standard operating procedure - admin portal...

The University of Texas at El Paso Campus Wide Facility Access Control Standard Operating Procedure

July 1, 2013

SECURED DOCUMENTS FOR OFFICIAL USE ONLY

Standard Operating Procedure

Campus Wide Facility Access Control

Revision No: 1.0

Date of Issue: 1-3-2013


July 1, 2013


This Page Intentionally Left Blank


July 1, 2013


Table of Contents 1.0 - INTRODUCTION ............................................................................................................................... 5

1.1 - General ........................................................................................................................................ 5

1.2 - Objectives .................................................................................................................................... 5

1.3 – Overview..................................................................................................................................... 5

1.4 – Definitions .................................................................................................................................. 5

2.0 - DOCUMENT SYSTEM ........................................................................................................................ 8

2.1 -Process: ........................................................................................................................................ 8

2.1.1 - Tier I Documentation (Policies) .............................................................................................. 8

2.1.2 - Tier 2 Documentation (Facility Operations and Maintenance Procedures) ............................. 8

2.1.3 - Tier 3 Documentation (Task Instructions) .............................................................................. 9

2.1.4 - Tier 4 Documentation (Records) ............................................................................................ 9

3.0 – TIER 1 POLICY MANUAL ................................................................................................................. 10

3.1 Policy Introduction ....................................................................................................................... 10

3.2 UTEP Security Access Levels ......................................................................................................... 10

3.2.1 Level I Description: .............................................................................................................. 10

3.2.2 Level II Description: ............................................................................................................. 10

3.2.3 Level III Description: ............................................................................................................ 10

3.3 Granting Access ........................................................................................................................... 10

3.4 Responsibilities ...................................................................................................................... 11

3.4.1 Access Control Director - Vice President for Business Affairs................................................. 11

3.4.2 Access Control Administrator - Associate Vice President Business Affairs, Facilities

Services 11

3.4.3 Department Access Coordinator ..................................................................................... 11

3.4.4 Department Head ........................................................................................................... 12

3.4.5 Campus Police ................................................................................................................ 12

3.4.6 Facilities Services Access Control Shop............................................................................ 13

3.4.7 Environmental Health and Safety (EH&S) ........................................................................ 14

3.4.8 All Key Holders ............................................................................................................... 14

3.5 - KEY LEVELS/REQUIRED AUTHORIZATIONS .................................................................................. 14


July 1, 2013


3.5.1- Great Grand Master: ............................................................................................................ 14

3.5.2 - Grand Master Key: .............................................................................................................. 15

3.6 CHARGEABLE/NON-CHARGEABLE KEY ISSUES .............................................................................. 15

3.6.1 Original Keys or Access Card: ................................................................................................. 15

3.6.4 Lock Changes Following Lost or Stolen Key Incidents ............................................................. 16

3.6.7 Forgotten Keys ...................................................................................................................... 16

3.7 KEY ISSUANCE .............................................................................................................................. 16

3.7.1 UTEP Employees: .................................................................................................................. 16

3.7.8 Cipher Lock Management ...................................................................................................... 17

3.8 RECORD KEEPING: ........................................................................................................................ 18

3.9 AUDIT .......................................................................................................................................... 18

3.10 NON-UNIVERSITY LOCKS ............................................................................................................ 18

4.0 Procedures ...................................................................................................................................... 19

4.1 Granting Access for Level I Areas.................................................................................................. 20

4.2 Granting Access to Level II Areas .................................................................................................. 22

4.3 Granting Access to Level III Areas ................................................................................................. 24

4.4 Removing Access ......................................................................................................................... 26

5.0 Agreement Forms ...................................................................................................................... 29

5.1 – Department Access Coordinator Agreement ............................................................................. 30

5.2 – Access Control Grantor Agreement ........................................................................................... 31

6.0 – Task Instructions ........................................................................................................................... 32

Level II Access Request Task Instruction ............................................................................................. 33

Level III Vivarium/BSL3 Access Request Task Instruction .................................................................... 35

Level III Administration 5th Floor Access Request Task Instruction ..................................................... 38

Level III Human Resources Access Request Task Instruction ............................................................... 39

Level III Chemistry Bldg: Chemical-Storage RM XXX Access Request Task Instruction ......................... 40

Level III Engineering Rm XXX: Govt US Citizen only lab ....................................................................... 41


July 1, 2013


1.0 - INTRODUCTION

1.1 - General The University of Texas at El Paso is committed to ensuring a safe and secure campus. This Standard

Operating Procedure (SOP) describes the procedure and responsibilities for all parties involved in the

requesting and granting Keyed or Electronic Access to facilities.

1.2 - Objectives The purpose of this policy is to provide adequate physical building security for persons and property

through the use of access control devices and the control of keys issued, to assure appropriate access to

work areas by employees in buildings on the UTEP campus, and to allow unrestricted access by

University Police and maintenance personnel to all campus areas for reasons of security, safety, and

health.

1.3 – Overview Facilities are responsible for the management of the University Keying and Electronic Access Control Systems. That responsibility includes controlling the production, storage, and issuance of keys; the replacement or rekeying of lock cylinders; the acquisition of new keying systems; the maintenance of accurate records; and the cataloging of and adherence to key system authorizations. All locks and keys must be approved by Facilities Key Shop before installation. Facilities is also responsible for the purchase, installation, and maintenance of campus-wide electronic access control systems. The Facilities Key Shop is responsible for stand-alone access locks.

The UTEP Campus Police Department is responsible for overall campus security. Any deviation from established security policies and practices must be submitted to the UTEP Campus Police Department in writing for approval.

