Site Access and Security

Title:	Site Access and Security
Publication date:	10/29/2024
Effective date:	12/14/2021

BRIEF

Policy Summary

This policy communicates key security elements of the Lawrence Berkeley National Laboratory (Berkeley Lab) Site Security Plan and associated Department of Energy (DOE) Orders that Berkeley Lab personnel are required to follow in order to assure compliance with the prime contract. Berkeley Lab security policies and procedures are designed to keep Berkeley Lab personnel, information, assets, and facilities safe. This policy includes topical areas such as access requirements to the main site and off-site facilities, prohibited articles, access management, and security reporting requirements.

Who Should Read This Policy

All individuals who access Berkeley Lab facilities.

To Read the Full Policy, Go To:

The POLICY tab on this wiki page

Contact Information

Site Access: [email protected]
Site Operations Center: [email protected]

Title:	Site Access and Security
Publication date:	10/29/2024
Effective date:	12/14/2021

POLICY

A. Purpose

This policy defines site access and security requirements when accessing or occupying Lawrence Berkeley National Laboratory (Berkeley Lab) facilities. Berkeley Lab security policies and procedures are designed to keep Berkeley Lab personnel, information, assets, and facilities safe. Site access is a privilege granted in order to facilitate the mission of Berkeley Lab. This privilege may be withdrawn upon the determination that an individual's access does not promote the safety, security, or stewardship principles of Berkeley Lab.

B. Persons Affected

All persons who require access to Berkeley Lab facilities.

