What standards apply to access control system maintenance in Australia?

AS 4178 covers the design, installation and maintenance of electronic access control systems in Australia. AS 1670.1 governs the integration of access control with fire detection and alarm systems, including the requirement for controlled locks to release on fire alarm activation to ensure safe egress. The Building Code of Australia (NCC) sets requirements for egress paths that affect fail-safe lock configuration. The Privacy Act 1988 and Australian Privacy Principles apply to the collection and storage of biometric data and access event logs. While these standards do not prescribe specific inspection frequencies, they establish the performance requirements that inspections should verify.

How often should an access control system be inspected?

A comprehensive access control system inspection should be performed at least quarterly, covering all readers, locks, sensors, panels, software, credentials, audit logs, power backup and system integrations. High-security and high-traffic openings should receive monthly spot checks. Lock holding force testing should be performed annually. Battery backup should be tested quarterly. Credential database reviews should occur monthly or with each staff change. After security incidents, system upgrades or building modifications affecting controlled openings, a targeted inspection should be performed immediately.

What is the difference between fail-safe and fail-secure locks?

Fail-safe locks (such as magnetic locks) release when power is removed, allowing the door to open freely during a power outage. This configuration is used on egress paths where occupants must be able to exit during emergencies, as required by the Building Code of Australia. Fail-secure locks (such as electric strikes) remain locked when power is removed, maintaining security during a power outage. The choice between fail-safe and fail-secure depends on the specific opening, its role in the egress path and the security requirement. During inspections, verify that each lock configuration matches the original fire and security design intent.

Why is credential database review important during access control inspections?

Credential databases accumulate dormant and outdated entries over time as staff leave, visitors depart and contractors finish assignments. Each active credential for a person who should no longer have access represents a security vulnerability. Former employees may retain access cards, and their credentials will continue to grant entry until removed from the system. Monthly or quarterly credential reviews during inspections identify these accounts for deactivation. Best practice is to integrate credential management with the HR system so that employee terminations automatically trigger credential deactivation, but manual review during inspections provides a safety net.

Is this access control system inspection checklist free to download?

Yes. This access control system inspection checklist is completely free to download and use. Open the template in your browser and print or save as PDF. No account or sign-up is required. If you want to digitise inspections with automatic scheduling, photo capture and compliance dashboards, MapTrack can help. Book a free demo to see how it works for your operation.

Free access control system inspection checklist

Jump to download form ↓

Enter your email below to download this access control system inspection checklist as a ready-to-use PDF.

Free access control system inspection checklist (PDF-ready). Card readers, electric locks, controllers, wiring, backup power and audit log verification.

Jarrod Milford

Commercial Director

Updated 3 May 2026

How to use: download the PDF, print or complete digitally on any device.

✓PDF format, ready to print or fill on screen
✓Use as-is or customise to suit your operation
✓Go digital in MapTrack for photos, alerts and audit trails

See template in action →

Download free PDF template

Trusted by teams across Australia and New Zealand

We respect your privacy. Unsubscribe anytime.

Preview the template

See the first part of the access control system inspection checklist below. Download the full version above.

Download to get full template →

What is a access control system inspection checklist?

An access control system inspection checklist is a structured document used to verify that all components of an electronic access control system are functioning correctly, providing reliable entry management, accurate audit logging and appropriate security for the facility. The checklist covers card readers, biometric scanners and keypads at each controlled entry point, electric locks (magnetic locks, electric strikes, motorised locks), door position sensors and request-to-exit (REX) devices, access control panels and controllers, system software configuration and user credential management, audit log integrity and storage, cabling and network infrastructure, power supply and battery backup testing, integration with CCTV and alarm systems, and physical condition of doors, frames and hardware at each controlled opening.

Access control systems are a critical layer of physical security for commercial buildings, industrial sites, data centres, healthcare facilities and government premises. Unlike a simple lock-and-key arrangement, electronic access control provides granular control over who can enter which areas, at what times, and creates an auditable record of every entry event. However, these systems contain multiple interdependent components that can fail independently. A card reader may become unresponsive, a magnetic lock may lose holding force, a door sensor may stick in the wrong state, a controller may lose its programming after a power event, or credential databases may become outdated as staff join and leave the organisation. Regular documented inspections ensure that every controlled opening operates as intended, that the audit trail is complete and accurate, and that backup power will sustain the system during a mains outage.

Learn more about maintenance and work orders in MapTrack.

Benefits of using this access control system inspection checklist

Security assurance: systematic inspection of every controlled opening confirms that all readers, locks and sensors are functioning correctly, preventing unauthorised access through failed components.
Audit trail integrity: verifying that the system is logging all access events accurately supports compliance obligations, incident investigations and forensic analysis.
Proactive fault detection: identifying degraded card readers, weak magnetic locks, failing door sensors and low backup batteries before they cause security breaches or lockout events.
Credential hygiene: reviewing the active credential database during inspections identifies accounts for former staff, expired visitors and unused credentials that represent security vulnerabilities.
Integration reliability: testing the integration between access control, CCTV and alarm systems ensures that a door forced open triggers the correct camera recording and alarm notification.
Compliance support: documented inspection records demonstrate due diligence for insurance, workplace health and safety obligations, data centre certification (e.g. ISO 27001) and industry-specific security requirements.

