Professional Documents
Culture Documents
NACP 30
Issue 1
1 December 1990
SCOPE
2.
3.
DEFINITIONS
ACCESS POINT CLASSIFICATION
4.
SURVEY
5.
COMMISSIONING,HANDOVER OF DOCUMENTATION
SCOPE
2.
DEFINITIONS
GENERALMAINTENANCE
RECORDS
3.
4.
control systems.
Part2ofthis CodeofPracticeprovidesguidelinesforthemaintenanceofaccesscontrol
systems installed as recommendedin Part 1.
Note 2: This Code ofPracticeis regardedasPROVISIONALpendingpublication ofa British
Standard.
Note 3: NACOSS wishesto acknowledgethat the technicalcontent ofthis Code ofPractice
is based on materialprepared undertheauspicesofthe BritishStandards Institution.
Such materialis used bypermission.
F REWORD
electronicaccess controlsystemconsistsofrecognitionequipment, suchas atoken andreader,
electronically activated entrance release hardware and, in certain systems, meansfor central
controland/or monitoring.
The objectives ofthis Code ofPracticeare:
systems.
Radiocom,nunjcatjonsDivision).
DEFINITIONS
For the purposes of this Code of Practice the following definitions apply:
2.1
Access controlsystem. An electronic system restricting entryinto and/or exit from a
controlled area.
2.2
2.3
2.4
2.5
2.6
2.7
2.8
2.9
2.10
2.11
2.12
2.13
2.14
2.15
2.16
2.17
2.18
2.19
systerfn
Systemtoken. Acommontokenencodedadditionallywithspecific
data.
Unique token. A token which, in addition to any data common to all users of a
particular access control system,carries some data allocateduniquelyto theuserofthat
token.
Keypad. A data entry point for the input of a numeric or alphanumeric code into an
access control system.
Personal identification number (PIN). A sequence of characters allocated to an
individualuser of an access control system keypad.
Commoncode. Asequenceofcharactersuniqueto aparticular keypad-operated access
control system and allocatedto every userof the system.
Reader. Equipment for the extraction of recognition datafrom a token.
Biometric system. An access control system using recognition of a physiological
characteristicoftheuser,suchas fingerprints,retinalpattern,voicepatternorsignature.
Transaction. A recognisableevent occurring withinan access controlsystem, such as
the releaseof a doorfollowingpresentation ofa validtoken orthe generation of a door
alarm report.
Controller. A device which processes recognition data to enable usable output
conditions to be derived.
Central control. ('on-line') Equipment directing the functions of a number of
controllers, changing data for individual controllers and/or monitoring an access
control system.
Time zone. A period oftime during which systemoperatingrequirementsare changed,
such as refusalof access outsidenormal working hours or PIN override.
Fail locked. The securing of a locking mechanism in the event of identified system
failures.
2.20 Fail unlocked. The release of a locking mechanismin the event of identified system
failures.
3.
of security provided.
3.2
Facilitiesto control readers from a central point, to record information regarding the
access of individualtoken holders andto monitor the status of the access point where
this is required may be incorporated into anyclass of access control system.
NOTE: Monitoring, 'accesspoint held open'alarm, cable securityand standby power
operation are related to the level ofsecurity provided within a classification.
Class I - Common code
At an access pointto class I, access will onlybe granted followingthe inputofa correct
common code.Thecode shallbe numeric, alphabetic,or a combination ofboth, with a
minimum offour digits and/or characters. The code used shall be one ofnot less than
1000differs and shall beprotected againstunauthorised change and repeated attempts
to select the correct code.
3.4
4.
At an access pointto class III, access will onlybe granted followingthe presentation of
a valid system tokento a reader. The tokenshallbe encoded with a system code of not
less than200differsandanindividualcode ofnotless than 10,000 differs.The codesshall
be protected againstunauthorised changes.
NOTE1. Tokenscan be added to or deletedfrom the system.
NOTE2. System tokensshouldnotbeacceptableto othersystemsin the samegeographic
area unless specifically intended to be so.
3.5
Class IV - Unique token
At an access point to class IV, access will cnly be granted followingthe presentation of
avalid uniquetokento the readingdevice. The token shallbe encoded witha minimum
of 10 million differs. The code shall be protected against unauthorised change.
NOTE: Tokens can be added to or deletedfrom the system.
3.6 Class V - Unique token and PIN
At an access point to class V, access will only be granted followingthe presentation of
a valid system token (see class IV) and the input of a correct personal identification
numberof not less than four characters.
