Draft Access to University Facilities Policy and Procedures

This policy applies to all University members and visitors.

To ensure the safety of University members and the security of University facilities by managing access in a consistent way. This policy covers open access facilities, controlled access facilities and restricted access facilities.

This policy should be read alongside the Campus Card Terms and Conditions. Visitor’s access to restricted facilities is managed through the Visitor Access to IT Systems, Data, and Restricted Facilities Policy and Procedures.

While the University aims to maintain an open and welcoming environment, there are reasons to restrict access to specific facilities including to protect sensitive research, data, and systems, to comply with health and safety obligations specific to hazardous areas, and to comply with government regulations, for example, laboratory physical containment.

The University reserves the right to reasonably exclude or decline access to its properties any person who are not University members or authorised visitors in accordance with the provisions of the Trespass Act 1980.

Access

1. An access control credential will be issued to University members and visitors to grant access to facilities relevant to their roles and responsibilities.

2. University members and visitors are required to carry their access control credential when accessing controlled and restricted access facilities.

3. All persons to whom an access control credential has been issued must only use the credential to enter areas of campus for which they are currently authorised.

4. Access credentials must be used only by the person or persons to whom they have been issued.

5. University members and visitors must not admit anyone to controlled or restricted access facilities whom they do not know, or who does not have a reason to use the facility. This includes holding a door open for someone following you into a controlled or restricted access facility.

6. In the event an access control credential is lost, stolen, or otherwise compromised, the authorized credential holder must immediately call Security on ext 85000 to report the loss.

7. The credential holder must also submit a written confirmation of the loss or theft to their local facilities team within one (1) business day.

8. Anyone who enters a restricted area without authorisation, or compromises University security arrangements through any deliberate or negligent act, could be subject to disciplinary actions from the University, or criminal charges where appropriate.

9. Access permissions for each facility must be reviewed at least twice annually by the facility manager or Director of Faculty Operations to ensure they remain appropriate and current, and access credentials that are no longer required must be revoked.

Open hours and after-hours access

10. Faculties, LSRIs and Service Divisions will set open hours for the facilities they manage and communicate when access is restricted without prior approval.

Note: Establishing defined open hours supports health and safety obligations and contributes to sustainability goals by reducing energy usage.

11. Exceptions to open hours may be granted for approved reasons.

Note: Examples include, but are not limited to, religious observance that prevents students or staff from conducting duties during open hours, or the need to participate in conference calls with colleagues in a different time zone. Exemption requests must be approved by the Facility Manager who are required to advise Security at least 24 hours in advance.

12. University members wishing to work in any facility outside of open hours must receive approval from the staff member responsible for the space.

13. After-hours access for high-risk activities may only be approved after a risk assessment is completed and recorded. This assessment must identify all reasonably foreseeable hazards or risks, and outline controls to reduce risk to an acceptable level.

Note: Some technical workshops and laboratories require additional specific risk assessments due to the nature of higher risk activities that may be undertaken.

14. Access to technical workshops and Hazardous Substances and New Organisms (HSNO) Exempt Laboratories require additional specific risk assessments due to the nature of higher risk activities that may be undertaken, and these risk assessments must meet the conditions of the Health and Safety Risk Management Standard and the HSNO Exempt Laboratory requirements to allow approval for after-hours access.

University closedown periods

15. Faculties, LSRIs and Service Divisions manage access to facilities during public holidays and closedown periods. University members wishing to work in a facility during closed periods must seek approval from the facility manager.

Security

16. University members and visitors must comply with Security staff requests to see the identification of anyone using a University facility at any time.

17. Where a University-issued access control credential is presented by a person who is confirmed not to be the authorized holder, Security staff are authorized to request the immediate relinquishment of that credential.

18. Security personnel must not provide access to controlled access facilities or restricted access facilities without facility manager approval.

19. Security personnel, facilities managers and building wardens may be required to evacuate or temporarily limit access to any facility in response to an emergency, health and safety risk or maintenance requirement.

Health and safety

20. University members and visitors must complete any required training or obtain necessary clearances specific to the restricted areas where they have been granted access.

Procedures

21. Faculties, LSRIs and Service Divisions will maintain their own access and safety procedures and make these available to all users with access to their facilities as needed.

22. All access approvals, risk assessments and inductions must be recorded, maintained in an auditable system and disposed of in accordance with records management requirements, the Privacy Act 2020, and the University’s Privacy Framework.

Access control credential means a security device issued by the university that grants authorised entry to specific buildings, rooms, or areas, and these credentials may include physical items (e.g., access cards, fobs, keys) or digital tools (e.g., mobile access apps, PIN codes).

Controlled access facilities means any physical space, building, or area owned, leased, or controlled by the University which requires an access control credential or booking approval to access. Entry is often limited to enrolled students, staff, or approved contractors or visitors through the management of access control credentials.

Facilities manager means the staff member with delegated health and safety responsibilities over a specific area. Examples of possible positions with these responsibilities include Laboratory Manager, Technical Services Manager, Technical Team Lead, Facilities and Service Managers, Kaituki Marae or Fale Pasifika Coordinator.

Hazardous Substances and New Organisms (HSNO) Exempt Laboratories are facilities that are legally permitted to use hazardous substances for small-scale research, development, teaching, or analytical testing without needing individual Environmental Protection Authority (EPA) approvals for those chemicals.

High-risk activities have been deemed so by a risk assessment and carry a significant risk of harm to individuals, property, or the environment. For example, activities that may require the use of hazardous substances or machinery, or operations that require specialised training, supervision, or safety protocols.

Open access facilities means any physical space, building, or area owned, leased, or controlled by the University that are accessible to the general public during open hours without the need for an access control credential.

Open hours means the designated times a University facility is available for authorised use. During open hours the facility may remain locked and require an access control credential to access.

Restricted access facilities are defined by the Faculty, LSRI or Service Division that manages the space and could refer to any physical space, building, or area owned, leased, or controlled by the University where access is limited to authorised personnel due to the nature of activities conducted, the presence of sensitive, restricted or hazardous equipment or materials, or the requirement to protect confidential information, intellectual property, critical resources, or any other purpose identified by the facilities manager. These spaces are often, but not always, marked with orange or red signage that states “No Entry Without Permission.”

Staff member refers to an individual employed by the University on a full or part time basis.

University means Waipapa Taumata Rau, University of Auckland and includes all subsidiaries.

University member includes all members of Council, members of committees and boards, staff members, honorary and adjunct appointees, students, contractors, subcontractors, consultants, associates and business partners of either the University or UniServices (as the case may be).

Visitor means a person who is not a University member who is on University property.

• An Introduction to Trusted Research - Protective Security Requirements (TR-PSR)
• Hazardous Substances and New Organisms Act
• Health and Safety at Work Act 2015
• Health and Safety Risk Management Standard
• Health, Safety and Wellbeing Policy
  
• Managing Inward Visits: Protective Security Guidance
• Privacy Act 2020
• Resource Management Act 1991

Owner: Registrar
Content manager: Associate Director of Facilities
Approved by: Vice-Chancellor
Date first approved: 
Next review date: