Skip to main content

Plant Operations
Division of Administration

Plant Operations renamed Vanderbilt University Maintenance and Operations (VUMO), learn more.

  2. Building Access Procedure

Building Access Procedure

Purpose

In the interest of providing the Vanderbilt University community with a safe environment to learn, teach, live, and work, the University limits and controls keys to University facilities and spaces. Keys and locks to University facilities and spaces are the property of Vanderbilt University, and should be obtained and managed in accordance with this procedure. The specific purpose of this procedure is to ensure that keys are issued only to appropriate persons and for appropriate reasons; to define the responsibilities of University key holders; and to provide for the responsible care of keys held by key holders. Keys are managed according to the risk that would be presented by the key being lost, missing, or stolen.

Scope

This procedure applies to all students, faculty, staff, vendors, suppliers, designers, consultants, and contractors accessing University controlled areas. However, this procedure does not include card access locks, keys for leased space, Vanderbilt University Real Estate held properties, rental housing units, or construction sites wholly controlled by a contractor.

Terms/Definitions

Authorized Key Requestor The key shop will coordinate new key requests, key transfers, and core changes with the head of the applicable department/school/college or authorized designee. If not performing the function themselves, the head of the applicable department/school/college or authorized designee are responsible for designating up to three persons in their department the function of Authorized Key Requestor, and for notifying the key shop when the designated person is no longer authorized to request keys/lock changes. Authorized Key Requestors are the only persons whom may submit requests and be issued keys by Plant Operations, including all requests for key copies/duplicates, re-keying of existing locks, recoding or adding codes to combination locks, adding locks to access points, and removing locks from access points with authorizations as defined within this procedure. 

Emergency Key Keys maintained in a thus designated inventory by Plant Operations, grouped by building, that are issued in order to respond to and mitigate incidents which threaten human health, property, or the environment.

Exterior Door Key Key that opens an exterior door to a building. On buildings controlled by card access an exterior door key will be managed in the same manner as a Master Key for the purposes of this procedure. On buildings not controlled by card access an exterior door key will be managed as an operator key for the purposes of this procedure.

Grand Master and Great-Grand Master Key Key that opens both exterior and interior locks across multiple buildings.

High-Risk Key Keys which are defined as Master Key, Grand Master, Great-Grand Master, Restricted Access Key, and/or an Exterior Door Key managed as a Master Key. The issuance of high-risk keys is restricted.

High-Risk Area An area within a building, structure, or space which are typically certain research and lab areas, special storage areas, electrical-mechanical spaces, high-voltage rooms, roof access, exterior gates, athletic areas, areas where hazardous items are contained therein, or where routine access is not appropriate.

Master Key Key that opens all (or most) interior locks within a given building.

Operator Key Key that opens a few individual locks within a building. Typical configuration would be that an operator key opens the main door into a department, and one or more other doors within that department.

Restricted Access Key Key which provides access to certain areas which are identified as High-Risk Areas which thus should be designated for restricted access due to an increased need for security or because of a special hazard.

Sub-Master Key Key that opens all interior locks within a department, or group of departments, or other defined area within a building. Also may be a key that opens all interior locks within a department within multiple buildings.

Temporary Issued Key Temporary Issued keys are keys signed out at Building Systems Control (BSC) customer service window, and are for persons who have a legitimate access need, but who do not need such access on an ongoing/indefinite basis. Typical sign outs are maintenance employees needing short-term access to fulfill a work request, or a University construction project manager needing access on an extended-term basis, not to exceed 2 years, to complete a project.

University Key Key that opens University-controlled buildings, facilities, structures, or exterior spaces, to include gates and padlocks. University keys include Exterior Door Keys, Grand Master Keys, Great-Grand Master Keys, Master Keys, Operator Keys, Restricted Access Keys, Sub-Master Keys, Temporary Issued Keys, and Emergency Keys. For the purposes of this procedure, this would exclude keys to lockers, desks, systems furniture, vehicles and equipment, or cabinets, all of which are controlled at the department level.

