10.2.11  Basic Security Concepts

10.2.11.1  (09-28-2009)
General

  1. Security protection should be provided through design, technology and procedural controls which will incorporate physical, data, and space management requirements during the development, and planning phases of a facility. There are many security safeguards from which a viable security program may be developed to protect the property and personnel within a site or facility.

  2. Due to physical, operational, and financial limitations, absolute security is neither possible nor practicable. Therefore, the approach to physical security offered herein is a practical program to protect information, facilities, property and personnel by employing a combination of measures to deny, deter, detect and/or apprehend unauthorized entrants and to preserve the environment in which the Service’s mission may be carried out without disruption.

  3. In addition to providing safeguards to control unauthorized access, a well balanced security program must provide measures to protect Service facilities and personnel from threats that may cause property damage or risk to life. Such measures are included in IRM 10.2.9, Occupant Emergency Planning, and IRM 25.10, Information Technology Security Policy and Standards; local building, fire and electrical codes.

  4. The options available to deny, deter, detect, and/or apprehend unauthorized entrants and the required Minimum Protection Standards for certain types of Service facilities and operations are contained in this IRM in Paragraph 10.2.11.14.7.

10.2.11.2  (09-28-2009)
Physical Security Planning Guidelines

  1. Whether the activity services the public directly, or is strictly supportive in nature, the type and value of equipment, complexity of operations, concentration of tax data and the consequence of any interruptions are all vital considerations.

10.2.11.3  (09-28-2009)
External Environment

  1. Major consideration in physical security planning is the general character of the external environment or neighborhood, the quantity and quality of police and fire protection afforded the immediate area should be determined. Factors such as response time, frequency of patrol and jurisdictional limitations will influence these determinations.

10.2.11.4  (09-28-2009)
Building Structure and Location

  1. One of the first considerations in establishing a security program for a particular activity is the building in which the activity is located. The number of floors, doors, windows, fire exits, roof vents, the degree of ground level access and adjacent parking facilities, all affect entry control considerations. At processing centers, loading docks, kitchen entrances and boiler room doors are normally weak links in the building perimeter security; therefore, they should be given special attention. The material structure of the building (interior partitioning, ceilings, and doors) affects the degree of security afforded contents against destruction, theft and unauthorized disclosure. If the building is not entirely occupied by the Service, the nature of operations conducted by other tenants will affect security in Service occupied space. A risk assessment shall be conducted to determine minimum physical security requirements.

10.2.11.5  (09-28-2009)
Interior Space Planning - Open Office Concept

  1. The open office concept requires different security considerations from the traditional style individual office concept. In open office planning, an entire open area must be treated in its entirety with perimeter security provided that is commensurate with the security needs of the most critical operation. During operating hours, entrance areas should be arranged to control visitor access such as channeling visitors to a receptionist.

  2. Because of the increasing costs of office space, construction/alteration and the implementation of the "open office" concept, it is imperative that security considerations be addressed whenever IRS space is designed, acquired, altered or redesigned. A failure to consider adequate security during the early phases of space planning could result in the need for costly modifications after the completion of the project. In "open office" environments, we must ensure that acoustical planning guidelines are considered in order to minimize the potential for inadvertent unauthorized disclosures and to reduce ambient noise to an acceptable level. Security personnel and operational managers must be aware of the acoustical design goals for "open office" planning, and the speech privacy considerations.

  3. All managers will ensure that open office concept plans provide for:

    1. Perimeter security commensurate with the needs of the most critical operation to be performed in the office;

    2. Use of dividers, as appropriate, to separate operational areas and to minimize extraneous traffic;

    3. Functional aural and visual privacy to minimize inadvertent disclosures of tax and privacy data; and

    4. Appropriate storage for protectable items during non-duty hours.

10.2.11.6  (09-28-2009)
Alternative Duty Stations - Flexiplace

  1. Flexiplace provides employees the opportunity to perform their duties at alternative duty stations remote to the conventional office site (e.g., satellite locations, employee’s residence). The policy of the Internal Revenue Service is to provide the highest level of protection to sensitive data, including taxpayer related information, and to assure that proper controls are in place to secure information that is being processed at satellite locations or in the homes of employees. The standards provided in this IRM will be applied to satellite locations and the home environment. Files containing sensitive IRS information or data will be secured when not in use or not in the possession of the Flexiplace employee. Employees are responsible for protecting all government records and data against unauthorized disclosure, access, mutilation, obliteration or destruction.

10.2.11.7  (09-28-2009)
Sensitive Areas

  1. Certain areas in the Service require more protection or are considered more sensitive due to one or more of the reasons listed below and should be given special attention during planning. The protection given sensitive areas during construction and redesign will minimize the need for costly safeguards to protect information once the areas become functional.

    1. They contain large amounts of cash or negotiable instruments;

    2. They contain large amounts of valuable property which can be easily stolen or damaged;

    3. They contain large quantities of information requiring protection;

    4. They contain protectable information in highly concentrated and easily alterable or destroyable forms;

    5. Process or function being performed in the area is sensitive and must be protected;

    6. Personnel in the area, due to the positions they hold (e.g., executives), the functions they perform or simply their physical characteristics (e.g. handicaps) may be subject to potential threats such as assault, hostage taking, robbery, etc.

  2. The following sensitive areas require minimum protective measures as listed below:

    1. Computer Rooms — Computer room walls shall be slab-to-slab and where feasible should be located in a central building location away from the building exterior, parking garages or top floor locations. Computer rooms will be windowless, lockable with controlled access into the area Computer rooms are secured, restricted areas and must meet secured area standards. Access shall be controlled in accordance with secured area standards. Computer rooms shall be secured with IDS systems and monitored 24/7. Also see National Fire Protection Association (NFPA) Standard No. 75 and IRM 25.10.

    2. Tape Libraries — Tape library walls shall be slab-to-slab and where feasible should be located in a central building location away from the building exterior. Tape libraries are secured, restricted areas and must meet secured area standards. Access shall be controlled in accordance with standards. Also see National Fire Protection Association (NFPA) Standard No. 75, 25.10.

    3. Telecommunications Closet — The telecommunications closet walls shall be slab-to-slab and shall be lockable with access permitted only authorized personnel.