C. Exceptions

None

D. Policy Statement

General: All individuals entering and occupying Berkeley Lab facilities are expected to abide by all federal, state, and local laws in addition to Berkeley Lab policies and procedures. This includes cooperating with security and law enforcement personnel and immediately reporting any security-related incidents or concerns, to include suspicious activity, to their line management, the Site Operations Center, and /or appropriate security personnel.
Site Access: Berkeley Lab has established the following security requirements and procedures for access to the Berkeley Lab main site:
1. All vehicles (automobiles, motorcycles, bicycles, etc.) and pedestrians seeking to gain site access must stop at Berkeley Lab entry gates and present an acceptable form of identification in order to be processed for site access.
2. Acceptable forms of identification for site entry include:
  1. Berkeley Lab ID badge;
  2. State-issued identification compliant with the REAL ID Act of 2005;
  3. Official passport; or
  4. Homeland Security Presidential Directive 12 (HSPD-12) credential.
3. Any identification that is expired or fraudulent is not considered an acceptable form of identification.
Emergency Access. Emergency vehicles and first responders are allowed immediate access to the site in response to emergency conditions. All access to and from the site may be restricted during an emergency, or in response to security threats, as directed by the Officially Designated Security Authority (ODSA), or designee, and appropriate Berkeley Lab or Department of Energy leadership.
Visitors: Individuals without a Berkeley Lab ID badge must be approved for site access. The primary means to gain site access approval is through the Berkeley Lab Access Management System (AMS). Access requests for foreign nationals are screened in compliance with Department of Energy (DOE) Order (O) 142.3B, Unclassified Foreign National Access Program, requirements.
1. Unless special permission is granted, only a Berkeley Lab or Berkeley Site Office (BSO) employee may host a visitor.
2. Visitors requests must be processed in the AMS and approved before obtaining site access.
3. The AMS may not be used to grant site access in order to circumvent the Berkeley Lab affiliation or hiring process to allow personnel begin work before that process is complete.
4. The AMS may not be used to grant site access to an individual or individuals if granting such access would violate the Lab’s Facility Use policy.
5. All rideshare and food delivery service requests must be processed through the AMS.
6. Visitors under 18 years of age must be part of a Lab management approved tour/event or accompanied by a parent or guardian at all times.
7. Certain routine delivery personnel may be exempt from needing pre-approval through AMS.
Security Areas: There are two types of security areas within Berkeley Lab facilities.
1. The Berkeley Lab main site and off-site locations are part of the general access area (GAA). All persons entering and located within a GAA are subject to Berkeley Lab's site access requirements. GAA security measures are designed to provide a reasonable expectation that all individuals accessing Berkeley Lab facilities are authorized to do so.
2. Property protection areas (PPAs) are established to increase protection of Berkeley Lab personnel and higher risk security assets/interests from malevolent acts such as theft and sabotage. In addition to standard site access requirements, the following access requirements for PPAs are in place:
  1. Only authorized personnel may enter a PPA with unescorted access. All other individuals must be escorted by authorized personnel.
  2. Individuals performing research activities in PPAs and/or who require recurring access to PPAs must obtain authorized access through the badge management system.
  3. Access to PPAs by foreign nationals requires additional approvals per DOE O 142.3B.
  4. Individuals seeking authorized access to PPAs must complete prerequisite training and follow the protocols and procedures associated with PPA protections.
Badging: All Berkeley Lab affiliates and employees with an approved, active assignment who require site and building access will be issued a Local Site Specific Only badge in accordance with DOE O 470.4B, Safeguards and Security Program.
1. Badge Business Rules
  1. Affiliates and employees must complete the affiliation and/or hiring process before they receive a badge and may not be issued a badge outside their active assignment window.
  2. If a vendor/subcontractor or other business guest requires regular unescorted site access (greater than once per quarter) the individual should be affiliated and badged.
  3. If a Berkeley Lab badge holder requires site access and does not have their Berkeley Lab-issued badge, their identity and Berkeley Lab assignment will be verified prior to being granted access.
  4. Expiration dates are applied to badges and denote when an appointment period ends. It is the responsibility of the badge holder to make a badge appointment and retrieve a new badge before the end of their appointment and/or badge expiration.
  5. Badges will no longer function for site or building access once they are expired or terminated.
  6. Badge access privileges are managed in the Badge Management System and approved by Security Access Managers (SAM) from each division.
2. Badge Display, Use, and Care
  1. Berkeley Lab badges are property of the United States (US) government and must be returned to the badge office, security personnel, or designated drop locations once expired and/or the badge holder's Berkeley Lab assignment has been terminated.
  2. Badge holders must protect their badge against loss, theft, or misuse and report a lost, stolen, or misused badge to the badge office or Site Operations Center as soon as practical and within 24 hours of discovery. Misuse includes allowing anyone other than the individual to whom the badge was issued to use the badge and soliciting and/or using another person’s badge.
  3. Badges must be conspicuously worn, photo side out, in a location above the waist and on the front of the body while accessing Berkeley Lab facilities, unless when doing so may pose a safety concern.
  4. When not on federally controlled, owned, or leased property, the badge should be removed or obscured from visual access.
  5. Badge holders must protect their badge's integrity by ensuring that it is not altered, photocopied, counterfeited, reproduced, or photographed (other than for official government business).
  6. Badge lanyards are required to have at least one breakaway safety feature located at the back of the wearer’s neck for preventing entanglement or strangulation hazards with moving equipment, parts or components. It’s preferred to have an additional two breakaway features located on the wearer’s frontal side.
3. Training Requirements
  1. All badged personnel must complete training on Berkeley Lab security protocols and procedures as part of their suite of new employee training requirements prior to receiving a badge and annually thereafter.
  2. Access may be temporarily suspended if training is incomplete or expired.
Hosts. Hosts are responsible for ensuring visitors and business visitors under their auspices adhere to and follow applicable Berkeley Lab policies and procedures. Hosts at Berkeley Lab must meet certain criteria before and during their visitor's stay. Hosts must:
1. Be Berkeley Lab or BSO employees;
2. Follow all rules for appropriate use of the AMS outlined in Section 4 of this policy;
3. Complete Berkeley Lab training SEC0505, Hosting Foreign Nationals, before hosting visitors, subcontractors, affiliates, or employees who are non-US citizens;
4. Be physically on site with their visitors or designate another eligible host in their absence;
5. Originate from a country that is not defined as State Sponsors of Terrorism Countries in order to host other foreign nationals.
Public Events. Public events are defined by DOE Order 142.3B, Unclassified Foreign National Access Program. Attendees of public events may be exempt from certain site access and DOE-mandated screening protocols. Only the ODSA or designee may declare an event public. The following criteria will be considered when making a public event determination:
1. Whether the event is held within the Berkeley Lab GAA;
2. Whether the event is open to attendance by members of the general public; and
3. Whether information provided at the event is not protected by statute, regulation, or DOE policy.
Controlled Articles. Controlled articles are items such as portable electronic devices and cellular telephones, both government and personally owned, that are capable of recording information or transmitting data. Berkeley Lab persons are generally not restricted from bringing controlled articles onto the main site or into off-site facilities but may be restricted from bringing such items into certain areas for safety or security reasons. See the Requirements and Policy Manual (RPM) Photography, Video, and Audio Recordings policy.
Trespassing and Prohibited Articles. All DOE property and facilities are subject to the requirements of 10 Code of Federal Regulations Part 860, Trespassing on Department of Energy Property, which prohibits unauthorized access and the unauthorized introduction of dangerous weapons and materials. Prohibited articles include items such as explosives (not part of approved Berkeley Lab research or other sanctioned activity), dangerous weapons, instruments or material likely to produce substantial injury to persons or damage to persons or property, controlled substances (e.g., illegal drugs including marijuana and associated paraphernalia, excluding prescription medicine, unless approved by appropriate authority) and other items prohibited by law. Berkeley Lab personnel seeking an exemption are required to submit a request for authorization to the ODSA or designee.
Entry/Exit Screening. Individuals, carried items, vehicles, and/or packages entering or exiting the site may be subject to random inspection to deter and/or detect the unauthorized introduction of prohibited articles or removal of US government security assets. Inspections will only be performed in response to change in security conditions or as needed based on specific security threats or incidents.
Locks and Keys. Locks and Keys program personnel manage all security and administrative locks, keys, key blanks, and key-cutting codes at Berkeley Lab. Berkeley Lab keys are government property, are not to be duplicated or shared. Unauthorized key use and access is prohibited.
Returning Security Assets. All issued badges and keys must be returned upon voluntary or involuntary termination, when no longer required for official duties, and/or when a person's Lab assignment ends.
Off-Site Facility Access. Personnel are required to use their Berkeley Lab-issued badges to access off-site buildings. Off-site visitor access requests must be initiated in the AMS.
On-Site Law Enforcement. The University of California Police Department (UCPD) patrols the Laboratory site and may be called to respond to security incidents. UCPD may issue citations for trespassing, theft, and other violations in accordance with California state law. Citations from law enforcement officials are considered separate actions from the Laboratory's Corrective Action and Discipline policy.