 Practice

 A building’s key and lock system design will be developed only by the key shop and in conjunction with the person(s) designated by the head of the applicable department/school/college or authorized designee. Structurally the system may have four potential levels: 1) Exterior door key; 2) master key; 3) sub-master key; and 4) operator key.

No lock (with the exception of security system spaces, information technology spaces, roof access points, service closets, electrical-mechanical spaces, and construction areas) will be allowed to be on a key which is not on the building master system without prior authorization from the Assistant Vice Chancellor for Plant Operations AND the head of the applicable the department/school/college or authorized designee.

 

Authorization for the Issuance of Keys Every department that requests, holds, or issues keys must have an internal control procedure for the issuance of University Keys. Documented authorization for keys to be issued shall be as follows:

  • Exterior Door Key Same as Master Key on buildings controlled by card access. Same as Operator Key on buildings not controlled by card access.
  • Grand Master and Great-Grand Master Key Assistant Vice Chancellor for Plant Operations AND Vice Chancellor for the Division of Administration.
  • Master Key Assistant Vice Chancellor for Plant Operations AND the head of the applicable department/school/college or authorized designee.
  • Operator Key Authorized Key Requestor designated for the department which occupies the space secured.
  • Restricted Access Key Assistant Vice Chancellor for Plant Operations AND the head of the applicable department/school/college or authorized designee responsible for the area secured (Housing, IT, Facilities, departmental authorized key requestor/receiver)
  • Sub-master Key Assistant Vice Chancellor for Plant Operations AND the Authorized Key Requestor designated for the department which occupies the space secured.
  • Key Inventories - Each department/school/college that requests, receives, issues, or holds keys either as an entity or through employed individuals should initiate and then maintain an inventory of all keys held by individuals, in key boxes, or by stored by other means within their department. Such inventory should at least include the key number, the individual to whom the key is assigned or whom is responsible, the location of the key if in a departmental key box, and the space to which the key provides access.

It is highly recommended that all High-Risk Keys be audited annually to confirm that the keys are accounted for, and whom has possession and/or the location of the keys.

High-Risk Area Inventories - Each department/school/college that requests, receives, issues, or holds keys either as an entity or through employed individuals will initiate and then maintain an inventory of all High-Risk Areas within the spaces occupied by their department. These inventories and any subsequent changes/updates will be communicated to Plant Operation.  High-risk area access inventories will be available upon request from Plant Operations or any appropriate university official.

Local Key Boxes Use of secure local key boxes to house unassigned keys which are controlled by departments, under the supervision of the Authorized Key Requestor designated for the department, is highly recommended.

De-authorization for a Key When a key is no longer needed, or the key holder is de-authorized from having one or more keys, the key holder should return the key(s) promptly to their designated authorized key requestor. If an authorized key requestor should determine that a key is no longer needed by their department, they should return the key to the key shop.

Separation from Employment When faculty or staff are terminated as part of a disciplinary action, the Authorized Key Requestor designated for the department has responsibility to retrieve any issued University keys and return them to the key shop or place them into the department’s key inventory. When a member of the University community is departing from the University under circumstances other than a disciplinary action, the Authorized Key Requestor designated for the department has the responsibility to retrieve any University keys and return them to the key shop or place them into the department’s key inventory.

Financial Responsibility If a University employee is determined to be responsible for lost/missing/stolen keys, that employee’s department may bear all costs associated with the unaccounted for keys (including, but not limited to the cost to re-key affected areas);

If an employee of a contractor/construction design firm/professional services firm in possession of a University key is determined to be responsible for lost/missing/stolen keys, that firm shall bear all costs associated with the unaccounted for keys (including, but not limited to the cost to re-key affected areas.)

Procedure Exceptions While this procedure addresses a wide range of access issues relating to keys, it is unlikely that every possible variable has been considered. Any exceptions to this procedure must be submitted in writing to the Assistant Vice Chancellor for Plant Operations. 

