Home | Auxiliary and Service Departments | Athletics (NCAA) | Game Plan: Evaluating Athletics Facility Security and Access
Blue Logo for ACUA with the text Journal Articles

Game Plan: Evaluating Athletics Facility Security and Access

Publication Date: June 26, 2025

By Candice Lewis and Marie Jackson, ACUA Sidelines Committee

Being a college athletics fan means being a part of something bigger than yourself. It’s about finding community and being a part of a shared experience with your fellow fans for those few hours when time stops but the game clock ticks down. It means retracing your steps on campus, reminiscing about years past, and revisiting traditions that you never seem to outgrow.

In this new era of college athletics, schools build on those feelings of nostalgia and use technology and social media to provide all-access passes to our favorite teams. Sports marketing teams share behind-the-scenes looks at the newest facility upgrades. Student-athletes share their workouts, nutrition tips, and “outfit-of-the-day” videos. Coaches speak on podcasts and break down plays. As schools look to partner more with alumni and donors in the new age of Name, Image, and Likeness (NIL), it becomes increasingly important to craft positive fan experiences. But how can schools boost fan engagement and provide innovative experiences while balancing security and access to protect our student-athletes, staff, and facilities?

This article will highlight some best practices for both routine as well as game day security and access. Your internal audit function can help your athletics department assess their approach to evaluating safety and security, including utilizing campus and third-party experts when needed. Remember that a comprehensive security plan will include physical security, operational security, and cyber security. This article will focus on suggested best practices for physical and operational security for on-campus events and hopefully will get you thinking about how to leverage these concepts for off-campus and cyber-related processes and controls

Ongoing Safety and Security

Academic institutions hold the utmost responsibility to provide a safe environment for their students, staff, and fans. The very nature of campuses, which are generally accessible to the community-at-large, creates additional complexities when planning for security and limiting access to restricted spaces. Poor security practices can significantly impact brand reputation and increase the potential for legal liabilities, so thinking about safety measures is a critical exercise for colleges and universities.

On any given day, access management is crucial to ensuring the ongoing security of athletic facilities and the safety of those that use them. An internal audit review of access management could include:

  • Ensure appropriate processes are in place to grant, manage, and terminate access (both physical keys and digital IDs). Evaluate policies and procedures for administering access, and ensure those policies include guests and third parties (e.g., guidelines for accompanying visiting recruits and their families, or temporary access and credentials for vendors, multimedia partners, press, etc.).
  • Determine who manages this access, and whether campus staff provide any support in this area. Athletics should have practices to effectively and timely address employee terminations, vendor terminations, and changes in student status. Communication protocols in place should ensure ongoing collaboration between campus and athletics staff.
  • Athletics facilities staff should develop a risk-based approach to restricting access and should equip entry points with physical or electronic locks. Entry access controls should include consideration of field gates, parking areas, stairwells, locker rooms, practice facilities, utilities, IT, electrical and mechanical spaces, and media and operation centers. Security alarms may also provide an additional layer of protection in these spaces to deter, detect, and notify staff of intrusions.
  • Evaluate the use of emerging technologies such as facial recognition. Many campuses are using biometric authentication to manage both access to facilities, and to admit fans through entry gates. Consider both security merchant contracts and user agreement terms related to data privacy, collection, and use of data.

Schools rely on security and facility staff to promote safe and secure spaces on their campuses. Here are some best practices to consider when evaluating security operations on your campus:

  • Use of initial and routine background checks for security staff. Consider the timing and renewal of these checks for employees, and in what way Athletics utilizes contracted security companies.
  • Obtain and review incident reporting and communication protocols. Evaluate whether Athletics effectively documents, communicates, and trains security staff on how, to whom, and in what timeframe they should report incidents.
  • Consider ongoing threat assessment practices, and coordination with campus leaders and campus police to ensure consistent application of protocols for gathering information and analyzing and assessing potential threats.
  • Video surveillance is a key component of security operations, and athletics should consider using and monitoring camera footage for athletics event management. Schools should have a policy in place governing the use of both cameras and footage which should include viewing, retention, and release guidance.
  • Determine whether trainings and drills are performed for evacuations, lockdowns, active shooter situations, etc. Verify there is an understanding of emergency management roles and responsibilities, and opportunities to identify shortcomings and enhance processes.
  • Consider cybersecurity risks that are unique to athletics. Network or application outages could affect security systems, parking access, concessions sales, scoreboards, electronic banners, spirit wear sales, fan ticketing, and facial recognition. Additionally, Athletics often uses unique vendor applications not used elsewhere in the university. Conducting an application inventory audit could be a great project for your department and could include data classification and storage, and application user access management.

