RPM | REQUIREMENTS AND POLICIES MANUAL

Viewable by the world

    Title:

    Site Access and Security

    Publication date:

    12/14/2021

    Effective date:

    12/14/2021

    BRIEF

    Policy Summary

    This policy communicates key security elements of the Lawrence Berkeley National Laboratory (Berkeley Lab) Site Security Plan and associated Department of Energy (DOE) Orders that Berkeley Lab personnel are required to follow in order to assure compliance with the prime contract. Berkeley Lab security policies and procedures are designed to keep Berkeley Lab personnel, information, assets, and facilities safe. This policy includes topical areas such as access requirements to the main site and off-site facilities, prohibited articles, access management, and security reporting requirements.

    Who Should Read This Policy

    All individuals who access Berkeley Lab facilities.

    To Read the Full Policy, Go To:

    The POLICY tab on this wiki page

    Contact Information

    Title:

    Site Access and Security

    Publication date:

    12/14/2021

    Effective date:

    12/14/2021

    POLICY

    A. Purpose

    This policy defines site access and security requirements when accessing or occupying Lawrence Berkeley National Laboratory (Berkeley Lab) facilities. Berkeley Lab security policies and procedures are designed to keep Berkeley Lab personnel, information, assets, and facilities safe. Site access is a privilege granted in order to facilitate the mission of Berkeley Lab. This privilege may be withdrawn upon the determination that an individual's access does not promote the safety, security, or stewardship principles of Berkeley Lab.

    B. Persons Affected

    All persons who require access to Berkeley Lab facilities.