1.4 – Definitions Term Definition

Access Control Control of entry/exit to an area by any means (mechanical or electronic means)

Mechanical Key System - Any mechanical device used to operate a mechanically controlled mechanism for entry/exit to a controlled area.

Lockbox Systems - An access control system designed for building access, used by service departments or police/fire personnel.

Card Access Control Systems - A computerized card access control system. An electronic or electro-mechanical device replaces or supplements mechanical key access and the Miner Card is used to unlock doors. The system provides entry access to various doors and enables automatic


July 1, 2013


locking and unlocking of specific doors or groups of doors at prearranged times during the day.

Access Control Director

The Vice President for Business Affairs has been designated as the overall authority and delegated the responsibility for administration of this policy, procedures, approvals and issuance of all University access keys and is accountable for access and security of all campus facilities and property.

Access Control Administrator

The Associate Vice President Business Affairs, Facilities Services has been designated as the overall authority to implement this policy and procedures.

Access Control File Critical records maintained by the Facilities Services - Access Control Shop, such items as key codes, key copy numbers, and Access Control database as well as departmental control access data.

Miner Gold Card (MCO)

This is a multi-use identification card given to every student, faculty, staff and may be issued to authorized visitors. This card is distributed by the Miner Gold Card Office.

Access Control Supervisor

Designated individual within the Facilities Services - Access Control Shop who manages the keying system and access service delivery.

Access Control Grantor This person reports to or has been appointed by the Access Control Supervisor. This person is in charge of granting access via the electronic Access Control System or cuts and delivers the appropriate key based on authorized requests.

Department Head Person in a department responsible for appointing a Department Access Coordinator and Authorizing individual key requests within their specific department. This is reserved to Executive offices, Deans, Directors, Chairperson. This person may delegate their authority to a person within their department.

Trainer Person responsible for training the Key Holder of aspects related to certain building access requests. Trainers include HS&E Lab Safety Trainers, Level III protocol trainers, etc. The requirements for training are outlined in each Task Instruction related to Level II and Level III access requests.

Department Access Coordinator

Person delegated by the Department Head to coordinate and/or approve access requests based on delegated authority, adherence and implementation of this policy.

Key Holder Any University employee, student, volunteer, alumnus, or authorized


July 1, 2013


visitor/vendor in possession of an access device (key/card)


July 1, 2013


2.0 - DOCUMENT SYSTEM

2.1 -Process:

2.1.1 - Tier I Documentation (Policies)

The purpose at this level of documentation is to state, in a concise and brief format, the overall policies,

beliefs, and objectives of management on the operation and maintenance of the Facilities Access

Control System.

These are traditionally internally driven documents that are written to conform and parallel other

departmental or functional policies and procedures. They can include regulator or guidelines

compliance documents, Quality Policies.

2.1.2 - Tier 2 Documentation (Facility Operations and Maintenance Procedures)

The second level of documentation is more detailed and addresses the procedure(s) fo an activity or

process, and identifies who is involved, what happens, and the critical control points. These procedures

are orgainze3d on a functional basis and are further defined in Section XX and Appendix A.

Tier 1

Policy Manual

Tier 2

Procedures, Protocols

Tier 3

Task Instructions, Posted Instructions

Tier 4

Other Documentation (forms, records, process sheets, etc)

Defines Policy (Why),

Approach and

Responsibilities

Defines What, Who, When

and Where

Functional, Departmental

Answers How

Records, Results


July 1, 2013


2.1.3 - Tier 3 Documentation (Task Instructions)

This level of documentation is very detailed on “how”: to accomplish one specific job, task or

assignment. These may be references to existing documents, checklists or forms, or incorporated within

a computerized maintenance management system. This entails work/job instructions which may stand

alone or are part of a larger manual or policy.

2.1.4 - Tier 4 Documentation (Records)

The last level of documentation can include forms, records, reports and other documents used to

summarize the results of the processes and provide evidence of conformance to requirements, goals

and objectives.


July 1, 2013


3.0 – TIER 1 POLICY MANUAL

3.1 Policy Introduction

This standard operating procedure (SOP) describes procedures to request, grant, track and remove

building/office/lab access to help ensure the security of our staff, faculty, students and facilities. This

SOP shall be followed by all staff, students, faculty and visitors to the campus.

3.2 UTEP Security Access Levels UTEP has three (3) access security levels. 3.2.1 Level I Description: This is the basic access level that all students, staff and faculty have based on their enrolment or employment status. This access is typically associated with granting access to main entrance doors to Education in General facilities during regular operating hours.

3.2.2 Level II Description: This is higher access level associated to basic security laboratories or office spaces. This access request is generic as shown in Appendix A, but requires authorization from the University Department or Office requesting facility access for the requestor. This authorization is intended for those that have legitimate business reasons for accessing the space.

3.2.3 Level III Description: This is the highest access level associated to specific high-security laboratories or office spaces. Security approval at this level for a specific high-security space does not constitute automatic access to any other building doors within or throughout the campus. The available access (doors) is explicitly defined for each level III space and access to other facilities requires additional Level II or Level III approval.

Each of these spaces shall have its own access request form, a detailed access request procedure listing proper training, protocol and a Department Head’s Contact information. The University Vice President responsible for the Level III area shall submit a memo to the Access Control Administrator defining the delegate of authority for granting access to the space. This access request requires the designated Delegate of Authority’s signature requesting facility access for the Key Holder. These forms and procedures are contained within this SOP as a Task Instruction in the Appendix. Those who do not follow the access protocol for these spaces will face immediate disciplinary action up to and including dismissal and prosecution.