    4. Mechanical/Electrical Rooms — Security control and power distribution boxes and panels shall be located in secured electrical closets. Doors must be key locked, keys controlled and access limited to authorized personnel only.

    5. Child Care Facility — If child care facilities are located at IRS facility, they shall be protected with a duress alarm capability serving only that space. Entry to the child care center shall be through a reception room. Entry from the reception area to the rest of the child care center shall be controlled by an electric lock operated from the reception area. Penetrations from the child care center into the IRS facility shall be minimized and shall be alarmed and on an access control system.

  3. Exhibit 10.2.11-1, is a listing of some of the areas which should be given extra security. Traditionally, many or all of these areas have been protected during working hours by making them restricted areas. This IRM recognizes that the restricted area concept for protection during working hours and the secured area concept for protection during non-working hours are only two ways of achieving required security.

10.2.11.8  (09-28-2009)
National Office Headquarters - Protective Measures

  1. Protective measures in the National Office are the responsibility of the Physical Security and Emergency Preparedness Organization. All managers are responsible for the proper protection of documents and information within their areas of responsibility. This handbook provide guidance in selecting appropriate security measures.

  2. At a minimum, the following measures will be employed at the National Office main facility.

    1. Guard service for the main building and, where appropriate, satellite buildings will be provided;

    2. During non-duty hours, the main building will be locked and entry controlled. Individuals desiring entrance will be required to enter the designated entrance, show identification to the security guard, and sign the register;

    3. All entrances will be locked or protected by a security guard during duty hours and all employees will be required to show identification at the designated entrance(s) to gain entry to the building;

    4. ID cards will be worn by all employees while in Service controlled space;

    5. Inspection of packages and briefcases of visitors and vendors entering and exiting the building will be conducted;

    6. When necessary/required, random inspection of packages and briefcases of employees/visitors entering and exiting the building will be conducted.

    7. During heightened security, inspection of packages and briefcases of all employees/visitors entering the building will be conducted;

    8. Secured areas, following the same procedures provided in this document, may be established to assist in providing better security to those areas requiring more than normal protection;

    9. Restricted areas will use restricted area designators assigned to post of duty and the same procedures provided in this document will be followed for restricted areas;

    10. An Occupant Emergency Plan (see IRM 10.2.9) will be maintained to provide instructions to be followed during an emergency. The Commissioner, as the designated official in charge of National Office Buildings, during an emergency situation has designated the Director, Physical Security and Emergency Preparedness as the coordinator to develop and maintain the overall plan of action.

10.2.11.9  (09-28-2009)
Submission Processing Center and Facility Security Level (FSL) IV Campus Protective Measures

  1. As one of the most vital activities within the Service, particular attention must be given to developing a well-rounded, sound physical security program for each processing center. In addition to this handbook, guidance can be found in the 25.10, Information Technology Security Policy and Standards and the National Fire Protection Association (NFPA) Standard No. 75.

  2. To provide a minimum acceptable level of protection the following measures will be implemented at each processing center:

    1. Uniformed guard;

    2. Two-way radio communication capability for guards;

    3. Exterior protective lighting;

    4. Security glass in all main building entrance doors, sidelights, transoms, and guard houses;

    5. Visitor control;

    6. Electronic intrusion detection system;

    7. Proprietary protection console for on-site systems monitoring and response;

    8. Contingency plans to cope with emergencies;

    9. Local emergency exit alarms;

    10. Duress alarms (or other means of communication) from console to police department, fixed posts at building entrances and fence gates to console, and computer area to console (if desired by local IRS management);

    11. An audible sounding device (alarm) for each room within the firewall encapsulated area of the computer complex that will alert the complex that unauthorized person(s) have entered the area. Alarms will be activated from the protection console (if desired by local IRS management);

    12. Main doors to computer areas and libraries, which may be automatic, electric, or pneumatically powered horizontal bi-parting sliding doors, provided the integrity of the firewall is maintained;

    13. At least one standard single or double set of out swinging doors in computer area;

    14. Computer room doors secured against unauthorized or casual passage.

10.2.11.9.1  (09-28-2009)
Perimeter Security

  1. Each Submission Processing Center and FSL IV Campuses will be protected by a perimeter security fence with appropriate gates to allow pedestrian and vehicular traffic to enter the facility on a controlled access basis.

  2. Initial control for entry into a Submission Processing Center and FSL IV Campuses will be exercised at the fence line. Each fence opening will be protected by a guard when not closed and Locked, or CCTV and Barriers Arms at vehicle entrances. All persons entering the property on foot must be identified through the display of an IRS photo identification card or as an authorized visitor. Persons in vehicles will be permitted to enter if they display (where feasible) the authorized IRS photo identification card and/or vehicle identification sticker. Visitors will be directed to the entrance designated for visitors, where they will be issued a visitor identification card.

  3. Primary entry control will be maintained at the building perimeter. All doors will be protected by a guard when not closed, locked, and protected by an entry control and intrusion alarm system. All employees entering the building will be identified by an authorized Government identification card, HSPD-12/PIV or IRS Legacy photo identification Card which must be worn at all time while in the facility. At a minimum random screening of employees will be conducted. Authorized visitors will enter a designated entrance and, upon verification of identity (photo ID), be issued a visitor identification card prior to entering the remainder of the building. All non-IRS visitors will be escorted by their IRS sponsor, unless they are granted staff like access. All visitors will be screened and packages/briefcases will be examined. The issuance of identification cards will be in accordance with HSPD-12 PIV and IRS procedures.

  4. Loading docks, kitchen entrances and boiler room doors are normally weak links in building perimeter security. The installation of fencing around these entrances with the gates alarmed and with gates that are controlled strengthens the security in these areas. During daylight hours, the building perimeter at these entrances is extended to these inner fence lines. After dark, the applicable building entrances are closed, locked and alarmed.

