PG--Physical Access Zones
________________________________________
Document Number: REDFLAG--105
Revision #: 2.0
Document Owner: VP of Business and Finance
Date Last Updated: 04/25/2018
Primary Author: VP of Business and Finance
Status: Approved
Date Originally Created: 12/14/2011
________________________________________
General Description
Description:
Information about physical access zones relative to the Red Flags Identity Theft Policy.
Purpose:
Delineation of policy.
Scope:
All faculty, staff, students, and administrators
Responsibility:
Administration
VP of Business and Finance
________________________________________
Requirements
Relevant Knowledge:
Current University policy
Federal statutes
Local statutes
Standard company policies
Standards of good practice
State statutes
Terms and Definitions:
Additional training
Corrective Action
Loss of privilege, general
________________________________________
Policy Provisions
1. Physical Access Zones
The University will establish, maintain, and enforce physical access zones in all of its facilities to control and limit access to CSI areas. There are four types of color coded zones, each with different access requirements.
1. Green Zones. Green zones are low priority public areas where everyone has access.
2. Yellow Zones. Yellow zones are moderate priority operational or information processing areas. All employees are authorized in these zones. Service providers, customers, and visitors must be accompanied by an employee.
3. Red Zones. Red zones are high priority areas containing proprietary information, record storage, or data bases. Access is limited to authorized employees only. All others must be identified, verified, and have an escort at all times.
4. Grey Zones. Grey zones are transition zones where risk fluctuates as CSI enters and leaves. The transition zone takes on the characteristics of other zone requirements when CSI is introduced. Conference rooms and vehicles are good examples.
________________________________________
Performance Evaluation
Performance Metrics:
Compliance with standard policy and procedure
Compliance with federal mandate
Consequences:
Further training
Loss of privileges
________________________________________
Subject Experts
The following may be consulted for additional information.
VP of Business and Finance