3.3 Granting Access Routine access to locked University facilities or areas within University facilities required for the performance of an employee’s assigned duties will be provided through the granting of electronic or keyed access.

Access to buildings, offices, and other facilities may only be granted to a University employee upon proper authorization by a Department.


July 1, 2013


Access may not be granted to a student unless the student has a University appointment as an Assistant Instructor, Teaching Assistant or Research Assistant, or the University Department or Office requesting the facility access for a student requests an exception.

3.4 Responsibilities

3.4.1 Access Control Director - Vice President for Business Affairs

Designated as the overall Access Control Director and is responsible for or may delegate the following items:

1. Approves all new access control systems and modifications to existing systems. 2. Ensures appropriate authorization of all key fabrication and electronic access requests. 3. Directs Access Control Manager to conduct a key control record audit as needed. 4. Ensures the involvement of Facilities Services and Campus Police in the design and planning of

new and modified access control systems. 5. Requests designated Internal Auditing Group, Access Control Shop and/or Campus Police

employees to conduct reviews of campus departments and units to determine the adherence to and implementation of the access control-policy.

6. Reports the results of key control reviews of campus departments to the Executive Administration at regular intervals.

7. Directs designated Facilities Services employees to establish service programs for administering, maintaining and repairing the mechanical and electronic access control systems.

3.4.2 Access Control Administrator - Associate Vice President Business Affairs, Facilities

Services

Oversees the service program for access systems and is responsible for or may delegate the following items:

1. Maintaining access control files. 2. Directing the fabrication of all keys for campus spaces, mechanical access control, and

specialized security keys. 3. Managing a service program for all maintenance and repair work regarding mechanical and

electronic access systems. 4. Consulting with University Chief of Police (or designee) concerning records of keys lost or stolen.

Decisions to re-key or to duplicate keys are based on consultation between the Chief of Police, the Access Control Administrator, and the respective Dean or Department Head. All re-keying will be administered through the Facilities Service Access Control Shop. The cost of routine re-keying and key-cutting is borne by the affected Department.

3.4.3 Department Access Coordinator

The Department Access Coordinator is responsible for the management of the keys and Electronic

Access for that particular department. The Department Coordinator is assigned the role by the

Department Head and is required to read and sign the Department Access Coordinator Service Level

Agreement with Facilities Services.


July 1, 2013


The Department Access Coordinator’s function includes the following:

1 Coordinates the issue of keys and Electronic Access Control with the Key Holder, Department Head

and the assigned Access Control Grantor.

2 Can approve access if formally delegated by the appropriate Director.

3 Retrieves and returns keys to Facilities Services in a timely manner.

4 Administers/coordinates keys for desks, cabinets, display cases, etc. in the Faculty, department or

operating unit. As a matter of operational policy, undertakes an annual audit of keys/cards

controlled by the Faculty, department or operating unit.

5 On an annual basis, the Access Control Shop will send out a list of people with access to the

department and Department Access Coordinator must ensure that the access is still appropriate.

The Department Access Coordinator shall notify the Access Control Shop of any discrepancies and

work with them to resolve the issue.

6 Report Lost or stolen keys or access cards with Campus Police. Lost or stolen keys or access cards

will not be replaced until a report has been filed with the Campus Police Department and Campus

Police have notified the Access Control Administrator of this fact and made a recommendation

regarding re-keying a facility.

3.4.4 Department Head

The Department Head is defined as an Executive Officer, Dean, Director or Chairperson that has been assigned those spaces through the University’s formal process of space planning and allocation. The Department Head is responsible for fully implementing this policy within their respective areas. All records are subject to review by the Vice President for Business Affairs or their delegate. Further, Internal Auditing shall perform periodic inspections of records as determined by that department.

The Department Head’s functions include the following:

1 Appointing a member of his/her department to be the Department Access Coordinator and advise, in writing, of the assigned responsibilities. The agreement is shown in Appendix 5.1 – Department Access Coordinator Agreement.

2 Responsible and accountable for the control of interior building spaces and providing access to those spaces. Therefore the Department Head or designee must sign off on all access requests.

3 Shall exercise control of their buildings in compliance with standards and procedures established by the University.

4 Individual departments are responsible for all re-keying costs resulting from violations of this policy by their employees.

3.4.5 Campus Police

Campus Police has overarching custodial responsibility for monitoring security and responding to

emergency or non-compliance of the policy for the University plant, including interior building spaces.

Campus Police has the authority to access all Level I and Level II interior areas for the purposes of

fulfilling this overarching responsibility and to the extent necessary to do so, liaises with occupant units.


July 1, 2013


Level III access shall be coordinated with the Department Access Coordinator and entry is only permitted

once all the protocols as per the space specific Task Instructions have been fulfilled by Key Holder.

Police will also assist in coordinating emergency or security events by contacting the Department Access Coordinator or Access Control Grantor from the Facilities Services Access Control Shop to remove access as required.

3.4.6 Facilities Services Access Control Shop

The Department of Facilities Services has overarching custodial responsibility for the operations and

maintenance of the University plant, including interior building spaces. Facilities Services has the

authority to access all Level I and Level II interior areas for the purposes of fulfilling this overarching

responsibility and to the extent necessary to do so, liaises with occupant units and Campus Police. Level

III access shall be coordinated with the Department Access Coordinator and entry is only permitted once

all the protocols as per the space specific Task Instructions have been fulfilled by Key Holder.