10.2.11.9.2  (09-28-2009)
Vehicle Identification

  1. Proper vehicle identification is required for entering the property. This can be accomplished by guards checking ID cards (where feasible) and/or vehicle identification stickers (decals) of adequate size and reflectivity. Stickers must have a serial number and should not display anything that would identify it with the Internal Revenue Service or the center. Vehicle identification stickers, when used, will meet the following specifications:

    1. Materials used in stickers will be reflective vinyl;

    2. Dimensions — 2 3/4″ X 4 34″ (minimum)

    3. All printing (including serial numbers) 1 12″ high; (minimum)

    4. Style of printing — block letters in upper case;

    5. Colors may be used to further identify owners of registered vehicles;

    6. Stickers should be designed so that they cannot be reused when removed.

  2. Stickers will be placed so that they can be readily seen by the guard. At the discretion of the Director and depending on state and local laws stickers may be placed on either rear side windows, front or rear windows, or any other prominent location.

  3. The Office of Security is responsible for development, implementation, maintenance, and control of the vehicle identification system. At locations where employees pay for parking, a windshield permit can be used (see paragraph 10 below).

  4. Records of all stickers issued and their disposition (i.e. lost, stolen, destroyed) will be maintained by the Security office.

  5. The vehicle identification sticker records will consist of a record by serial number of completed "Vehicle identification Sticker Request" cards. Records will at a minimum show sticker serial number, name of the employee to whom the sticker was issued, the employee branch or section, year and make of the car, the date of issue, date of disposition and type of disposition. Destruction of unusable vehicle identification stickers (i.e. mutilated, misprinted, etc.) should also be recorded.

  6. Concurrent with the issuance of an identification sticker, the employee will be informed of the requirement to remove and return the sticker or remains to the issuing office prior to selling or trading the vehicle, or if that area on the vehicle where the sticker is affixed is damaged and replaced. In addition, the security office must be informed when the sticker is destroyed, lost or stolen.

  7. The sticker will be removed from vehicles of employees who terminate employment at the center. The sticker will then be destroyed.

  8. Stickers will be replaced at least every two (2) years. Color scheme and designation should be varied each time the stickers are changed.

  9. Vehicle passes, logs, written advance notice of visits, etc. can be used to pass vehicles of employees who have not been issued a sticker, visitors and vendors through gates. Below is a recommended system of doing this:

  10. Temporary vehicle passes may be issued to employees who do not have vehicle ID stickers, providing they show an authorized Service ID card. A log will be maintained by the security guard showing vehicle pass number, name of employee, vehicle license number and date of issue. The temporary pass must display the license plate number, expiration date, and permit number. If an employee does not have a proper Service ID card, their employment status will be verified by checking with the appropriate IRS supervisor. Temporary vehicle passes for employees may not exceed 30 days. If necessary, the permit may be reissued after the 30 day period.

  11. Visitors can be issued a Visitor Vehicle Pass. Visitors must show a picture ID and must be on an access list. The vehicle pass may not be used for in and out access, but rather the visitor must show a picture ID and be checked against the access list each time he/she enters. A Visitor Vehicle Pass is good for one day only and must be dated. The vehicle pass will be recovered by the guard at the end of the day.

  12. Temporary Vehicle Passes may be issued to vendors and others requiring access. These individuals must show a picture ID and must be on an access list. The vehicle pass may not be used for in and out access and is good for one day only and must be dated. The vehicle pass will be recovered by the guard when individuals exit facility.

  13. If identification of employee vehicles is going to be made by use of the parking permit (that is cannot be adhered to the vehicle to prevent tampering) in lieu of vehicle identification stickers or windshield decals, these permits will be issued monthly, will be of a different color each month, will be serial numbered and employee will show Service identification card to gain access. The Security office will follow the procedures stated above on issuance, records maintenance and recovery.

10.2.11.9.3  (09-28-2009)
Interior Security and Control

  1. Each Director will institute such internal controls beyond the minimum as are necessary to properly protect the Tax Administration System and preserve the confidentiality of the tax return and related documents.

  2. Control of the internal movement of personnel within a center is necessary to ensure that only authorized Service personnel are permitted in critical areas and those visitors do not wander throughout the processing center. The identification card has been designed to assist management in maintaining this internal control.

  3. Each Submission Processing Center and FSL IV Campuses will administer the identification card program, which will permit entry only to authorized personnel All employees are required to wear and prominently display their authorized Service ID cards while in the center.

  4. The need to maintain reasonable security at Processing Centers at all times requires that only authorized visitors be permitted to enter the center. Providing tours for interested non-tax related individuals or groups for purposes of orienting them with operations are not authorized. Official visits by individual tax preparers, tax accountants, news media representatives and other professional tax oriented individuals and groups may be permitted at the discretion of the director and in keeping with security interests.

10.2.11.9.4  (09-28-2009)
Restricted Area

  1. The designation of restricted area is a method of controlling the movement of individuals and eliminating unnecessary traffic through critical areas, thereby reducing the opportunity for unauthorized disclosure or theft of tax information.

  2. An authorized and specified distinctive colored identification card will be worn at all times by all personnel within each restricted area.

10.2.11.9.5  (09-28-2009)
Secured Area

  1. The following are designated as secured areas, in addition to being restricted areas, and admittance is permitted only on a need to enter basis for all personnel not regularly assigned to work in the area:

    • Computer room

    • Tape library

    • Mail extraction operation

    • Clearing and deposition function

    • Remittance processing area

    • Returns files

    • Microfilm section of Research Branch

  2. Incoming mail not being distributed or processed will be stored in a secured area or in locked containers when possible. Mail, incoming and outgoing, will not be left unattended in areas open to the public.

10.2.11.9.6  (09-28-2009)
Controlled Area

  1. A Controlled Area is not a Restricted Area; however, it is a limited access area. Only personnel assigned to work in that area and other personnel designated by the responsible Business Unit are authorized unescorted access into a Controlled Area. All visitors shall be escorted by staff personnel authorized unescorted entry into a Controlled Area.

  2. The following are designations for Controlled Areas:

    • Central Security Control Console (CSCC)

    • Alarm Panel Room/Closet

    • Other similar facilities designated for limited access by the responsible Business Unit

10.2.11.9.7  (09-28-2009)
Remittance processing Areas

  1. The entire area will conform to restricted area criteria. Keys and lock combinations to cash drawers, cash boxes and the security containers will be strictly issued and controlled as outlined in IRM 10.2.14.

