Contents:
- Purpose
- Scope
- Definitions
- General
- Requesting Access
- Access Changes/ Key Returns
- Lost Keys
- Reporting
- Replacement
- Security Assessment
- Associated Cost Recovery
- Key Returns
- Lost Keys
- PSU id+ Card/ Electronic Access
- Lost id+ Card
- Audits
- Retention and Disposition
PURPOSE:
This policy is to clarify the University Libraries internal procedures for key and card access in compliance with University Policy AD68 University Access Policy and Procedure SY2001 University Access: Clearances, Keys and Access Devices.
SCOPE:
This policy applies to all University Library facilities and the individuals using these facilities, in accordance with Policy AD68 University Access Policy “to protect the safety, security, privacy and property of the University, and the individuals assigned to use University facilities by controlling access to such facilities.”
Note: Keys other than University Keys, as defined herein (equipment locks, desk, computer, cabinet keys, etc) fall under locally established guidelines and are not covered under this policy.
Enforcement of this policy and procedures is the responsibility of the University Libraries Access Coordinator. No exceptions or changes will be allowed without written approval from the University Police Deputy Director of Operations and the Director of Physical Security, in conjunction with the appropriate Budget Executive.
DEFINITIONS:
The following definitions are pertinent to University access, as discussed in this procedure and its related polices:
Access Control System – An electronic security system that can be activated by an access credential. The system electronically controls locking and unlocking of doors, identifies and records cardholder information, and logs system events.
Access Coordinator – Ensures that clearances, keys, and access credential devices are issued for authorized areas.
Access Credential Device (ACD) – Identifies the holders rights and privileges to enter a specific area. Devices may include a card, fob or tag.
Clearance – Refers to a person’s approved rights to access a facility.
Key – Traditional metal key or similar device that is used to unlock or lock specific non-electronic locks., responsible for overseeing, advising, and enforcing Policy
Key Types
- Grand Master Key – Opens multiple doors in multiple buildings.
- Facility Perimeter Key – an emergency key maintained by University Police and the OPP Work Reception Center, in a secured manner.
- Building Master Key – Opens most doors within a building
- Building Sub-master Key – Opens multiple interior doors within an area of a building.
- Facility Entrance Key – Opens building entrance doors.
- Individual Door Key – Open specific door(s) within a building.
- Control Key – device used to remove and replace a lock core. Such keys will be held by the University Lock Shop, or University approved locksmith.
Work Reception Center (WRC) – A department within the Office of Physical Plant charged with maintaining University keys/ACD’s for individual sign-out.
University Access Controller(s) – Representatives from the University Police and Public Safety who are responsible for overseeing, advising and enforcing Policy AD68 University Access and Procedure SY2001 University Access: Clearances, Keys and Access Devices.
GENERAL:
Penn State University promotes an open access environment while properly assigning building and room access to faculty, staff, students, and organizations contracted with the University. Requests for access must follow the established authorization protocol, as specified within this policy and related documents. The possession of a key or electronic clearance, does not extend beyond their assigned area or work schedule.
All keys and Access Credential Devices (ACD) referred within this policy are the property of the Pennsylvania State University and are not to be duplicated by any faculty, staff, or student. Anyone found responsible or in possession of duplicated keys and/or ACDs, will be referred to Human Resources, Physical Security and/or Police Services as determined for appropriate sanctions.
REQUESTING ACCESS:
The employee’s supervisor must complete the Account Request System form found on the Libraries Intranet, under Staff Tools. Upon receipt of the Account Request, the University Libraries Access Coordinator will review the request for approval. Upon approval, a Facilities Access Authorization Request form will be completed by the University Libraries Access Coordinator, indicating the key serial number and/or clearance to be assigned to their PSU ID card. Prior to key or card access being assigned, the employee must sign and agree to abide by Policy AD68 University Access, initial and date the Key Issuance Log.
Note: The key serial number must be documented on the Facilities Access Authorization Request form Procedure SY2001 University Access: Clearances, Keys and Access Devices.
The Supervisor will sign the AD68 Advisement Statement section of the Facilities Access Authorization Request form, acknowledging the approval of request and have advised the Requestor of Policy AD68 University Access and provided a copy if requested.
Once all signatures are collected, the University Libraries Access Coordinator sign off approval on the Facilities Access Authorization Request form, retain a signed copy on file and update the key inventory system to reflect issuance.
ACCESS CHANGES / KEY RETURNS:
When an individual’s access requirements change, the individual’s supervisor must notify the University Libraries Access Coordinator, in writing, the effective date and needed changes. The employee (or supervisor if the employee is unable) must return the unneeded key(s)/ ACD’s to the University Libraries Access Coordinator and update the Key Issuance Log section of the Facilities Access Authorization Request form.
LOST KEYS:
Reporting
All lost keys must be reported immediately by the key holder to the University Libraries Access Coordinator. Upon receiving the report, the University Libraries Access Coordinator will report the lost keys to the University Police and University Physical Security.
Replacement
If a key is determined to be “unrecoverable,” the Access Coordinator and key holder will follow the steps listed previously in the “Requesting Access” section herein this policy.
Security Assessment
The Access Coordinator, University Access Controller and responsible budget executive will assess the vulnerability of the area(s) compromised by the lost key to determine the corrective measures needed to restore appropriate access control to the affected area(s).
Associated Cost Recovery
Recovery costs will be charged to the individual department for each lost or unreturned key and/or access credential devices issued by the University. If the Security Assessment process determines that new cores be installed, such actions will be completed with the recovery cost being charged to the department.
At the discretion of the Budget Executive/ Budget Administrator, recover cost may be passed on to the key holder.
KEY RETURN:
Upon leaving University Libraries, the employee or employee’s supervisor are required to notify the University Libraries Access Coordinator to make appropriate changes, including returning their keys and removal of card access, as applicable. Any key that is not returned will be subject to steps listed previously in the “Lost Keys” section herein this policy
PSU id+ CARD / ELECTRONIC CLEARANCES:
In accordance with University Policy AD24 Identification Cards for Students, Faculty/Staff, Affiliates, and Retirees all id+ card remain the property of the Pennsylvania State University and are non-transferable. Only the cardholder may be in possession of their id+ card. The University Libraries Access Coordinator will assign the approved electronic clearance to the employee’s assigned PSU id+ card.
Lost id+ Card
If at any time the card is lost, stolen or misplaced, it must be deactivated immediately online at https://idcard.psu.edu/ or by calling the id+ Office 814-865-7590 during business hours. Once a card is deactivated online, the cardholder’s door access will be suspended. The electronic door access will be reinstated once the cardholder replaces their card or reactivated card online at https://idcard.psu.edu/ after the original card is found.
AUDITS:
University Physical Security requires all Access Coordinators are required to perform a review of their key inventory and electronic clearances, investigate any discrepancies, and forward the report of findings and/or discrepancies to University Physical Security.
Action on any discrepancy will be decided by the University Access Controller. Any key that is not accounted for will be subject to steps listed previously in the “Lost Keys” section herein this policy.
RETENTION AND DISPOSITION:
University Records must be retained and managed in accordance with Policy AD35 - University Archives and Records Management , and records schedules approved by the Records Management Advisory Committee.
Effective Date: February 1, 2010
Date Approved: February 1, 2010 (Dean's Library Council)
Revision History (and effective dates):
- July 2022 - Revised to align with the University Access Policy. Updated policy number from UL-AD22 to UL-AD68.
- September 7, 2021 - Revised language to "non-student hourly employees."
- February 1, 2010 – New policy
Last Review Date: July 2022