The Department of Facilities Services shall be responsible for all physical installations in University

buildings that restrict access to locked space. This includes, but is not limited to doors, frames, locks,

keys, door and frame hardware, electrical and fiber optic cabling, and access control hardware and

devices (e.g., proximity reader, electronic strike, door contacts/magnets, electronic latches, power

transfer hinge, motion sensor, etc.).

The Access Control Shop within Facilities Services shall be responsible for central key production, issue,

control of master keys, and distribution of regular/change keys to University Faculties, departments and

operating units.

The Access Control Shop shall:

1. Have in-staff and delegate Key Coordinators with fiduciary responsibility for the proper

implementation of this SOP and management of the Access Control Systems.

2. Keep up-to-date records of an electronic key inventory

3. Keep up-to-date records on card access agreements

4. Ensure that the access policy is being followed prior to granting access to anyone

5. Ensure that all required signatures for access are obtained prior to granting access to any

building.

6. In conjunction with Access Granting Authorities, limit access to those individuals who have

documented a need to work in the facility

7. Supply audit access reports to departments as requested.

8. Ensure Campus Police receives access as authorized, with in the same business day of the

change.


July 1, 2013


3.4.7 Environmental Health and Safety (EH&S)

EH&S has overarching custodial responsibility for the safety and environmental regulatory and

operational processes for the University plant, including interior building spaces. EH&S has the

authority to access all Level I and Level II interior areas for the purposes of fulfilling this overarching

responsibility and to the extent necessary to do so, liaises with occupant units and Campus Police. Level

III access shall be coordinated with the Department Access Coordinator and entry is only permitted once

all the protocols as per the space specific Task Instructions have been fulfilled by Key Holder.

3.4.8 All Key Holders

All Key Holders are required to:

1. Sign an approved form documenting record of the issuance of the key. 2. Maintain, secure and be responsible for any access control key(s) issued, 3. Report loss or theft of access control keys to the Department Access Coordinator, Facilities

Services Access Control Grantor and the University Police Department within 24 hours of discovery of theft or loss, and

4. Return to the Department access or Facilities Access Control Grantor upon terminating from the department, all keys issued.

5. All Key Holders have a fiduciary duty to ensure they safeguard their access control key or card. Cards shall not be shared with any individual. Key Holders and Card Holders shall not allow piggy-backing of unauthorized persons into any space.

6. Keys shall be returned to: a. Department Access Coordinator b. Key Coordinator at the Facilities Access Control Shop c. Human Resources

7. Students, faculty and staff are required to maintain and have in their immediate possession the appropriate access device (key and/or Miner Gold Card) that provides authorized access. It is each person’ responsibility to maintain their Miner Gold Card on active status.

8. Visiting Scholars, Grant Appointees, Contractors, Vendors, Guests and Volunteers must apply for a Miner Gold Card and apply for access through the sponsoring Department Access Coordinator.

9. The propping of electronically controlled or monitored doors is not permitted except with prior notification and approval of the UTEP Campus Police.

10. Tampering with or attempting to bypass security on an electronically controlled or monitored door in any way, including but not limited to key bypass, propping, taping and/or dogging, is prohibited.

11. Those who do not follow the access protocol for these spaces will face immediate disciplinary action up to and including dismissal and prosecution.

3.5 - KEY LEVELS/REQUIRED AUTHORIZATIONS

3.5.1- Great Grand Master:

Great Grand Master provides total access to all buildings on campus using a designated key and with the

electronic card access. This is not an assignable key and maintained only by the Access Control Shop.


July 1, 2013


3.5.2 - Grand Master Key:

Grand Master operates two or more separate groups of locks, which are each operated by a different master key and all card readers installed. Authorization for Grand Master is granted by the Access Control Director (or delegate), and the Campus Police Department Chief, and the Level III Delegate of Authority (if required). This key is restricted to security and maintenance personnel only.

3.5.3 - Building Master Key:

Building Master provides access to all Master keyed and doors with card readers in spaces to a specific building. The issuance of this key is restricted to persons authorized by the Access Control Administrator.

3.5.4 - Building Sub-Master Key:

Building Sub-Master provides access to a group of rooms within a department or building. Authorization for this level of access will be determined by the Department Head.

3.5.5 - Individual Room Key:

All individual keys are given to access a room/office within a specific building on campus. Authorization is granted by the Department Head.

3.6 CHARGEABLE/NON-CHARGEABLE KEY ISSUES

3.6.1 Original Keys or Access Card:

Original keys issued to an employee are not chargeable.

3.6.2 Worn Keys or Worn Access Card:

Worn keys will be replaced without charge. Original keys must be returned to the Facilities Access

Control Shop.

3.6.3 Lost or Stolen Key Replacement:

Replacement of lost/stolen keys or failure to return assigned keys will result in charges to the

Department employing the person identified as the key holder. Facilities have set the following

replacement costs for the various key levels:

Type of Key Replacement Cost

Miner Gold Card Refer to the Current Miner Gold Card

Policy

Room or Outside Door Key $ 25.00


July 1, 2013


Building Sub-Master Key Dependent on mitigation cost

Building Master Key Dependent on mitigation cost

Grand Master Key Dependent on mitigation cost

3.6.4 Lock Changes Following Lost or Stolen Key Incidents

Lock changes required to maintain building security following lost or stolen key incidents are chargeable

work orders. The Building Supervisor, Dean, Director, Department Chair or Key Manager will notify the

Facilities Service Center to have their locks rekeyed and security reestablished.

In cases where re-key is recommended by the Facilities Access Control Shop and/or Campus Police, the

affected department(s) shall be charged the cost of re-key and any additional security measures

necessary, to include but not limited to equipment and staff resources as approved by the Chief of

Police or designate to ensure security of the facility during the period of time the facility is vulnerable to

unauthorized entry.

