Home
CREXOM™ Certification
Discover CREXOM About CREXOM Standards & Governance Industry Partnerships Higher Education Enroll Now
Explore
CREXOM Certification | CRE Operations Commercial Real Estate Certifications Guide Higher Education & CRE Readiness | CREXOM Top Careers Without a College Degree Professional Athletes & Commercial Real Estate Real Estate License Holders & CRE
Resources
Case Study Library
RETMI FAQ Contact

CREXOM™ Case Study #004

When Access Becomes Responsibility

An unauthorized entry into a tenant-controlled area forces leadership to examine accountability, authority, organizational controls, and the difference between individual mistakes and systemic failures.

Case Profile

Property Type: Office / Mixed-Use Commercial Property

Difficulty Level: Advanced

Primary Topic: Unauthorized Access and Organizational Accountability

Primary Domains: Risk Management, Leadership and Accountability, Governance and Organizational Effectiveness

Supporting Domains: Stakeholder and Relationship Management, Professional Ethics, Property Operations

Competencies Demonstrated: Risk Assessment, Accountability, Authority and Delegation

DOWNLOAD PDF

Learning Objectives

Upon completion of this case study, readers should be able to:

  • Evaluate operational and organizational risks associated with access-control failures.
  • Distinguish between individual accountability and systemic organizational responsibility.
  • Assess stakeholder impacts resulting from trust-related incidents.
  • Analyze governance and oversight considerations affecting operational decision-making.
  • Apply professional judgment when balancing accountability, culture, and future risk mitigation.

Case Overview

A professionally managed commercial property experienced an incident involving unauthorized access to a tenant-controlled area. Although no significant physical damage, theft, or safety event occurred, the incident quickly escalated into a broader organizational challenge.

The affected tenant expressed concern regarding privacy, security, and the integrity of property management operations. Questions emerged regarding who possessed authority to access tenant-controlled spaces, whether existing procedures were clearly understood, and whether organizational oversight mechanisms were adequate.

As facts emerged, leadership discovered varying interpretations of policy among management personnel. Some individuals viewed the incident as an isolated judgment error. Others believed it revealed deeper weaknesses involving training, authority delegation, documentation standards, and operational controls.

Ownership and senior leadership now face a difficult decision. A response perceived as overly punitive could damage organizational culture and employee trust. A response perceived as insufficient could undermine tenant confidence, weaken accountability, and increase future risk exposure.

The central challenge is no longer merely what occurred. Leadership must determine what the incident reveals about the organization and how accountability should be balanced with learning, improvement, and long-term risk management.

Scenario Overview

A suburban commercial property consisting of multiple office and service-oriented tenants had operated for several years without significant access-control issues. Property management responsibilities were delegated to an on-site management team supported by regional leadership.

One tenant occupied a secured suite containing sensitive business information and proprietary materials. Access to the suite was controlled by the tenant, although ownership retained certain rights related to emergencies, maintenance needs, and property protection.

During a routine workday, a member of the property management team entered the tenant-controlled area without prior authorization from the tenant. The employee later explained that the entry was intended to verify a reported maintenance concern. The employee believed the action fell within operational responsibilities and presented minimal risk.

The tenant disagreed.

Upon learning of the entry, tenant leadership questioned why advance notice had not been provided and whether similar access events had occurred previously. Although no evidence suggested theft, damage, misconduct, or malicious intent, the tenant viewed the incident as a serious breach of trust.

Property management personnel immediately notified senior management. Internal discussions revealed inconsistent interpretations of organizational procedures. Some employees believed management staff possessed broad authority to enter tenant-controlled areas when operational concerns existed. Others believed tenant approval should be obtained whenever practical.

Further review uncovered several contributing factors:

  • Access-control policies existed but were not uniformly understood.
  • Training regarding tenant-controlled spaces varied among personnel.
  • Documentation requirements for access events were inconsistently applied.
  • Authority levels had not been clearly communicated throughout the organization.
  • Previous access situations had been handled informally rather than through standardized procedures.

As discussions continued, the issue expanded beyond the original event.