Benefits of digitising forms in MapTrack

When you digitise access control system checklists in MapTrack, you get:

Field users can easily scan a QR code to complete a form on mobile. Unlimited users.
Automatically get alerts when faults are identified.
Link every form digitally as a PDF to the relevant asset, location or person.
Receive a digital PDF copy with every submission to your email.
Ability to share forms digitally.
Build conditional logic (show or hide questions based on answers).
Take pictures or attach photos. Not possible with a paper-based form.
Electronic signatures.
Edit forms later without reprinting.
Restrict permissions (who can view, complete or approve).
Build forms with AI (describe what you need and MapTrack suggests the form).
Trigger work orders automatically when a fault is logged during an inspection.
Track service intervals by hours, kilometres or calendar date in one place.
Attach supplier invoices and parts receipts to each maintenance record.

Book a demo to see how MapTrack handles access control system checklists.

Try MapTrack free for 30 days

Full access to every feature. No credit card required. Per-asset pricing so you scale as your fleet grows.

Start free trial

No credit card required
30 days free trial
Cancel anytime

What to include in a access control system inspection checklist

This access control system inspection checklist covers 9 key areas:

Card readers and input devices: test each card reader, biometric scanner and keypad for responsiveness, verify credentials grant and deny access correctly, check for physical damage or tampering.
Electric locks: test magnetic lock holding force (should meet the rated specification, typically 270 kg to 545 kg), test electric strike operation, verify fail-safe or fail-secure configuration matches the fire and security design intent.
Door hardware and sensors: inspect door closers for correct operation and closing speed, check door position sensors (reed switches or contacts) for correct state indication, test request-to-exit (REX) devices and push-to-exit buttons.
Access control panels: verify each panel is powered on, communicating with the head-end server, and has current firmware, check panel battery backup voltage, inspect panel enclosure for tamper evidence.
System software and credentials: verify the access control software is running correctly, review the active credential database for expired or unused accounts, confirm access schedules and time zones are correctly configured.
Audit logs: verify that access events (granted, denied, door forced, door held) are being logged correctly with timestamps, confirm log storage meets the retention requirement.
Cabling and network: inspect all data, power and lock wiring for damage, loose connections and correct labelling, verify network connectivity between panels and the head-end server.
Power supply and backup: test main power supply output, verify battery backup engages when mains power is interrupted, measure backup battery voltage under load, check UPS runtime capacity.
Integration: test integration with CCTV (verify camera triggers on access events), test integration with alarm system (verify alarm on door forced or door held open), test fire alarm integration (verify locks release on fire alarm activation).

How to use this access control system inspection checklist

Prepare the inspection by gathering the access control system layout, door schedule, credential policy and the previous inspection report. Notify security and building management of the inspection.: Obtain the system documentation showing all controlled openings, their lock types, reader types and panel assignments. Review the previous inspection report for outstanding defects. Notify the security control room and building management that inspections will involve testing locks, alarms and fire integration, which may trigger alerts. Carry test credentials (valid and invalid) and any tools required for panel access.
Test each controlled opening: present a valid credential to the reader, verify the lock releases and the door opens, then present an invalid credential and verify access is denied. Check door closer operation and sensor state.: At each controlled opening, present a valid test credential and verify the reader indicates acceptance (LED, beep), the lock releases within 1 to 2 seconds, and the door opens freely. Present an invalid or expired credential and verify access is denied. Check that the door closer pulls the door fully closed and latched within the specified time (typically 5 to 10 seconds). Verify the door position sensor correctly reports open and closed states on the system. Test the REX device and confirm it releases the lock from inside.
Inspect the physical condition of each reader, lock, door frame and hardware. Check for tamper evidence, damage, corrosion or loose mounting.: Inspect each card reader or biometric scanner for cracks, loose mounting screws, exposed wiring or signs of tampering (pry marks, adhesive residue from skimming devices). Check magnetic lock mounting plates and armature plates for alignment and air gap. Inspect electric strikes for debris or corrosion in the keeper. Check door frames for warping, damaged weather seals or gaps that could allow the door to be bypassed. Inspect hinges for wear, loose pins or modifications.
Inspect each access control panel: verify power, communication status, firmware version and battery backup. Test battery backup by simulating mains power interruption.: Open each panel enclosure (verify tamper switch triggers an alert) and inspect for signs of moisture, rodent damage or loose wiring. Verify the panel status LEDs indicate normal operation and communication with the head-end server. Record the firmware version and note any panels requiring updates. Measure the backup battery voltage (typically 12V or 24V sealed lead-acid) and compare against the minimum threshold. Disconnect mains power briefly to verify the panel switches to battery backup without interruption. Reconnect mains and confirm the panel resumes normal operation.
Review system software, credential database and audit logs. Test CCTV and alarm integration. Test fire alarm release integration. Document all findings and create corrective actions.: Log in to the access control management software and verify the system is operating normally with all panels online. Review the active credential database for accounts belonging to former staff, expired visitor passes and dormant credentials. Verify access schedules and time zones are correctly configured. Check audit logs for completeness and confirm the retention period meets organisational requirements. Test CCTV integration by triggering an access event and confirming the associated camera records. Test alarm integration by simulating a door-forced event. Test fire alarm integration by coordinating with the fire system to verify controlled locks release on alarm activation. Document all findings and create corrective action items for failures.