Procedures

Issuance of Keys University keys will only be issued on an indefinite basis to members of the University community -- faculty, staff and students (i.e., not contractors, etc.). There must be a written authorization from the appropriate level for key issuance. Plant Operations only accepts requests from or issues keys to the Authorized Key Requestors designated for departments, who then in turn issue keys to faculty, staff, and students whom are then key holders whom ultimately control and are responsible for the key(s).

For the purposes of this procedure key issuance procedures apply to the requesting and issuing of key copies/duplicates, re-keying of existing locks, recoding or adding codes to combination locks, adding locks to access points, and removing locks from access points. 

To ensure a minimum amount of risk from lost keys, each department will be issued no more than two (2) master keys and/or (2) exterior door keys if being managed as master keys to any one building. Any amount greater than this will be considered on a case-by-case basis by the Assistant Vice Chancellor for Plant Operations.

Requests for the issuance of keys shall only be made by the Authorized Key Requestors designated for departments occupying the space secured. Requests must be may made using Plant Operations’ work management system (AiM) and following direction for such requests as provided by Plant Operations.

Keys produced for issuance by Plant Operations are to be picked up and signed for at the Service and Information Systems (SIS) office at the Facilities Department. Keys may be picked up and signed for by an Authorized Key Requestor in the same department as the Authorized Requestor whom submitted the request for the key to be issued. When being issued, keys Authorized Key Requestors will be required to identify themselves by presenting their Vanderbilt University identification card at the SIS office. Individual Faculty, Staff, and Students will not be allowed to pick up keys from the SIS office, they must be issued keys by their department.

Tracking of Keys Plant Operations will track the issuance of all keys to the head of the applicable department/school/college, their authorized designee, and/or their designated authorized key requestors, as well as temporary keys that are signed-out from Plant Operations. The heads of departments/schools/colleges, their authorized designees, and their designated authorized key requestors/receivers will be responsible for tracking the issuance of, and ensuring the return of, all keys in their control no matter the risk level or duration of issuance to individual key holders.

Temporary Issued Key Issuance Because of the short-term nature of temporary access needs, the high volume of such transactions, and the need for timeliness for key delivery, the standard authorization procedure for Issuance of Keys does not apply to temporary issued key sign outs from the Building Systems Control (BSC). In all cases of temporary key sign out, a predefined return date is required and must be complied with, or sign out privileges may be revoked.

To ensure an appropriate level of key control for these unique transactions, the following procedures apply:

Temporary Issued Key Requests:

  1. All keys needed for issuance as Temporary Issued Keys must be requested 2 business days prior to date that they will need to be signed out.
  2. Requests for the issuance of keys shall only be made by the Authorized Key Requestors designated for the department for which work is being done. Requests must be may made using Plant Operations’ work management system (AiM) and following direction for such requests as provided by Plant Operations.

Temporary Issued Key Sign Outs:

  1. For employees – Present their Vanderbilt University identification card, and make log entry with signature and predefined return date;
  2. For non-employees (vendors, suppliers, consultants, designers, and contractors) – The Vanderbilt University employee with assigned responsibility for the work being done by the non-employee shall sign out keys by presenting their Vanderbilt University identification card and make log entry with signature and predefined return date, not to exceed 60 calendar days. The Vanderbilt employee will provide for the identity of the non-employee, and the company/firm by whom the non-employee is employed, to whom the key is being provided to and will have the non-employee sign in the log entry, confirming their acknowledgment of their responsibilities associated with having the key, including the financial responsibility.  The non-employee shall promptly return the keys to the responsible employee upon job completion. The responsible employee shall return the keys to BSC. Non-employees shall not be granted unsupervised access to buildings where students and/or children are housed.

All Temporary Issued Keys, once returned to BSC shall be returned to the key shop.