The tenant requested a formal explanation, assurances regarding future controls, and clarification regarding accountability.

Ownership became concerned about reputational risk and potential impacts on tenant retention.

Regional leadership questioned whether the incident reflected an isolated lapse in judgment or a broader governance issue.

The employee involved maintained that the decision was made in good faith and was motivated by operational concerns rather than disregard for tenant rights.

Meanwhile, management personnel worried that an aggressive disciplinary response could discourage initiative and create a culture in which employees become reluctant to address emerging operational issues.

Leadership now faces several interconnected questions:

  • Who is accountable?
  • Was policy violated?
  • Were policies sufficiently clear?
  • What message should be sent to employees?
  • What message should be sent to tenants?
  • How should future incidents be prevented?
  • Does the event indicate a larger organizational weakness?

The answers may shape organizational culture and stakeholder trust long after the incident itself is resolved.

Known Facts

At the time leadership was required to respond:

  • Unauthorized access occurred within a tenant-controlled area.
  • No major physical damage occurred.
  • No theft, vandalism, or malicious conduct was identified.
  • The employee believed the action served an operational purpose.
  • The tenant did not authorize the entry.
  • The tenant expressed concern regarding privacy, security, and trust.
  • Existing policies did not appear to be uniformly understood.
  • Documentation practices were inconsistent.
  • Organizational authority levels were not clearly communicated.
  • Ownership, management, and tenant representatives held differing perspectives regarding responsibility.
  • The incident exposed potential weaknesses in operational controls.

Stakeholder Analysis

Ownership
Ownership seeks to preserve tenant relationships, protect asset value, maintain occupancy stability, and reduce organizational risk exposure.

Property Management Leadership
Management leadership must evaluate accountability, determine appropriate corrective action, preserve operational effectiveness, and maintain employee engagement.

On-Site Personnel
Employees require clarity regarding authority, expectations, and consequences. Their perception of fairness may influence future decision-making and organizational culture.

Tenant
The tenant seeks reassurance that privacy, security, and operational boundaries will be respected. Trust restoration is a significant concern.

Asset Management
Asset managers are concerned with reputational risk, tenant retention, operational reliability, and long-term asset performance.

Future Tenants and Stakeholders
The organization's response may influence future perceptions regarding professionalism, accountability, and operational competence.

Discussion Questions

  1. To what extent should leadership view this incident as an individual performance issue versus an organizational control failure?
  2. How should accountability be allocated when employee actions occur within an environment of unclear authority, inconsistent training, or weak procedural controls?
  3. What risks arise if leadership focuses exclusively on discipline rather than organizational learning and process improvement?
  4. What actions should leadership prioritize to restore trust with the affected tenant while maintaining credibility with employees?
  5. How should governance structures, policies, and oversight mechanisms evolve following an incident that exposes ambiguity regarding access authority?
  6. If you were advising ownership, what factors would influence your recommended response strategy, and how would you balance accountability, culture, risk mitigation, and stakeholder relationships?

CREXOM™ Analysis

Risk Considerations
The most immediate risk involves erosion of tenant trust. Commercial real estate relationships depend heavily upon confidence, professionalism, and predictability. Even when no physical harm occurs, perceived breaches of access boundaries can create significant relationship challenges.

The incident also highlights operational risk. Unclear authority structures create environments where employees may make inconsistent decisions under similar circumstances. Such inconsistency increases organizational exposure over time.

Leadership Considerations
Leadership faces a classic accountability dilemma.

If responsibility is assigned solely to the employee, leadership may overlook systemic weaknesses that contributed to the event.

Conversely, if leadership focuses exclusively on organizational shortcomings, individual accountability may appear diminished.

Effective leadership often requires evaluating both dimensions simultaneously.

Governance Considerations
Governance concerns emerge when organizations lack clearly defined authority structures, documented procedures, and consistent oversight mechanisms.

The incident raises broader questions:

  • Who can authorize access?
  • Under what circumstances?
  • How should access be documented?
  • What exceptions exist?
  • How is compliance monitored?

