Thisdocument

Lntains ,S. pages

This Code ofPracticeis to be read in

conjunction with the NACOSS
Regulationsrelatingto Recognition by
NACOSS and the NACOSS Criteria
for Recognition.No firm shall hold out
or claim that it adheresto this Code,
save byvirtueofholding NACOSS
Recognition,or having obtained the
written permissionofNACOSS

NACP 30
Issue 1
1 December 1990

NACOSS Copyright.Nopart tobereproducedwithoutpermissionof NACOSS

National Approval Councilfor Security Systems

Code ofPractice for the Planning, Installation and
Maintenance ofAccess Control Systems
LIST OF CONTENTS
PART 1: CODE OF PRACTICEFOR PLANNING AND INSTALLATION
1.

SCOPE

2.
3.

DEFINITIONS
ACCESS POINT CLASSIFICATION

4.

SURVEY

5.

COMMISSIONING,HANDOVER OF DOCUMENTATION

PART 2: CODE OF PRACTICEFOR MAINTENANCEAND RECORDS

1.

SCOPE

2.

DEFINITIONS
GENERALMAINTENANCE
RECORDS

3.

4.

Note 1: This Code ofPracticeis in two parts.

Part 1 of this Code ofPractice aims to assist specifiers, installers, users, insurance
companies andthepolice in selectingthe level ofaccess control equipment bestsuited
toaparticularrisk andtoprovideguidelinesfortheplanningandinstallation ofaccess

control systems.
Part2ofthis CodeofPracticeprovidesguidelinesforthemaintenanceofaccesscontrol
systems installed as recommendedin Part 1.
Note 2: This Code ofPracticeis regardedasPROVISIONALpendingpublication ofa British
Standard.
Note 3: NACOSS wishesto acknowledgethat the technicalcontent ofthis Code ofPractice
is based on materialprepared undertheauspicesofthe BritishStandards Institution.
Such materialis used bypermission.

In this document, material (such as guidelines,information, recommendations, advice)

that does not form a mandatory requirement ofthis Code is shown in italics.

F REWORD
electronicaccess controlsystemconsistsofrecognitionequipment, suchas atoken andreader,
electronically activated entrance release hardware and, in certain systems, meansfor central
controland/or monitoring.
The objectives ofthis Code ofPracticeare:

The establishmentand maintenance ofminimum standards of installation for access

controlsystems.
(ii) The provision ofa framework to assistpurchasers, installers, and users in establishing
theirrequirements with suppliers.
(iii) The assistance ofspecifiers and users in determining the appropriate level ofsecurity
requiredfor a given application.
(iv) The assistance ofsystem designers in meeting specifier or userrequirements.
(v) The establishmentofdefinitionsfor terms used within the access control industry.
(vi) The establishmentofminimum standards of maintenancefor installed access control
(i)

systems.

Thesuccessfuloperation ofan accesscontrolsystemrequirestheactive co-operationofthe user

in carryingout the necessaryprocedurescarefullyandthoroughly. The usefulness ofthe whole
system andits securityandsocialacceptabilitycan bejeopardised by lack ofcare. This care has
to extend to the security of tokens and of information regarding the system, its design,
installation and method ofoperation and to ensuring adequate maintenance,to preserve the
security ofaccess.
Attention is drawn to the Regulationsfor ElectricalInstallations (15th Edition) published by

the Institution of Electrical Engineers and to MPT1337 and MPT1339 (DTI

Radiocom,nunjcatjonsDivision).

PART 1: CODE OF PRATICEFOR PLANNING AND INSTALLATION

SCOPE
This Part of this Code of Practice contains recommendations and requirements for the
selection,planningandinstallationofelectronicaccess control systemsclassifiedbythedegree
of security provided.
2.

DEFINITIONS

For the purposes of this Code of Practice the following definitions apply:
2.1
Access controlsystem. An electronic system restricting entryinto and/or exit from a
controlled area.

2.2
2.3
2.4

2.5
2.6
2.7

Controlledarea. The area accessedby the presentation ofvalid recognition data.

