Status: Live
[UCF ID 02215]
Supporting and supported controls
This control directly supports:
- • Manage the facilities [UCF Control ID 00710]
There are no supporting controls.
Authority documents complied with:
Protection of Assets Manual, ASIS International, Pg 8-I-7 thru Pg 8-I-11; DOT Physical Security Survey Checklist, Personnel Identification and Control Checklist; Archer Control Table, ATCS-817
US Federal Security Guidance
The organization's security policy should include requirements for all employees to wear badges whenever they are on the premises. This requirement should be applied to all levels of management. When not all personnel are required to wear badges, personnel do not feel they should challenge personnel not wearing a badge. Then if a visitor removes his/her badge, he/she will look like an employee and will not be challenged. Employees should be charged for replacement badges and have disciplinary action taken for repeated badge losses. To make badges more secure, they should be resistive to changes; have photographs on them; use holograms; and be laminated. Badges should be able to reveal identity at a distance. Badges should have an expiration date and should be updated with new photographs, as necessary. If badges use coding to identify access levels, the coding should be highly visible. [Pg 8-I-7 thru Pg 8-I-11, Protection of Assets Manual, ASIS International]
All badges should be registered and controlled and should be under the supervision of a security officer. Procedures should be in place for handling lost, damaged, and/or forgotten badges. All badges should be returned upon employee termination. [Personnel Identification and Control Checklist, DOT Physical Security Survey Checklist]
Copyright 2005-2009 Unified Compliance Framework™. All rights reserved.