    C. Exceptions

    None

    D. Policy Statement

    1. General: All individuals entering and occupying Berkeley Lab facilities are expected to abide by all federal, state, and local laws in addition to Berkeley Lab security protocols and procedures. This includes cooperating with security and law enforcement personnel and immediately reporting any security-related incidents or concerns, to include suspicious activity, to their line management, the Site Operations Center, and /or appropriate security personnel.
    2. Site Access: Berkeley Lab has established the following security requirements and procedures for access to the Berkeley Lab main site:
      1. All vehicles (automobiles, motorcycles, bicycles) and pedestrians seeking to gain site access must stop at Berkeley Lab entry gates and present an acceptable form of identification in order to be processed for site access.
      2. Acceptable forms of identification for site entry include:
        1. Berkeley Lab ID badge;.
        2. State-issued identification compliant with the REAL ID Act of 2005.
        3. Official passport.
        4. Homeland Security Presidential Directive 12 (HSPD-12) credential.
      3. Any identification which is expired or fraudulent is not considered an acceptable form of identification.
      4. Individuals without an Berkeley Lab ID badge are considered either visitors or business visitors and must be approved for site access.
    3. Emergency Access. Emergency vehicles and first responders are allowed immediate access to the site in response to emergency conditions. All access to and from the site may be restricted during an emergency, or in response to security threats, as directed by the Officially Designated Security Authority (ODSA), or designee, and appropriate Berkeley Lab leadership.
    4. Visitors: Individuals without an Berkeley Lab ID badge must be approved for site access. The primary means to gain site access approval is through the Berkeley Lab Visitor Management System (VMS). Access requests must be administered through the automated VMS. Access requests for foreign nationals are screened in compliance with DOE O 142.3B, Unclassified Foreign National Access Program, requirements.
      1. Unless special permission is granted, only a Berkeley Lab or Berkeley Site Office (BSO) employee may host a visitor.
      2. Visitors requests must be processed in the VMS and approved before obtaining site access.
      3. Visitors requiring unescorted site access are required to have a visitor badge (see "Badging" section).
      4. Visitors without a visitor badge must be escorted by their host or another badged Berkeley Lab or BSO employee.
      5. The VMS may not be used to grant site access in order to circumvent the Berkeley Lab affiliation or hiring process to begin work before that process is complete.
      6. All rideshare and food delivery service requests must be processed through the VMS.
      7. Visitors under 18 years of age must be part of a Lab management approved tour/event or accompanied by a parent or guardian at all times.
      8. Certain routine delivery personnel may be exempt from needing pre-approval through VMS.
    5. Security Areas: There are two types of security areas within Berkeley Lab facilities.
      1. The Berkeley Lab main site and off-site locations are part of the general access area (GAA). All persons entering and located within a GAA are subject to Berkeley Lab's site access requirements. GAA security measures are designed to provide a reasonable expectation that all individuals accessing Berkeley Lab facilities are authorized to do so.
      2. Property protection areas (PPAs) are established to increase protection of Berkeley Lab personnel and higher risk security assets/interests from malevolent acts such as theft and sabotage. In addition to standard site access requirements, the following access requirements for PPAs are in place:
        1. Additional authentication measures.
        2. Only authorized personnel may enter a PPA with unescorted access. All other individuals must be escorted by authorized personnel.
        3. Individuals performing research activities in PPAs and/or who require recurring access to PPAs must obtain authorized access through the badge management system (BMS).
        4. Badge access to PPAs requires special approvals. Access to PPAs by foreign nationals requires additional screening.
        5. Individuals seeking authorized access to PPAs must complete prerequisite training and must follow the protocols and procedures associated with PPA protections.
    6. Badging: All Berkeley Lab affiliates and employees with an approved, active assignment who require site and building access will be issued a Local Site Specific Only badge in accordance with DOE O 470.4B, Safeguards and Security Program.
      1. Badge Business Rules
        1. Affiliates and employees must complete the affiliation and hiring process before they receive a badge and may not be issued a badge outside their active assignment window.
        2. If a vendor/subcontractor requires regular unescorted site access (at least once a quarter) they should be affiliated and badged.
        3. If a Berkeley Lab badge holder requires site access and does not have their Berkeley Lab-issued badge, their identity and Berkeley Lab assignment will be verified and they will be issued a visitor badge for the day.
        4. Expiration dates are applied to badges and denote when an appointment period ends. It is the responsibility of the badge holder to make a badge appointment and retrieve a new badge before the end of their appointment and/or badge expiration.
        5. Badges will no longer function for site or building access once they are expired or terminated.
        6. Badge access privileges are managed in the BMS and approved by Security Access Managers (SAM) from each division.
