COMPLIANCE HOT TOPIC
Office Security Best Practices
QUESTION:
Should I maintain a visitor log at my front entrance?
ANSWER:
Yes, visitors pose a risk to privacy and security. All companies, especially those in the financial industry who handle consumer non-public and confidential information (NPPI/PII), should maintain a visitor log at each office entrance in order to audit visitors and ensure only authorized individuals are permitted to access the facilities. At a minimum, a visitor log should include the date, time in, visitor’s name, person being visited, reason for the visit, and time out. The employee permitting the visitor should verify the visitor’s identity by reviewing the visitor’s government-issued photo ID to ensure they are who they say they are.
A visitor log will also serve as a vital reference tool in the event of unforeseen events (i.e. theft, active shooter situations, or incident breaches) and in an emergency evacuation as it will help accurately account for individuals present within the facility. Mortgage lenders should review branch office visitor logs as part of their branch office oversight procedures to ensure they are being maintained appropriately.
Thirsty for more FAQ knowledge? Click the button.
|