The following athletics venue and facility risks should be considered:

  • Older stadiums and facilities were not designed with modern day safety and security threats in mind. Ongoing assessment of electrical and mechanical systems, screening systems, evacuation plans, accessibility, and other security technologies is a best practice to continually improve the safety and user experience within facilities.
  • Evaluate non-event credentialing processes for venue staff, security, and vehicles to control and restrict access to appropriate areas within the venue. This is a complex exercise with multiple groups needing unique access (e.g., equipment managers, sports medicine trainers, contractors, volunteers, campus recreation, visitors, and sport camp attendees).
  • Consider the “empty state” of venues, facilities, and fields and how Athletics incorporates closing processes, sweeps, and cameras both within the venue and outside (e.g., attached parking and other spaces included in defined security boundaries). For those schools that rent out facilities or premium spaces for non-athletic events, consider how Athletics is securing those spaces after rentals.

Remember to include adjacent spaces as appropriate. These could include practice facilities, mobile or attached operation centers, broadcast and production facilities, school-sponsored tailgates, and museums.

Gameday Preparations

The safety and security of athletic venues becomes even more critical on game day. As your university prepares to host thousands of visiting fans, opposing team players and coaches, and game day staff, it is essential to ensure appropriate controls are in place for a fun and safe game day experience. Whether you are preparing for an audit or assisting with a review, consider the following points. Note that this list is not exhaustive and each game situation is unique and may require modified or additional controls.

Game day preparations begin way before the first tip of the ball, whistle by the referee, or points scored by the home team. Key coordination and pre-game preparation considerations undertaken by Athletics often include:

  • Game day safety and security requires coordinating multiple safety oversight units, agencies, and processes. University departments such as Athletics, Public Safety, Event Services, Emergency Management, and the Police Department must work with local law enforcement agencies, fire departments, emergency medical personnel, and any contracted security.
  • Ensure proper contracts are in place with external agencies where needed.
  • Verify that all key personnel from other agencies use the correct radio channels and communication methods.
  • Train all personnel in the correct university procedures and review game day operation plans and emergency action plans.
  • Hold pre-game safety meetings with key personnel to review game day events and important information.
  • Conduct tabletop exercises to walk through responses to potential game day risks.
  • Establish command centers both on-site and off-site (if feasible). The off-site command centers allow access to resources if the on-site command center goes offline. These centers should have access to all mentioned resources, personnel, security cameras, weather data, and other agency data as needed.

Athletics personnel should conduct a pre-game security sweep to ensure the venue is secure before players, coaches, and fans enter the venue. Key activities include:

  • Ensure all personnel in the venue prior to the game have proper uniforms and credentials visible. The credentialling process should include a secure storage location and ID verification prior to release. A good example of a credentialing control is the numbered photographer vests seen on the sidelines of conference tournament games.
  • Require University employees, vendors, and outside agencies to enter through authorized entrances, keeping other entrances locked or guarded by security personnel.
  • Place security personnel at key locations, such as all unlocked entrances, locker room entrances, and field access locations, to ensure only authorized personnel gain access.
  • If feasible, use a K-9 explosives detection team to sweep the entire venue, team buses, and any vendors and deliveries that enter after the original sweep.

Physical Security

As fans start arriving the excitement starts to build, and the game day experience begins. Athletics personnel should make additional efforts to ensure a safe and secure environment.

Traffic management controls should be coordinated between the university and local authorities so that fans can arrive at the game on time and depart safely. Implement a game day traffic flow with clear traffic patterns, directions, and signage. Consider non- motorized traffic such as foot or bike. There may also be mass transit routes to accommodate shuttle buses from park and ride lots.

