INT145 Key Control Policy

Sec. 1 Purpose.

The purpose of this policy is to provide electronic card key and metal key access to offices of University of Texas System Administration employees located at the System Administration Complex facilities, to control security and access to the complex, and to maintain control of the number of keys issued to employees.

Sec. 2 Issuance of Keys.

2.1 Routine access to locked System Administration facilities or areas within those facilities that is required for the performance of an employee's assigned duties will be provided through the issuance of an appropriate key to allow entry.

(a) The Facilities Manager has immediate responsibility for the issuance of metal keys and for maintaining records of all keys issued for access to System Administration facilities.

(b) The Office of Employee Services has immediate responsibility for issuance of electronic card keys and for maintaining records of the access cards provided for those facilities in which a computerized magnetic locking system has been installed in accordance with approved procedures.

(c) Keys may be issued to System Administration employees only upon authorization by a responsible department head and approval by the Facilities Manager or the Office of Director of Police. Any disputes on the issuance of keys are resolved by the Executive Vice Chancellor for Business Affairs.

(d) Persons to whom keys are issued assume full responsibility for the security and proper use of keys issued to them. Key recipients must agree they:

(i) may not lend or otherwise permit any type of keys issued to them to be used by any person not authorized;

(ii) may not duplicate or alter the key and may not allow others to do so;

(iii) must report the loss or theft of any key within 24 hours to the Office of Facilities Management, Director of Police, their immediate supervisor, and their department head; and

(iv) shall return the issued key(s) to the Office of Employee Services upon relocation, reassignment, retirement, or termination of employment. (Office of Employee Services will not certify clearance forms for individuals terminating employment from System Administration until all keys issued to the employee have been returned.) Keys may not be sent through the U.S. or campus mail; rather, they must be delivered in person. Keys must also be turned in to the Facilities Manager for office relocation.

(e) Appropriate fees approved by the Facilities Manager will be assessed for damage, loss, or failure to return an assigned key for replacement of an assigned key. Additionally, rekeying costs also may be assessed for each lock affected by a lost or unreturned key.

2.2 Key Control Procedures.

(a) The Facilities Manager is the final authority to approve the issuance of a building master and/or area submaster key(s) or electronic card keys allowing full access to System Administration facilities.

Department heads and directors are authorized to approve requests for individual office or room key(s) or electronic card keys for employees.

(i) When requesting a metal key, a Key Request memorandum or email must be properly approved and submitted to the Facilities Manager. When issued, the employee must personally go to the U. T. Austin Locks and Keys Shop to be issued the key and sign for the key.

(ii) No more than one key for a particular lock will be issued to an individual. Special exception may be granted upon written approval by the Facilities Manager.

(b) The authorizing department head is responsible for:

(i) initiating requests for metal keys to be issued to employees in their department;

(ii) maintaining current, accurate records of all metal keys approved by him/her;

(iii) ensuring keys are returned when the employee no longer needs the key(s) or terminates employment;

(iv) verifying reports of lost or stolen keys with the Office of Facilities Management within 24 hours of discovery of theft or loss;

(v) paying applicable rekeying costs when employees lose or do not return issued keys upon termination and rekeying is determined necessary; and

(vi) preventing the installation of door locks that have not been approved by the Facilities Manager.

(c) The Facilities Manager is responsible for:

(i) approving the issuance of building master keys, or area submaster keys allowing full access to System Administration facilities;

(ii) approving 24/7 full access or other type of a typical access;

(iii) maintaining a keying system that provides security and convenience to departments occupying System Administration facilities;

(iv) maintaining current, accurate key control records and issuing reports of keys issued as required; and

(v) acting promptly upon reports of the loss or theft of all keys to ensure appropriate investigation and determination of security risks.

