AACP meaning

In practice, an AACP (Alternative access control Point) is a secondary, pre‑authorised entry route to a secured site, facility, system or network, used if the primary access control point is unavailable, unsafe or compromised. It is a descriptive operational term rather than one defined in legislation or case law. The expression is commonly used in security policies and in contracts for data centres, outsourcing, critical infrastructure, construction and facilities management. Key legal features typically addressed in drafting include: the AACP’s location and resilience; authentication and authorisation measures (for example keys, tokens, biometrics or multi‑factor access); activation criteria; logging and audit; maintenance and testing; emergency services access; and change‑control for any relocations or configuration changes. Parties usually allocate responsibilities, training obligations and liability for misuse, and require compliance with applicable standards (such as ISO/IEC 27001) and regulatory duties (for example the UK NIS Regulations for relevant operators, and equivalent Irish regimes), alongside data protection and health and safety requirements. Usage and expectations are broadly consistent across England and Wales, Scotland, Northern Ireland and Ireland. In procurement and service agreements, the AACP is often tied to business continuity, incident response and availability/service level commitments.