3.6.5. Students Who Fail To Return Keys:

Students who fail to return keys will be subject to the same restrictions and penalties as students who

fail to honor their financial obligations to the University.

3.6.6 Department Heads:

Deans, Directors or Department Chairs acknowledge keys issued by their key manager and lost or not

returned could result in a charge to their department to restore security.

3.6.7 Forgotten Keys

Key holders who require the Campus Police Department and/or the Access Control Shop to open a door

because they forgot or lost a key will be charged for the service. The charge may be waived for first time

incidents. The cost for an open-door request because of a forgotten or lost key is $10 per incident.

3.7 KEY ISSUANCE

3.7.1 UTEP Employees:

All unclassified and classified employees will be issued keys needed to access office and/or work areas.

3.7.2 Key Request:


July 1, 2013


All key requests must be submitted by a Department Access Coordinator by email to the Facilities Key

Shop. Key requests will be filled the next business day. All key requests must be before 3:00 p.m.

Monday through Friday to ensure next day pickup.

3.7.3 Record Management:

Facilities will maintain employee key records in its Key Shop database. The Key Shop will provide

Department Access Coordinators with reports of key records grouped by department as requested, and

will work with the Department Key Coordinators to maintain the accuracy of these records as changes

occur.

3.7.4 Short Term or Temporary Building Access:

For short term or temporary building access, Departments may retain duplicate check-out keys in a

secured area (lockable box or cabinet). Responsibility for the security of these keys, as well as

establishing a sign-out procedure to track the location of the keys, remains with the department. These

temporary key storage areas will be subject to audit by the Facilities Key Shop personnel. These keys

must be issued to a person who will be responsible for their use and safekeeping.

3.7.5 Master Key Pick Up:

The person being assigned a Master key must pick up the key in person. Only under extreme

circumstances will there be exceptions to this rule.

3.7.6 30-Day Request Period:

All keys must be picked up from the Facilities Key Shop within thirty (30) days or the request is void and

a new request will need to be submitted before a key can be issued.

3.7.7 Key or Access Card Replacement Requests:

Replacement requests for lost or stolen keys are submitted to the Department Access Coordinator. Keys will be replaced when a copy of a University Police report has been mailed/faxed/emailed to Facilities Access Control Shop. The department will be charged for replacement keys.

3.7.8 Cipher Lock Management

Cipher Locks (local pin-based security systems) will be installed by Facilities Services, but the

management responsibility of these systems lie solely on the Department Access Coordinator. Pass

code dissemination and recordkeeping of these systems will not be maintained by Facilities Services.

The Department Access Coordinator is also responsible for assigning and notifying the Campus Police

Department of the code to the device.


July 1, 2013


In the next phase of single door implementation, it will be the University policy to not install local pin-

based security systems. A card access lock set that integrates with the University card access system will

be utilized.

3.8 RECORD KEEPING:

Facilities will keep the official records of keys issued for all University employees. Department Access Coordinators will maintain key records for their buildings and/or departments. Facilities will maintain a security software system which will record building key data and employee key records. Reports will be generated by the Facilities Key Shop as requested by Department Access Coordinators.

3.9 AUDIT

1. Each Department is responsible for periodically performing physical inventories of keys, including department lock boxes.

2. The Access Control Shop will send out a list of key ID and key holders to the Department Access Coordinator on an annual basis.

3. Each Department is responsible for performing, at a minimum, annual audits of individuals who have Electronic Access to the Department space. Any changes shall be coordinated with the Department Access Coordinator and Facilities’ Access Control Grantor.

4. Keys found missing at that time will be subject to charges as listed in 3.6 CHARGEABLE/NON-CHARGEABLE KEY ISSUES.

3.10 NON-UNIVERSITY LOCKS No lock may be installed on a University building or property without prior approval of the Facilities Access Control Shop. Locks installed without prior approval will be removed at the Department's expense. The cost of the unauthorized lock will not be reimbursed.


July 1, 2013


4.0 Procedures



July 1, 2013


4.1 Granting Access for Level I Areas

Level I Access Control Granting Process

Key Holder TrainerDepartment Access

CoordinatorAccess Control Grantor

Miner Card Office

(MCO)

4.1.1

Key Holder is

registered as a

student or

staff/faculty

4.1.2

Key Holder

picks up Miner

Card at MCO

4.1.3

MCO issues

mag stripe

card to

requestor and

enables Level I

access

Process

Complete


July 1, 2013


Procedure Name: Granting Access for Level I Areas

Document Number: Proc 4.1 Effective Date: 01-03-2013

Approved By: TBD Date Last Revised: 01-03-2013

Overview

Purposed and Scope: Define the procedure to obtain Level I Access Authorization

Responsible Parties: Key Holder, Trainer, Department Access Coordinator, Key Coordinator, Miner Gold Card Office

Schedule: As Needed Operational Impact: None

Equipment and Supplies Required: Miner Gold Card

Instructions

Task Id Responsible Party

Task Description

4.1.1 Key Holder Every Student, Staff and Faculty is assigned a Miners Gold Card upon being admitted to the University for study or employment.

4.1.2 Key Holder The key holder must go to the Miner Gold Card Office to obtain their access card.

4.1.3 MCO The Miner Gold Card Office will assign the Key Holder a unique access card and enables the basic Level I security access policy on the card.


July 1, 2013


4.2 Granting Access to Level II Areas

Level II Access Control Granting Process


CoordinatorAccess Control Grantor Parking Office

4.2.3

Requestor

must attend

Basic Lab HSE

Course.