(d) The key recipient is responsible for:

(i) using issued key(s) to gain access only to authorized area(s) to conduct University business and for the safekeeping of all University keys in his/her possession;

(ii) storing keys in a locked storage cabinet when not in his/her possession. Filing cabinets, desk drawers, and lockers are not considered to be secure storage areas for University metal keys or electronic access cards;

(iii) ensuring the door(s) to a keyed assigned work area is properly locked or otherwise secured at the conclusion of work;

(iv) returning issued keys to the Facilities Manager that are no longer needed due to relocation, reassignment, retirement, or termination of employment;

(v) reporting lost or stolen keys to the Facilities Manager, as prescribed in this policy, within 24 hours of discovery of loss or theft; and

(vi) paying for replacement of lost keys or keys not returned upon transfer or termination of employment and for possible rekeying required by negligent loss of keys.

(e) The Office of Employee Services is responsible for:

(i) approving the issuance of electronic card keys;

(ii) maintaining a secure electronic database to support an electronic card key system for System Administration facilities;

(iii) providing individually encoded electronic access card keys that provide access to selected facilities for authorized individuals; and

(iv) acting promptly upon reports of the loss or theft of electronic card keys to ensure maintenance of facility security.

Sec. 3 Lost or Stolen Keys.

The loss or theft of keys (metal and electronic card keys) must be reported within 24 hours of discovery of the loss or theft to the Office of Facilities Management, the Office of Director of Police, the Office of Employee Services, the immediate supervisor, and the administrator who originally authorized issuance of the key or card. Individuals issued the lost or stolen key(s) shall be responsible for paying the applicable replacement fees. Replacement metal keys will be issued only after submission of a new key request authorization form and payment of applicable fees. Fees for unreturned keys, including lost and stolen keys, and for replacement of keys or cards shall be as approved by the Facilities Manager.

Sec. 4 Rekeying.

4.1 As a general rule, the rekeying of rooms and/or buildings will be required whenever metal keys are lost or stolen if the Director of Police, after analyzing the circumstances associated with the loss or theft, determines that security of the affected facility has been compromised. In such cases, the individual to whom the key was issued and/or the department head that authorized issuance of the key may be held responsible for the costs of the rekeying. Decisions to require rekeying at departmental expense may be appealed to the Facilities Manager.

4.2 Departments may also unilaterally request rekeying of locks by submitting a written request justifying the requirement for rekeying to the Facilities Manager. Rekeying is not considered routine maintenance and the department requesting rekeying normally will be charged for the work.

Sec. 5 Vendor and Contractor Keys.

Temporary metal or electronic card keys may be issued to outside vendors and contractors that need after- hours access to System Administration facilities when no other alternative is available. Such access must be approved by the Facilities Manager upon submission of a written justified request by the appropriate authorized administrator of the department or office accepting responsibility for supervising use of the temporary keys. Before keys are issued, vendors and contractors will be required to sign an agreement to pay rekeying costs if for any reason they fail to return issued keys. Vendors and contractors must also acknowledge that funds may be retained from payments due the vendor or contractor in order to reimburse the System Administration for costs associated with rekeying the affected area(s).

Sec. 6 After-Hours or Temporary Access.

6.1 When a department or office requires access to System

Administration facilities during periods other than normal working hours, arrangements can be made to have the facility or area opened. The department or office must provide adequate advance written notification to the Office of Facilities Management for arrangements to open and close the facility.

The department will make arrangements with the Office of the Director of Police to assign an overtime guard to control access to the facility. The department is responsible for providing an account to pay the overtime personnel.

6.2 Employees may access the System complex, including the parking garage, after hours, on weekends, or holidays as long as they possess their employee badge/electronic card key and display it upon request by the guard on duty. For safety reasons, employees shall make contact and inform the System complex guard of their presence and upon their departure.

Sec. 7 Penalty for Unauthorized Key Use.

Any person, who knowingly makes, duplicates, possesses, uses, or allows a person not authorized to use keys for entry of System Administration facilities or rooms without the appropriate authorization will be subject to administrative disciplinary action and may be criminally prosecuted under the laws of the State of Texas.