Organizations frequently discover governance weaknesses only after an incident exposes them.

Stakeholder Considerations
Stakeholder perceptions may differ substantially.

The tenant may focus on trust and privacy.

Ownership may focus on asset protection and reputation.

Employees may focus on fairness and clarity.

Leadership must communicate effectively across all stakeholder groups while maintaining organizational credibility.

Operational Implications
Operationally, the event suggests opportunities to improve:

  • Access-control procedures
  • Training programs
  • Documentation standards
  • Escalation protocols
  • Supervisory oversight

The objective is not merely preventing recurrence of this specific incident but strengthening decision-making systems more broadly.

Organizational Culture Considerations
Culture is shaped by how organizations respond to mistakes.

An overly punitive response may discourage initiative and transparency.

An overly lenient response may weaken accountability.

Leadership must determine how to reinforce professional judgment while encouraging employees to seek guidance when uncertainty exists.

Alternative Courses of Action

Option A: Primarily Individual Accountability Response

Advantages

  • Demonstrates immediate accountability.
  • Signals seriousness to tenants.
  • Reinforces compliance expectations.

Disadvantages

  • May ignore systemic weaknesses.
  • Risks employee disengagement.
  • May fail to address root causes.

 

Option B: Balanced Accountability and Organizational Improvement

Advantages

  • Addresses individual and systemic factors.
  • Supports long-term risk reduction.
  • Reinforces learning and accountability simultaneously.
  • May strengthen tenant confidence through visible improvements.

Disadvantages

  • Requires greater leadership effort.
  • May appear insufficiently decisive to some stakeholders.
  • Implementation may take longer.

 

Option C: Comprehensive Governance Review

Advantages

  • Examines broader organizational vulnerabilities.
  • Creates opportunity for enterprise-wide improvements.
  • Strengthens long-term controls and oversight.

Disadvantages

  • Resource intensive.
  • May be viewed as disproportionate to the incident.
  • Could create operational disruption during implementation.

CREXOM™ Perspective

Unauthorized access incidents are often discussed as security problems. In practice, they are frequently leadership and governance problems.

Organizations rarely fail because a single employee makes an imperfect decision. More often, risk emerges when authority, accountability, expectations, and controls are not aligned. When employees operate within ambiguous environments, individual judgment becomes the primary control mechanism—sometimes with inconsistent results.

The deeper lesson is not whether someone entered a space they should not have entered. The deeper lesson is whether the organization created conditions that enabled confusion regarding authority and responsibility.

Professional judgment requires evaluating both human behavior and organizational systems. Strong organizations do not simply determine who made a mistake. They seek to understand why the mistake was possible, how stakeholder trust was affected, and what improvements are necessary to reduce future risk.

The quality of leadership is often measured not by how organizations respond when everything works as intended, but by how they respond when trust is tested.

Key Takeaways

  • Access-control failures can create significant stakeholder concerns even when no damage occurs.
  • Accountability and organizational responsibility are not mutually exclusive.
  • Clear authority structures reduce operational ambiguity.
  • Governance weaknesses often emerge through relatively minor incidents.
  • Tenant trust is a valuable operational asset requiring active protection.
  • Leadership responses influence both organizational culture and future risk exposure.
  • Effective risk mitigation typically requires both corrective action and systemic improvement.

Related Domains

  1. Risk Management
  2. Leadership and Accountability
  3. Governance and Organizational Effectiveness
  4. Stakeholder and Relationship Management
  5. Professional Ethics
  6. Property Operations

About the CREXOM™ Case Study Series

The CREXOM™ Case Study Series is a growing collection of educational case studies designed to support competency development, professional judgment, critical thinking, and decision-making within the commercial real estate industry.

Each case is developed in accordance with the CREXOM™ Case Study Philosophy, Competency Taxonomy, and Publication Standard. Cases are intended for use in academic instruction, workforce development, professional certification, corporate training, executive education, and independent professional development.

Strengthen Professional Judgment and Decision-Making

Explore additional educational resources from CREXOM™.

CASE STUDY LIBRARY
EXPLORE CREXOM™