Gate security includes ensuring barriers or barricades, such as concrete posts, are strategically placed to prevent motorized traffic from entering restricted areas. Ensure all gates have security present and gates not in use are locked. Once the gates are open to the public, patrons may go through metal detectors and have bag checks performed by trained personnel to ensure unallowable or dangerous items are not brought into the venue. Consider implementing a clear bag policy to enhance and ease the bag check process.

Field/court and locker-room security is necessary to keep coaches and student athletes safe. Consider using a credentialing process for field/court and locker room access that prevents unauthorized individuals from entering the areas. Security personnel should be positioned at all entry points to field/court to prevent unauthorized access and respond to situations as they arise.

Police/Security/EMS personnel should beproperly stationed at key locations throughout the venue to provide safety and assist patrons, act as a crime deterrent, and have access to resources as needed. They should provide on-going game day security sweeps.

Camera coverage is beneficial in key areas such as parking lots, seating areas, and concourses can help ensure a safe and secure game day environment and assist command centers and security personnel.

Post-Game Considerations

After the game ends and fans are exiting the venue, there is still work to be done.

Rowdy fans or court/field celebrations can happen, especially during rivalry games. In the heat of the moment, fans can get overly excited and take actions such as court/field storming, which could put the safety of players, coaches, and fans at risk. To prepare for this, Universities should educate fans on the consequences, such as fines/penalties, of storming the court/field. There should be an emergency plan that includes standard emergency response codes (e.g., code blue), personnel, and action to be taken.

After the game has concluded and everyone has left the venue it is important for key personnel to hold an official post-game debrief to determine what went well and what didn’t. Lessons learned from this debrief should be implemented at future events to enhance the game day experience for everyone.

Conclusion

The ACUA Sidelines Committee hopes this article provides valuable insights into best practices for routine and game day security and access. As you plan future engagements, consider applying these principles to other on-campus events and event planning. Embracing a proactive and collaborative approach to reviewing and updating security and access protocols is a winning strategy!

About the Author

Candice Lewis, CIA rejoined Duke University's Office of Audit, Risk, and Compliance in 2021 after a career sabbatical to focus on family. With seven years of experience in higher education auditing and advisory services, she is an active member of the ACUA Athletics Sideline Committee. Prior to her current role, Candice was a senior auditor and audit manager at Duke. She began her career at Deloitte in Audit and Assurance. Candice holds a Bachelor of Science in Economics from UNC Chapel Hill and a Master of Science in Accountancy from UNC Wilmington.

Candice Lewis, CIA, rejoined Duke University’s Office of Audit, Risk, and Compliance in 2021 after a career sabbatical to focus on family. With seven years of experience in higher education auditing and advisory services, she is an active member of the ACUA Athletics Sideline Committee. Prior to her current role, Candice was a senior auditor and audit manager at Duke. She began her career at Deloitte in Audit and Assurance. Candice holds a Bachelor of Science in Economics from UNC Chapel Hill and a Master of Science in Accountancy from UNC Wilmington.

Marie Jackson, CIA started with Indiana University Internal Audit as an auditor in May 2008 and currently serves as the Associate Director of Operations Audit. Prior to joining IU, Marie worked for seven years at Walmart, Inc., as a staff and senior auditor. Marie holds a Bachelor of Science in Business from the IU Kelley School of Business. She is a member of the Institute of Internal Auditors, the Association of College and University Auditors (ACUA) and currently serves on the ACUA Athletics Sideline Committee.

Marie Jackson, CIA started with Indiana University Internal Audit as an auditor in May 2008 and currently serves as the Associate Director of Operations Audit. Prior to joining IU, Marie worked for seven years at Walmart, Inc., as a staff and senior auditor. Marie holds a Bachelor of Science in Business from the IU Kelley School of Business. She is a member of the Institute of Internal Auditors, the Association of College and University Auditors (ACUA) and currently serves on the ACUA Athletics Sideline Committee.

From This Issue