4.2.4 Ensures

access request

is complete

and obtains

approval from

the

Department

Head.

4.2.2

Lab/Office

4.2.1

Requestor fills

out Request

Form as per

Level II Task

Instruction

Labs

Office

4.2.6 Make

keys and/or

assigns

electronic

access

Process

Complete

4.2.7 Send

email

notification to

DAC, Key

Holder, and

Campus PD4.2.8 Pick up

the Key

4.2.5 Send

form to the

Facilities

Access Control

Shop

4.2.9 Inner

Campus

Parking is paid


July 1, 2013


Procedure Name: Granting Access for Level II Areas



Overview

Purposed and Scope: Define the procedure to obtain Level II Access Authorization

Responsible Parties: Key Holder, Trainer, Department Access Coordinator, Key Coordinator, Parking Office



Instructions


Task Description

4.2.1 Key Holder The Key Holder or Department Access Coordinator fills out the Level II Access Request form included in the Level II Task Instruction in Chapter 5.

4.2.2 Key Holder If the Access request includes any laboratory, the Key Holder must attend the a Basic Lab Safety Course. Please contact EH&S at 915-747-7124 for further scheduling and information.

4.2.3 Trainer The EH&S trainer will train Key Holders on Basic Lab Safety. This is a pre-requisite for all Lab access requests.

4.2.4 Dept. Access Coordinator

The Department Access Coordinator ensures that the required training has been complete and forwards the Level II Access Request form for approval to the Department Head.


Once the Level II Access Request form has been approved, please scan and email to the Facilities Services Work Control Office for processing @ [email protected]

4.2.6 Access Control Grantor

The Access Control Grantor at the Facilities Access Control Shop will manufacture keys and/or create the required entries in the Electronic Access Control System. The Level II Access form is to be uploaded to the Application Xtender folder: FS-AccessControl-CompleteForms


The Access Control Grantor at Facilities Access Control Shop will close out the work order and notify the Department Access Coordinator, key holder and Campus Police Department that the work is complete.

4.2.8 Key Holder The Key Holder is to pick up any physical keys at the Access Control Shop on Hawthorn Street in front of the Chemistry-Computer Science Bldg. A prox card may need to be picked up at the Miner Gold Card Office if required.

4.2.9 Parking Office


July 1, 2013


4.3 Granting Access to Level III Areas

Level III Access Control Granting Process


CoordinatorAccess Control Grantor

Miner Card Office

(MCO)

4.3.2

Key Holder

must attend all

training as per

the Space

Specific Level

III Task

Instruction

4.3.4 Send

form to the

Facilities

Access Control

Shop

Process

Complete

4.3.5 Make

keys and/or

assigns

electronic

access

4.3.1

Fill out

Request Form

as per Space-

Specific Level

III Task

Instruction

4.3.7 Pick up

the Key

4.3.3 Ensures

access request

is complete

and obtains

approval from

the

Department

Head.

4.3.6 Send

email

notification to

DAC, Key

Holder and

Campus PD


July 1, 2013


Procedure Name: Granting Access for Level III Areas



Overview

Purposed and Scope: Define the procedure to obtain Level III Access Authorization

Responsible Parties: Key Holder, Trainer, Department Access Control Grantor, Key Coordinator



Instructions


Task Description

4.3.1 Key Holder The Key Holder or Department Access Coordinator fills out the Space Specific Level III Access Request form included in the Level III Task Instruction in Chapter 5.

4.3.2 Trainer Access to the specific space may require multiple sets of training on safety, operational protocol, and other items. The Space Specific Level III Access Request Task Instruction will delineate the required training. This is a pre-requisite for all Lab access requests.


The Department Access Coordinator ensures that the required training has been complete and forwards the Level II Access Request form for approval to the Department Head.


Once the Level III Access Request form has been approved, please scan and email to the Facilities Services Work Control Office for processing @ [email protected]


The Access Control Grantor at the Facilities Access Control Shop will manufacture keys and/or create the required entries in the Electronic Access Control System. The Level III Access form is to be uploaded to the Application Xtender folder: FS-AccessControl-CompleteForms


The Access Control Grantor at Facilities Access Control Shop will close out the work order and notify the Key Holder, Department Access Coordinator, and Campus Police Department that the work is complete.

4.2.7 Key Holder The Key Holder is to pick up any physical keys at the Access Control Shop on Hawthorn Street in front of the Chemistry-Computer Science Bldg. A prox card may need to be picked up at the Miner Gold Card Office if required.


July 1, 2013


4.4 Removing Access

Access Control Removal Process

Miner Gold Card Campus PoliceDepartment Access

CoordinatorAccess Control Grantor Key Holder

4.4.0 Access control removal is required.

4.4.1

Emergency

4.4.2 Contact

Campus Police

Dispatch at

915-747-5611

Yes

4.4.5 Remove

Electronic

Access Rights

4.4.3 Dispatch

Officer to

location and

Contact On-

Call Access

Coordiantor

4.4.7 Promptly

notify DAC

4.4.8 Make

Proper

notifications

Process

Complete

4.4.11 Return

the keys to the

Access Control

Shop

Process

Complete

4.4.6 Update

Access Control

Database

4.4.9 Request

Access

Removal via

iService Desk

No

4.4.4 Officer to

remove keys

from key

holder

Process

Complete

4.4.Expedite

4.4.10 Call

Work Control

Desk at 915-

747-7187

Yes

No

Immediate Action required


July 1, 2013


Procedure Name: Removing Access Control



Overview

Purposed and Scope: Define the procedure to remove all Access Authorization

Responsible Parties: Key Holder, Trainer, Department Access Coordinator, Key Coordinator



Instructions


Task Description

4.4.0 Multiple Multiple Parties can request access removal. For normal access remove due to students/faculty/staff leaving employment, the Department Access Coordinator will typically be responsible. For emergency situation, others may call in. The response shall be to over-react and shut down access to the individual or the whole access group – and investigate when the campus police arrives at the location.