E. Accountability

General. The effectiveness of Berkeley Lab Site Security, the programs associated with Site Security, and the protection standards required by the DOE are reliant upon individuals following security-related policies and procedures. Security policies and procedures are considered employment-related standards of conduct and all employees and visitors are responsible and expected to adhere to them.
Security Violations. Individuals found to be in violation of the Site Access and Security policy and/or associated procedures will receive a Notice of Violation.
1. A Notice of Violation is administrative in nature and is not considered a corrective or adverse action. Security incidents meeting certain requirements are also reported to the DOE via the Incident of Security Concern program as required in DOE O 470.4B, Safeguards and Security Program.
2. Notices of Violation will be served by way of Berkeley Lab email to the individual who is observed to be the perpetrator of the violation and his/her immediate supervisor, division director, and HR business partner. Notices will be issued as soon as practical after the violation has been identified or reported. Individuals involved in security violations may receive corrective action in accordance with the Laboratory's Corrective Action and Discipline policy or applicable collective bargaining agreement (CBA). Progressive discipline may apply up to and including termination of employment.
3. Site Security staff will record violations for the purposes of tracking security trend data and helping to identify individuals who are involved in repeated security incidents. Site Security staff will work with the employee's line management and HR business partner to provide evidence of the violation which may include statements from security personnel and/or data from various physical security systems.
4. Individuals with repeated or egregious violations may have their access privileges temporarily or permanently suspended. Other corrective actions may be applied per management discretion.
5. Lab designated hosts are responsible for ensuring visitors under their auspices adhere to and follow Berkeley Lab policies and procedures. Visitors involved in security incidents may have their site access privileges temporarily or permanently revoked.

