Skip to Content


Emergency Management
3.11 Collections Security: Planning and Prevention for Libraries and Archives


Many archives and libraries fail to recognize the vulnerability of their collections to loss. Collections can be threatened not just by theft and vandalism, but by disasters (e.g., fire or flood) and damage from careless handling or poor environmental conditions. Any repository seeking to provide the best possible security for its collections must put in place coordinated policies that address all of these threats. Since other leaflets in this series can be consulted for information on disaster planning, environmental control, and proper storage and handling, this leaflet will focus on the problems traditionally associated with collections security: theft and vandalism.

Most library and archives staff members have heard stories describing trusted patrons, other outsiders, or even valued staff who have pilfered collections (for personal gain, to add to private collections, or perhaps for moral or ethical reasons), but many do not believe such things could happen in their repository. While most libraries and archives have basic security policies, universal enforcement can be difficult. Some patrons (and indeed some staff) see security measures as unnecessary inconveniences.

If a security program is to be effective, there must be widespread understanding of the importance of security to the mission of the repository. It seems obvious that missing or damaged collections cannot be made available for use, but too often staff and management do not recognize the occurrence or the effects of theft and vandalism. It is important to understand that while some damage or loss can be alleviated (for example, a stolen journal might be replaced through purchase, books missing in one library may be loaned from another, or missing pages may be photocopied), other materials may be irreplaceable (if the material is unique, rare, or difficult and expensive to replace).

This leaflet will discuss strategies for preventing theft and vandalism of collections, responding to any breach of security that might occur, and creating an effective, universally enforced security plan.

Security Planning

If collections are to be protected against loss, libraries and archives must consider security as a management issue deserving a serious investment of resources. Security planning must be supported at the highest level of the institution. A collections security plan will be most effective if it is coordinated among the various departments and/or areas of activity involved in maintaining security. Such coordination can be a challenge, to say the least, so long-term institutional commitment is essential. Activities that may have a security component include proper collection storage, cataloging or processing, circulation, reference services, special events, building maintenance, staff training, insurance, and conservation services.

Basic Components of Security Planning

  1. Prepare a written security policy. If appropriate, form a security planning group to help develop policies and procedures. Always insure that the policy is endorsed at the highest managerial level.
  2. Appoint a security manager to develop and implement your security plan.
  3. Perform a security survey to assess your needs.
  4. Initiate preventive measures:
    • Eliminate weaknesses to insure the security of the building.
    • Install appropriate security systems.
    • Insure that collection storage is secure and that good records are kept.
    • Establish patron regulations.
    • Establish staff regulations.
  5. Identify likely emergencies and plan your response to any breach of security. Tell staff what to do, practice response plans, and coordinate plans with outside officials.
  6. Maintain and update your security plan.

These planning elements are discussed in more detail below. While specific security measures may differ from repository to repository, depending on the institution's size and available resources, this planning process is appropriate for any repository.

The Security Policy

Every cultural institution should develop a written security policy that underlines a commitment to security management. The policy should include a statement supporting security planning, prevention of incidents, and the implementation of response procedures. Staff in all areas of the organization should be involved in drafting both policy and procedures. An important part of the security program will be regular policy review and updating.

The Security Manager

A security manager should be appointed to coordinate security planning. In smaller institutions, a staff member may be assigned this responsibility along with many others; in a large repository this might be a full-time position. Particularly in the case of a part-time security manager, security responsibilities should be clearly stated and incorporated into the staff member's job description. A certain amount of time should be set aside for that person to work on the security program. The security manager should prepare regular assessments of the program and work to improve systems and procedures as needed.

The security manager will need to work with all staff members that have contact with the collection. The appointee must have direct access to the institution's director, and sufficient authority both to coordinate preventive efforts among the staff and to act during a security emergency.

The Security Survey

Before initiating or upgrading a security program, an assessment of current and projected needs is recommended. The security manager should make a systematic study of the facility and its operations. This survey should evaluate current security policies and procedures, identify potential areas of risk, and rank security threats according to the probability of occurrence. This will allow the institution to concentrate on the most serious problems first, and it will assist in long-term planning and budgeting.