Accesspoint. The position at which access can be controlled by a door, turnstile
or other secure barrier.
Accesspointhardware. Mechanicaland/or electro-mechanicaldevices at an access
point enabling its releaseby an authorised user.
NOTE: Accesspoint hardware makes no decision regardingthe permittingor refusal
of access.
Access level. User authorityin termsof access to specified, controlled area.
Token. A device containingencoded recognition data.
NOTE: This includes a humanbeing as the source for biometric data.
Common token. A tokenunique to a particular access controlsystem, orreader, with
all usertokens identical.
2

2.8

2.9

2.10
2.11

2.12
2.13
2.14

2.15

2.16
2.17

2.18
2.19

systerfn

Systemtoken. Acommontokenencodedadditionallywithspecific
data.
Unique token. A token which, in addition to any data common to all users of a
particular access control system,carries some data allocateduniquelyto theuserofthat
token.
Keypad. A data entry point for the input of a numeric or alphanumeric code into an
access control system.
Personal identification number (PIN). A sequence of characters allocated to an
individualuser of an access control system keypad.
Commoncode. Asequenceofcharactersuniqueto aparticular keypad-operated access
control system and allocatedto every userof the system.
Reader. Equipment for the extraction of recognition datafrom a token.
Biometric system. An access control system using recognition of a physiological
characteristicoftheuser,suchas fingerprints,retinalpattern,voicepatternorsignature.
Transaction. A recognisableevent occurring withinan access controlsystem, such as
the releaseof a doorfollowingpresentation ofa validtoken orthe generation of a door
alarm report.
Controller. A device which processes recognition data to enable usable output
conditions to be derived.
Central control. ('on-line') Equipment directing the functions of a number of
controllers, changing data for individual controllers and/or monitoring an access
control system.
Time zone. A period oftime during which systemoperatingrequirementsare changed,
such as refusalof access outsidenormal working hours or PIN override.
Fail locked. The securing of a locking mechanism in the event of identified system
failures.

2.20 Fail unlocked. The release of a locking mechanismin the event of identified system
failures.

Tamper detection. A means for the disclosure of unauthorizedinterference with a

component of an access control system.
ACCESS POINT CLASSIFICATION
3.1
General
Accesspoints are classified by therequirements for successfullegitimateaccess i.e.,the
level of security provided. The installingcompany shall indicate to the customer the
classificationoftheaccess points makingup anaccess control system, related tothelevel
2.21

3.

of security provided.

3.2

Facilitiesto control readers from a central point, to record information regarding the
access of individualtoken holders andto monitor the status of the access point where
this is required may be incorporated into anyclass of access control system.
NOTE: Monitoring, 'accesspoint held open'alarm, cable securityand standby power
operation are related to the level ofsecurity provided within a classification.
Class I - Common code
At an access pointto class I, access will onlybe granted followingthe inputofa correct
common code.Thecode shallbe numeric, alphabetic,or a combination ofboth, with a
minimum offour digits and/or characters. The code used shall be one ofnot less than
1000differs and shall beprotected againstunauthorised change and repeated attempts
to select the correct code.

Class II- Common token

an accesspoint to class II, access will oniy be granted following thepresentation of
a valid common tokento a readerandwhenthe code withinthe tokenis recognisedby
the system. Each token shall have the same encoded data chosen from a minimum of
10,000 differs. The code shall be protected againstunauthorised change.

3.4

4.

Class III - Systemtoken

At an access pointto class III, access will onlybe granted followingthe presentation of
a valid system tokento a reader. The tokenshallbe encoded with a system code of not
less than200differsandanindividualcode ofnotless than 10,000 differs.The codesshall
be protected againstunauthorised changes.
NOTE1. Tokenscan be added to or deletedfrom the system.
NOTE2. System tokensshouldnotbeacceptableto othersystemsin the samegeographic
area unless specifically intended to be so.
3.5
Class IV - Unique token
At an access point to class IV, access will cnly be granted followingthe presentation of
avalid uniquetokento the readingdevice. The token shallbe encoded witha minimum
of 10 million differs. The code shall be protected against unauthorised change.
NOTE: Tokens can be added to or deletedfrom the system.
3.6 Class V - Unique token and PIN
At an access point to class V, access will only be granted followingthe presentation of
a valid system token (see class IV) and the input of a correct personal identification
numberof not less than four characters.
PLANNING
4.1

