Skip Ribbon Commands
Skip to main content

(M13) Security
Contractor Assurance

​​​Management System Owner: ​Chief Safety Officer (CSO)

Revision and Date: Revision 3, 2016-05-31

1.0             Purp​​​ose

Fermilab Security department has been established to ensure appropriate levels of protection against unauthorized access; loss or theft of government property; and other acts that may cause unacceptable or adverse impacts to programmatic activities or the health and safety of Fermilab and DOE employees, the public, or the environment.  Other areas of Fermilab security program include: cybersecurity which is managed under the Information management system (M10); the security of nuclear material which is managed under the Environmental, Safety and Health Management System (M7), specifically the Fermilab Nuclear Materials Control & Accountability Plan; and the responsibility of Unclassified Foreign Visits and Assignments (UFVA) is managed cooperatively under the Security Management System and the Human Resources Management System (M15).

2.0             Roles and Responsibilities

Title Responsibilities

Chief Safety Officer (CSO)

 

  •      Owns the Safeguards and Security Plan
  •      Assesses line organizations for compliance
  •      Facilitates system improvements
D/S Heads
  •      Deploy all Security Management System Procedures as they relate to the Safeguards and Security Plan to line management and organization
Security Chief
  •      Responsible for ensuring that the Safeguards and Security Plan remains useful and current
  •      Establishes and maintains security procedures and post orders
  •      Approves security procedures
  •      Responsible for the development, implementation, assessment and improvement of the Security   Management System.
  •      Provide security patrols, the investigation of property loss, and assistance with dealing with threats of violence.
Security Department Team
  •      Enforce established Security Management System Procedures and Post Orders
  •      Manage the service contract of the Protective Force
  •      Supply the training of the Protective Force
  •      Maintain a database of citations
  •      Identify areas of opportunities for improvement within the Security Management System
Security Officers of the Contractor Protective Force
  •      Protect safeguards and security interests from theft, diversion, industrial sabotage, unauthorized access, loss or compromise, and other hostile acts that may cause unacceptable adverse impacts on program continuity, the environment, or the health and safety of employees and the public.
  •      Enforce the traffic safety rules by issuing citations to violators
Communication Center
  •      Provide dispatching services to the emergency response organization.
  •      Monitor site wide alarm system – Facility Incident Reporting Utility System (FIRUS) and disseminate activated alarms.
  •      Monitor the Laboratory emergency phone system (3131) and dispatch the emergency response organization as needed.
  •      Provide telephone switchboard services to the Laboratory.
All Employees, Users, Visitors, Contractors and Guests
  •      Adhere to all Security Management System processes for employees, users, visitors, subcontractors, and guests.

 3.0             Primary Require​ments

M&O Contract

○       DOE Prime Contract No. DE-AC02-07CH11359 for the Management and Operation of the Fermi National Accelerator Laboratory (Fermilab)

○       Fermilab Performance Evaluation and Measurement Plan (PEMP)

  •  Goal 8.0 – Sustain and Enhance the Effectiveness of Integrated Safeguards and Security Management (ISSM) and Emergency Management Systems

Other DOE Orders and Instructions

○       DOE O 470.4B - Safeguards & Security Program

○       DOE O 142.3A - Unclassified Foreign Visits and Assignments Program

○       DOE O 470.5 - Insider Threat

○       DOE O 472.2 - Personnel Security

○       DOE O 473.3 - Protection Program Operations

○       DEAR 952.204-2 - Security

FRA Contract Clause Mapping to Management Systems

4.0             Management​ System Description Overview

4.1               The Safegu​​​ards and Security Plan (SSP)

The purpose of this plan is to establish program planning and management requirements for the safeguards and security program. The SSP is based on risk analysis of considerations specific to the site and the assets and interests to be protected, and is reviewed as required by DOE Order. The SSP describes either in content or by other referenced documents, all applicable security topical areas addressed: Program Management, Physical Security, Protective Force, Material Control and Accountability (MC&A), and Cyber Security including: password security, laptop/computer/device security, and server room protection (are managed under the IT Management System in conjunction with the Security Department). An overview of the responsibilities for each applicable area within the SSP is as follows:

4.1.1    Program Manag​​ement

Security staff organization and responsibilities include:   A staff description, an explanation of Integrated Safeguards and Security Management (ISSM), the concept of Emergency Management, criteria for determining Property Protection Areas, resources and budgeting, personnel development and training, Management Control (surveys, audits, self-assessments, Performance Assurance Program, and Incident Reporting.

4.1.2    Protective Fo​​rce

Protective force responsibility includes training, post orders, general security response, and the description of facilities and equipment.