        7. If a visitor requires unescorted access to the facilities on-site, they must obtain a visitor badge through the VMS.
          1. Visitor badges do not grant site access, only building access.
          2. Badged visitors must have an active access management request for the duration of their time at Berkeley Lab.
      2. Badge Display, Use, and Care
        1. Berkeley Lab badges are property of the US government and must be returned to the badge office, security personnel, or designated drop locations once expired and/or the badge holder's Berkeley Lab assignment has been terminated.
        2. Badge holders must protect their badge against loss, theft, or misuse and report a lost, stolen, or misused badge to the badge office or Site Operations Center as soon as practical and within 24 hours of discovery.
        3. Badges must be conspicuously worn, photo side out, in a location above the waist and on the front of the body while having access to Berkeley Lab facilities, unless when doing so may pose a safety concern.
        4. When not on federally controlled, owned, or leased property, the badge should be removed or obscured from visual access.
        5. Badge holders must protect their badge's integrity by ensuring that it is not altered, photocopied, counterfeited, reproduced, or photographed (other than for official government business).
      3. Training Requirements
        1. All badged personnel must complete training on Berkeley Lab security protocols and procedures as part of their suite of new employee training requirements.
        2. Access may be temporarily suspended when training is incomplete or expired.
    7. Hosts. Hosts are responsible for ensuring visitors and business visitors under their auspices adhere to and follow applicable Berkeley Lab safety and security policies and procedures. Hosts at Berkeley Lab must meet certain criteria before and during their visitor's stay. Hosts must:
      1. Be Berkeley Lab or BSO employees;
      2. Complete Berkeley Lab training SEC0505, Hosting Foreign Nationals, before hosting visitors, subcontractors, affiliates, or employees who are non-US citizens;
      3. Be physically on site with their visitors or designate another eligible host in their absence;
      4. Not come from State Sponsors of Terrorism Country in order to host other foreign nationals.
    8. Public Events. Public Events are defined by DOE Order 142.3B, Unclassified Foreign National Access Program. Attendees of public events may be exempt from certain site access and DOE-mandated screening protocols. Only the ODSA or designee may declare an event public. The following criteria will be considered when making a public event determination:
      • Whether the event is held at a Berkeley Lab venue that is accessible to the general public.
      • Whether the event is open to attendance by members of the general public.
      • Whether information provided at the event is not protected by statute, regulation, or DOE policy.
    9. Controlled Articles. Controlled articles are items such as portable electronic devices and cellular telephones, both government and personally owned, that are capable of recording information or transmitting data. Berkeley Lab persons are generally not restricted from bringing controlled articles onto the main site or into off-site facilities but may be restricted from bringing such items into certain areas for safety or security reasons. See the Requirements and Policy Manual (RPM) Photography, Video, and Audio Recordings policy.
    10. Trespassing and Prohibited Articles. All DOE property and facilities are subject to the requirements of 10 CFR Part 860, Trespassing on Department of Energy Property, which prohibits unauthorized access and the unauthorized introduction of dangerous weapons and materials. Prohibited articles include items such as explosives (not part of approved Berkeley Lab research or other sanctioned activity), dangerous weapons, instruments or material likely to produce substantial injury to persons or damage to persons or property, controlled substances (e.g., illegal drugs including marijuana and associated paraphernalia, excluding prescription medicine, unless approved by appropriate authority) and other items prohibited by law. Berkeley Lab personnel seeking an exemption are required to submit a request for authorization to the ODSA or designee.
    11. Entry/Exit Screening. Individuals, carried items, vehicles, and/or packages entering or exiting the site may be subject to random inspection to deter and/or detect the unauthorized introduction of prohibited articles or removal of US government security assets. Inspections will only be performed in response to change in security conditions or as needed based on specific security threats or incidents.
    12. Locks and Keys. Locks and Keys program personnel manage all security and administrative locks, keys, key blanks, and key-cutting codes at Berkeley Lab. Berkeley Lab keys are government property, are not to be duplicated or shared, and are to be returned when no longer required or upon termination, whichever comes first. Unauthorized key use and access is prohibited.
    13. Returning Security Assets. All issued badges and keys must be returned upon voluntary or involuntary termination and when a person's assignment ends.
    14. Off-Site Facility Access. Personnel are required to use their Berkeley Lab-issued badges to access off-site buildings. Off-site visitor access requests must be initiated in the Access Management System.
    15. On-Site Law Enforcement. The University of California Police Department (UCPD) patrols the Laboratory site and may be called to respond to security incidents. UCPD may issue citations for trespassing, theft, and other violations in accordance with California state law. Citations from law enforcement officials are considered separate actions from the Laboratory's Corrective Action and Discipline policy.