  2. The remittance clerk will lock the cash drawers and remove the key when leaving the area. The remittance clerk will empty cash drawers and will store cash boxes in an appropriate container at the end of each workday.

10.2.11.10  (09-28-2009)
Martinsburg Computing Center (MCC) Protective Measures

  1. The activities performed at MCC are unique and vital to the mission of the Service. The nature and significance of MCC operations require the implementation and maintenance of a sound physical security program.

  2. To provide a minimum acceptable level of protection the protective measures outlined in section 10.2.11.10 will be implemented and maintained at the Martinsburg Computing Center.

10.2.11.10.1  (09-28-2009)
Perimeter Security

  1. MCC is protected by full-time, uniformed, armed IRS police officers as authorized by GSA.

  2. The MCC will be protected by a perimeter security fence with appropriate gates to allow pedestrian and vehicular traffic to enter the facility on a controlled access basis. At all times when fence gates are open, uniformed, armed security guards will monitor each opening to ensure against unauthorized entry.

  3. Initial control for entry into the Martinsburg Computing Center will be exercised at the fence line. Each unlocked gate will be protected by a uniformed officer. All persons entering the property on foot must display a Service photo identification card or be identified as an authorized visitor. Persons in vehicles will be permitted to enter if they display an authorized Service photo identification card or if the uniformed officer has their name on a preclearance listing. Vehicle identification stickers, decals, or cards are not required. Visitors must show photo identification (such as a driver’s license) to verify identity.

  4. Loading docks, kitchen entrances, and boiler room doors are normally weak links in building perimeter security. The installation of fencing around these entrances with the gates alarmed and with the gates controlled strengthens the security in these areas. During daylight hours the building perimeter at these entrances are extended to the inner fence line. After dark, the applicable building entrances are closed, locked and alarmed.

10.2.11.10.2  (09-28-2009)
Interior Security and Control

  1. Control of the internal movement of personnel is necessary to ensure that only authorized Service personnel are permitted in critical areas and that visitors do not wander throughout the building. The personnel identification card has been designed to assist management in maintaining this internal control.

  2. The MCC will administer the personnel identification card program which will permit entry only to authorized personnel. This system is also designed to assist management in controlling movement within the center.

  3. Requests for tours of the facility should be made in writing and sent to the Chief of the Security function. The tour participants must be listed in the request and identities confirmed (thru use of photo IDs) at the onset of the tour. Tours of the facility (except the computer area) require the approval of the Director of MCC.

  4. Tours of the computer area require approval of the Chief, Systems Operations Branch, and the Director of MCC. A senior official must conduct the tour.

10.2.11.10.3  (09-28-2009)
Restricted Areas

  1. The designation of restricted areas is a method of controlling the movement of individuals and eliminating unnecessary traffic through critical areas, thereby reducing the opportunity for unauthorized disclosure or theft of tax information.

  2. An authorized specified distinctive colored identification card will be worn at all times by all personnel within each restricted area.

10.2.11.10.4  (09-28-2009)
Secured Areas

  1. The following are designated as secured areas, in addition to being restricted areas. Personnel not regularly assigned to work in these areas will be admitted only on a need-to-know basis.

    • Computer Room

    • Computer Room Library

    • Mail/Receipt Room

10.2.11.11  (09-28-2009)
Detroit Computing Center Protective Measures

  1. The activities performed at the Detroit Computing Center (DCC) are unique to the Service. The nature, volume and significance of the work performed there requires a complete, practical, and sound physical security program.

  2. To provide a minimum acceptable level of protection, the protective measures outlined in section 10.2.11.10.2 and will be implemented and maintained at the Center.

10.2.11.11.1  (09-28-2009)
Perimeter Security

  1. The parking area of the DCC will be protected by a perimeter security fence with gates which allow traffic to enter the facility on a controlled access basis. Uniformed and armed security guards will monitor each gate at all times when they are open. Vendor and visitor parking spaces will be designated and in view of a security guard.

  2. In addition to the parking lot security guard, there will be a uniformed and armed security guard at each unlocked/unalarmed entrance to the building to control access.

  3. Persons in vehicles will be permitted to enter if the vehicle has an authorized vehicle sticker, windshield decal, or card. Where feasible, in addition to the authorized vehicle sticker, employees will display the authorized government or Service ID card. Persons in vehicles without authorized stickers (vendors, visitors, etc.) will be permitted to enter after the security guard confirms authority of person(s) to enter the facility and after the individual shows a picture ID (e.g. drivers license) verifying identity.

  4. All pedestrians entering the facility will be identified by displaying an IRS photo identification card or confirmed as an authorized visitor and displaying a photo ID verifying identity. Employees requiring temporary replacement identification cards and authorized visitors will be directed to the reception desk in the building lobby for entry registration and issuance of an appropriate identification card.

10.2.11.11.2  (09-28-2009)
Interior Security and Control

  1. The Detroit Computing Center Director will institute any necessary controls beyond the minimum that are necessary to properly protect the operations of the center and the confidentiality of the records being processed.

  2. Control of the internal movement of personnel is necessary to ensure that only authorized personnel are permitted in critical areas and that visitors do not wander throughout the building. The personnel identification card has been designed to assist management in maintaining this internal control.

  3. Tours of the facility (except the computer area) are allowed if the request is received in writing by the Physical Security & Emergency Preparedness (PSEP) Territory Manager, the participants’ identities are confirmed, and the request is approved by the Computing Center Director.

  4. Tours of the computer area are allowed under the following conditions:

    1. The Director, Assistant Director, or designee is conducting the tour; or

    2. Prior approval is received through the Chief, Systems Operations Branch, from the Director or designee, and a senior official conducts the tour.

10.2.11.11.3  (09-28-2009)
Restricted Areas

  1. The designation of restricted areas is a method of controlling the movement of individuals and eliminating unnecessary traffic through critical areas, thereby reducing the opportunity for unauthorized disclosure or theft of tax information.

  2. An authorized specified distinctive colored identification card will be worn at all times by all personnel within each restricted area.

10.2.11.11.4  (09-28-2009)
Secured Areas

  1. The following are designated as secured areas in addition to being restricted areas. Personnel not regularly assigned to work in the area will be admitted only on a need-to-enter basis.