4.2

Survey
The importanceofa correct and adequate surveyfor installation isparamount.
Access point design has a substantial bearing on the performance and reliability of an
access controlsystem andthe following aspects shall be consideredwhen planning an
access control system.
- Access pointsshallnot conflictwithfire regulationsandshallnot restrict exitin such
a way as to endanger persons in an emergency.
- The operation of access pointsin the eventofmainspowerfailure andtheperiod,or
numberoftransactions, required in such circumstances.
- Whether accesspoints should fail locked or fail unlocked.
- The choice of access control technology to providean appropriate level of security
for the risk to be protected.
- The choiceofelectronicequipmentandits siting,taking intoaccount environmental
conditions such as weather and the potential for vandalism.
- The selection of access point hardware, taking into account the volume of traffic,
environmental conditions andthe level ofphysical security required.
- Thenumbersofusers,access levelsandtime zones required, taking intoaccount both
presentand predicted future levels.
- Theneedfor siting of equipment such as controllers and printersin a secure area.
- The numberof access points required, taking intoaccount peak traffic periods.
NOTE: Adviceconcerningphysicalsecurity is given in BS8220.
Equipment selection and installation
Equipmentshallbeselectedand/orinstalledtowithstand thefollowingairtemperatures:
4

Internally sited equipment, Q0 to 40C

Externally sited equipment, -20 to 50C.
NOTE: Equipment exposed to direct sunlight can exceed these temperatures and
appropriateshieldingmay berequired in suchcircumstances. Exteriorequipmentshould
be consideredfor use in unheated premises.
Where equipment is exposed it shall meet 1P54 or, in a particularly exposed location,
1P65 as specified in BS 5490; necessary apertures in equipment are exempt from these
requirements at such points.
4.2.1 Tokens
The security, sizeanddurability ofa token is dependent upon the technologyused
to encode it and required to read it.
Several types oftoken are available including:
(a) magnetic,including Wiegand effect;
NOTE: Where magnetictokensarepowerfulenoughtocorruptothermagnetically
stored data in theirimmediatevicinitythey should carryaprintedwarningto this
effect and limited life cards e.g., those carrying bank data, should not be used as
access control tokens withoutprior agreement to this by the issuing authority.
(b) infra-red;
(c) holograms;
(d) proximity devices using technologies suchas radio orinductton to allow the
code to be read within a specified operating range;

(e) biometric ie., a specificperson or theirsignature.

Token technologyshould be selectedappropriatelyto the risk beingconsidered.
The choiceofsizeanddurability ofatokenandthe lifespanofa batterypowered
activetokenshall takeinto account the environment in which it will be required
to operate and the frequency of its use.
4.2.2 Readers
A readeror controller and/or its associated access point hardware or a central
control shallprovidethe following features:
- An indication for access granted.
- Variable time availablefor access to be made.
- Detection ofphysicaltampering and, forreadersfitted
externally,protection
against maliciousdamage.
- Responsewithin2 softhevalidcompletionofthe
necessaryentryprocedure(s)
andre-locking ofan access pointifit is notthen usedwithinapredetermined
time.

Readersshall be securely mounted in a convenientpositionfor the useradjacent

to the access point.
NOTE: Proximity readersmay be sited at anypoint where successful activation
will occur.
4.2.3 Access point hardware
Mechanismsshallbe selectedin accordancewiththedegree ofsecurity, related to
the classification, andthe anticipatedtraffic anddutycycle of the access point to
which they are affixed.
NOTE:Accesscontrolhardwarealonemaynotprovidesufficientphysicalsecurity

in some circumstances.

Access point hardware shall be carefully selected with regard to the following,

particularly whenplanning to use mechanisms externally.

- Temperature
- Humidity
- Corrosion
- Vibration
- Dust andother contamination
- Physical abuse

The selection of access point hardware shall takeaccount of the following with
respect to the nature of the access point as follows:
- The existingphysical strength ofthe access point, such as doorsand frames,
which should not be significantly reduced by thefittingof the necessary
lockingmechanisms and the mechanismshould be selectedappropriately to
the strength ofthe doorframe.
NOTE: Thephysicalstrengthofan accesspointshouldbereinforcedifthisis likely
to be reduced by the attachment of the access control hardware; advice on the
physicalstrength requirementsis given in BS8220.
- The transfer of electricalconnections onto doors via suitable flexiblecables
or othermeans of adequate reliability.
- Appropriate hardwarewhere rebated anddouble-rebatedoorsarecontrolled.
- Necessarysafetyprecautions where all-glassor otherspecial doors are
controlled.

Door closingdevices shall be sufficientto close and lock the door under
normal circumstances,but withoutundueimpactuponthe components ofan
access control system.

NOTE: Whereadverseairpressureexistsmeansforits reliefshould beprovided.

