Page 9 - Flipbook test Policy & Procedure_Neat
P. 9
EMORY UNIVERSITY
o Are accessible only by individuals who have been authorized
o Are of sufficient construction quality, design, and strength to prevent being
access by brute force. Walls should be of solid construction, and the room
should not be vulnerable to intrusion through the walls, from under the floor,
or through the ceiling.
o Have a documented physical access security plan which includes:
Procedures on how to apply for access
A list of authorized approvers for access requests
Procedures for validating/verifying access requests
Procedures for allowing facility maintenance, documenting
maintenance performed, and saving maintenance logs until no
longer required.
Procedures for requesting, authorizing, and approving visitor
access, including the requirement that visitors be escorted or
monitored (e.g. via video) at all times.
Mechanisms for logging all access to the facility
Have appropriate environmental controls
Items attached to sturdy immovable objects via cable locks (like a laptop connected to a
desk) may also be considered physically secure.
Conversely, areas that do not meet this criteria would not be considered secure.
Registrar Guidelines
The Registrar has set the following guidelines to ensure we are abiding by the University Search
& Secure Policy:
Everything that falls under the “Categories of sensitive information” must be locked up
during non-business hours.
When away from your desk for long periods of time, do not leave sensitive data on your
desk... lock it up!
If you are working on sensitive electronic data, lock your computer when you step away
from your desk for long periods of time. To lock your computer select ctrl+alt+delete
and select “lock this computer”.
File cabinets, overheads, and drawers containing sensitive information should be locked
during non-business hours.
Keys to DP and Service Area filing cabinets are locked up in the safe every night.
Key to backroom and Testing & Evaluation is located in the Administrative Office.
The door leading from the Production Area to the building common area is to be kept
shut and locked at ALL times. Those that do not work in the Production Area should not
use this door to enter or exit the office.
Fax machine should be turned off every night.
Do not place confidential information in employee mailboxes. Give the documents
directly to the individual.
A retention plan is in place and enforced for all stored documents under the Registrar’s
realm of responsibility.
Checkpoints:
Monthly computer and physical desktop check to ensure compliance
o Everyone will be asked to signoff acknowledging compliance
May 30, 2013 Page 9