    • Computer Room

    • Computer Library

    • Mail/Receipt Room

    • Central Security Control Console (CS16)

10.2.11.12  (09-28-2009)
Post of Duty Protective Measures

  1. To ensure that a Post of Duty (POD) is properly protected, careful planning is necessary to ensure that appropriate protective measures are in-place and tailored to the facilities specific mission, threat, and functional requirements. PODs may vary greatly in size and function, so each requires close examination for tailored security countermeasures. The function of the office, the type of records maintained, the equipment in the POD, the size, population, if visitors frequent the facility, etc., are all determining factors to consider when planning security. The need for security guards, alarms and other electronic security countermeasures, restricted and secured areas will be evaluated on a case-by-case basis. The Facility Risk Assessment is the most critical factor in the security evaluation and planning process.

10.2.11.12.1  (09-28-2009)
Teller Operations

  1. Certain minimum physical security measures are required to protect currency and other negotiable items received by the teller. These measures include the following

    1. The teller operation may be located in the same area as other taxpayer assistance operations, however, direct access to the teller area will be physically limited by bank-type counters, counter-high partitions, lockable half-doors, or some similar type of construction that provides equal protection. When this operation is located on the ground floor of a building with windows to the exterior grade level, windows will be alarmed.

    2. The exact construction of the teller area and the type of security container needed will depend on the average daily receipts, the location of the IRS office and other appropriate security considerations. For this reason, Facilities Management Offices will be consulted before making any changes to the teller area.

    3. The use of appropriate duress alarm systems should be considered for these areas. The alarm will annunciate at the control center (FPO, local police, etc.) or may alarm in the Inspection or Criminal Investigation function if such office is located on-site and has a response team available.

    4. Money chests, vaults or cabinets affording adequate security must be available for deposit activities in a designated area of the office.

    5. Each teller will be provided with a separate money bag, cash box, or compartment (depending on the protective facilities used) which opens with a separate key or combination. Each teller may also be furnished the combination to the safe.

  2. Excess currency will not be kept in the teller area. As often as business permits, currency in excess of the change making fund will be transferred to a security container. It is preferable to have this located in a room away from the teller area. However, if this cannot be accomplished, the Security staff will be consulted for assistance in determining the most secure alternate location.

    1. Whenever a teller operation area is left unattended, tellers’ cash drawers or boxes must be locked in the safe and all protectable items must be containerized. During a teller’s brief absence, when the area is unattended, that teller’s cash drawer or box must be locked and the key removed.

    2. Cash drawers will be emptied, and cash boxes stored in the security container at the end of each workday.

    3. After the balancing operation has been completed, the cash must be kept in a locked container to wait deposit. The key to that container should be held by the teller’s immediate supervisor.

  3. Keys and lock combinations for cash drawers, cash boxes and the security containers will be protected, controlled, and changed.

    1. If it becomes necessary to open a teller’s locked compartment in the absence of the teller, the manager will select two responsible employees to use the duplicate key or combination. They must count the money and documents found, sign the statement and attach it to the receipt that the teller previously signed for the change fund.

    2. The duplicate keys to tellers’ cash containers and the copy of the combination to the safe or vault are not to be in the possession of the same employee.

  4. Managers will make quarterly unannounced reviews of the physical and fiscal security of teller operations. Each review will be documented by a memorandum report to the local Security office.

  5. "Received" and "received with remittance" stamps will be assigned to specific individuals and a record kept by serial number of each assignment. Form 1930, Custody Receipt for Government Property, will be used for recording these assignments. The number of stamps in each office will be held to a practical minimum. Each individual to whom a stamp is assigned should furnish sufficient physical protection to safeguard against unauthorized or indiscriminate use. When a stamp is not in use, it will be stored in a locked container under the exclusive control of the individual to whom the stamp is assigned. Where this is not practical, special care must be exercised to ensure against unauthorized use. The face of each stamp will be inscribed with the following elements:

    • Internal Revenue Service;

    • Received;

    • Month, Day, Year;

    • Stamp Serial Number

10.2.11.12.2  (09-28-2009)
Protection of Mail

  1. Incoming mail, not being distributed or processed, will be stored in a secured area or in locked containers when possible. Mail, incoming and outgoing, will not be left unattended in areas open to the public

10.2.11.12.3  (09-28-2009)
Computer Rooms

  1. Computer rooms will be slab-to-slab and where possible should be located in a central building location away from the building exterior, parking garages or top floor locations; they should be windowless, lockable and alarmed. Computer rooms are secured restricted areas.

10.2.11.13  (09-28-2009)
Off-Site Facilities

  1. Protection provided off-site facilities will depend on the use that is made of the space. The need for security guard service, electronic protective systems, restricted areas and secured areas will be evaluated on an individual basis.

10.2.11.14  (09-28-2009)
Basic Security Concepts

  1. The Internal Revenue Service has a legal obligation to protect the confidentiality of tax returns and related information. The Service also has responsibility for protecting the entire Federal Tax Administration System, not just the individual components of the system, which includes employees, computer equipment, tax returns, monies, property, facilities and records.

  2. The Office of Management and Budget (OMB) Circular A-130 requires that government information be protected commensurate with the magnitude of harm that could result from the loss, misuse, unauthorized access to or modification of such information. This responsibility includes establishing physical, administrative and technical safeguards to protect personal, proprietary or other sensitive data whether it is national defense information or not.

  3. This IRM establishes security guidelines for the reasonable protection of tax information, property, and facilities against disclosure, loss, damage, or destruction without unnecessarily restricting or interfering with operations. It also provides instructions on the Service’s Minimum Security Standards (MSS) and serves as a procedural and technical guide for security personnel. It includes optional methods for providing security under varying local conditions, provides for specific items requiring protection and identifies the various methods for protection.

  4. This IRM includes the physical security requirements for the entire Federal Tax (09-30-2008) Administration System as administered within the IRS. This includes all Service Scope facilities (National Office, posts of duty, processing centers, computing centers and other Service offices or space).

10.2.11.14.1  (09-28-2009)
Responsibility

  1. The Chief, Agency Wide Shared Services, is authorized to prescribe the Basic Security Concepts Program for use within the IRS. The Director, Physical Security and Emergency Preparedness, is responsible for oversight of this IRS Program. The Associate Director, Risk Management, is responsible for planning, developing, implementing, evaluating, and controlling this IRS Program.