A survey looks at the following: 1) external perimeter and interior areas for inadequacies, such as proximity to other facilities which pose a risk, inappropriate intrusion detection and signaling, poor lighting, poor sight lines, and inadequate locks; 2) current polices and procedures for use of the collection by staff and patrons, including patron registration, reading room procedures, staff access to the collection, and key control; 3) collection protection in storage, in transit, and on exhibition; and 4) any past problems and concerns identified by staff or others.

Preventive Measures

Once a survey has been completed, it is likely that improvements in preventive security measures will be needed. Activities designed to prevent loss or damage fall into several categories: external and internal building security, patron regulations, and staff regulations. Each will be addressed below.

Building Security

The building and collection must be secured both during and after normal working hours. Unauthorized entrance to the building and unauthorized removal of collection material from the building must be prevented.

The perimeter of a building can be protected in various ways, ranging from the use of door and window locks to more expensive strategies like the posting of security guards and/or installation of an automated security system.

Internal building security is important both during and after working hours. Most institutions should have a security room to protect valuable items when they are not being used; this room should be secured even when the repository is open, and the number of personnel having access should be strictly limited. Valuable materials should always be stored in this room when the repository is closed.

Automated security systems are discussed separately in the following section. Other strategies for upgrading building security include:

  • Installing high-quality, heavy-duty locks, dead bolts, and hinges on all exterior doors.
  • Installing grills or screens on ground-floor windows.
  • Requiring patrons and staff to enter and exit the building by one door, which is monitored at all times.
  • If appropriate, installing a book security system (this is NOT appropriate for rare or unique materials such as those found in archival and historical collections, but it is normally used for general circulating collections).
  • If the collection is located in a library or building with easy access, storing the collection in a locked room and limiting access to the key. Ideally, the room should have no windows, a solid door that opens out, a minimum one-inch dead bolt, and pinned hinges. Door buzzers and alarms are recommended.
  • Employing one or more security guards to patrol the repository after closing.
  • Insuring that alarms (fire, etc.) are always secured, tamper proof, and located away from the main stream of traffic, to prevent accidental false alarms or deliberate use of an alarm to distract from a theft in process.
  • Taking steps to prevent removal, or duplication of keys, insuring that keys are returned when employees leave, and changing all locks periodically.
  • Installing after-hours security lighting.

Security Systems

An automated security system serves three main purposes. First, the mere presence of a system can act as a deterrent to crime. Second, if an intrusion occurs, it will be detected. Finally, the system will notify appropriate personnel, making apprehension of the intruder possible.

There are additional advantages: modern alarm installations are relatively inexpensive; other alarms (water alert, fire, power outage, temperature) may be connected to the security control panel; an alarm system can provide two-way communication (opening and closing of gates, arming devices, etc.); recorded data can be used to produce management logs (status summaries, alarm summaries, entry and exit reports, etc.), and most systems are expandable, so it is easy to start with the basics.

Despite these advantages, an automated system should never be an institution's only protection. Since most thefts occur during working hours and occur because of human errors, it is essential to have a broad-based security plan that includes strategies for protecting collections during use.

How Security Systems Work
A basic security system will secure vulnerable perimeter access points such as doors and windows, and it will protect interior spaces via interior motion detectors that monitor movement inside the premises. An electronic security system includes sensors, a control panel (which interprets the report from the sensors and decides whether or not to activate the reporting devices), and reporting devices (which might be a traditional alarm or a signal to a security company monitoring the system).

In order to insure response to an alarm, you must have the security system monitored 24 hours a day by the monitoring station. If you use a local signal only, you must rely on a neighbor to call authorities when the alarm sounds. Costs for a monitoring system normally include a monthly fee plus telephone charges and can be arranged through your alarm installation company. While there are a number of companies that install and monitor their own accounts, there are many more that install systems and contract with a third-party monitoring facility.

How to Contract for a Security System
A qualified company should perform a site inspection and discuss your individual security needs. Each repository is unique and the system should be tailored to fit your needs and price range. The company should provide you with an evaluation of your premises, highlighting the measures you can take to improve the security of your institution over and above the addition of an electronic alarm system.

A great deal can be learned about a company through its sales representative. A sales representative should be knowledgeable about all areas of the alarm industry. It is this person's job to "tailor" a system that will provide the level of protection needed with as little disruption as possible to the facility. This can generally be accomplished through an effective system design.

