference: 6700 Category: Information Management Department Responsible: Privacy and Records Management Current Approved Date: 2012 May 01 Objectives This procedure
More informationPhysical Security Policy
Physical Security Policy Author: Policy & Strategy Team Version: 0.8 Date: January 2008 Version 0.8 Page 1 of 7 Document Control Information Document ID Document title Sefton Council Physical Security
More informationEquipment Management Guidelines
Equipment Management Guidelines The following guidelines were developed by the CSU Financial Officers Association to assist campuses in implementing Executive Order 649, Safeguarding State Property. Revised
More informationIslington ICT Physical Security of Information Policy A council-wide information technology policy. Version 0.7 June 2014
Islington ICT Physical Security of Information Policy A council-wide information technology policy Version 0.7 June 2014 Copyright Notification Copyright London Borough of Islington 2014 This document
More informationDBIDS/IACS PRIVACY IMPACT ASSESSMENT (PIA) 2. Name of IT System: Defense Biometric Identification System (DBIDS)
DBIDS/IACS PRIVACY IMPACT ASSESSMENT (PIA) (Use N/A where appropriate) 1. DoD Component: Defense Manpower Data Center (DMDC) 2. Name of IT System: Defense Biometric Identification System (DBIDS) 3. Budget
More informationIT TECHNOLOGY ACCESS POLICY
IT TECHNOLOGY ACCESS POLICY Effective Date May 19, 2016 Cross- Reference 1. IT Access Control and User Access Management Policy Responsibility Director, Information 2. IT Acceptable Use Policy Technology
More informationC. Current book value or estimated current value of each item
Oklahoma State University Policy and Procedures DISPOSITION OF SURPLUS PROPERTY 3-0126 ADMINISTRATION & FINANCE August 2010 POLICY 1.01 The responsibility and authority for disposition of any item of property
More informationIndex .700 FORMS - SAMPLE INCIDENT RESPONSE FORM.995 HISTORY
Information Security Section: General Operations Title: Information Security Number: 56.350 Index POLICY.100 POLICY STATEMENT.110 POLICY RATIONALE.120 AUTHORITY.130 APPROVAL AND EFFECTIVE DATE OF POLICY.140
More informationBellevue School District Centralizes Access Control
c a s e S T U D Y Woodside Elementary School is one of several new schools in the Bellevue School District that incorporate enhanced security protection. Bellevue School District Centralizes Access Control
More informationIT Governance Committee Review and Recommendation
IT Governance Committee Review and Recommendation Desired Change: Approval of this policy will establish Security Standards for the UCLA Logon Identity for anyone assigned a UCLA Logon ID/password and
More informationUser Accounts and Password Standard and Procedure
Office of the Vice President for Operations / CIO User Accounts and Password Standard and Procedure Issue Date: January 1, 2011 Information Security Office Effective Date: November 21, 2014 User Account
More informationUF IT Risk Assessment Standard
UF IT Risk Assessment Standard Authority This standard was enacted by the UF Senior Vice President for Administration and the UF Interim Chief Information Officer on July 10, 2008 [7]. It was approved
More informationPOL 08.00.02 Information Systems Access Policy. History: First issued: November 5, 2001. Revised: April 5, 2010. Last revised: June 18, 2014
POL 08.00.02 Information Systems Access Policy Authority: History: First issued: November 5, 2001. Revised: April 5, 2010. Last revised: June 18, 2014 Related Policies: NC General Statute 14-454 - Accessing
More informationPROGRAM TO PREVENT, DETECT & MITIGATE IDENTITY THEFT
Office of Employee Benefits Administrative Manual PROGRAM TO PREVENT, DETECT & MITIGATE IDENTITY THEFT 150 EFFECTIVE DATE: AUGUST 1, 2009 REVISION DATE: PURPOSE: Ensure that the Office of Employee Benefits
More informationInformation Technology Security Policies
Information Technology Security Policies Randolph College 2500 Rivermont Ave. Lynchburg, VA 24503 434-947- 8700 Revised 01/10 Page 1 Introduction Computer information systems and networks are an integral
More informationNever Use Your Mastercard For Purchasing Importance
Procurement Card Agreement Last Revised: 12/06 GRAND RAPIDS COMMUNITY COLLEGE MASTERCARD PROCUREMENT PROGRAM 1.0 OBTAINING A MASTERCARD PROCEDURES Call your GRCC Mastercard Program Administrator (listed
More informationHow To Protect Data At Northeast Alabama Community College
Information Systems Security Policy Northeast Alabama Community College Center for Information Assurance Northeast Alabama Community College 138 AL Hwy 35, Rainsville, AL 35986 (256) 228-6001 1 5/22/2014
More informationCollege of Education Computer Network Security Policy