- Doors shall be a satisfactory fit in the frame.
- Hinges, frame andfixings shall be adequatefor the weightandproposed
usage of a door.
- Manufacturersrecommendationsfor turnstilesandsimilar barriers,andtheir

release mechanisms.
- Where manual or automatic override features are used, continuously rated
releases will be required.
Where accesspoint monitoring is ofcritical importance,considerationshould be
given to monitoring the state ofsecurement of the access point, i.e., closed and
locked, in addition to any monitoring by means ofa separate protective switch.
Locking mechanisms can have two modes of operation under system failure
conditions, 'fail unlocked' and 'fail locked'. Where exit is available by purely
mechanical means, the fail locked mode may be acceptable but where exit is
granted by electricalmeans, the failunlocked mode may be mandatory to meet
safety legislation.

NOTE: The suitabilityofanyproposed accesscontrol systemshould be discussed

with the local Fire Prevention Officer and it should be ascertained whethera
centralcontrolleris an acceptablemeans ofreleasingaccesspointsin the eventof
an emergency, i.e., whetherit is acceptablefora computer command to carryout
thisfunction.

4.3

4.2.4 Power supplies

*i':.
Thecapacityofthe powersuppiy shall be selectedto meet the largest
to be placedupon itundernormal operational conditions. The operating voltage
shall not exceed50 volts.
NOTE: Certainreleasemechanismsassoci4tedwith anaccesscontrol system, such
as those for roller shutters, may operate at mains voltage and specific electrical
safetyrequirementswill apply to these.
Wheresafetyand security considerationsdo not require continued operation ofa
system during a mains supply failure, the public mains via a safety isolating
transformermay be the sole supplyfor the system. A 'clean'sourceforthismay be
required in electrically noisy environments.
System power supplies shall be located withinthe controlled areain a position
secure from tampering.
Systems incorporating fail unlocked hardware shall be provided withadditional
security for the power supply unit.
The mainsupply shall be permanently connectedvia a fused outlet i.e., not by a
plug and socket.
Lower voltagecablesshallnot be brought into apowersuppiy container through
the sameentry point as anymains cables.
Where continued operationofthe systemis essentialduringmainssupplyfailure,
a standby powersupply shall beused havingthenecessarycapacitytosupportthe
system for not less than the minimum period required by the customer.
4.2.5 Cables
4.2.5.1 Where practicable, cables shall be installed withina controlled area.
Wherepracticable,cablesshould be concealed.
Where cablesare exposed to possible mechanicaldamage or tampering,
or are in public areas, they shall be protected by suitable conduit,
trunking, orarmour. Wherean access pointreleasesignalpassesoutside
of a controlled area, metal conduit (or equivalent protection) shall be
used.

l0Ji'i,rJ1

Allinterconnectingwiring shall be supportedand its installation shall

conform to goodworking practice.
Any cable joints shall be made in suitable junctionboxes using either

wrapped, soldered,crimped, or screw-terminals.

Lowvoltage andsignal cables shallnot run in closeproximityto mains
or othertransient carrying cables.
4.2.5.2 Signal cablesforthe transmissionofdata or otherlow level signals shall
be of a type and size compatible with the rate of data transfer and
anticipated levels of electromagneticinterference.
4.2.5.3 Cables should be installed in accordance with lEE Regul4tionsfor
ElectricalInstallations.
4.2.5.4 Low voltage cables from both mains and standby power supplies to
remote equipment shall be of sufficient size to permit satisfactory
operation ofthe equipment at the end ofany proposed length of cable
run.

Control
In selectingcontrols, consideration shall be givento the following:
- Operational requirements of the associated controllers.
7

Protection against unauthorised interferencewith the system database or

programme
Logging of transactions.
Annunciation of alarms.
Blocking, validation and deletion of tokens.
Database for the retention of tokenholder detailswithback-up copies of
corruptible datato facilitatere-establishment of the system in the eventof

a failure.
-

Programming of access levels andtime zones.

Period of operation following mains failure and/or storage of data by non-

volatile means.

Maintenanceandserviceability.

Controlmay be by means ofaproprietary computer.

The manufacturer's specifiedenvironmentalconditions shallbe provided, particularly
in respect of:

Temperature

Humidity
Dust andother air contamination
Vibration
Electromagneticinterference.
The following shall be taken into consideration whensiting controlequipment:
Ventilation
Access for maintenance
User accessfor archiving etc.
Noise from associatedprinter
Physicalsecurity and supervision
Generalvisibility to unauthorized persons of any displayed data.
5.

COMMISSIOMNG,HANDOVER AND DOCUMENTATION

5.1

Commissioning
Commissioning shall include testing of the following aspectsofthe system:
Allwiring is correctly terminated.
Voltage and resistanceat all appropriate points of the system, which shall be
recorded.
Correct alignment and operation of access point hardware and of release and
closure mechanismsat each access point.
Correct operationof each reader.
Release time for each door.
Doorheldopensignal,ifspecified.
Verificationof access levels,where specified,by the inputof appropriate data.
Ensuresystem continues toworkwhenmains supply disconnected (ifspecified).