When comparing companies, be sure to make a true comparison by thoroughly reviewing the number and types of products being installed.

Remember that alarm companies tend to concentrate on night-time protection, without any thought to a public institution's vulnerability during daytime visiting hours. If your security survey has been complete, and the findings incorporated into your plans, you will be better prepared to discuss specific needs and design options with the alarm company.

Always carry out periodic tests of the system to insure that it is in proper working order at all times.

Security Guards

The use of security guards may be appropriate in some situations. All staff members (including general staff, management, custodial workers, grounds keepers, and volunteers) will still need to participate in maintaining security, but guards can be a valuable supplement to staff efforts and their presence alone may deter theft and/or vandalism.

It is important for an institution to specify its needs, communicate them clearly to the security guards, and supervise those personnel. This is true especially if services are contracted from a private company. It may also be advisable to incorporate incentives and penalties into the contract to insure that services are performed satisfactorily. The security manager must determine what equipment, instruction, and supervision the security personnel will receive. It is important to work with them to develop a daily schedule for monitoring institution activities and a mechanism for making regular reports.

Collection Management and Security

Collection management is an important aspect of security. It is difficult to verify that something is missing if collections are not properly cataloged. In the worst-case scenario, cataloging records and identification marks can help prove an object is the item in question and provide proof of rightful ownership. Detailed collection records can also help the archivist or librarian separate intrinsically valuable items for special storage or other special treatment. In addition, regular inventory of collections can identify missing items that might otherwise have been overlooked.

Specific collection management activities that will be helpful in maintaining security include:

  • Inventory your collection on a regular basis.
  • Ensure that storage areas are arranged for quick and easy inspection. As materials arrive in the repository, identify and segregate valuable and/or marketable materials (monetary or intrinsic value). It is best to store these items separately in a secure area and consider substituting photocopies or photographic reproductions for the originals for access purposes.
  • If valuable and/or marketable items will not be stored separately, place them in separate folders within the collection so they can be easily checked by a staff member. Create procedures to insure the collection is inspected for completeness before and after use.
  • Record a physical description of valuable materials to aid recovery and ensure pos itive identification should a theft occur. Provide insurance coverage for valuable materials.
  • Consider using some form of identification mark for the collection. This may not be an appropriate choice for materials with artifactual value, but may be useful in some situations.
  • Use call slips, sign-out sheets, computer systems, etc. to record and track the use of the collection during research, loan, exhibition, conservation, microfilming, etc.
  • Do not allow patrons access to unprocessed collections.
  • Remember that in-house finding aids provide important information for collection access. These are also at risk of theft and loss, so up-to-date copies should be stored safely in a remote location.

Patron Management

Archivists and librarians must maintain healthy patron relations while enforcing reasonable rules and procedures. It is unfortunate that there are many documented cases of "regulars" and trusted professionals gaining privileged access to the collection. Such researchers are often allowed to work without supervision and regular checking of personal effects or the materials being used. It is only later that the repository discovers a pattern of loss, often of the most valuable items. It is essential to remember that the safety of the collection must come first. The great majority of patrons will understand and abide by rules and procedures once the reasons for them are explained.

The cornerstones of managing the use of archival and special collections are supervision of patrons; inspection of patron belongings and of collection materials (before and after use); and the maintenance of records documenting the use of materials. Supervision and inspection will help to prevent theft and vandalism, and records that document use may be invaluable in a theft investigation. The U.S. National Archives currently retains these records for 25 years. If all of these activities are carried out routinely, patron use of collections can be well managed in even the smallest repository.

The following procedures apply to use of collections in an archives or a library special collection with a separate reading room, rather than for a general circulating collection:

