Item 10.1
CTPAT Members must have written procedures governing how
identification badges and access devices are granted, changed,
and removed.
Where applicable, a personnel identification system must be in
place for positive identification and access control purposes.
Access to sensitive areas must be restricted based on job
description or assigned duties. Removal of access devices must
take place when the employees separate from the company.
Implementation Guidelines
Access devices include employee identification badges, visitor and
vendor temporary badges, biometric identification systems,
proximity key cards, codes, and keys. When employees are
separated from a company, the use of exit checklists help ensure
that all access devices have been returned and/or deactivated.
For smaller companies, where personnel know each other, no
identification system is required. Generally, for a company with
more than 50 employees, an identification system is required.
So company identification badges are required to be issued to employees and you need the policies and procedures around their issue, usage, and recovery.
Implementation
A basic badge system can be purchased that includes a card printer, camera, cards, software, and ink. You supply the computer to run it. Badges can be plain cards or smart cards. If contactless smart cards are used as badges then they can also be used for access control at doors. If contact smart cards are used then they can be used for computer access control as well.
The MoveItNow Suite has the option of including “mug shots” in the database for drivers, helpers, sales people, and user account. There are reports for generating badges from these entries.
Active Directory has the option of including a “mug shot”.