PLANNING
4.1
4.2
Survey
The importanceofa correct and adequate surveyfor installation isparamount.
Access point design has a substantial bearing on the performance and reliability of an
access controlsystem andthe following aspects shall be consideredwhen planning an
access control system.
- Access pointsshallnot conflictwithfire regulationsandshallnot restrict exitin such
a way as to endanger persons in an emergency.
- The operation of access pointsin the eventofmainspowerfailure andtheperiod,or
numberoftransactions, required in such circumstances.
- Whether accesspoints should fail locked or fail unlocked.
- The choice of access control technology to providean appropriate level of security
for the risk to be protected.
- The choiceofelectronicequipmentandits siting,taking intoaccount environmental
conditions such as weather and the potential for vandalism.
- The selection of access point hardware, taking into account the volume of traffic,
environmental conditions andthe level ofphysical security required.
- Thenumbersofusers,access levelsandtime zones required, taking intoaccount both
presentand predicted future levels.
- Theneedfor siting of equipment such as controllers and printersin a secure area.
- The numberof access points required, taking intoaccount peak traffic periods.
NOTE: Adviceconcerningphysicalsecurity is given in BS8220.
Equipment selection and installation
Equipmentshallbeselectedand/orinstalledtowithstand thefollowingairtemperatures:
4
in some circumstances.
Access point hardware shall be carefully selected with regard to the following,
The selection of access point hardware shall takeaccount of the following with
respect to the nature of the access point as follows:
- The existingphysical strength ofthe access point, such as doorsand frames,
which should not be significantly reduced by thefittingof the necessary
lockingmechanisms and the mechanismshould be selectedappropriately to
the strength ofthe doorframe.
NOTE: Thephysicalstrengthofan accesspointshouldbereinforcedifthisis likely
to be reduced by the attachment of the access control hardware; advice on the
physicalstrength requirementsis given in BS8220.
- The transfer of electricalconnections onto doors via suitable flexiblecables
or othermeans of adequate reliability.
- Appropriate hardwarewhere rebated anddouble-rebatedoorsarecontrolled.
- Necessarysafetyprecautions where all-glassor otherspecial doors are
controlled.
Door closingdevices shall be sufficientto close and lock the door under
normal circumstances,but withoutundueimpactuponthe components ofan
access control system.
release mechanisms.
- Where manual or automatic override features are used, continuously rated
releases will be required.
Where accesspoint monitoring is ofcritical importance,considerationshould be
given to monitoring the state ofsecurement of the access point, i.e., closed and
locked, in addition to any monitoring by means ofa separate protective switch.
Locking mechanisms can have two modes of operation under system failure
conditions, 'fail unlocked' and 'fail locked'. Where exit is available by purely
mechanical means, the fail locked mode may be acceptable but where exit is
granted by electricalmeans, the failunlocked mode may be mandatory to meet
safety legislation.
4.3
l0Ji'i,rJ1
Control
In selectingcontrols, consideration shall be givento the following:
- Operational requirements of the associated controllers.
7
programme
Logging of transactions.
Annunciation of alarms.
Blocking, validation and deletion of tokens.
Database for the retention of tokenholder detailswithback-up copies of
corruptible datato facilitatere-establishment of the system in the eventof
a failure.
-
volatile means.
Maintenanceandserviceability.
Temperature
Humidity
Dust andother air contamination
Vibration
Electromagneticinterference.
The following shall be taken into consideration whensiting controlequipment:
Ventilation
Access for maintenance
User accessfor archiving etc.
Noise from associatedprinter
Physicalsecurity and supervision
Generalvisibility to unauthorized persons of any displayed data.
5.
Commissioning
Commissioning shall include testing of the following aspectsofthe system:
Allwiring is correctly terminated.
Voltage and resistanceat all appropriate points of the system, which shall be
recorded.
Correct alignment and operation of access point hardware and of release and
closure mechanismsat each access point.
Correct operationof each reader.
Release time for each door.
Doorheldopensignal,ifspecified.
Verificationof access levels,where specified,by the inputof appropriate data.
Ensuresystem continues toworkwhenmains supply disconnected (ifspecified).
5.2
Handover
At handover, the installingcompany shall:
8
- Provide a system log bookto the customer and explain how to recor
problems.
Demonstrate all aspects of the system operation to the customer, including any
necessarysafety precautions.
Ensurethat thecorrectdocumentation (see5.3)isgiven tothe customer toenable the
system to be operated, adjusted andmaintained.
- Train thesystemuser(s)initscorrectoperationandarrangefor anyfurther
necessary
training.