Patron Access: Step-by-Step

  1. All patrons must be required to register:
    • Each patron should complete a Registration Form that asks for identifying information and information about research interests, and each patron should sign a logbook.
    • All patrons should be required to present photographic identification when they register. A staff member should monitor the registration procedure to ensure that the name appearing on the identification matches the one given on the registration materials.
    • If desired, a photographic ID may be retained from each patron until the research materials are returned. The ID should be attached to the completed registration form and stored in a secure place. At a large repository in-house ID might be issued for regular users.
  2. Perform a reference interview:
    • Record each patron's interests.
    • Discuss their research topic and evaluate their request.
    • Limit the amount of accessed material by assessing the patron's needs.
    • Scrutinize the patron's intentions.
    • Explain finding aids, catalogs, and services.
  3. Explain the rules for use of materials:
    • Allow only necessary research materials into the reading room. The repository should provide lockers or other secure storage for the personal effects of patrons (coats, briefcases, purses and oversize handbags, portfolios, etc.).
    • Separate from the tables all containers and personal effects that are allowed in the reading room.
    • Provide written guidelines for proper handling of materials (e.g., do not damage bindings, use pencil instead of pen when working, etc.).
    • Remind patrons to keep materials in the order in which they are found. Limit the number of boxes they can use at one time. Instruct patrons to put papers away each time they leave the reading room.
    • Explain how to use reference slips. All collection materials that are retrieved must have a slip, and patrons should be required to sign the slip(s).
    • Require patrons to sign a form stating that they understand and agree to comply with the rules for handling and use.
  4. Insure that the reading room is adequately staffed at all times. Ideally there should be two staff members so that one can retrieve materials while another supervises the patrons.
  5. Check each archival box for collation and completeness before and after it is used by patrons.
  6. Each time the patron leaves the reading room, inspect any personal materials that were allowed into the room.
  7. Inspect collections for sequencing and completeness before re-shelving. A retention schedule should be established to ensure that registration forms and reference slips are available if they are needed later for investigating a theft. Determine how long these records will be retained.

Patron Access in Small Repositories

The recommendations given above may seem difficult if not impossible to implement for small repositories with few staff members, such as historical societies (which are often staffed by volunteers) and public libraries (which are often responsible for managing both circulating and historical collections). With some effort (and institutional commitment), however, reasonable security can be provided even in a situation where staffing limitations make constant supervision of researchers difficult.

No matter how small or understaffed the archives or library is, patrons should be required to sign in and a record should be kept of the materials they use. It is often a good idea in situations like this to retain identification from the patron until they are finished working. This makes it less likely that they will leave the building with items from the collection. A secure locked drawer must be provided for storage of identification.

Regarding supervision, it is most important to provide an area where readers can be watched while they are working and where it is difficult for them to leave the building unobserved. In a historical society, patron visits should be scheduled when a volunteer is available. In a library where supervision cannot be provided in the special collections reading room, patrons should be required to work at a table in view of the general reference desk or other library personnel.

In a situation where constant supervision cannot be provided, it is crucial to check patrons' belongings when they exit the building and to inspect archival materials before and after use. This can be awkward, but it will be easier if the procedures and the reasons for them are clearly explained to patrons at the outset. Institutions are advised to get counsel to ensure full compliance with laws regarding privacy, search, and seizure. For historical book collections that do not contain unique or rare material, the use of a book security system may also be helpful.

Remember that the purpose of these procedures is not to inconvenience patrons, but rather to safeguard your collection and demonstrate to your patrons that these materials are important to your institution.

Staff Management

Involving all staff in planning efforts will increase the likelihood of a smoothly run, effective security program. Staff members who work with the public are an excellent source for input on how to improve security procedures, and they should be encouraged to contribute their ideas.

Training staff members to implement the security plan is essential, since the primary reason existing security procedures are not implemented is that staff members find it awkward or inconvenient to do so.

All staff must be instructed to enforce all rules, regulations, and procedures without exception. If exceptions are made routinely, a lax atmosphere conducive to theft and/or vandalism can develop. Staff should be trained in the techniques of observation. The room supervisor should not remain seated. It is essential to move around the reading room on a regular basis to observe as well as to provide assistance to the researchers. All chairs in the reading room should be facing the reading room supervisor and with clear sight lines. Chairs on both sides of the table make observation difficult.

While the importance of universal enforcement of security procedures must be communicated to staff, it is also essential that the staff is trained to deal with difficult situations that can make security procedures difficult to enforce. What should a staff member do if a patron refuses to provide registration information? if a patron refuses to have his/her belongings inspected? if a patron mishandles collections while working with them? If the repository does not have a professional security staff, it is a good idea to bring in a security professional to address these issues in a training session.