    E. Accountability

    1. General. The effectiveness of Berkeley Lab Site Security, the programs associated with Site Security, and the protection standards required by the DOE are reliant upon individuals following security-related policies and procedures. Security policies and procedures are considered employment-related standards of conduct and all employees and visitors are responsible and expected to adhere to them. These standards are communicated in accordance with the Berkeley Lab Security Awareness program, which includes training and messaging aimed at educating Berkeley Lab personnel on their role in complying with and supporting security program requirements. Other means of communication include instructions provided by security personnel, security-related notices, etc. Security incidents are detected by security officers who stand at security posts, perform roving patrols, and monitor and respond to security alarms (among other activities). Security incidents can also be detected and reported by individuals on-site or in Berkeley Lab facilities.
    2. Security Violations. Individuals found to be in violation of the Site Access and Security policy and/or associated procedures will receive a Notice of Violation.
      1. A Notice of Violation is administrative in nature and is not considered a corrective action. Security incidents meeting certain requirements are also reported to the DOE via the Incident of Security Concern program as required in DOE O 470.4B, Safeguards and Security Program.
      2. Notices of Violation will be served by way of Berkeley Lab email to the individual who is observed to be the perpetrator of the violation and his/her immediate supervisor, division director, and HR business partner. Notices will be issued as soon as practical after the violation has been identified or reported. Individuals involved in security violations may receive corrective action in accordance with the Laboratory's Corrective Action and Discipline policy or applicable collective bargaining agreement (CBA), and progressive discipline may apply up to and including termination of employment.
      3. Site Security staff will record violations for the purposes of tracking security trend data and helping to identify individuals who are involved in repeated security incidents. Site Security staff will work with the employee's line management and HR business partner to provide evidence of the violation which may include statements from security personnel and/or data from various physical security systems.
      4. Individuals with repeated or egregious violations may have their access privileges temporarily or permanently suspended. Other corrective actions may be applied per management discretion.
      5. Lab designated hosts are responsible for ensuring visitors under their auspices adhere to and follow Berkeley Lab security policies and procedures. Visitors involved in security incidents may have their site access privileges temporarily or permanently revoked.

    F. Definitions/Acronyms

    Term

    Definition

    Affiliate

    Individuals who are not Berkeley Lab employees but are engaged in a wide range of Berkeley Lab activities involving Laboratory research, the use of Laboratory facilities, or the provision of a service to Berkeley Lab. See the Affiliates policy in the RPM.

    Foreign National

    A person without US citizenship or nationality (may include a stateless person)

    General Access Area (GAA)

    GAAs may be designated by the ODSA to allow access to certain areas with minimum-security requirements

    Homeland Security Presidential Directive (HSPD-12) Credential

    The HSPD-12 compliant credential is a physical identity card/smart card issued to federal employees and subcontractors that contains authentication mechanisms used to verify the claimed identity of the cardholder

    Property Protection Area (PPA)

    PPAs are security areas that are designated to protect employees and government-owned or leased buildings, facilities, and property

    Site

    A geographical area where one or more facilities are located, or a DOE-controlled land area including DOE-owned facilities. This includes the following Berkeley Lab main campus and off-site locations:

    • Building 1, Donner Laboratory at University of California Berkeley campus
    • Building 971, Office of the Chief of Financial Officer (OCFO), Emeryville, California
    • Building 977, Biosciences Area and Cyclotron Road at Potter Street, Berkeley, California
    • Building 978, Biosciences Area at Emery Station East, Emeryville, California

    Visitor (Business)

    An individual requiring temporary access for the purposes of performing work that advances the Berkeley Lab mission. Visitors (business) are neither employees nor affiliates with Berkeley Lab and do not receive a Berkeley Lab ID badge.

    Visitor (Non-business)

    An individual requiring temporary access who is not considered a business visitor. Visitors (non-business) are neither employees nor affiliates with Berkeley Lab and do not receive a Berkeley Lab ID badge.


    G. Roles & Responsibilities

    Managers, supervisors, and employees have the responsibility to adhere to the provisions of this policy.

    Role

    Responsibility

    Berkeley Site Office (BSO) Official
    • Approves special foreign national access requests as needed.
    • Serves as the host for any other DOE or government agency visitor or business visitors.

    Security and Emergency Services (SES) Division Director
    • Oversees the Berkeley Lab Safeguards and Security Program.
    • Reviews cases for statute, policy, or regulatory compliance issues and concerns and provides approvals, denials, or modifications as necessary and in a timely manner.
    • Serves as the ODSA for the site.
    • Provides updates to the Officially Designated Federal Security Authority (ODFSA) as necessary.

    Personnel Security Manager
    • Maintains this policy and conducts oversight activities to assure compliance with it and DOE O 142.3B.
    • Serves as the subject-matter expert for the Unclassified Foreign Visits and Assignment (UFVA) Program regarding DOE O 142.3B.
    • Briefs senior management on program compliance, updates, and issues.