5.2

Handover
At handover, the installingcompany shall:
8

- Provide a system log bookto the customer and explain how to recor

problems.
Demonstrate all aspects of the system operation to the customer, including any

necessarysafety precautions.
Ensurethat thecorrectdocumentation (see5.3)isgiven tothe customer toenable the
system to be operated, adjusted andmaintained.
- Train thesystemuser(s)initscorrectoperationandarrangefor anyfurther
necessary
training.
- Ensurethat users knowthe procedure for summoning assistancein the event of
system malfunction.
- Instruct the customer to establishwhetherpersonal information held within the
system requires registration under the Data ProtectionAct.

5.3

Documentation
Upon completion of installation of the access control system there shall be a system

record which shall include the followinginformation:

(a) the name, address and telephone numberof the controlled premises;
(b) the name, address and telephone numberof the customer;
(c) the location andclassificationof each access point and the type and location of
each controller and its associatedhardware;
(d) the type andlocation of power supplies;
(e) details of those access points which the customer has the facility to isolate;
the type andlocation of anywarningdevice;
(f)
(g) details and settings of any preset or adjustable controlsincorporated into the
system;

anydocumentation relatingto equipment;

the numberof keys, codes, tokens, etc. to the system provided to the customer.
(i)
The system record shall be agreed with, and authorized by, the customer and a copy
provided to the customer.
NOTE 1. Some ofthe information requiredfor the systemrecordmay beprovidedby
means ofa diagram ofthe installed system.
NOTE2.Alldocumentationreferringtoasystemshouldbekeptinaplaceaccesstowhich
is restrictedto authorizedpersons.
(h)

ODE OF PRACTICEFOR MAINTENANCEAND RECORDS

PE
This Part of this Code of Practice contains recommendations and requirements for the
preventative and corrective maintenance of, and keeping of records for, access control
systems, installedin accordancewith Part 1 of this Code.
DEFINITIONS
For the purposes of this Part of this Code of Practice the definitions given in Part 1 apply,
together with the followingdefinitions.

PAR.

2.

2.1

Maintenance
2.1.1 Maintenancecompany. An organisation prepared to maintain an installed
system.
2.1.2 Preventativemaintenance. Routine servicingof a system, carried out on a
scheduled basis.

2.2
3.

2.1.3 Correctivemaintenance. Emergency servicingof a system, or partthereof,

carried out in response to the development of a fault.
Commissioning. The completion of installation and final testing of a system
prior to its handover.

MAINTENANCE
3.1

General
3.1.1

It is advisable that maintenanceshould be carried outby the installingcompany.

Whatever arrangements are made, the maintenance company shall have the
means, including spare parts and documentation (see 5.3 of Part 1), to comply
with this Part (Part 2) of this Code.
NOTE: This recommendationdoes notplace an obligation upon customers who
purchase their systems to have them maintained by the installing company;
maintenance is a matter ofagreement between the customer and the installing
companyora separate maintenance company.
3.1.2 The preservation of security within the maintenancecompany is of paramount
importance and steps shall be takento ensure the safe custody of all equipment
and documentation pertaining to installations. A maintenance company shall
ensure that adequate vetting of employees is carried out and that all employees
carry identification cards which shall include a photographof the bearer, his
signature, the company's name and a date of expiry.
3.1.3 Each service technician employed by the maintenance company shall carry a
range oftools, test instruments andotherequipmentto enable him toperformhis
functions satisfactorily. Specialist tools, test equipment and plant shall be
availablefor deeper investigationas necessary.
NOTE:Notalleventualitiescan beforeseen and, in exceptionalcircumstances, a
systemorpart(s) ofa system may have to be leftinoperableordisconnectedwhilst
tools or replacementcomponents are obtained (see 4.6).
3.1.4 The maintenancecompany's organisationshall be so staffed as to ensure that the
recommendations and requirements of this Part of this Code can be met at all
times. The following factors shall be taken into consideration:
(a) the number of installations to be serviced;
(b) the complexity of the installations;
(c) the geographicalspread ofthe installationsinrelationto thelocation ofthe
maintenancecompany, its branches and its service personnel;
(d) the method of calling out service personnel outsidenormal office hours.
10

3.1.5 Service personnel shall be adequately trained and training sha

whenever appropriate.

