Keys and Building Access Cards

Effective: Moved to Policy Library from UPM 12.5(1)
Updated/Revised: December 11, 2024
Contact: Department of Public Safety– Building Security Service

Introduction

This policy clarifies the issuance and accountability of all keys and access cards which control access to university buildings and their contents.

Building Security Services (BSS) and Key Management (KM) are units within the Department of Public Safety (DPS) that manages keys and manages building access cards to university faculty, staff and students for all general university buildings.

Policy Statement

This policy is established to provide university leaders information and authority to audit and regulate the issuance, transfer and return of all keys and building access cards under the keyed and access controlled system for Iowa State University. This policy outlines the responsibilities of departmental personnel, as well as the holders of keys and access cards.

This policy applies to any individual who has been granted authorized access to any university property. All key and building access card holders are responsible for the keys and access cards assigned to them.

It is the intent of the university that all buildings shall be locked outside of normal working hours to maximize the security of the buildings, occupants, and building contents.

Authorized Locks, Keys, and Access Cards

The installation, changing or removal of locks shall be performed only by DPS Building Security Services through a service request. Electronic locks installed on exterior door(s) must be connected to the ISU network centrally controlled system. Unauthorized locks are prohibited on doors and if found will be removed and discarded. Any damages or repairs resulting from the removal of unauthorized locks will be the responsibility of the department if found in violation of this policy.

All keys and building access cards are the property of Iowa State University. DPS Building Security Services is the only authorized supplier for university keys. No person shall knowingly possess an unauthorized key or access card for Iowa State University.

ISUCards (university identification cards) issued after May 2009 incorporate dual technology which allows building access. The ISUCard and dual technology card are issued by the ISUCard Office. Holders of the original ISUCard and the original white Building Access Card will continue to use their cards until one of the cards no longer works.

Building Master Keys

Issuance of a Building Master Key (BMK) is regulated through DPS. BMK’s can override Department Master Keys.  It is the standard practice that only a Department Master Key (DMK) can be issued to building employees as the highest-level key.  Departments are encouraged to utilize change keys and the lowest level key for employees to perform their duties.  In the event that an employee believes it needs a BMK, the following process shall be followed:

  1. Employee and Key Coordinator submit a request to BSS stating which BMK is requested.
  2. BSS and/or KM review the request.
  3. BSS and/or KM forwards to AVP/Chief of Police with recommendations. 
  4. AVP/Chief of Police publishes a decision to BSS and/or KM.

BSS, KM, and AVP/Chief of Police will evaluate the request for a BMK on the following criteria:
Is there an alternative way to complete the tasks without the usage of a BMK?

  1. Can the task be completed with the usage of a DMK?
  2. Does the issuance of a BMK compromise security for other non-requestor affiliated spaces?
  3. Does the requestor/department have a prior history of timely returns on audits?
  4. Does the requestor have mitigating circumstances (behavioral, performance, attendance, etc. not conducive to issuance?

Lost or Stolen Keys

In the event a key is lost or stolen, DPS will decide in consultation with the appropriate dean, director, or other designated university leader responsible for the door associated with the lost key if rekeying needs to occur. Costs associated with the rekeying will be paid by the issuing department. Fees for keys not returned are the responsibility of the issuing department. If the issuing department wishes to recover any of these costs from the employee, they must work directly with ISU Accounts Receivable to accomplish that.

Duplication or Lending Prohibited

Duplicating and/or lending keys are prohibited. If an individual lends his/her key(s) to anyone or makes a duplicate so that others can gain access to university property, he/she may be subject to disciplinary action from his/her supervisor and loss of access privileges to university buildings.

Responsibilities

Dean, Director, or other university leader is responsible for:

  • The full implementation of this policy within his/her areas.
  • Appointing a member of his/her department to be responsible for the duties of department Key Coordinator and/or department Card Coordinator.
  • Approving the completed annual key and card access audits.
  • Maintaining appropriate departmental records subject to an internal audit.
  • Consult with DPS to determine if rekeying needs to occur in the event that a key is lost or stolen (costs associated with the rekeying will be paid by the employee/department).

Departmental Key Coordinator is responsible for:

  • Completing a Key Request form (see Resources below) to assist employees with the request for a new or replacement key.
  • Completing an annual audit for all individuals who have key access to your department/area (see Resources below).
  • Renewing annually the keys issued to students who have continuing need for the keys.
  • Notifying DPS Building Security Services when an individual has left, no longer requires access, or has returned a key.
  • Returning keys to DPS Building Security Services (keys are issued to individuals and will remain in the key holder's name until FP&M physically receives and processes the keys as returned).
  • Reporting lost or stolen keys immediately (within 24 hours of discovery) to DPS Building Security Services via email to buildingsecurity@iastate.edu or by calling 294-4211; or after hours at 294-4428 to file a report.

Departmental Card Coordinator is responsible for:

  • Completing an Access Card Request form (see Resources below) to assist employees with card access to doors within your department/area.
  • Completing an annual audit for all individuals who have card access to your department/area (see Resources below).
  • Notifying DPS of Students who no longer need access so the access can be removed.
  • Notifying DPS Building Security Services to remove access privileges to your department/area when an individual has left, no longer requires access, or has returned a card.
  • Returning access cards that are no longer needed to DPS Building Security Services for re-programming and re-use.

  • Reporting lost or stolen access cards immediately (within 24 hours of discovery) to DPS Building Security Services via email to buildingsecurity@iastate.edu or by calling 294-4211; and after hours contact police at 294-4428 to file a report.

Technician external to the department (e.g., ITS, EH&S, FP&M personnel) is responsible for:

  • Initiating key or card access request form.
  • Obtaining appropriate dean, director or department chair approval for access into the department's space.
  • Rekeying when keys are lost by technician(s) external to the department as determined by DPS.

Department of Public Safety is responsible for:

  • Enhancing safety, personal security, and campus access services. 
  • Monitoring, evaluating, and responding to access control alarms generated by the campus-based access control system.
  • Analyzing and querying access control transactional data as required to meet assigned responsibilities.
  • Monitoring closed and/or secured campus facilities and providing emergency or approved after-hours access.
  • Working with FP&M to schedule and complete required manual locking and unlocking of designated campus facilities.
  • Meeting the requirements listed under both the Department Key and Card Coordinator responsibilities.
  • Maintain a complete and secure set of metal keys to university facilities for emergency and police access.
  • Providing Crime Prevention Through Environmental Design (CPTED) input and/or assistance as requested by FP&M or individual units on campus.
  • Providing input and/or advice to FP&M and the relevant unit on re-keying in the event that a key is lost or stolen.

  • Determining if rekeying should occur and consult with the Dean, Director or other impacted university leader in the event that a key is lost or stolen.

Key Holder is responsible for:

  • Picking up keys from DPS Building Security Services.
  • Maintaining and securing keys issued to them.
  • Reporting lost or stolen keys to departmental Key Coordinator immediately (within 24 hours of discovery).
  • Confirming that the key has been cleared from their records.
  • Paying any replacement fee resulting from loss or failure to return an assigned key.

Card Holder is responsible for:

  • Reporting lost or stolen ISU Building Access Card immediately (within 24 hours of discovery) to DPS Building Security Services via email to buildingsecurity@iastate.edu or by calling 294-4211.

Resources

Links

Files