From 568a9a27fb52316c7ac07c3f3c5bd58d4845bfc5 Mon Sep 17 00:00:00 2001 From: Steve Dogiakos Date: Wed, 10 Apr 2024 21:49:15 +0000 Subject: [PATCH] GITBOOK-43: Adding Key Policy --- SUMMARY.md | 1 + key-policy.md | 32 ++++++++++++++++++++++++++++++++ 2 files changed, 33 insertions(+) create mode 100644 key-policy.md diff --git a/SUMMARY.md b/SUMMARY.md index b681898..73dcd0c 100644 --- a/SUMMARY.md +++ b/SUMMARY.md @@ -10,6 +10,7 @@ * [Strategic Reserve Policy](strategic-reserve-policy.md) * [Confidentiality Policy](confidentiality-policy/README.md) * [Board of Directors Confidentiality Agreement](confidentiality-policy/board-of-directors-confidentiality-agreement.md) +* [Key Policy](key-policy.md) * [\[DRAFT\] Financial Policy](financial-policy.md) * [\[DRAFT\] Budget Policy](budget-policy.md) * [\[DRAFT\] Contingency or Disaster Policy](contingency-or-disaster-policy.md) diff --git a/key-policy.md b/key-policy.md new file mode 100644 index 0000000..97e2777 --- /dev/null +++ b/key-policy.md @@ -0,0 +1,32 @@ +# Key Policy + +### Key Issuance Eligibility + +Keys may be issued to authorized individuals based on their role and need for access as determined by the Executive Director or designated authority. Application: Authorized individuals must complete a Key Issuance Form, which requires approval by the Executive Director. Distribution: Keys will be distributed by the Executive Director or designated personnel. Each key must be signed for upon receipt. + +### Key Tracking Database: + +A Key Tracking Database will be maintained by the Security Department, documenting the key number, type of key, issuance date, and the name of the individual to whom the key is issued. Audits: Regular audits of the Key Tracking Database will be conducted to ensure compliance with the policy and to identify any discrepancies. Key Return Obligation: Authorized individuals are required to return keys upon termination of their role or employment, or upon request by the Executive Director. + +### Procedure + +Keys must be returned to the Executive Director or Designated authority where the return will be documented in the Key Tracking Database. A Key Return Form must be completed and signed by the returning individual and a witness from the Security Department. Restrictions Duplication: Key duplication is strictly prohibited. Any need for additional keys must be submitted through a new Key Issuance Form. Transfer: Keys must not be transferred between individuals without prior written approval and documentation in the Key Tracking Database. + +### Unauthorized Individuals + +Volunteers, temporary employees, and visitors are not eligible to be issued keys unless exceptional circumstances exist, which must be approved by the Executive Director. Enforcement Failure to comply with the Museum Key Policy may result in disciplinary action, up to and including termination of employment or role. Additionally, the Museum reserves the right to pursue legal action for any unauthorized access or security breaches related to non-compliance with this policy. + +### Conclusion + +This policy is designed to protect the Museum's assets, staff, and collections by ensuring that access is controlled and monitored. Compliance with this policy is mandatory for all authorized individuals. This policy is subject to review and amendment by the Executive Director or designated authority to adapt to changing security needs and best practices. + +### Key Sign-Out Form + +* Name of Individual: +* Position/Title: +* Key Number(s): +* Date of Issuance: +* Purpose of Key Issuance: +* Expected Return Date: +* Signature of Individual: +* Approval Signature (Executive Director/Designated Authority):