4.1.3    Physical Security

Physical Protection System responsibilities include: the card access system, missing property report system, site access control procedures, areas open to the general public, the security alarm testing procedures, the search procedure, after hours emergency notifications, armed encounters, processing arrest warrants, threats to persons or property, incidents of security concern, Incident Command System, security and administrative system testing procedure, key and lock control system, Identification Badge System, and Unclassified Foreign Visits and Assignments Program.​

4.1.4    Material Cont​​rol and Accountability

MC&A includes the responsibilities and authorities for: material accounting, inventories, measurement control, emergency procedure for apparent loss, theft or diversion of Category IV Material. The Material Control & Accountability (MC&A) is managed under the Fermilab Nuclear Materials Control and Accountability Plan.

4.1.5    Cyber Sec​​urity

Fermilab has in place an Unclassified Computer Security Program that was developed in accordance with DOE Orders.  The documentation of the program is entitled "Computer Protection Plan for Unclassified Computer Systems at Fermi National Accelerator Laboratory."  These resources are managed and controlled through administrative processes and physical security barriers to preclude unauthorized use or access.  The measures taken to preclude loss are based upon a risk assessment and analysis.  The Plan provides for a review of data sensitivity and mission criticality, as well as detailing a post disaster Contingency Plan for critical applications.  The Computing Division, under the Information Management System, has the primary responsibility for writing, reviewing, and implementing the plan.        

4.2               Contra​​ctor Protective Force (PF)

The PF consists of unarmed uniformed security officers.  The PF provides entrance gate officers and response officers. The entrance gate officers provide an initial screening of vehicles entering the Site.  They direct traffic to the appropriate gates, enforce stop orders, and direct responding law enforcement officers to incident scenes.  The response officers are first responders to and assessors of security incidents. They provide scene control at security incidents and fire incidents.  The PF documents incidents through the Department's Incident Case Report system

4.3               Communica​​​tion Center

The Fermilab Communication Center is a multi-purpose Center supplying telephone switchboard services, emergency dispatch services, and other miscellaneous services to the Laboratory.

4.4               Key & ID O​​ffice

The Key and ID Office provide a central office for the distribution and collection of access control devices.  The Office produces the Office of Science Common Badge, a Fermilab Site Specific ID Card, and a Fermilab Visitor Pass Card. The Office programs and administers the Site's proximity based card access system.  The Office distributes and documents the issuance of building and office keys.

4.5               Locks​​hop

The Lockshop cuts keys and combinates lock cores for all building doors.  The Locksmith maintains lock core and key cutting records. The Locksmith provides and services lock and door hardware.

4.6     ​​          Traffic Safety Program

The driving and parking of motorized vehicles on the Fermilab campus can pose a serious safety risk to motorists as well as bicyclists and pedestrians.  To reduce the risk to motorists, bicyclists and pedestrians, Fermilab has adopted, as a minimum, the applicable portions of the State of Illinois Vehicle Code and the Rules of the Road publication into its Work Smart Standards.  These are the same standards that motorists are legally obligated to observe when operating vehicles on public roadways in Illinois.

4.7               Aviation Sa​fety Program

The Aviation Safety Program applies to all organizations that request aviation services or sponsor events that may impact civilian aviation and those who arrange for and/or coordinate landings, overflights and passenger use of aircraft.  The program's policy and procedure describes the approval and notification process, purchase order preparation, designated landing sites, helicopter standard operating procedures, and helicopter medevac training and conditions.

5.0             Reports, Audits, Assessments and Required Recor​​ds

  • Biennial DOE Safeguards and Security Survey
  • Security Admin Records
  • Security Personnel Records
  • Security Records
  • ComCenter Records
  • Key & ID Office Records

 

6.0             Additional Referen​ces

  • Director's Policy - Site Access Policy
  • FESHM 10170 – Fermilab Aviation Safety Policy
  • Comprehensive Emergency Management Plan (CEMP)
  • Property Management Program (PMP)
  • Protective Force Post Orders
  • Security Procedures
  • Security Department Procedure Manual
  • Unclassified Foreign Visits and Assignments Manual
  • The State of Illinois Vehicle Code
  • The Illinois Rules of the Road Publication

7.0             Definitions of Acron​yms and Terms

Acronym Definition
DOEDepartment of Energy
FESHMFermilab Environmental, Safety, and Health Manual
FIRUSFacility Incident Reporting Utility System
CEMPComprehensive Emergency Management Plant
PMPProperty Management Program
SSPSafeguards and Security Plan
UFVAUnclassified Foreign Visits and Assignments