    Senior Security Operations Manager
    • Oversees the Berkeley Lab Protective Force contract and execution of DOE order 473.3a and 470.4b protective force requirements.
    • Oversees Berkeley Lab Physical Protection Systems program, personnel, DOE order requirements, and system effectiveness testing and maintenance.
    • Technical representative for law enforcement support contract with the UCPD.
    • Supports initial incident response and direction to protective force responding officers.

    Employee
    • Responsibilities include adhering to the provisions of this policy.

    Site Access Specialist
    • Badges eligible Berkeley Lab personnel.
    • Assigns access rights to approved badged personnel.
    • Screens applicants against foreign national access program requirements.
    • Briefs incoming personnel on their safety and security requirements while on-site at Berkeley Lab.

    Security Access Manager (SAM)
    • Berkeley Lab employee responsible for managing security badge access rights and approvals within their respective divisions and areas at Berkeley Lab.
    • Acts as a deployed security representative.
    • Must:
      • Be a Berkeley Lab or BSO employee.
      • Complete SAM training.
      • Certify and agree to responsibilities therein.
      • Be approved by their line management and Site Security.
      • Inform Site Security when they are leaving their current position and a new SAM needs to be assigned.
      • Be responsible for requesting area changes (i.e., temporarily restricting access to an area, creating new functional access levels, etc.).

    Human Resources Personnel
    • Manage onboarding tasks for employee and affiliate applicants.
    • Assist Berkeley Lab Security with processing foreign national documentation such as visas, passports, and green cards.
    • Assist Berkeley Lab Security with recovering assets such as badges, keys, and parking permits.
    • Provide support for issued security violations and policy enforcement.

    Host
    • If hosting a foreign visitor, completes Berkeley Lab training SEC0505, "Hosting Foreign Visitors and Assignees."
    • Uses the Visitor Management System (VMS) for inputting timely visitor access requests for on-site and off-site locations.
    • Escorts visitors who are performing work without a Berkeley Lab badge.
    • Is responsible for ensuring safety and security policies and procedures are followed.
    • Does not use the VMS to circumvent the employee or affiliate onboarding process.

    Affiliate

    Visitors
    • Follow all safety and security protocols prior to and during visit.
    • Comply with site access policies and procedures.
    • Complete required training as applicable.
    • Adhere to guidance and direction from Berkeley Lab hosts.

    G. Recordkeeping Requirements

    None

    H. Implementing Documents

    Site Security Plan

    I. Contact Information

    J. Revision History

    Date

    Revision

    By Whom

    Revision Description

    Section(s) Affected

    Change Type

    1/2/2012

    0

    Meckel

    Reformat for wiki

    All

    Minor

    10/20/2016

    1

    A. Ward

    Establish Site Access Policy

    All

    Major

    12/14/2021

    2

    D. von Damm

    Policy re-write in accordance with new Site Security Plan: updates to access control, enforcement sections and roles & responsibilities. Policy name changed from Site Access to Site Access and Security

    All

    Major

    DOCUMENT INFORMATION

    Title:

    Site Access and Security

    Document number

    08.02.001.000

    Revision number

    2

    Publication date:

    12/14/2021

    Effective date:

    12/14/2021

    Next review date:

    12/14/2024

    Policy Area:

    Physical Security

    RPM Section (home)

    Safeguards & Security

    RPM Section (cross-reference)

    Section 1.06

    Functional Division

    Security and Emergency Services Division

    Source Requirements Documents

    • DOE Order 142.3B, Unclassified Foreign National Access Program
    • DOE Order 470.4B, Safeguards and Security Program
    • DOE Order 473.2A, Protective Force Operations
    • 10 CFR Part 860, Trespassing on Department of Energy Property



    • No labels

    Printed or exported copies of this LBNL policy are not official.
    Users are responsible for working with the latest approved revision located in the online LBNL Requirements and Policies Manual.