Security of MnDOT Facilities and Property Policy
MnDOT Policy #AD013
Revised: June 27, 2024
View/print signed policy (PDF)
Please go to the MnDOT Org Chart to find specific contact information: Org Chart.
Responsible Senior Officer: Deputy Commissioner/Chief Administrative Officer
Policy Owner: Director, Office of Administration
Policy Contact: Director, Central Office Facility Operations Section
Policy statement
Agency
The Minnesota Department of Transportation (MnDOT) is committed to avoiding, preventing, and reducing the likelihood and consequences of disruptive events for its employees and on its properties.
This policy adheres to direction provided by Occupational Safety and Health Administration (OSHA), ASIS International, and other national safety and security expert groups.
Facilities
The leadership (including facility managers) of the Central Office Transportation Building, Special Service Sites, and Districts must create, implement, and uphold security procedures for their respective MnDOT facilities statewide. Each facility’s security procedures and access control protocol must address, at a minimum, the following:
- New employee notification and access application (with supervisor approval) process, including ID badge, key card, and hard key issuance guidelines
- Employee termination/departure notification process, including deactivation and/or collection of ID badges, key cards, hard keys, and other access tags or badges
- Visitor sign-in process to ensure that there is an accurate record of non-MnDOT visitors to facilities
- Hard key management system/process that accounts for hard keys and ensures that all MnDOT property and resources are secured at all times
- Clear definitions of “public” and “non-public” spaces and clear signage delineating the non-public areas of each facility
- Clear display of employee and visitor ID badges at all times (unless working in an environment where display would be a safety issue)
Note: MnDOT’s Office of Administration has developed a Security Procedures Template that facility managers may adapt to create their security procedures.
Each facility must regularly test the functionality and effectiveness of their access control protocol. Examples include testing the integrity of a fence and gate system, camera operations and recording, camera view obstructions, key card reader functionality, etc. Functionality tests should be completed at a minimum of once every six months.
Facilities that employ security cameras as a part of their access management system must adhere to all data practices requirements, including the records retention schedule for video data, and post signage informing employees and visitors that video surveillance is in use on the premises. Depending on the specific facility, a posted Tennessen Warning may also be required; contact MnDOT’s Data Practices unit in the Office of Chief Counsel for more information. Additionally, each facility must adhere to the data practices request process currently in place and managed by the Office of Chief Counsel for public data requests or contact the Office of Human Resources, Labor Relations section to make internal/employee data requests.
Individuals
All individuals – employees, visitors, contractors, vendors, non-MnDOT tenants in MnDOT facilities, etc. – must adhere to all specific facility access control protocols.
Reason for policy
MnDOT is committed to the physical security of its employees, assets, and visitors. This policy is a consistent and uniform approach to that commitment that seeks to avoid, prevent, and reduce the likelihood and consequences of disruptive events at its facilities statewide by adopting guidance provided by OSHA, ASIS, and other physical security and safety expert groups.
This policy is intended to be used in conjunction with the MnDOT “ Respectful Workplace,” “Workplace Violence Prohibited,” and “Code of Ethical Conduct” polices and the MN.IT Services enterprise “Physical and Environmental Security Policy” and “Physical and Environmental Security Standard” documents. The MnDOT “Statewide Space and Security Standards and Guidelines Handbook” featured heavily in the creation of this policy.
Applicability
All MnDOT employees, visitors, contractors, vendors, and non-MnDOT tenants in MnDOT facilities must comply with this policy.
Key stakeholders with responsibilities under this policy include:
- MnDOT and other State Employees
- Managers and Supervisors
- Human Resources (Districts and Central Office)
- Office of Administration
- District and Office Leadership Teams
- Facility Access Control Coordinators for each facility
- Facility Management Section for each facility
- Vendors, Contractors, Members of Public, and non-MnDOT Tenants of MnDOT Facilities
Definitions
After-Action Review
A professional discussion or debriefing following a disruptive event or action in order to determine what happened, why it happened, and how to better prepare for responding to future events
Badge Reader
A device designed to read information from an encoded device, such as a key (access) card, which provides access into an area.
Camera
A device used for capturing visual images, whether still or moving, as part of a security video surveillance system.
Disruptive Event
An intentional, unintentional, or natural event that interrupts normal business, functions, operations, or processes.
Facility Access Control Coordinator
An individual or group that receives and grants or denies requests for access at each MnDOT facility, based on the access control protocols in place for that facility.
Key (Access) Card
A programmable, card-shaped storage medium that is scanned at a badge reader to gain access to secured areas.
Photo ID Badge
An identification card that includes an employee’s current photo and name and may function as a key (access) card for MnDOT buildings.
Physical Security
The part of security concerned with physical measures designed to safeguard people; to prevent unauthorized access to equipment, facilities, material, and to safeguard against a security incident (i.e., cameras, key cards, fences, gates, door locks, etc.).
