Management System Owner: Chief Safety Officer (CSO)
Revision and Date: Revision 3, 2016-05-31
Fermilab Security department has been established to ensure appropriate levels of protection against unauthorized access; loss or theft of government property; and other acts that may cause unacceptable or adverse impacts to programmatic activities or the health and safety of Fermilab and DOE employees, the public, or the environment. Other areas of Fermilab security program include: cybersecurity which is managed under the Information management system (M10); the security of nuclear material which is managed under the Environmental, Safety and Health Management System (M7), specifically the Fermilab Nuclear Materials Control & Accountability Plan; and the responsibility of Unclassified Foreign Visits and Assignments (UFVA) is managed cooperatively under the Security Management System and the Human Resources Management System (M15).
Chief Safety Officer (CSO)
3.0 Primary Requirements
○ DOE Prime Contract No. DE-AC02-07CH11359 for the Management and Operation of the Fermi National Accelerator Laboratory (Fermilab)
○ Fermilab Performance Evaluation and Measurement Plan (PEMP)
Other DOE Orders and Instructions
○ DOE O 470.4B - Safeguards & Security Program
○ DOE O 142.3A - Unclassified Foreign Visits and Assignments Program
○ DOE O 470.5 - Insider Threat
○ DOE O 472.2 - Personnel Security
○ DOE O 473.3 - Protection Program Operations
○ DEAR 952.204-2 - Security
FRA Contract Clause Mapping to Management Systems
The purpose of this plan is to establish program planning and management requirements for the safeguards and security program. The SSP is based on risk analysis of considerations specific to the site and the assets and interests to be protected, and is reviewed as required by DOE Order. The SSP describes either in content or by other referenced documents, all applicable security topical areas addressed: Program Management, Physical Security, Protective Force, Material Control and Accountability (MC&A), and Cyber Security including: password security, laptop/computer/device security, and server room protection (are managed under the IT Management System in conjunction with the Security Department). An overview of the responsibilities for each applicable area within the SSP is as follows:
Security staff organization and responsibilities include: A staff description, an explanation of Integrated Safeguards and Security Management (ISSM), the concept of Emergency Management, criteria for determining Property Protection Areas, resources and budgeting, personnel development and training, Management Control (surveys, audits, self-assessments, Performance Assurance Program, and Incident Reporting.
Protective force responsibility includes training, post orders, general security response, and the description of facilities and equipment.
Physical Protection System responsibilities include: the card access system, missing property report system, site access control procedures, areas open to the general public, the security alarm testing procedures, the search procedure, after hours emergency notifications, armed encounters, processing arrest warrants, threats to persons or property, incidents of security concern, Incident Command System, security and administrative system testing procedure, key and lock control system, Identification Badge System, and Unclassified Foreign Visits and Assignments Program.
MC&A includes the responsibilities and authorities for: material accounting, inventories, measurement control, emergency procedure for apparent loss, theft or diversion of Category IV Material. The Material Control & Accountability (MC&A) is managed under the Fermilab Nuclear Materials Control and Accountability Plan.
Fermilab has in place an Unclassified Computer Security Program that was developed in accordance with DOE Orders. The documentation of the program is entitled "Computer Protection Plan for Unclassified Computer Systems at Fermi National Accelerator Laboratory." These resources are managed and controlled through administrative processes and physical security barriers to preclude unauthorized use or access. The measures taken to preclude loss are based upon a risk assessment and analysis. The Plan provides for a review of data sensitivity and mission criticality, as well as detailing a post disaster Contingency Plan for critical applications. The Computing Division, under the Information Management System, has the primary responsibility for writing, reviewing, and implementing the plan.
The PF consists of unarmed uniformed security officers. The PF provides entrance gate officers and response officers. The entrance gate officers provide an initial screening of vehicles entering the Site. They direct traffic to the appropriate gates, enforce stop orders, and direct responding law enforcement officers to incident scenes. The response officers are first responders to and assessors of security incidents. They provide scene control at security incidents and fire incidents. The PF documents incidents through the Department's Incident Case Report system
The Fermilab Communication Center is a multi-purpose Center supplying telephone switchboard services, emergency dispatch services, and other miscellaneous services to the Laboratory.
The Key and ID Office provide a central office for the distribution and collection of access control devices. The Office produces the Office of Science Common Badge, a Fermilab Site Specific ID Card, and a Fermilab Visitor Pass Card. The Office programs and administers the Site's proximity based card access system. The Office distributes and documents the issuance of building and office keys.
The Lockshop cuts keys and combinates lock cores for all building doors. The Locksmith maintains lock core and key cutting records. The Locksmith provides and services lock and door hardware.
The driving and parking of motorized vehicles on the Fermilab campus can pose a serious safety risk to motorists as well as bicyclists and pedestrians. To reduce the risk to motorists, bicyclists and pedestrians, Fermilab has adopted, as a minimum, the applicable portions of the State of Illinois Vehicle Code and the
Rules of the Road publication into its Work Smart Standards. These are the same standards that motorists are legally obligated to observe when operating vehicles on public roadways in Illinois.
The Aviation Safety Program applies to all organizations that request aviation services or sponsor events that may impact civilian aviation and those who arrange for and/or coordinate landings, overflights and passenger use of aircraft. The program's policy and procedure describes the approval and notification process, purchase order preparation, designated landing sites, helicopter standard operating procedures, and helicopter medevac training and conditions.