A break-glass procedure (emergency access) is a documented process that enables access to systems or data in emergencies when normal access controls fail or are too slow. The name derives from fire extinguisher cabinets where you break the glass in an emergency.
ISO 27001 Annex A controls A.5.15 (Access Control) and A.5.24 (Information Security Incident Management Planning) provide the framework. A break-glass procedure must be tightly controlled: sealed envelopes with emergency credentials, automatic notification upon use, complete logging, and post-use review of every activation. Credentials are changed immediately after use. Without a documented procedure, uncontrolled workarounds tend to emerge during emergencies.