Special Service Site
A facility that houses a function that reports to Central Office but contributes to a statewide agency service and exists outside of the traditional district administrative and maintenance functions. Examples of special service sites include the Arden Hills Training Center, Bridge Office, Materials and Road Research Office, and Fort Snelling.
Tailgating (also referred to as “piggy-backing”)
A physical security breach in which an unauthorized individual gains entrance to a secured area by closely following an authorized individual into the secured area. Access to secured areas may be gained through key card checkpoints, hard-keyed doors, elevators, main entries outside of building business hours, etc.
Responsibilities
MnDOT and other State Employees
- Visibly display a valid, state-issued photo ID badge.
- Verify that individuals attempting to enter a secured area behind the employee (i.e., tailgating through a key card checkpoint, hard-keyed door, or other secured barrier) have a valid, state-issued photo ID badge.
- Notify direct supervisor and/or local facility access control coordinator if hard key, key card, or ID badge is lost or stolen.
Managers/Supervisors
- Ensure that all employees are aware of this policy.
- Document and take timely and appropriate action when a complaint is made alleging violations of this policy and cooperate with the Office of Human Resources in the investigation process.
- Ensure timely notification to Human Resources and MNIT Services of employee departure/leave of absence.
- Collect and return separated employee assets, including ID badges, key cards, computers, mobile devices, hard keys, etc.
- Ensure ID badges for separated employees are deactivated on the employee’s last day, including for employees on a continuous leave of absence. Managers and supervisors should use their own discretion for employees using intermittent leave.
- Complete and submit an After-Action Report as soon as possible following an incident.
Human Resources (Districts and Central Office)
- Provide appropriate notification of employee departure/leave of absence to facility access control managers.
- When appropriate, conduct investigations into alleged policy violations.
- Consult and coach employees, supervisors, and managers on the appropriate course of action for violations.
Office of Administration
- Ensure timely completion and submission of an After-Action Review following a disruptive event in the Central Office Transportation Building.
- Provide advice and consultation to districts and special service sites in creating and/or updating access control protocols.
- Create, implement, and uphold the access control protocol for the Central Office Transportation Building.
- Regularly test the functionality and effectiveness of the access control protocols at the Central Office Transportation Building.
- Report any issues with the Central Office Transportation Building security system to the Department of Public Safety, Capitol Security Division and the Department of Administration, Facility Management Division.
- Provide administrative services for the statewide security systems for access and camera applications. Working with MN.IT to maintain the system and ensure it is in working order.
- Work alongside office and district leadership teams to ensure security procedures are in place in each MnDOT facility.
District and Office Leadership Teams
- Ensure that each district and/or facility has implemented security procedures and are upholding the procedures.
- Ensure timely completion and submission of an After-Action Review following a disruptive event at their statewide facilities.
- Communicate safety- and security-related information to employees.
Facility Access Control Coordinator for each facility
- Receive and process requests for employee and visitor access.
- Issue hard keys, photo ID badges, and key cards to employees following supervisor approval and each facility’s established access control protocols.
- Receive separated employee key cards, ID badges, and hard keys.
- Regularly review active ID badges and deactivate those for separated employees and those without a business need for access.
- Where feasible, maintain a visitor check-in/out log.
Facility Management Section for each facility
- A minimum of once every six months, test the functionality and effectiveness of the access control protocol at each facility and document the results.
- Perform maintenance and repairs on security infrastructure at each facility.
Vendors, Contractors, Members of Public, non-MnDOT Tenants of MnDOT Facilities
- Adhere to the visitor procedures of each MnDOT facility.
Policy Owner (Director, Office of Administration)
- Review the policy every two years, or sooner as necessary, to ensure the policy remains up to date.
- Ensure resources and training associated with the policy remain current.
- Monitor state, federal, enterprise, agency, or other requirements that apply to the policy or procedures.
- Consult with the Office of Chief Counsel to ensure the policy and procedures remain compliant with all state, federal, enterprise, agency, or other requirements.
- Ensure that necessary approvals by state or federal agencies are obtained before changes to the policy or procedures are implemented.
- Work with the Policy Coordinator to revise the policy and/or confirm its accuracy.
- Communicate policy revisions, reviews, and retirements to stakeholders.
Resources and related information
Forms
Processes, Procedures, and Instructions
- Central Office Transportation Building Security Procedures
- For a list of processes and procedures see MnDOT’s Building Services Section webpage.
Resources
- MnDOT’s Statewide Space and Security Standards and Guidelines Handbook
- Business Data Catalog (BDC) – accessible from employee Intranet
- MnDOT’s Policy Website
History and updates
Adopted
November 30, 1999 (Policy #HR 3.8, Security of Employees and State Property)
Revised
- First Revision: September 11, 2007
- Second Revision: October 24, 2022 (Renumbered as #AD013 and renamed Security of MnDOT Facilities and Property)
- Third Revision: June 27, 2024 (Added responsibilities for deactivation and collection of badges/keys/cards upon employee separation.)
Policy Review
This policy's next scheduled review is due June 2026.