Note: If a department has a non-employee who has a frequent/regular need for temporary key sign outs, but finds it impractical for the employee to sign keys in/out repeatedly, the Vanderbilt University employee responsible for the non-employee may submit a request and key control plan in writing to the Assistant Vice Chancellor for Plant Operations that, if approved, would allow the non-employee to be issued keys under the same requirements as an employee for a predetermined time frame, not to exceed one year.

Emergency Key Issuance When the need arises to respond to and mitigate incidents which threaten human health, property, or the environment Plant Operations may issue Emergency Keys to employees and non-employees whom are designated or assigned to such response activities. The Assistant Vice Chancellor for Plant Operations or their designee shall issue only those Emergency Keys needed to appropriately and effectively respond to incidents, recording the keys issued, to whom they were issued, when they were issued, and when they were returned.

Unaccounted for Keys Unaccounted for (lost/missing/stolen) keys shall be reported to the key holder’s authorized key requestor, the Vanderbilt University Police Department, and Plant Operations as soon as possible after the key holder determines a key is missing. Plant Operations, in coordination with the affected department, will determine whether or not a re-coring of the affected building(s) and/or locks will be necessary as a result of any keys that are lost/missing/stolen, and the financial obligation to the department or company/firm as is appropriate per this procedure.

Daily Key Issuance The issuing of keys or key rings to Vanderbilt University employees and non-employees (contractors) from departmental key control boxes on a daily basis where the keys are issued for the employee/non-employee to perform regularly assigned duties, where the issued keys shall be signed-out at the beginning of a predetermined shift and returned at the end of same shift, where the issued keys shall not be removed from campus at any time, and where each sign-out and return of the keys shall be logged is permitted. Daily key issuance shall be overseen by the head of the department/school/college or authorized designee whom maintains the key control box.

Roles and Responsibilities

Key Shop The key shop is responsible for processing key requests, and ensuring proper authorization is in place for creating, issuing, and replacing keys for employees. The key shop is also responsible for reporting the loss of all unaccounted for keys of which they become aware. The key shop will also serve as an advisory resource to departments on best practices for key issuance and control.

Assistant Vice Chancellor for Plant Operations  The position responsible for reviewing and approving/denying all requests for High-Risk Keys and Sub-Master Keys. Also is the head of Plant Operations.

Key Holder A key holder is the person to whom one or more University Keys are issued, or for which they are in possession. By possessing a key, the key holder must not compromise the security of any area/building.

Key holders must return all University keys when requested, or upon termination of employment (per University policy End of Employment), promptly report lost/missing/stolen keys, and take reasonable and prudent care of University keys at all times.

A key holder should not:

  1. loan out keys
  2. transfer keys
  3. duplicate keys
  4. alter lock/access/alarm mechanisms
  5. prop open secured doors
  6. admit unauthorized persons into University buildings/facilities/spaces
  7. Non-employees holding high-risk keys should not take them off campus, and should return them to the each day to the appropriate party as identified within this procedure.

Heads of department, schools, colleges, and their designees (Deans, Vice Provosts, and Vice Chancellors) Should ensure that the fewest number of keys and the lowest-level of keys possible are issued to faculty, staff and students in their departments. Issuing high-risk keys for convenience is discouraged. Additionally, they have the following responsibilities relating to key control within their department:

  1. Develop a local department-specific key control procedure consistent with the requirements of this procedure. At a minimum, the procedure should include a log of who was issued keys, issue date, key number, reason for holding the key, building name, and return date. Additionally;
  2. Develop an appropriate procedure to ensure the return of University keys from persons on extended leaves or a sabbatical;
  3. Perform the function of the departmental authorized key requestor/receiver, or assign a person responsible for performing this function.

Authorized Key Requestor The person(s) within each department authorized by the head of department/school/college to be responsible for requesting keys, requesting lock changes, issuing and tracking keys within the department, reporting keys that are unaccounted for, managing a local key lock box, safeguarding unassigned keys, completing and maintaining departmental key inventories, and for ensuring the return of keys no longer authorized by the department.

 Related Policies