3.2

Preventativemaintenance
3.2.1 Frequencyofvisits

Preventative maintenance visits to the protected premises shall be made by a

representativeofthemaintenancecompany duringorbefore thetwelfthcalendar
month following the month of commissioning or of the previous preventative
maintenancevisit.
NOTE: Themechanicalcomponents in an accesscontrolsystem suchas locks and
hingeswillrequire routinepreventative maintenanceby the usermorefrequently
than onceperyear.
3.2.2 Inspection
3.2.2.1Duringeach preventative maintenancevisit, inspection of the following,
with all necessarytests, andthose rectificationswhicharepractical atthe
time, shall be carried out:
(a) the installation, location andsiting of all equipment anddevices
against the system record (see 4.2);
(b) the satisfactory operation of all equipment;
(c) all flexibleconnections;
(d) the normal and standbypower supplies, for correct functioning;
(e) the controlequipment, in accordancewith company procedure;
(f) the operation of anywarning devicein the system.
3.2.2.2Those items of inspection andrectification which are not carried out
during the preventative maintenancevisit shall be completed within a
period for21 days.
3.2.2.3 Those parts ofasystem or anyenvironmentalconditions which arefound
during preventative maintenanceto be the potentialcause ofreduced
security, shall be identified on the maintenancevisit record (see 4.4).
3.3

Correctivemaintenance
3.3.1 An emergency serviceshall be availableand the client shall be kept informed of
the address and telephone number of the maintenance company's emergency
servicefacility.

3.3.2 Theemergencyservice facilityshall besolocated andorganised that,except under

abnormal circumstances,the maintenancecompany's representative reaches the

controlled premises withinthe periodagreed to in writingby the client.

4.

RECORDS
4.1
General
The maintenance company shall establish, retain and maintain a system of records
relatingtothe systemincluding the informationrequired by4.2 to 4.6. Itis essentialthat
these records be protected from unauthorised access.
NOTE: Attention isdrawnto theData ProtectionAct, 1984in those caseswhere records
contain information concerningindividuals.
4.2

System record
A system record will have been generated at installation and may include previous
information from thesystem designspecification,aswellasthat required by 5.3 ofPart
1. This shall be kept up to dateandshall be available to the maintenancetechnician for
each maintenancevisit.
NOTE: Thesystem informationasrequiredbyPart1 maybeprovidedindi4gramform.
11

orical record

Ahistoricalrecord with thedateofeveryvisit,anyfaultsfoundandtheaction takenshall

be kept. Details ofeveryfaultreported to the maintenancecompany shallbeincluded,
4.4

togetherwith details of any action taken, and, if known, the cause.

This information shall be kept for at least 2 years afterthe last event to which it refers.
Preventativemaintenancerecord
The results ofapreventativemaintenanceinspection shallbe entered on a maintenance
visit record andthe signature of the client or his representativeobtained on the record.
A copy of the record shall be given to the client.
This information shall be kept for at least 15 months after the inspection to which it
refers.

4.5

Correctivemaintenancerecord
There shall be a record of the dateand time of receipt of each request for emergency
service, together withthedateandtime ofcompletion ofcorrectivemaintenanceandthe
necessaryaction(s) carried out.
This information shall be kept for at least 2 years after the emergencycall to whichit
refers.
The result ofa correctivemaintenanceinspection shallbe entered on amaintenancevisit
record and the signature of the client or his representativeobtained on the record. A
copy of the record shall be givento the client.
This information shall be kept for at least 15 months after the inspection to which it
refers.
NOTE: If a preventative maintenance inspection is made at the same time as the
correctivemaintenancevisit, separate visit recordsshould be completed.

4.6

Temporarydisconnectionrecord
There shall be a record of any temporary disconnection of the system or of any
component part(s) of it. This shall identify which part(s) of the system and the
associatedequipmentis not operable. Thereason forthe disconnectionandthe date and
time of disconnection and of subsequent reconnection shall be given. A signed
authorizationforeachdisconnectionshallbeobtainedfrom theclientorhisrepresentative.
This authorization shall be kept for at least 3 months afterreconnection.

12

lvi u/i/itivnz/in/nn1ztivn
.\ Acxsc/)lL'ttSL

vutad:

Ib' VatuwalApprvL'al Cvzoial/bi Sc'curzt Svstc'nls

iiec'nsgitt' [louse 4 Cook/iain Road

ztlaidenhcad, Berkshbr51168AJ
Telephone 0628 37512 Fax 0628 773367