  2. Area Directors of the Physical Security and Emergency Preparedness (PSEP) Operations offices, are responsible for assuring that offices are in compliance with Service policy and for providing guidance, oversight and assistance to their Territory offices on the physical security program. The Territory Offices are responsible for implementing, evaluating and managing the local physical security program and for providing guidance, oversight and assistance to client sites.

  3. Submission Processing Center Directors, Computing Center and Customer Service Center Directors are responsible for implementing an effective physical security program and for ensuring that security measures taken are reasonable, adequate and effective.

  4. The Business Units are responsible for implementing an effective physical security program within their functional areas and for notifying the facility PSEP staff of any proposed security program changes within their functional areas. PSEP will determine if the proposed new security measures taken are reasonable, adequate and effective; and the Business Unit is responsible for notifying their assigned staff of protective changes.

  5. To meet the obligation to provide necessary security protection to the Tax Administration System, the Service has determined that Service officials and managers are responsible for ensuring the continued operation of the Federal Tax Administration System by taking all responsible actions to prevent the loss of life and property, the disruption of services and functions and the unauthorized disclosure of documents and information. Managers are responsible for providing reasonable security for all information, documents, and property with which they are entrusted, for complying with all minimum security standards contained in 10.4.1, Managers Security Handbook, all local security requirements, and for reporting any violations to the local physical security office or other individuals who have security responsibilities. Managers must ensure that the physical security measures required for protecting information, property, and life are applied within their area of supervision and that those measures meet the established minimum security standards.

  6. All employees are responsible for providing reasonable security for all information, documents and property with which they are entrusted, for complying with established security procedures, all local security requirements, and for reporting any violations to their manager or to their local physical security office or other individuals who have security responsibilities.

  7. A security representative and alternate (if available) shall be appointed to and participate in the Building Security Committee (BSC) established for each building by the Federal Protective Service (FPS). The FPS Policy Directive FPS-05-002, Building Security Committees, dated February 16, 2005, will apply. Members of the BSC shall at a minimum focus their efforts on:

    • Functions identified in the Department of Justice (DOJ) Vulnerability Assessment of Federal Facilities or FPS-05-002

    • A means of communicating threat or security-related notices to the facility population

    • Serve as liaison to local law enforcement, fire, and other emergency response authorities, and to establish roles and responsibilities in responding to incidents and emergencies at each facility

    • Determine appropriate security measures to be implemented during increased threat conditions

    • Review and adjust security measures as needed.

10.2.11.14.2  (09-28-2009)
Security Concepts

  1. Security concepts have been adopted by the Service and applied to the various activities within the Service. These concepts provide management with the flexibility to provide the degree of security or protection commensurate with the degree of sensitivity of each particular activity.

  2. Minimum security levels shall be established for each facility based first on the factors of occupancy, multi-agency tenancy, square footage, and amount of public contact. Security levels must then be adjusted and additional security measures implemented commensurate with the operation, personnel, resources, information systems, and/or mission of the facility. Each facility will be designated Level I, II, III, or IV, in accordance with the DOJ Vulnerability Assessment of Federal Facilities Report, and appropriate security measures shall be implemented.

  3. A designation of Level V is reserved for and assigned only to those facilities identified and prioritized as national security critical infrastructure assets in accordance with the Treasury Critical Infrastructure Protection Program A Level V designation necessitates implementation of extensive security measures and such designation requires concurrence of Treasury’s Office of Security Programs and coordination with the Critical Infrastructure Physical Security Program Manager. IRS facilities identified as critical infrastructure and those housing critical infrastructure and key resources shall be designated and protected as Level IV, at a minimum.

10.2.11.14.3  (09-28-2009)
Photography Prohibited

  1. Taking photographs within or recording images of the inside of Treasury bureau facilities shall be prohibited except when specifically authorized by the Internal Revenue Service Agency Wide Share Services Physical Security Emergency Preparedness Territory Managers, Area Director (AD), or National office (N.O.) PSEP RM. Taking photographs of external features of a facility or other property which provides information not accessible to the public shall also be prohibited and must be reported to local Physical Security Office, and the Contracting Officer Technical Representative (COTR) who will then notify FPS and/or local law enforcement. Photography means any physical or electronically recorded image, including still photographs, x-ray images, video tapes or recordings, and motion pictures.

10.2.11.14.4  (09-28-2009)
Facility Security Plan

  1. The Facility Security Plan (FSP) is an Operations Office level document that provides summary information used to describe all significant Safeguards and Security programs at applicable sites and facilities for PSEP Systems, Resources and Designs (SRD) review, track corrective actions and/or funding. The FSP will be completed for each IRS facility, including computing centers, campuses and critical post of duty (POD). This FSP documents the implementation of Physical Security and Environmental (PSE) and Media Protection (MP) Controls prescribed within the National Institute Standards and Technology (NIST SP 800-53), Treasury Department Publication (TDP 15-71), and Interagency Security Committee Design Criteria (ISCDC). Development and maintenance of the FSP is directed in Treasury Department Publication (TDP 15-71) Security Manual.

  2. The purpose of the FSP template is to provide an overview of the appropriate physical security measures and requirements taken to minimize the threat to our facilities, employees, loss of assets, equipment, and material through terrorism, criminal activities and natural disasters.

  3. 3) The intent of the FSP template is to describe those programs used to form the basis for the site and facility protection and the basis for future changes and improvements. The description of how those programs are implemented should be contained in site and facility procedures, directives, supplemental orders or other authoritative documentation. While these documents may change, the FSP template should remain relatively constant describing the long term protection plan in place and envisioned for the site or facility.

  4. At a minimum, the Facility Security Plan shall identify the following:

    • Site/Facility Identification

    • Threat Information

    • Roles and Responsibilities of Security Staff

    • Personnel Security (PERSEC)

    • Physical Security Environmental Protection Policy and Procedures

10.2.11.14.5  (09-28-2009)
Risk Management

  1. The Service has established minimum physical security standards and requirements for the protection of Service facilities, personnel and information. These standards are based on possible threats and identified countermeasures that could minimize the impact of an occurrence. Periodic risk management assessments provide security personnel and management officials with information on the effectiveness and appropriateness of existing standards and countermeasures, identifies risks, recommends additional upgrades, as needed, and provides guidance on how best to implement approved recommendations.

