S 2.14 Key management

Initiation responsibility: Head of Organisation, IS Management Team

Implementation responsibility: Building Services Manager

For all keys to the building (of floors, hallways and rooms), a lock-up plan should be drawn up. The manufacture, storage, management and issue of keys must be organised on a centralised basis. Reserve keys are to be provided and have to be stored securely. The same goes for all identification means such as magnetic or smart cards. Attention must be paid to the following:

• Where a lock-up facility is available, specific lock-up groups must be established for areas requiring protection. Depending on the requirements, individual rooms should be removed from the lock-up group and provided with a single lock-up.
• Keys not issued and spare keys must be stored in a way affording protection against unauthorised access.
• Issuing of keys to correspondingly authorised persons will only be made in justified and comprehensible cases against receipt and must be documented. Also in case of substitutes, the key must not simply be handed over; change of the key holder must be made via issuing of the key. This detour is the only possibility to ensure complete documentation for proving the whereabouts of a key.
• Arrangements must be made with regard to the response required in case of loss of individual keys (reporting, replacement, reimbursement of costs (verification of third-party indemnity in case of lack of due diligence, if applicable), replacement of the lock, alteration of the lock-up group, etc.).
• When changes are made to the authorities of staff members, the lock-up rights are to be checked; if and where required, the keys will have to be recovered.
• In case of termination of employment, all keys must be retrieved from the persons concerned (inclusion of key management in the inter-office slip of the stations to be completed before termination).
• Locks and keys to areas requiring particular protection (for which only a very restricted number of keys should be issued) may be changed as required and without previous announcement in suspected cases in order to neutralise the function of counterfeited keys.

Review questions:

• Are non-issued keys stored safely?
• Is every issuing of keys documented?