In MapTrack, you can schedule and track maintenance digitally. Each submission is stored as a timestamped PDF against the asset record.

Get the free template

Enter your email above to download the full access control system inspection checklist as a PDF.

Back to download form

How often should you complete this checklist?

Access control systems should receive a comprehensive inspection at least quarterly, with monthly spot checks on high-security or high-traffic openings. Critical facilities such as data centres, financial institutions, healthcare facilities and government buildings may require monthly comprehensive inspections. Lock holding force should be tested annually using a calibrated pull gauge. Battery backup systems should be tested quarterly and batteries replaced on a preventive schedule (typically every 3 to 5 years for sealed lead-acid batteries).

Credential database reviews should be conducted monthly or whenever staff changes occur. Audit log integrity should be verified quarterly. Integration testing with CCTV and alarm systems should be included in every comprehensive inspection. After any security incident, system upgrade or building modification that affects controlled openings, a targeted inspection should be performed before the affected areas return to normal operation. In MapTrack, configure calendar-based maintenance triggers to automate inspection work orders at quarterly intervals for each access control zone.

Frequently asked questions

What standards apply to access control system maintenance in Australia?: AS 4178 covers the design, installation and maintenance of electronic access control systems in Australia. AS 1670.1 governs the integration of access control with fire detection and alarm systems, including the requirement for controlled locks to release on fire alarm activation to ensure safe egress. The Building Code of Australia (NCC) sets requirements for egress paths that affect fail-safe lock configuration. The Privacy Act 1988 and Australian Privacy Principles apply to the collection and storage of biometric data and access event logs. While these standards do not prescribe specific inspection frequencies, they establish the performance requirements that inspections should verify.
How often should an access control system be inspected?: A comprehensive access control system inspection should be performed at least quarterly, covering all readers, locks, sensors, panels, software, credentials, audit logs, power backup and system integrations. High-security and high-traffic openings should receive monthly spot checks. Lock holding force testing should be performed annually. Battery backup should be tested quarterly. Credential database reviews should occur monthly or with each staff change. After security incidents, system upgrades or building modifications affecting controlled openings, a targeted inspection should be performed immediately.
What is the difference between fail-safe and fail-secure locks?: Fail-safe locks (such as magnetic locks) release when power is removed, allowing the door to open freely during a power outage. This configuration is used on egress paths where occupants must be able to exit during emergencies, as required by the Building Code of Australia. Fail-secure locks (such as electric strikes) remain locked when power is removed, maintaining security during a power outage. The choice between fail-safe and fail-secure depends on the specific opening, its role in the egress path and the security requirement. During inspections, verify that each lock configuration matches the original fire and security design intent.
Why is credential database review important during access control inspections?: Credential databases accumulate dormant and outdated entries over time as staff leave, visitors depart and contractors finish assignments. Each active credential for a person who should no longer have access represents a security vulnerability. Former employees may retain access cards, and their credentials will continue to grant entry until removed from the system. Monthly or quarterly credential reviews during inspections identify these accounts for deactivation. Best practice is to integrate credential management with the HR system so that employee terminations automatically trigger credential deactivation, but manual review during inspections provides a safety net.
Is this access control system inspection checklist free to download?: Yes. This access control system inspection checklist is completely free to download and use. Open the template in your browser and print or save as PDF. No account or sign-up is required. If you want to digitise inspections with automatic scheduling, photo capture and compliance dashboards, MapTrack can help. Book a free demo to see how it works for your operation.

Applicable regulatory standards

This template aligns with the following regulations and standards:

AS 4178 (Access Control - Design and installation)
AS 1670.1 (Fire detection, warning, control and intercom systems)
BCA/NCC (Building Code of Australia - egress requirements for fail-safe locks)
Privacy Act 1988 (Cth) - handling of biometric and access log data

Need to schedule and track maintenance digitally?

Register every access control system in MapTrack, attach digital forms, and get a complete history of every inspection, service and compliance record.

Start free trial Book a demo

Maintenance and work orders · All templates · Pricing · Book a demo