Introduction The College of Education Network Security Policy provides the operational detail required for the successful implementation of a safe and efficient computer network environment for the College
More informationLouisiana State University School of Medicine at Shreveport
Louisiana State University School of Medicine at Shreveport Policy Date Updated Page Compliance Policy Summary -- 2 Vendor Solicitation Policy 4/1/2011 8 Drug Samples 7/1/2010 11 Continuing Medical Education
More informationUNIVERSITY OF MIAMI POLICY AND PROCEDURE MANUAL TITLE: Access Control REFERENCE:
UNIVERSITY OF MIAMI POLICY AND PROCEDURE MANUAL TITLE: Access Control REFERENCE: CATEGORY: Real Estate and Facilities PAGE: 1 of 6 SUPERSEDES: APPROVER: Larry Marbert Vice President, Real Estate and Facilities
More informationPROCEDURES for CAMPUS CASH MANAGEMENT POLICY ADM-0113 California State University, Sacramento. CASH HANDLING Updated February 2014
PROCEDURES for CAMPUS CASH MANAGEMENT POLICY ADM-0113 California State University, Sacramento CASH HANDLING Updated February 2014 I. ACCEPTING UNIVERSITY FUNDS II. III. IV. CASH CHANGE FUNDS SAFEGUARDING
More informationUniversity Policy: Corporate Credit Card Policy and Procedures
University Policy: Corporate Credit Card Policy and Procedures Policy Category: Operational Policies Subject: Use of Corporate Credit Card Office Responsible for Review of this Policy: Office of Finance
More informationCOMPUTER POLICIES AND SUPPORT
COMPUTER POLICIES AND SUPPORT EMPLOYEE AGREEMENT ON USE OF EMAIL AND THE INTERNET I have read, understand, and agree to comply with the policies, rules, and conditions governing the use of Lindenwood University
More informationAudio Visual Equipment Loans
IT 03 Audio Visual Equipment Loans Classification: Information Technology Responsible Authority: Director, Information, Institutional Research and Technology Services (IIRTS) Executive Sponsor: Vice President,
More informationAproved by: doron berger Data Security Manager - National Security unit
Israel Electric Corporation National Security unit Data Security Security of critical project performed by vendor abroad Aproved by: doron berger Data Security Manager - National Security unit Project
More informationUniversity of Maryland Baltimore Information Technology Acceptable Use Policy
The UMB School of Nursing follows and adheres to the UMB Campus Information Technology Acceptable Use Policy. The UMSON further defines Authorized User to also include any person who receives a password
More information4.00 Student means a Student registered, enrolled or participating in any course or program offered by the university.
ENVIRONMENTAL HEALTH AND SAFETY POLICY University Policy No: SS9200 Classification: Safety and Security Approving authority: Board of Governors Effective date: March, 2012 Supersedes: May, 1999 Last Editorial
More information13.19 ETHICS REPORTING POLICY AND PROCEDURE
13.13 SOFTWARE AND COMPUTER USAGE Temple University has adopted an extensive software policy and an extensive computer usage policy that govern the usage of software, hardware, computer related equipment
More informationData Center Access Policies and Procedures
Data Center Access Policies and Procedures Version 2.0 Tuesday, April 6, 2010 1 Table of Contents UITS Data Center Access Policies and Procedures!3 Introduction!3. Overview!3 Data Center Access!3 Data
More informationIthaca College Web Policy
Ithaca College Web Policy Scope of Policy This policy applies to websites and applications that are owned and operated by, or operated on behalf of, Ithaca College. Purpose of Ithaca College Websites Ithaca
More informationMONTSERRAT COLLEGE OF ART WRITTEN INFORMATION SECURITY POLICY (WISP)
MONTSERRAT COLLEGE OF ART WRITTEN INFORMATION SECURITY POLICY (WISP) 201 CMR 17.00 Standards for the Protection of Personal Information Of Residents of the Commonwealth of Massachusetts Revised April 28,
More informationKey Management Policy
THE LAMBTON COLLEGE OF APPLIED ARTS AND TECHNOLOGY Issued Date: Supersedes Date: Policy #: January 04, 2006 October 02, 2003 4000-4-7 Key Management Policy Policy It is the policy of the Lambton College
More informationWright State University Information Security
Wright State University Information Security Controls Policy Title: Category: Audience: Reason for Revision: Information Security Framework Information Technology WSU Faculty and Staff N/A Created / Modified
More informationCalifornia State University, East Bay Property Management. Policies And Procedures
California State University, East Bay Property Management Policies And Procedures PROPERTY MANAGEMENT POLICIES AND PROCEDURES Table of Contents 1.0 INTRODUCTION 3 2.0 DEFINITIONS 3 2.1 Definition of Equipment
