ASTM D8217-20

This international standard was developed in accordance with internationally recognized principles on standardization established in the Decision on Principles for the
Development of International Standards, Guides and Recommendations issued by the World Trade Organization Technical Barriers to Trade (TBT) Committee.
Designation: D8217 − 20
Standard Guide for
Access Control System
This standard is issued under the fixed designation D8217; the number immediately following the designation indicates the year of
original adoption or, in the case of revision, the year of last revision. A number in parentheses indicates the year of last reapproval. A
superscript epsilon (´) indicates an editorial change since the last revision or reapproval.
1. Scope fire official of the city or county in which the job site is located.
In some cases, such as healthcare facilities, transient accom-
1.1 This guide covers the recommended access control
modations and day care facilities, theAHJ is the city or county
system for protecting resin cannabis, resin cannabis products,
building or fire official.
resin cannabis waste, currency, people, property, and assets.
2.1.4 digital video recorder (DVR), n—records data in a
1.2 Units—The values stated in inch-pound units are to be
digital format to a local or networked mass storage device.
regarded as standard. The values given in parentheses are
mathematical conversions to SI units that are provided for
2.1.5 dual-locked storage container, n—lock that require
information only and are not considered standard.
two individuals to open; the dual custody classified lock
programmed to require two combinations or keys to open.
1.3 This standard does not purport to address all of the
safety concerns, if any, associated with its use. It is the
2.1.6 electric strike, n—operates by means of electric
responsibility of the user of this standard to establish appro-
current, connected to an access control system, remotely
priate safety, health, and environmental practices and deter-
monitored and controlled, both to lock and unlock.
mine the applicability of regulatory limitations prior to use.
2.1.7 interlock, n—whereby only a single door shall open at
The recommendations herein are offered as the minimum
any point in time; once a door is open, all other doors in the
requirement. All standards are subject to the requirements of
room that are part of the interlock are prevented from opening.
the local Authority Having Jurisdiction (AHJ) in any given
area. 2.1.8 Internet protocol (IP), n—datasentovertheInternetor
1.4 This international standard was developed in accor- other network.
dance with internationally recognized principles on standard-
2.1.9 magnetic lock, n—large electro-magnet mounted on
ization established in the Decision on Principles for the
the door frame and a corresponding armature mounted on the
Development of International Standards, Guides and Recom-
door; when the magnet is powered and the door is closed, the
mendations issued by the World Trade Organization Technical
armature is held fast to the magnet to secure the door.
Barriers to Trade (TBT) Committee.
2.1.10 man trap, n—locked room whereby only a single
2. Terminology
door shall open at any point in time; once a door is open, all
other doors in the room that are part of the man trap are
2.1 Definitions of Terms Specific to This Standard:
prevented from opening.
2.1.1 access control software, n—track staff by recording
accesspointingressactivitieswhileatthesametimeenhancing
2.1.11 personal identification number (PIN), n—four- to
the overall safety of the property; sounds an alert when
six-digit code assigned to individuals and inputted onto a
anomalies detected; accessibility via the Internet.
keypad for access.
2.1.2 authentication, v—verifying the identity of a user for
2.1.12 sally port, n—locked enclosure for vehicles whereby
an access control device that ensures the individual using the
only a single door shall open at any point in time; once a door
device is authorized access.
is open, all other doors in the enclosure that are part of the sally
2.1.3 authority having jurisdiction (AHJ), n—the port are prevented from opening.
organization, office, or individual responsible for issuing
2.1.13 three-factor authentication, n—at least three of the
permits, approving layout drawings, equipment, enforcing the
following: an access control credential (for example, badge,
requirements of a code or standard or approving materials, an
FOB, wireless device), personal identification number (PIN),
installation or procedure. Usually the AHJ is the building or
or biometric, or combinations thereof.
2.1.14 two-factor authentication, n—at least two of the
This guide is under the jurisdiction ofASTM Committee D37 on Cannabis and
following: an access control credential (for example, badge,
is the direct responsibility of Subcommittee D37.05 on Security and Transportation.
FOB, wireless device), personal identification number (PIN),
Current edition approved Feb. 1, 2020. Published February 2020. DOI: 10.1520/
D8217-20. or biometric, or combinations thereof.
Copyright © ASTM International, 100 Barr Harbor Drive, PO Box C700, West Conshohocken, PA 19428-2959. United States
D8217 − 20
2.1.15 uninterruptible power supply (UPS), n—ensure con- 4.1.2 Using access control technology, select personnel with
tinuous operation of systems upon loss of normal power using designated backups are able to monitor and appropriately
a surge protector with a built-in backup battery. assign room access.
4.1.3 Access control cards are a standard-size credential
3. Significance and Use
visibly displayed with the name of the employee, contractor, or
3.1 Access control system devices are installed at strategic
visitor on one side and a control number on the other, and
locations, such as all exterior entrances, administrative offices,
full-time employee cards also contain a photo.
grow rooms, processing rooms, manufacturing rooms, storage
4.1.4 Individuals must possess their company-issued access
areas, transaction areas, loading dock, vaults, and locker room.
control credentials at all times while on the property.
3.2 Access control system software tracks staff by recording
4.1.5 The access control credentials are programmed for
accesspointingressandegressactivitieswhileatthesametime
specific days, hours, and rooms of access.
enhances the overall safety of the property.
4.1.6 When an employee is terminated, the access control
credential is collected and deactivated.
3.3 An access control system is especially important during
an emergency to determine who is on and off the property.
4.2 All requests for access control credentials are made
3.4 Individuals are permitted access after they have been
through the system and allows authorized personnel to:
subjected to background screening and issued credentials that
4.2.1 Request a credential for a new employee or contractor,
allow for real-time monitoring and forensic analysis of em-
4.2.2 Request a replacement credential, and
ployee or vendor on-site movement.
4.2.3 Add additional access privileges to a current creden-
3.5 All doors should also be secured with electric strike or
tial.
magnetic locks that remain locked in the event of power loss
4.3 The ACS allows two or more doors in a room to be
(default secured).
configured as an interlock, whereby only a single door shall
3.6 Limited access area door locks, unlocks, and opens
open at any point in time. Once a door is open, all other doors
through the use of a two-factor authentication consisting of at
in the room that are part of the interlock are prevented from
least two of the following: an access control credential (for
opening.
example, badge, FOB, wireless device), personal identification
4.3.1 Examples of an interlock area include man traps,
number (PIN), or biometric, or combinations thereof with a
controlled labs, and sally ports.
keyed override system installed.
4.4 Forhighlysecuredareas,anextralevelofauthentication
3.7 Exterior door locks should be unlocked and opened
such as biometric readers can be required for access.
through the use of a two-factor authentication consisting of at
least two of the following: an access control credential (for
5. Policies and Procedures
example, badge, FOB, wireless device), personal identification
5.1 Policies and procedures specifying instructional require-
number (PIN), or biometric, or combinations thereof with a
ments applicable to the ACS to protect resin cannabis and
keyed override system installed.
currency, suchasrolesandresponsibilitiesforrespondingtoan
3.8 Restricted access area, such as a vault and safe are
alarm or an alert and notification protocols for alarms and
protected by three-factor authentication consi
...