Card access removal is considered an emergency if leaving access on the card in the immediate future endangers the safety or security of UTEP staff and facilities.

4.4.2 Campus Police

Contact the campus police dispatcher at 915-747-5611.

4.4.3 Campus Police

The dispatcher shall send an officer to the location to contain the situation. Once the officer is in route, the dispatcher is to contact the on-call Access Control Grantor. The dispatcher will request that the desired access removal is performed immediately.

4.4.4 Campus Police

On-site officer is to remove the person in question from the secured area and confiscate any access keys or cards.


Deactivate the Electronic Card Access.


If a work order does not exist, create a WO and insert the request information.


When the work is complete, close the WO and notify the Department Access Coordinator that the work is complete.


Notify all required that access has been removed.


July 1, 2013



If a standard remove is required, the Department Access Coordinator can request it via iService Desk @ https://fs.utep.edu:488/


If the access removal request is urgent, but not an emergency, please contact the Facilities Services Work Control at 915-747-7187

4.4.11 Key Holder The key holder is to return their keys to either: 1. Human Resources 2. Department Access Coordinator 3. Facilities Services Access Control Shop

https://fs.utep.edu:488/


July 1, 2013


5.0 Agreement Forms

This page was intentionally left blank


July 1, 2013


5.1 – Department Access Coordinator Agreement

This is an agreement between the named Department Access Coordinator, the Department Head and

Facilities Services Access Control Shop. By accepting this responsibility, you understand and agree to be

responsible for the management of the keys and Electronic Access Control for that particular

department. The Department Access Coordinator’s function includes the following:

1 Coordinates the issue of keys and Electronic Access Control with the Key Holder, Department Head

and the assigned Access Control Grantor.

2 Receives and issues keys/cards.

3 Maintains local records of key/card holders and key/card inventories

4 Retrieves and returns keys to Facilities Services in a timely manner.

5 Administers/coordinates keys for desks, cabinets, display cases, etc. in the Faculty, department or

operating unit. As a matter of operational policy, undertakes an annual audit of keys/cards

controlled by the Faculty, department or operating unit.

6 Report audit findings to the Access Control Supervisor by December 20th at the end of each

calendar year.

7 Report Lost or stolen keys or access cards with Campus Police. Lost or stolen keys or access cards

will not be replaced until a report has been filed with the Campus Police Department and the

Department Access Coordinator has received a copy of the police report from UTEP Campus PD.

Signature Date


Department Head

Access Control Supervisor

Date

First Name

Last Name

Department

Department Head


July 1, 2013


5.2 – Access Control Grantor Agreement

This is an agreement between the named Department Access Coordinator, the Department Head and

Facilities Services Access Control Shop. By accepting this responsibility, you understand and agree to be

the

(initial) _____Central Key Production

(initial) _____Issue, control of master keys

(initial) _____ Distribution of regular/change keys

(initial) _____ Grant Electronic Access to spaces under your Department Head’s Control

The responsibilities of the Access Control Grantor include:

1. Keep up-to-date records of an electronic key inventory

2. Keep up-to-date records on card access agreements

3. Ensure that the access policy is being followed prior to granting access to anyone

4. Ensure that all required signatures for access are obtained prior to granting access to any

building.

5. In conjunction with Access Granting Authorities, limit access to those individuals who have

documented a need to work in the facility

6. Supply audit access reports to departments as requested.

Signature Date


Department Head

Facilities Services Director

Date

First Name

Last Name

Department

Department Head

Facilities Services Director


July 1, 2013


6.0 – Task Instructions



July 1, 2013


Level II Access Request Task Instruction Task Instruction Name: Level II Access Approval Process

Document Number: AC-001 Effective Date: 01-03-2013


Overview

Purposed and Scope: This task instruction encompasses most access requests. This is to be used for Level I or Level II controlled spaces.

Responsible Parties: The Department Access Coordinator is responsible for the administration of this policy within the department. The Access Control Shop is responsible for only creating keys/cards access as per authorization given on the completed form.

Schedule: Operational Impact:

Equipment and Supplies Required:

Instructions

Resp: Task:

1. Person requesting access shall fill out the form attached to this Level II Access Request Task Instruction.

2. The Department Access Coordinator will assist the requestor to obtain necessary signatures

3. The Department Access Coordinator shall submit the finalized for in electronic form via iServiceDesk or via email to [email protected].

4. Facilities Services will create a Work Order and route to the Access Control Shop for processing

5. The Access Control Shop will perform the work and notify the key requestor, Department Access Coordinator and Campus Police Department of completion of work.

6. The work order will be closed by the Access Control Shop

mailto:[email protected]


July 1, 2013


Last Name: First Name: UTEP ID#:

1 Date:

2 Department Requesting Key:

3 Phone Number:

4 Printed Name of Dean, Director, Chairperson, Adm. Officer:

5 Printed Name of Department Access Coordinator for Return of Keys:

8 Email Address:

9 Faculty Staff Student Affiliate

For Facilities Services Use Only

Bldg Name Door File # Key # Record #

Electronic Access

Bldg Name Door Days of Week

Start Time:

End Time:

Start Date: End Date:

THE DAYS AND TIMES LISTED ABOVE WILL BE THE ONLY TIME THE BUILDING CAN BE ACCESSED OTHER THAN

NORMAL BUSINESS HOURS. START/END DATES WILL ALLOW ACCESS ONLY FOR DATES LISTED. IF NO END DATE IS

LISTED, ACCESS WILL CONTINUE UNTIL OUR OFFICE IS NOTIFIED OF TERMINATION OR UNTIL APPOINTMENT IS

EXPIRED IN BIS.)