Unfortunately, another aspect of staff management is the protection of collections from theft by staff members themselves. There are some basic precautions that can be undertaken. Staff backgrounds can be checked before hiring; staff access to restricted areas can be limited; key control can be strictly enforced; staff belongings can be inspected when staff members exit the building; and staff can be required to sign in and out of the building, both during and after hours.

Responding to a Security Problem

Since it is impossible to prevent all theft and vandalism, it is important for a security plan to include procedures for responding to a security breach. This might be a loss that is discovered after the fact or it might be a theft in progress, and it might involve a researcher or even a staff member who is behaving suspiciously. In all cases, the goal should be to recover the missing materials and to apprehend the person responsible. The success of this effort will depend on quick action.

Some general guidelines for responding to specific situations are given below.1 Remember that it is essential to insure that you are familiar with the federal, state, and local laws governing theft and mutilation of library and archival materials before drafting your own procedures.

If a staff member suspects a patron of theft, be sure no action is taken unless the staff member actually sees the theft or discovers that materials are missing in the process of checking them before and after use. The staff member should then request the patron to step into an office or other area away from the reading room. If possible, a second staff member should accompany them so that there is a witness. It is important not to touch or to coerce the patron. If the patron agrees to be detained, notify and await the arrival of security personnel or the police. If the patron insists on leaving, one staff person should notify the authorities and the other should carefully follow the patron to get a description of the patron's car. In either case, staff should write down all pertinent information about the encounter as soon as possible, in case it is needed for future court action.

Some of the warning signs that might indicate theft by a staff member include: one person consistently reports items missing or frequently finds missing materials; attempts have been made to alter collections records; a staff member frequently requests exceptions to the repository's rules and regulations; and a staff member appears to have a lifestyle that does not match his or her known resources. If a staff member is suspected of theft, determine the procedures to be followed before approaching the person. The person should be confronted by at least two supervisors and given a chance to explain his or her actions. It may be necessary to remove the person from the department temporarily and/or to contact police or security personnel.

It is somewhat more likely that a theft will be discovered after the fact, making it more difficult to identify the perpetrator. In such a case the security manager should first determine exactly what is missing (this might require an inventory of the collection if multiple items are involved), then contact the police, insurance company, and any appropriate organizations, as required.2 All actions taken to locate missing materials and identify the thief should be carefully documented.

It is essential to provide staff with training so they are prepared to respond to a security emergency. Be sure that all staff members have a copy of the security plan, practice response procedures, and coordinate plans with outside officials such as institutional security personnel and/or police.

Preparing and Maintaining a Security Plan

Many of the principles for writing and maintaining a disaster plan will also apply to preparing a security plan; in fact, in most institutions these two plans will be closely related. Other leaflets in this series provide in-depth advice on preparing a disaster plan.

When preparing a security plan, the first step should be to put together a committee (in a small institution this may be a committee of one) that will perform a security survey, identify the most serious security risks, determine what should be done about them, and write a security plan. This committee must have the institution director's authority to act.

The security plan should include: information about any security systems in the building, information about distribution and control of keys to the building and to any special storage areas, copies of all policies and procedures relating to security (patron and staff use of the collection, collection management policies, etc.), a checklist of preventive measures to be undertaken, and a list of procedures for responding to a security breach (e.g., a theft, either in progress or one that has already occurred). Remember that in some cases it may not be appropriate to include some of the above information (e.g., security system information and key control information) in all copies of the plan; this information may be limited to upper-level staff members. All copies of the plan must be stored in a secure area where they cannot be accessed by the general public. When you write the plan, it is easy to feel overwhelmed by the amount to be accomplished, particularly if your institution has not had a systematic security plan. It is best to break the writing process into small projects (e.g., start by writing polices for collection use or procedures for responding to a theft in progress). This will make the process less intimidating and there will be a sense of accomplishment once each piece of the project is finished.

Once the plan is finished, do not allow it to gather dust on a shelf. Be sure to review it with all staff periodically, update it when information changes, and revise and improve it as necessary in response to any security emergency that might occur.


It is an unfortunate reality that libraries and archives must be concerned about the security of their collections. It is recommended that all repositories conduct a security survey and draw up a security plan. While there is a place for automated security systems of various types, a repository must not depend solely on these systems to protect its collection. Its security plan must also include policies and procedures regulating access to the collection by staff and users; mechanisms for identifying missing items; and procedures for responding to a security breach. Most important, the repository must recognize the difficulties staff members can face in enforcing security policies and provide training that will reinforce the importance of security activities and give staff members the skills they need to carry out these important duties effectively.

