AN OVERVIEW OF THE KEY
MANAGEMENT SYSTEM
Peggy Matta
Cornell University Police Department
KMS and Access Control Administrator
Objectives

Define the Key Management System (KMS)

Share benefits of the KMS

Describe the process to start using the KMS

Show how the KMS works to manage key
inventories
What is the Key Management System
(KMS)?
The KMS is a web-based physical key inventory and
management system that meets the requirements of
Policy 8.4 – Management of Keys and Other Access
Control Systems.
The KMS was designed and
built by Cornell resources.
What capability does the KMS provide?
The KMS has been designed to meet the following
general requirements:
Capture key profiles
 Establish an organizational structure for managing keys
within your unit to include Key Control Coordinator(s) and
Associate Key Control Coordinator(s).
 Inventory physical keys, including

Organizing keys by Key Groups and Key Rings
 Assigning access locations to keys


Capture transactions associated with keys such as:
Assigning keys to individuals
 Putting keys in storage
 Identifying a key as lost/stolen or broken

Benefits: Why should I use the KMS?


Per Policy 8.4 you must use the KMS for spaces with
special access restrictions (e.g., those with highly
hazardous materials or highly valuable assets)
KMS is a central inventory system that:
 Facilitates
emergency response. KMS is used by:
 Emergency
services personnel (CU Police, Environmental
Health & Safety)
 Lock Shops (both PDC and Campus Life)
 Facilities Customer Service
Benefits: Why should I use the KMS?

KMS is a central inventory system that:
 Facilitates
processing of key requests
 Tracks keys in one location rather than several isolated
locations – much more efficient
 Meets the requirements of Policy 8.4
 Captures
data required for each key transaction
 Facilitates review of key inventories at least once every 2
years
 Uses
“institutional data currencies”
 Facilities
inventory for space information
 PeopleSoft for people information
What is the process to use the KMS?
2. Assign access
locations to key
profiles
3. Assign AKCCs
4. Create key
groups
5. Create key rings
6. Create key
instances
AKCC
1. Create key
profiles
KCC
Lock Shop
The following diagram identifies the steps to establish
your key system in KMS:
7. Assign keys and
key rings
8. Sign keys and
rings back in
9. Identify keys as
lost/stolen or
broken
The Lock Shop works with you to
establish key profiles for your facility
in the KMS. A profile is a “key family tree”
Lock Shop
1. Create key profiles
1. Create key
profiles
Grand Master
Master
Master
Master
Submaster
Change
Change
Master
Submaster
Change
Submaster
Change
Change
Submaster
Change
Change
Submaster
Change
Change
Change
Orphan
keys
Key Profiles in KMS

Key Profiles are assigned to a KCC
Filter by column
to find a specific
profile
Access Locations
identify what spaces
can be opened by
specific key profiles
The central
facilities
inventory is used
to manage all
location
information
KCC
2. Assign access locations to key profiles
2. Assign access
locations to key
profiles
3. Assign AKCCs
4. Create key
groups
5. Create key rings
6. Create key
instances
Associate Key Control Coordinators
(AKCCs) manage key groups for the
KCC
KCC
3. Assign AKCCs
2. Assign access
locations to key
profiles
3. Assign AKCCs
4. Create key
groups
5. Create key rings
6. Create key
instances


Keys are organized into key groups
Key groups may be assigned to
AKCCs to manage
KCC
4. Create key groups
2. Assign access
locations to key
profiles
3. Assign AKCCs
4. Create key
groups
5. Create key rings
6. Create key
instances

Keys may be managed in “rings”
KCC
5. Create key rings
2. Assign access
locations to key
profiles
3. Assign AKCCs
4. Create key
groups
5. Create key rings
6. Create key
instances
After establishing your key family tree
and organizing your key structure
(steps 1-5), add the physical key
instances into KMS
KCC
6. Create key instances
2. Assign access
locations to key
profiles
3. Assign AKCCs
4. Create key
groups
5. Create key rings
6. Create key
instances
Identify each key
instance a unique
sequence number


Search for the key or ring to assign
Assign keys based on netID
Easily find keys in your
inventory based on the
facilities & rooms they
open
AKCC
7. Assign keys & key rings
7. Assign keys
and key rings
8. Sign keys and
rings back in
9. Identify keys
as lost/stolen or
broken
AKCC
8. Sign keys and rings back in
Use facility information
to put the key or ring
back into storage
7. Assign keys
and key rings
8. Sign keys and
rings back in
9. Identify keys
as lost/stolen or
broken
AKCC
9. Identify keys as lost/stolen or broken
7. Assign keys
and key rings
8. Sign keys and
rings back in
9. Identify keys
as lost/stolen or
broken
Additional features of KMS





Print transaction logs for key holder’s signature
Assign due dates (highlighted in red on screen if
date has past)
View logs of all transactions associated with a key
Capture special information about locations that
require additional approvals for access
Manage annual reviews of key inventories
Can I import my existing key data
into the KMS?

A data conversion process is available that allows you to
upload your key instance data into KMS from excel
spreadsheets. The following information is required for
each key instance:






Key profile information (Key set and Keyway)
AKCC
Key group
Key stamp
Key sequence
Status (storage, assigned, lost/stolen, broken)



Key holder or
Key storage location
Due date
What’s next...



Training is required prior to use of the KMS.
Prior to starting, be sure to have your Dean or VP
complete the KCC Authorization Form
Contact
 Peggy
- training and questions (mem25; 5-4393)
 Marie Balander – Key profiles (met10; 5-4841)
 Curtis Baker – Data conversion (baker@; 5-7874)

Check on-line at
http://www.cupolice.cornell.edu/crime_prevention/keysinfo/
for forms, the policy, and the user’s manual