/Institutions/Cumberland-University/json/Current-Catalog/University-Policy-local.json

/Institutions/Cumberland-University/json/Current-Catalog/University-Policy.json

Policy > Red Flags > PG--Physical Access Zones

PG--Physical Access Zones

PG--Physical Access Zones
Policy

________________________________________
Document Number: REDFLAG--105 Revision #: 1.0
Document Owner: Executive VP Date Last Updated: 08/17/2012
Primary Author: Executive VP Status: Approved
Date Originally Created: 12/14/2011
________________________________________
General Description
Description: Information about physical access zones relative to the Red Flags Identity Theft Policy.

Purpose: Delineation of policy.

Scope: All faculty, staff, students, and administrators

Responsibility: Administration
Executive VP
VP of Business and Finance
________________________________________
Requirements
Relevant Knowledge: In order to comply with this policy you should know:
Current University policy
Federal statutes
Local statutes
Standard company policies
Standards of good practice
State statutes
Terms and Definitions: Additional training

Corrective Action

Loss of privilege, general
________________________________________
Policy Provisions
1. Physical Access Zones

The University will establish, maintain, and enforce physical access zones in all of its facilities to control and limit access to CSI areas. There are four types of color coded zones, each with different access requirements.

1. Green Zones. Green zones are low priority public areas where everyone has access.
2. Yellow Zones. Yellow zones are moderate priority operational or information processing areas. All employees are authorized in these zones. Service providers, customers, and visitors must be accompanied by an employee.
3. Red Zones. Red zones are high priority areas containing proprietary information, record storage, or data bases. Access is limited to authorized employees only. All others must be identified, verified, and have an escort at all times.
4. Grey Zones. Grey zones are transition zones where risk fluctuates as CSI enters and leaves. The transition zone takes on the characteristics of other zone requirements when CSI is introduced. Conference rooms and vehicles are good examples.



________________________________________
Performance Evaluation
Performance Metrics: Compliance with standard policy and procedure
Compliance with federal mandate

Consequences: Further training
Loss of privileges
________________________________________
Subject Experts
The following may be consulted for additional information.
VP of Business and Finance