More informationCompetitive Bid Request for Proposal Re-Keying Project Fairfield & Alfond Campuses
Competitive Bid Request for Proposal Re-Keying Project Fairfield & Alfond Campuses 1.0 Overview and Objectives Kennebec Valley Community College (KVCC) is requesting proposals from experienced and qualified
More informationPREAMBLE: GENERAL PROVISIONS: Policy Name:
Policy Name: Originating/Responsible Department: Approval Authority: Date of Original Policy: March 2008 Last Updated: February 2012 Policy on the Accreditation of Student Organizations Associate Vice-President
More informationBUSINESS POLICY. TO: All Members of the University Community 2012:12. CREDIT CARD PROCESSING AND SECURITY POLICY (Supersedes Policy 2009:05)
BUSINESS POLICY TO: All Members of the University Community 2012:12 DATE: April 2012 CREDIT CARD PROCESSING AND SECURITY POLICY (Supersedes Policy 2009:05) Contents Section 1 Policy Statement... 2 Section
More informationPROCEDURES: Purchasing Policy
AUTHORITY: University Administration POLICY: A:VPFA # / RESPONSIBILITY: Vice President Finance and Administration Effective Date: April 1, 2013 Purpose To implement the, the following specific actions
More informationProcedure for Managing a Privacy Breach
Procedure for Managing a Privacy Breach (From the Privacy Policy and Procedures available at: http://www.mun.ca/policy/site/view/index.php?privacy ) A privacy breach occurs when there is unauthorized access
More informationCORPORATE IDENTITY FRAUD: A PRIMER
CORPORATE IDENTITY FRAUD: A PRIMER Hanim Norza Baba, Head of Graduate Studies Center, Universiti Teknologi MARA, Melaka, Malaysia. drhanimnorzababa@gmail.com ABSTRACT Corporate identity fraud occurs when
More informationManage and secure your workplace by controlling who, what, when, why, where and how people are allowed in your facility. Marquee
Marquee Manage and secure your workplace by controlling who, what, when, why, where and how people are allowed in your facility. Securing the Workplace Executive Summary OPTIMIZE TODAY S WORKPLACE Protecting
More informationCollege of Public Health Information Technology Policies and Procedures
Effective Date: March 01, 2013 Revised Date: May 21, 2014 Section Table of Contents I. Organization and Purpose II. Authority III. Scope IV. Definitions V. Policy and Procedure VI. Responsibilities VII.
More informationPurchasing Card Procedure Manual
Purchasing Card Procedure Manual Draft 05/26/11 Table of Contents PURCHASING CARD PROGRAM... 3 ACQUIRING A PURCHASING CARD... 3 TRAINING... 4 ACTIVATION AND RENEWAL... 4 CARDHOLDER ROLES & RESPONSIBILITIES...
More informationWINONA STATE UNIVERSITY TRAVEL CREDIT CARD PROGRAM USERS GUIDE
WINONA STATE UNIVERSITY TRAVEL CREDIT CARD PROGRAM USERS GUIDE 1 WSU TRAVEL CARD PROGRAM Part 1. Authority MnSCU System Procedure 7.3.3 Credit Cards, provides authority for a college, university or office
More informationREMOTE WORKING POLICY
Reference number Approved by Information Management and Technology Board Date approved 30 April 2013 Version 1.0 Last revised Review date March 2014 Category Owner Target audience Information Assurance
More informationChronic Disease Management
RESOURCE AND PATIENT MANAGEMENT SYSTEM Chronic Disease Management (BCDM) Version 1.0 Office of Information Technology (OIT) Division of Information Resource Management Albuquerque, New Mexico Table of
More informationHAVERFORD COLLEGE IITS: POLICY AND PLANNING
Contents: 1. Preface 2. Policy 3. Audit and Compliance Section 1. Preface A. Name. The formal name of this policy is the Policy. B. Status of This Policy 1. Draft. Completed 4/11/2013 2. Public Review
More informationMOBILE DEPOSIT AGREEMENT AND DISCLOSURE ONLINE BANKING AGREEMENT ADDENDUM
MOBILE DEPOSIT AGREEMENT AND DISCLOSURE ONLINE BANKING AGREEMENT ADDENDUM This Addendum ( Addendum ) to the Citizens State Bank of Paola Online Banking Agreement between you and Citizens State Bank of
More informationSECTION 15 INFORMATION TECHNOLOGY
SECTION 15 INFORMATION TECHNOLOGY 15.1 Purpose 15.2 Authorization 15.3 Internal Controls 15.4 Computer Resources 15.5 Network/Systems Access 15.6 Disaster Recovery Plan (DRP) 15.1 PURPOSE The Navajo County
More informationContra Costa Community College District Business Procedure 10.57 SECURITY CAMERA OPERATING PROCEDURE
Contra Costa Community College District Business Procedure 10.57 SECURITY CAMERA OPERATING PROCEDURE The District and its colleges are committed to enhancing the quality of life of the community by integrating
More informationCOMPUTER USE POLICY. 1.0 Purpose and Summary
COMPUTER USE POLICY 1.0 Purpose and Summary 1. This document provides guidelines for appropriate use of the wide variety of computing and network resources at Methodist University. It is not an all-inclusive
More information