Handbook of Operating Procedures 8-1110
Security Alarm Systems
Effective November 6, 2023
Executive Sponsor: Senior Vice President and Chief Financial Officer
Policy Owner: Director – Data Centers & Electronic Physical Security Systems University
It is the policy of The University of Texas at Austin ("University") to manage all access control, electronic security, intrusion and alarms systems (collectively referred to as "Security Alarm Systems") to enhance the safety and security of University sites while maintaining compliance with all applicable laws and policies.
- Reason for Policy
To define authority for the development of responsibilities, policies, and procedures for deployment and operations of the University's Security Alarm Systems.
- Scope & Audience
This policy applies to all employees, students, official visitors, affiliates, and contractors with respect to use, installation, and operation of access control, electronic security, intrusion and alarms systems ("Security Alarm Systems") at The University of Texas at Austin, including the main campus, J. J. Pickle Research Campus (PRC) and other university owned and operated sites as appropriate.
This policy applies to
- all Security Alarm Systems;
- new spaces; and
- existing spaces if the usage of the space has changed, the space is being renovated, Security Alarm Systems are being modified in the space, or the space otherwise has been identified as subject to this policy by the Information Security Office or Internal Audit.
This policy does not apply to these exclusions
- fire protection and alarm systems;
- university-owned vehicle alarms;
- building automation systems such as temperature controls; and
- parking or traffic control systems.
- Definitions (specific to this policy)
None
- Website (for policy)
https://secure4.compliancebridge.com/utexas/public/getdoc.php?file=8-1110
- Contacts
- Responsibilities & Procedures
- Security Alarm System Installation and Administration
All Security Alarm equipment must be installed by ITS – EPSS group and/or their authorized contractors. In addition, all equipment must be tied into the main campus system and administered by the ITS – EPSS group.
- Electronic Physical Security Systems Operations Manual (“Manual") (restricted access)
The Manual defines governance, roles, responsibilities, funding, minimum standards, and requirements for all University Security Alarm Systems.
- Requests for Alarm logs and information
- Law Enforcement Requests
All BACS logs, Alarm Logs, and all related UT-Video footage requested by any law enforcement entity will require a lawful request (e.g., subpoena) that shall be served to the Vice President for Legal Affairs. Such lawful requests must be served via:
(for Mail Delivery, when permissible)
Vice President for Legal Affairs
The University of Texas at Austin
P O Box R
Austin, Texas 78713-8918
(512) 471-1241
(for Personal Service)
Vice President for Legal Affairs
Flawn Academic Center, Room 438
Campus mail code G4800
Upon receipt of a lawful request that has been verified by the Office of the Vice President for Legal Affairs ("Legal Affairs"), ITS will coordinate with Legal Affairs to produce the requested information. Such responses will be provided in a reasonable and timely manner via UTBox.
- Building Security or Video Administrator Requests
All requests from university building security or video administrators for BACS logs or UT-Video footage must be related to operational functions of their role. All requests for such information must be submitted in writing to the following e-mail address: seccontrol@its.utexas.edu. All requests must specifically articulate the business need for the information. ITS may require all such requests be submitted via a standardized web form or in another format deemed appropriate by ITS.
- Administrators are not authorized to submit requests for information intended to be used for internal investigations. Such requests must be submitted to the Information Security Office (security@utexas.edu).
- Administrators are not authorized to submit requests for information to be used in relation to law enforcement investigations. Such requests must be submitted via a subpoena to the Office of the Vice President of Legal Affairs as referenced above.
- Administrators are not authorized to submit requests for information intended to be used for attendance or time-keeping records. Such requests must adhere to the following procedure: Conducting Administrative Investigations Involving University Employees and Information Resources
- Administrators are not authorized to share any information collected from the BACS or UT-Video systems without previous permission from Legal Affairs.
ITS will provide its response to Administrators via UTBox.
- Exceptions
- Real-time monitoring as part of routine law enforcement activities
UTPD will be exempted from this operating procedure when they are working from a system they maintain (e.g., viewing near-time building alarms) or are viewing data or footage via an ITS-managed source in real-time as part of an active law enforcement engagement (e.g., viewing surveillance video footage in real-time during sporting events, or call ups from an alarm system).
- Official information requests made by the Information Security Office
The Information Security Office (ISO) may be required to request BACS and/or UT-Video information as part of an on-going internal investigation. The ISO will serve Legal Affairs as the incident coordinating unit. In this role, the ISO will be responsible for collecting information requested via an official lawful request. All such ISO requests will come from the Chief Information Security Officer or their designee.
- Exigent circumstances
In situations where law enforcement believes that an individual's life is in imminent danger (e.g., death or bodily injury), ITS will disclose BACS logs or UT-Video footage related to their particular inquiry without delay. As soon as is possible, ITS will contact Legal Affairs by e-mail and phone to indicate what information was disclosed and under what circumstances.
- Other circumstances as approved by the Vice President for Legal Affairs
The Office of the Vice President for Legal Affairs may approve other exceptions to this operating procedure on a case-by-case basis.
- Policy Exceptions
- During times of emergency the president or designee has the ability to implement exceptions to this policy, as necessary.
- Any requests for exception to this policy must be approved by the EPSS Executive Operations Committee. Requests can be made via the EPSS Service Catalog.
- Prohibitions Regarding Unauthorized Individuals
It is a violation of University policy to permit unauthorized individuals to install or administer any portion of the Security Alarm system. It is also a violation to permit unauthorized individuals to enter into buildings and facilities restricted from general public access by deliberately disengaging, deactivating, or otherwise circumventing alarm devices or other security measures intended to control building and facility access.
- Penalties for Violation of this Policy
Persons who violate this policy are subject to disciplinary action in accordance with relevant University discipline Policy.
- Forms & Tools
Building Access Control and Security Operations Manual ("Manual") (restricted access)
- Frequently Asked Questions
None
- Related Information
Handling of Malfunctioning Security Alarm Systems
Campus construction standards for Security Alarm Systems
- History
Modified: January 2016
Modified: November 6, 2023
Next scheduled review date: November 2026