- Ensurethat users knowthe procedure for summoning assistancein the event of
system malfunction.
- Instruct the customer to establishwhetherpersonal information held within the
system requires registration under the Data ProtectionAct.
5.3
Documentation
Upon completion of installation of the access control system there shall be a system
PAR.
2.
2.1
Maintenance
2.1.1 Maintenancecompany. An organisation prepared to maintain an installed
system.
2.1.2 Preventativemaintenance. Routine servicingof a system, carried out on a
scheduled basis.
2.2
3.
MAINTENANCE
3.1
General
3.1.1
Whatever arrangements are made, the maintenance company shall have the
means, including spare parts and documentation (see 5.3 of Part 1), to comply
with this Part (Part 2) of this Code.
NOTE: This recommendationdoes notplace an obligation upon customers who
purchase their systems to have them maintained by the installing company;
maintenance is a matter ofagreement between the customer and the installing
companyora separate maintenance company.
3.1.2 The preservation of security within the maintenancecompany is of paramount
importance and steps shall be takento ensure the safe custody of all equipment
and documentation pertaining to installations. A maintenance company shall
ensure that adequate vetting of employees is carried out and that all employees
carry identification cards which shall include a photographof the bearer, his
signature, the company's name and a date of expiry.
3.1.3 Each service technician employed by the maintenance company shall carry a
range oftools, test instruments andotherequipmentto enable him toperformhis
functions satisfactorily. Specialist tools, test equipment and plant shall be
availablefor deeper investigationas necessary.
NOTE:Notalleventualitiescan beforeseen and, in exceptionalcircumstances, a
systemorpart(s) ofa system may have to be leftinoperableordisconnectedwhilst
tools or replacementcomponents are obtained (see 4.6).
3.1.4 The maintenancecompany's organisationshall be so staffed as to ensure that the
recommendations and requirements of this Part of this Code can be met at all
times. The following factors shall be taken into consideration:
(a) the number of installations to be serviced;
(b) the complexity of the installations;
(c) the geographicalspread ofthe installationsinrelationto thelocation ofthe
maintenancecompany, its branches and its service personnel;
(d) the method of calling out service personnel outsidenormal office hours.
10
whenever appropriate.
3.2
Preventativemaintenance
3.2.1 Frequencyofvisits
Correctivemaintenance
3.3.1 An emergency serviceshall be availableand the client shall be kept informed of
the address and telephone number of the maintenance company's emergency
servicefacility.
4.
RECORDS
4.1
General
The maintenance company shall establish, retain and maintain a system of records
relatingtothe systemincluding the informationrequired by4.2 to 4.6. Itis essentialthat
these records be protected from unauthorised access.
NOTE: Attention isdrawnto theData ProtectionAct, 1984in those caseswhere records
contain information concerningindividuals.
4.2
System record
A system record will have been generated at installation and may include previous
information from thesystem designspecification,aswellasthat required by 5.3 ofPart
1. This shall be kept up to dateandshall be available to the maintenancetechnician for
each maintenancevisit.
NOTE: Thesystem informationasrequiredbyPart1 maybeprovidedindi4gramform.
11
orical record
4.5
Correctivemaintenancerecord
There shall be a record of the dateand time of receipt of each request for emergency
service, together withthedateandtime ofcompletion ofcorrectivemaintenanceandthe
necessaryaction(s) carried out.
This information shall be kept for at least 2 years after the emergencycall to whichit
refers.
The result ofa correctivemaintenanceinspection shallbe entered on amaintenancevisit
record and the signature of the client or his representativeobtained on the record. A
copy of the record shall be givento the client.
This information shall be kept for at least 15 months after the inspection to which it
refers.
NOTE: If a preventative maintenance inspection is made at the same time as the
correctivemaintenancevisit, separate visit recordsshould be completed.
4.6
Temporarydisconnectionrecord
There shall be a record of any temporary disconnection of the system or of any
component part(s) of it. This shall identify which part(s) of the system and the
associatedequipmentis not operable. Thereason forthe disconnectionandthe date and
time of disconnection and of subsequent reconnection shall be given. A signed
authorizationforeachdisconnectionshallbeobtainedfrom theclientorhisrepresentative.
This authorization shall be kept for at least 3 months afterreconnection.
12
lvi u/i/itivnz/in/nn1ztivn
.\ Acxsc/)lL'ttSL
vutad:
ztlaidenhcad, Berkshbr51168AJ
Telephone 0628 37512 Fax 0628 773367