ID Requirement Cost (person hours) a better user experience a.1 easier to use a.1.1 more accurate scanning 354 a.1.2 easy to see 187 a.1.3 easy to reach 140 a.1.4 card convenient and likely to be carried 124 a.2 use the same access control for library entrance 411 a.3 all in 1 card a.3.1 combine ID card and session card 158 a.3.2 combine Library card 276 a.3.3 combine Bloomsbury fitness card 189 a.3.4 combine Club and societies card 76 a.3.5 be compatible with NHS 76 a.3.6 the combine card should not have too many features (don't want it to become too valuable to change for locker keys) 9 b card design b.1 card to include user details b.1.1 card to include name 4 b.1.2 card to include photo 8 b.1.3 card to include UPI 4 b.1.4 card design to include card type/user status 11 b.1.5 card to include payroll number 24 b.1.6 card to include job title 8 b.1.7 card to include expiry date 4 b.1.8 card to include department 57 b.1.9 card to include student number 13 b.2 card to include barcode b.2.1 Easier reading of barcode by scanner 242 b.3 card should be secure b.3.1 card not easily copied 99 b.3.2 card should have features that prevent sharing 34 b.3.3 card to include pin 76 b.3.4 card should have multiple security feature 31 b.4 card to include ucl branding 208 b.5 easy identification/card is clear looking 13 b.6 card should be sturdy/robust b.6.1 card should lasts for 5 or more years 9 b.7 card should be attractive 49 c to improve security and access control in UCL c.1 ensure appropriate access for each individual c.1.1 must stop at the end of the last day of service 29 c.1.2 must work until the last day of service 108 c.2 control access to ucl buildings c.2.1 control access to departments 12 c.2.2 control access to library 21 c.2.3 control access to Bloomsbury 53 c.2.4 to access Kathleen Lonsdale 8 c.2.5 control access to departmental offices 8 c.2.6 control access to private offices 8 c.2.7 control access to high hazard area 8 c.2.8 control access to computer cluster 4 c.2.9 control access to rooms 8 c.2.10 control access to exam venues 8 c.3 enable visual checking c.3.1 enable photo visual checks 11 c.3.2 visual checking cardholder's role 195 c.4 access control to include movement tracking/logs c.4.1 movement tracking in buildings other than library 49 c.4.2 movement tracking/logs in the library 4 c.4.3 enable alumni tracking 8 c.4.4 use card to mark attendance 12 c.4.5 clocking in and out 24 c.4.6 clear policies on movement tracking/logs 27 c.5 increase access control to buildings c.5.1 easy to install new readers 122 d improve processes d.1 faster issue of cards d.1.1 fast production of cards 330 d.1.2 many issue points 85 d.2 reduce queuing time d.2.1 staff do not go to HR for cards 60 d.2.2 distance arrangements for preparation of cards 184 d.2.3 appointment system to reduce queuing time 184 d.3 ID card status: Ability to check if a user has collected an ID card 184 d.4 easy to replace lost cards d.4.1 ucl shop to handle lost cards 38 d.5 granting access rights d.5.1 view and modify access rights, time of access, online, without card being present 78 d.5.2 activate and inactivate card 77 d.5.3 role-based method to grant access rights 144 d.5.4 close to real time update 76 d.5.5 reminders of access end dates 44 d.6 able to create access reports 75 d.7 procedures for dealing with fraud 75 e reduce cost e.1 save money on cards e.1.1 no longer require MRM smart cards 103 e.1.2 cheap x 10p item 223 e.1.3 card is reusable/recyclable 118 e.2 save processing time 143 e.3 reduce paper trials 24 f compatible with existing administrative systems f.1 compatible with Bloomsbury system (Gladstone MRM) 35 f.2 compatible with library systems f.2.1 compatible with library barcode 188 f.2.2 compatible with library management system 32 f.3 compatible with HR system 37 f.4 compatible with UPI f.4.1 map user identity to UPI (INCLUDING group memberships and roles) 135 f.5 compatible with current network infrastructure 199 f.6 impact to other systems f.6.1 UPI 177 f.6.2 portico 37 f.6.3 does not interface with HR directly 21 g better data quality g.1 centralised management of access and identification information g.1.1 card must have unique id 120 g.1.2 data should not be duplicated 295 g.2 export data to other systems g.2.1 export data to student system 291 g.2.2 export data to library (access card changes, leavers, barcode) 189 g.2.3 export data to staff system 252 g.3 import data from other systems g.3.1 import data from staff and student systems 366 g.3.2 import photo from registry 366 g.4 data access: able to view, update, delete remotely and securely g.4.1 able to view data from any computer 99 g.4.2 update/delete data 35 g.4.3 enter data 123 g.4.4 authorised access with firewalls and time limitations 30 g.4.5 ensure secure data storage 79 g.5 clear policies on use of access data 27 h extensible for future features h.1 include digital certificate 75 h.2 include payment mechanism h.2.1 use as bank card 158 h.2.2 combine with photocopy card 13 h.2.3 used for cashless vending 99 h.2.4 oyster card 276 h.3 used for computer logon 99 h.4 upgradable (software revisions) 27 h.5 increase security h.5.1 thumb reader 7000 i project delivery activities i.1 supplier support i.1.1 5 years minimum 70 i.1.2 Support virtual machine environment 137 i.1.3 card readers 13 i.1.4 card printers 13 i.2 technical documents i.2.1 all software 27 i.2.2 business rules document 27 i.2.3 requirements document 27 i.2.4 design document 27 i.2.5 documented processes of dependent systems 27 i.2.6 technical document for upi 27 i.3 project management activities i.3.1 requirements management 39 i.3.2 change management 59 i.3.3 quality management 23 i.3.4 budget management 25 i.3.5 development 152 i.3.6 maintenance 123 j technical constraints j.1 fail safe j.1.1 failure does not restrict access 223 j.1.2 safe in case of power failure 19 j.2 conform to standards and legislations j.2.1 technical architecture standards 47 j.2.2 management system standards 27 j.2.3 security standards 27 j.2.4 health and safety legislations 52 j.3 technology j.3.1 no change to existing technology approach 11 j.3.2 smart card technology 81 j.3.3 not constrained by card solution 15 j.3.4 card printers technology 58 j.4 lifecycle j.4.1 5 years 26 j.5 reliable j.5.1 antivirus 20 j.5.2 reliable such that people can open doors 373 j.5.3 software interface 254 j.5.4 continue operation 262 j.5.5 secure network 16 j.6 available j.6.1 server software run in a virtual machine environme 23 j.6.2 working without interruption for 100 days 316 j.6.3 data backup 342 j.6.4 switch to standby system in the event of a hardware fail 46 j.7 network infrastructure j.7.1 cabling 66 j.7.2 landswitch 66 j.8 be capable of having direct printing to both sides of the card, which will include the library barcode 119 j.9 the chosen manufacturer must have a proven tracker record within Institutions with Access Control, ID Pass Production, ODBC, Smart Card technologies. 184 j.10 photo ID Pass Software must be an embedded feature of the Access control Software and only require software/licence upgrades. 161 j.11 The system manufacturer MUST be a Microsoft™ Certified Partner. 27 j.12 the system MUST utilise Microsoft™ Windows 2000 and/or XP Operating System. 31 j.13 the Database platform MUST support Microsoft™ SQL Server and/or Oracle Server. 27