F. Definitions/Acronyms

Term	Definition
Affiliate	Individuals who are not Berkeley Lab employees but are engaged in a wide range of Berkeley Lab activities involving Laboratory research, the use of Laboratory facilities, or the provision of a service to Berkeley Lab. See the Affiliates policy in the RPM.
Foreign National	A person without US citizenship or nationality (may include a stateless person)
General Access Area (GAA)	GAAs may be designated by the ODSA to allow access to certain areas with minimum-security requirements
Homeland Security Presidential Directive (HSPD-12) Credential	The HSPD-12 compliant credential is a physical identity card/smart card issued to federal employees and subcontractors that contains authentication mechanisms used to verify the claimed identity of the cardholder
Property Protection Area (PPA)	PPAs are security areas that are designated to protect employees and government-owned or leased buildings, facilities, and property
Site	A geographical area where one or more facilities are located, or a DOE-controlled land area including DOE-owned facilities. This includes the following Berkeley Lab main campus and off-site locations: Building 1, Donner Laboratory at University of California Berkeley campus Building 971, Office of the Chief of Financial Officer, Emeryville, California Building 977, Biosciences Area and Cyclotron Road at Potter Street, Berkeley, California Building 978, Biosciences Area at Emery Station East, Emeryville, California
Visitor (Business)	An individual requiring temporary access for the purposes of performing work that advances the Berkeley Lab mission. Visitors (business) are neither employees nor affiliates with Berkeley Lab and do not receive a Berkeley Lab ID badge.
Visitor (Non-business)	An individual requiring temporary access who is not considered a business visitor. Visitors (non-business) are neither employees nor affiliates with Berkeley Lab and do not receive a Berkeley Lab ID badge.

G. Roles & Responsibilities

Managers, supervisors, and employees have the responsibility to adhere to the provisions of this policy.

Role	Responsibility
Berkeley Site Office (BSO) Official	Approves special foreign national access requests as needed. Serves as the host for any other DOE or government agency visitor or business visitors.
Security and Emergency Services (SES) Division Director	Oversees the Berkeley Lab Safeguards and Security program. Reviews cases for statute, policy, or regulatory compliance issues and concerns and provides approvals, denials, or modifications as necessary and in a timely manner. Serves as the ODSA for the site. Provides updates to the Officially Designated Federal Security Authority as necessary.
Personnel Security Manager	Maintains this policy and conducts oversight activities to assure compliance with it and DOE O 142.3B. Serves as the subject-matter expert for the Unclassified Foreign Visits and Assignment program regarding DOE O 142.3B. Briefs senior management on program compliance, updates, and issues.
Senior Security Operations Manager	Oversees the Berkeley Lab Protective Force contract and execution of DOE order 473.3a and 470.4b Protective Force requirements. Oversees Berkeley Lab Physical Protection Systems program, personnel, DOE order requirements, and system effectiveness testing and maintenance. Technical representative for law enforcement support contract with the UCPD. Supports initial incident response and direction to protective force responding officers.
Employee	Responsibilities include adhering to the provisions of this policy.
Site Access Specialist	Badges eligible Berkeley Lab personnel. Assigns access rights to approved badged personnel. Screens applicants against foreign national access program requirements. Briefs incoming personnel on their safety and security requirements while on-site at Berkeley Lab.
Security Access Manager (SAM)	Berkeley Lab employee responsible for managing security badge access rights and approvals within their respective divisions and areas at Berkeley Lab. Acts as a deployed security representative. Must: Be a Berkeley Lab or BSO employee. Complete SAM training. Certify and agree to responsibilities therein. Be approved by their line management and Site Security. Inform Site Security when they are leaving their current position and a new SAM needs to be assigned. Be responsible for requesting area changes (i.e., temporarily restricting access to an area, creating new functional access levels, etc.).
Human Resources Personnel	Manage onboarding tasks for employee and affiliate applicants. Assist Berkeley Lab Security with processing foreign national documentation such as visas, passports, and green cards. Assist Berkeley Lab Security with recovering assets such as badges, keys, and parking permits. Provide support for issued security violations and policy enforcement.
Host	If hosting a foreign visitor, completes Berkeley Lab training SEC0505, Hosting Foreign Visitors and Assignees. Uses the AMS for inputting timely visitor access requests for on-site and off-site locations. Escorts visitors who are performing work without a Berkeley Lab badge. Ensures safety and security policies and procedures are followed. Does not use the AMS to circumvent the employee or affiliate onboarding process.
Affiliate	See the Affiliates section in the RPM.
Visitors	Follow all safety and security protocols prior to and during visit. Comply with site access policies and procedures. Complete required training as applicable. Adhere to guidance and direction from Berkeley Lab hosts.

G. Recordkeeping Requirements