  2. Evaluation of the risk is the first step in determining the degree of security required for a particular facility. Security measures should be relative to the type of risks to which the facility and its contents are exposed, the probability that these risks will occur, and the impact that an occurrence would have on the organization. The Service recognizes the value of this approach and has developed and implemented an automated risk assessment process, known as the FSR-Manager (Facility Security Risk-Manager). This risk assessment process, FSR-Manager, is to be used by the physical security personnel to develop a tailored physical protective system for the facility and associated annexes. The process provides an objective tool to assist in identifying and justifying security requirements for IRS assets and systems that can be substantiated as minimum requirements to support IRS security policy. It allows the security analyst to independently assess the security posture at a specific facility, annex, or group of facilities and, based on this assessment; determine security criteria to protect the facility(s).

  3. At a minimum, risk/vulnerability assessments will be conducted at the following intervals, at a minimum: Level IV and V, every two (2) years; Level III, every three (3) years; and Level I and II, every four (4) years. Existing Risk Assessments that are less than 5 years old with no significant changes in the overall security posture at a security level I, II, or III facility may be re-validated. If the security posture has been enhanced by the addition of security countermeasures, those enhancements should be noted in the re-validation report. (see Exhibit 10.2.11-2). Security Level IV and V facilities must continue to be re-assessed at intervals of every 2 years or more frequently, if circumstances warrant and/or when the following condition occurred; • a change in location • major building renovation • increase in significant incidents, and/or • change in the mission of the businesses located at the facility

  4. The risk assessment process will include the following steps: • Evaluation of the risk – determining the degree of security required at the facility based on the likelihood of an occurrence happening. • Vulnerability assessment – potential impact of an occurrence and vulnerability (attractiveness of target and level of deterrence provided by established countermeasures) of the facility to an occurrence (see Exhibit 10.2.11-2) • Risk analysis – evaluation of potential risk to a facility from a given threat based on the impact of loss and vulnerability ratings (see Exhibit 10.2.11-3). • Recommendations – recommended countermeasures and cost (installation, operating cost, etc.)

  5. Risk/vulnerability assessments will be conducted using the FSR-Manager automated tool and all completed risk assessment reports will carry the legend "For Official Use Only-Restricted Distribution". Copies of the report will be forwarded to the National Office Security and Emergency Programs Division via secure E-mail or by a traceable means if sent through the postal system.

  6. The SEP will perform a Risk Assessment Authority Review. The Risk Authority Review is conducted to confirm the recommended upgrades based on impact of loss and the risk of an occurrence happening. The Risk Authority Review will be objective and fiscally responsible and will assist in prioritizing the recommended upgrades that become authorized .

10.2.11.14.6  (09-28-2009)
Limiting Access

  1. The basic principle of security within IRS, or anywhere, is "limit access to assets based upon need." When protecting information, for example, access to documents should be limited to those persons with a need to know the information. When the asset to be protected is a room, an area, a building, a computer, or other such property, access to that property should be restricted to those persons who, due to their official duties and/or responsibilities, have a need for such access.

  2. Whether a person needs to access an asset will depend upon whether that access is necessary to enable the person to perform his/her assigned duties and responsibilities. Management is responsible for determining such a need and for subsequently deciding to grant or deny access. Once this determination has been made, management should consult Security personnel for assistance in selecting the appropriate method of achieving the desired control.

10.2.11.14.7  (09-28-2009)
Safeguard Functions

  1. Most of the methods of protection are designed for protection after normal duty hours or at any time the assets to be protected are not under the personal custody of authorized Service employees.

  2. Because any single safeguard is often insufficient protection for any asset, the concept of layering of safeguards was developed to provide security-in-depth. To facilitate understanding of security-in-depth, the following functions of safeguards are presented.

    1. Deter -- The psychological effect which a safeguard or a system of safeguards has upon the potential perpetrator or human originated threat is difficult to measure. One can determine the effectiveness of an alarm by the number of bona fide "catches" it makes, but we can only guess the effectiveness of a safeguard which is designed only or primarily to deter a human being. The best example of a pure deterrent is a sign which identifies a restricted area. While it would be ideal to have effective security simply by the use of such inexpensive means as signs or lights, it is not practical. A good security program will not rely solely upon safeguards which are only deterrents.

    2. Delay -- Ideally, the Service should be able to deny access to its assets to separate them from human originated threats. But this is not practical since to perform its mission the Service must allow access to its assets. The objective then is to limit access to authorized personnel at approved times for official reasons. At times when the assets are not in the personal custody of an authorized IRS employee, they should be protected by means which delay as long as practical access by unauthorized persons. Safeguards such as locks, containers and walls will withstand (depending on the type of lock, container, etc.) forced entry and surreptitious entry attempts for a given period of time. This time is, hopefully, enough to discourage most would-be thieves, saboteurs, etc. However, given enough determination and resources (i.e., time, tools, and money) all such safeguards can be breached. If the asset being protected merits more than a deterring and delaying effort, the next function we would add is detection.

    3. Detect -- Many safeguards will automatically provide detection of an unauthorized act. For example, a door may show signs of a forced entry. However, an alarm might give evidence of an attempted surreptitious or forced entry. Depending once again upon the value of the asset, the timing of detection is crucial. For example, the goal for a threat such as sabotage of a computer in a Submission Processing Center and FSL IV Campuses would be to detect the attempted execution of the threat soon enough to intervene before it can be completed. Perimeter alarms and alarm activated cameras will help achieve this goal. Such a goal will also require a response force (internal IRS security personnel, contract guard personnel, Federal Protective Services, or the local police department) which will monitor detection devices and respond to them as appropriate. The functions of assessing, identifying, and tracking can be accomplished by closed circuit television (CCTV) systems, alarm systems and entry control systems. The most important of these functions is assessment, since the nature of the unauthorized act (e.g. unauthorized access, theft, robbery, assault, etc.) will influence the nature of the response to that act. Identifying a person committing an unauthorized act or a crime may be before, during or after the act has been committed. In some cases, we may only be able to respond to a threat as it is occurring. While the act has not been prevented, identification of the perpetrator enables the Service to take appropriate action. The tracking function is most useful for the response force to focus on the current location of the problem or perpetrator.