I am responsible for the safe keeping of all keys and/or card access issued to me and agree not to exchange keys or lend my

access card to anyone; to return all keys to the Key Shop when they are no longer necessary; and to notify the Campus Police

and the Key Shop immediately upon discovery that any of the keys are lost or stolen. In the event that any key issued to me is

unreturned, there will be a $5.00 charge per key and I may be held responsible for the cost of any re-keying of locks necessitated

by such loss or theft.

I have read and understand the above excerpt from the University’s Administrative Policies and Procedures Manual.

Acticated/Delivered Date:______________ Activated/Delivered By:__________________________

Deactivated/Returned Date: _____________ Deactivated/Retured By:_________________________

Dean/Director/Chair/Admin Off Signature: __________________________________________________

Printed Name:_________________________ Signature: _____________________________________


July 1, 2013


Level III Vivarium/BSL3 Access Request Task Instruction Document Number: AC-002 Effective Date: 09-01-2012


Overview

Purposed and Scope: This task instruction encompasses access procedures to all Vivariums and BSL III spaces on campus.

Responsible Parties: Director BSL III, Director Veterinarian Services, Director Facilities Services

Policies:

Id Policy

1 This is a restricted space. Only people with the authorization from the Executive Director or Director of Veterinary Services are allowed into the Vivarium and/or BSL III facilities.

2 Before access is given, all training as specified by the IUCUC board, must be completed and documented.

3 The Executive Director of Veterinary Services shall sign off on all who are to have access into the Vivariums and/or BSL III facilities.

4 All access into the Vivarium and/or BSL III will be managed by Executive Director or Director of Veterinary Services or a designate.

5 Users shall only enter using their own credentials. Piggybacking with another user is forbidden and can results in disciplinary action up to and including termination.

6 Visitors shall get permission from the Vivarium/BSL III staff prior to entering and shall be accompanied by a trained and authorized personnel.

Instructions

Resp: Task:

Requestor Complete all training as per the IUCUC requirements.

Requestor Complete the Vivarium Electronic Access Request Form. Take the required classes and have the instructors sign that the coursework has been completed.

Director BSL III

Review and approve access to requestor who have completed all training and have legitimate business to perform in the Vivarium/BSL III facilities.

Veterinarian Once the approval from the Director of BSL III is obtained, the Veterinarian, or designate, will grant access to the requestor via the CBORD access control system. An id card, pin number and hand geometry scan is required to grant access into the facility


July 1, 2013


Figure 1: Vivarium and BSL III Facilities, Bioscience Bldg

Figure 2: Vivarium, Psychology Bldg


July 1, 2013


Vivarium Electronic Access Request Form – The University of Texas at El Paso

Last Name: Email Address:

First Name:

UTEP ID Number:

Core Courses (all non-field protocol participants)

PHS Policy on Humane PHS Policy Due:

Pain Recognition Pain Recognition Due:

Post Procedure Care Post Procedure Care Due:

Working w/ Lab Mouse Lab Mouse Due:

Vivarium Orientation Vivarium Orientation Due:

Zoonotic Diseases Zoonotic Diseases Due:

Core Courses (all field protocol participants)

Field Studies Field Studies Due

Core Requirements (all protocol participants)

Basic Laboratory Safety BLS Due

Blood borne Pathogens BBP Due

OHP ??? Date OHP Due

OHP Clearance Date

Specialty Courses

Mouse Bleeding Bleeding Due

Genetic Mice Genetic Mice Due

As of __________(date), the above named individual has completed requirements for participation in animal care and use activities per Institutional Animal Care and Use Program policies and is listed as a participant on an animal use protocol.

Signature, IUCUC Administrator Date

Request this participant be given access to the Bioscience Research Building Vivarium [ ], the Psychology Building Vivarium [ ], (check one or both). Request access ber granted for following periods (i.e. 24/7 or M-F 7am – 6pm) ________________________________

Signature, Responsible Party Date

I have reviewed both Electronic Access Control and Vetarinary Services Operating Procedures and understand that wrongful actions can lead to disciplinary action up to and including termination.

Signature, Requestor Date


July 1, 2013


Signature, Approving Authority Executive Director or Director Veterinary Services

Level III Administration 5th Floor Access Request Task Instruction Document Number: AC-003 Effective Date: TBD

Approved By: TBD Date Last Revised: XX-XX-2011

Overview

Purposed and Scope:

Responsible Parties:



Instructions

Resp: Task:


July 1, 2013


Level III Human Resources Access Request Task Instruction Document Number: AC-004 Effective Date: TBD


Overview

Purposed and Scope:




Instructions

Resp: Task:


July 1, 2013


Level III Chemistry Bldg: Chemical-Storage RM XXX Access Request Task

Instruction Document Number: AC-005 Effective Date: TBD


Overview

Purposed and Scope:




Instructions

Resp: Task:


July 1, 2013


Level III Engineering Rm XXX: Govt US Citizen only lab Document Number: AC-006 Effective Date: TBD


Overview

Purposed and Scope:




Instructions

Resp: Task:

standard operating procedure - admin portal...

Documents