Policy

PG--Physical Access Zones

________________________________________
Document Number: REDFLAG--105
Revision #: 2.0
Document Owner: VP of Business and Finance
Date Last Updated: 04/25/2018
Primary Author: VP of Business and Finance
Status: Approved
Date Originally Created: 12/14/2011
________________________________________
General Description

Description:
Information about physical access zones relative to the Red Flags Identity Theft Policy.

Purpose:
Delineation of policy.

Scope:
All faculty, staff, students, and administrators

Responsibility:
Administration
VP of Business and Finance
________________________________________
Requirements

Relevant Knowledge:
 
Current University policy
Federal statutes
Local statutes
Standard company policies
Standards of good practice
State statutes

Terms and Definitions:
Additional training
Corrective Action
Loss of privilege, general
________________________________________
Policy Provisions

1. Physical Access Zones

The University will establish, maintain, and enforce physical access zones in all of its facilities to control and limit access to CSI areas. There are four types of color coded zones, each with different access requirements.

1. Green Zones. Green zones are low priority public areas where everyone has access.
2. Yellow Zones. Yellow zones are moderate priority operational or information processing areas. All employees are authorized in these zones. Service providers, customers, and visitors must be accompanied by an employee.
3. Red Zones. Red zones are high priority areas containing proprietary information, record storage, or data bases. Access is limited to authorized employees only. All others must be identified, verified, and have an escort at all times.
4. Grey Zones. Grey zones are transition zones where risk fluctuates as CSI enters and leaves. The transition zone takes on the characteristics of other zone requirements when CSI is introduced. Conference rooms and vehicles are good examples.



________________________________________
Performance Evaluation

Performance Metrics:
Compliance with standard policy and procedure
Compliance with federal mandate

Consequences:
Further training
Loss of privileges
________________________________________
Subject Experts

The following may be consulted for additional information.

VP of Business and Finance