Further reading

Association of College and Research Libraries, Rare Books and Manuscript Section Security Committee. "Guidelines Regarding Thefts in Libraries." College & Research Libraries News 55 (1994): 289–94. Also available online at Anyone entrusted with the care of valued library materials should review this document thoroughly.

Fennelly, Lawrence J., ed. Effective Physical Security. 2nd ed. Boston: Butterworth-Heinemann, 1997. An invaluable resource detailing the essential components of a secure facility, including security hardware and systems.

Museum Security Network. MSN is devoted to the safety and security of cultural property. Their services include a mailing list as well as an extensively linked Web site for excellent sources of information. Contents include access to articles, lists of consultants, security organizations, disaster management resources, and contact information for reporting loss.

O'Neill, Robert Keating, ed. Management of Library and Archival Security: From the Outside Looking In. Binghamton, NY: The Haworth Press, Inc., 1998. Menzi L. Behrnd-Klodt, JD, Attorney/Archivist, Klodt and Associates, Madison, WI: "Provides useful advice and on-target insights for professionals caring for valuable documents and artifacts. Focusing not just on the aftermath of a catastrophe, but disaster prevention and integration of security with preservation programs, this book is an excellent guide. This useful work should be owned by professionals and administrators at large and small institutions alike."

Patkus, Beth Lindblom. "Collections Security: A Preservation Perspective." Journal of Library Administration 25.1 (1998): 67–89. Good overall review of security and disaster concerns for collection preservation.

Robertson, Guy. "The Elvis Biography Has Just Left the Building, and Nobody Checked It Out: A Primer on Library Theft." Feliciter 44.10 (October 1998): 20–24. Written with humor, the author describes various techniques for stealing from libraries and archives, then lists basic (and mandatory) preventive measures.

Safety-L. An electronic discussion list, created by the LAMA () Buildings and Equipment Safety/Security Discussion Group, to identify common concerns and examine alternative solutions. To subscribe, send an e-mail message to, with the subject line blank, the message "subscribe safety-L (first name, last name)."

Trinkaus-Randall, Gregor. Protecting Your Collections: A Manual of Archival Security. Chicago: The Society of American Archivists, 1995. An invaluable primer to assist in developing an effective security program, including enough detail to implement the basics.

Sample Patron Registration Form

Name of Institution: ______________________________________
Location: _______________________________________________
Mailing Address: _________________________________________
Telephone Number: ______________________________________
Fax Number: ____________________________________________

Researcher Registration and Procedures

1. Please sign the registration book each day you use the reading room.
2. Please complete the following, read the procedures, and sign the agreement below.
Name (print clearly): _____________________________________
Identification: ___________________________________________
Mailing Address:
Current Local Residence:
Professional Affiliation:
Subject of Research:

The following procedures must be observed while conducting research in the Archives. You must sign the statement agreeing to abide by these procedures. They are intended to allow access to the collections while preserving them for future generations.

Sample Procedures Information Sheet

  • Coats, parcels, purses, backpacks, briefcases, and other similar belongings must be left at the coat rack in the lobby, or in the lockers provided.
  • No documents are to be removed from the research area under any circumstances. Archival materials are never loaned but must be consulted in the archives.
  • All food and beverages must be consumed only in designated areas. No smoking anywhere in the building.
  • Up to three boxes of materials can be requested at any time, but only one box at a time can be used by the researcher to ensure that materials are not placed in the wrong box.
  • Original documents are not made available to the researcher if a copy (microform, photocopy, etc.) is available.
  • Original order must be maintained within each box and within each file folder. If you have a problem returning items to original order, or if you find something out of order, please consult a staff member.
  • Misconduct or disrespect of the rules may result in the researcher's being refused further access to the Archives.

By affixing my signature below, I certify that I have read the list of procedures, and that I agree to abide by said procedures in any use I make of the collections at the (Name of Institution).

Signature: ____________________________ Date: ______________
Collections used: __________________________________________
Staff member on duty: _____________________________________


Written by Karen E. Brown and Beth Lindblom Patkus

Creative Commons License image