    4. Respond (Intervene/Apprehend) – Ideally, response to a threat in progress is to detect it and to take appropriate action soon enough to prevent it from causing any harm or loss. To achieve this ideal, the delaying safeguard, the detection devices, and the response force must be designed to ensure that the safeguard delays the perpetrator long enough for a detection device to alert the response force and long enough to allow the response force to arrive in time to intervene to prevent access or to prevent a perpetrator from leaving the area with stolen government property or information. Realistically, we should expect a contract security force to respond to a threat at a within 5 minutes and at other buildings (protected with central station alarm systems) within 15 minutes. If this is not possible, then compensating measures must be included in the protective system design to delay an adversary until an effective response can be executed.

    5. Deny -- The only real way to accomplish this function is to destroy an asset to prevent unauthorized personnel from obtaining it. Clearly, for the Service, this only pertains to information on paper, microfilm, or magnetic media, etc. which is no longer needed or which is a waste by-product of a tax administration function.

  3. Exhibit 10.2.11-4 shows the functions generally performed by certain physical security devices/techniques. No attempt is made to address the effectiveness of each, as this depends on the quality of the device selected monitoring activities and timely reactionary measures. Also most of the techniques/devices shown are primarily for use against any potential perpetrator (employee or outsider) during unoccupied times. Conversely, ID media, electronic access control systems, sign in and other audit trail procedures and task separation techniques are generally for use during occupied times to protect against "insiders. "

10.2.11.14.7.1  (09-28-2009)
Security Awareness

  1. A security program is enhanced when all managers and all employees are aware of security requirements including the reasons for each of the security requirements they are expected to follow or enforce. Each manager must know the general security requirements as well as the specific security measures which apply to his/her particular area of responsibility. The key to an effective awareness program is to show how the requirements relate to the work in which an employee is involved. For example, awareness efforts directed toward computer room employees should relate to security requirements in a computer room, while those efforts directed toward a tax auditor should relate to protecting the privacy of the taxpayer and the sensitivity to the tax return and return information.

  2. To ensure that all employees and managers are made aware of security requirements each security program will include an awareness program. See 10.2.11.9.2.

10.2.11.14.7.2  (09-29-2009)
Methods of Dissemination

  1. There are numerous ways which security information can be disseminated to employees and managers. In addition to the security briefing (see below), the following methods will be considered as tools of the security awareness program:

    1. In-house newsletters -- may be used to present articles that will appeal to the target audience and will maintain a continuing interest.

    2. Memoranda -- may be used to stress a particular requirement which may be new or not being followed.

    3. Stuffers -- graphic presentation that can be disseminated with other all employee items (i.e. earning statements).

    4. Posters -- graphic presentations that may be posted in heavy traffic areas or in areas where a particular requirement applies.

    5. Flyers -- may be used to make a particular point or to stress a new requirement or one which is not being followed.

    6. Managers meetings -- may be used to discuss security items of common interest to the managers.

    7. Employee meetings -- may be used by managers to present current issues to employees or for discussion.

    8. E-mail and voice mail-may be used to disseminate information on new procedures, identify areas of concern or simply provide reminders.

10.2.11.14.7.3  (09-28-2009)
Security Briefings

  1. Security Awareness Program will, at a minimum, include briefings as specified below:

    1. The Director and/or Senior Commissioner Representative (SCR) at each campus and computing center will be given a security briefing by security personnel, shortly after being appointed. The briefing will include current information on threats to the Service, and a review of the director's responsibilities in maintaining properly protected facilities.

    2. National office executives will be given a security briefing by the security staff. The briefing will include current information on threats to the Service and a review of the official's responsibilities.

    3. All managerial personnel will be given annual security briefings on their responsibilities by security personnel. The information presented during these sessions must then be passed on by the managers to all their employees. Security items will also be made a regular topic at periodic group/staff meetings.

    4. All new employees will receive a security orientation within the first week following employment. The orientation will be given separately or as part of the existing new employee orientation.

    5. All assigned employees will be given a refresher security orientation within the first week if they have been in a non-work status for nine months or longer. Local management will determine who will provide the orientation.

    6. Periodic security briefing sessions will be conducted for all Submission Processing Center and FSL IV Campuses managers throughout the year and at the beginning of each filing season. All the first-line managers will attend a security briefing session before the start of each filing period. The individual sessions should be conducted by each facility's security personnel and Disclosure Officer with introductory remarks by the director or designated representative (if scheduling permits). Special scheduling considerations will be necessary to accommodate managers who work on shifts or off-site locations.

    7. Management will inform each employee of special security requirements pertaining to their particular work area or facility within the first 30 days the employee reports to the manager for duty.

Exhibit 10.2.11-1  (09-30-2008)
Categories of Vulnerability Levels

Vulnerability Categories
The Vulnerability Assessment considers the potential impact from a successful attack, as well as the vulnerability of the facility/location to attack. A key component of the Vulnerability Assessment is properly defining the ratings for impact of loss.
Devastating The facility is damaged beyond habitation. Most items/assets are lost, destroyed, or damaged beyond repair restoration.
Severe The facility is partially damaged or contaminated. Some items/assets are damaged beyond repair/restoration, but the facility remains mostly intact.
Noticeable The facility is temporarily closed or unable to operate without an interruption of more than one day. A limited number of items/assets may be damaged, but the majority of the facility is not affected.
Minor The facility experiences no significant impact on operation (disruption to operation is less than four hours) and there is no loss of major assets.

Exhibit 10.2.11-2  (09-30-2008)
Vulnerability Ratings

Vulnerability Ratings
Vulnerability is defined to be a combination of the attractiveness of the target and the level of deterrence and/or defense provided by established countermeasures. Target attractiveness is a measure of the asset or facility in the eyes of an aggressor and is influenced by the function and/or symbolic
Very High This is a high profile facility that provides a very attractive target for potential adversaries. The level of deterrence and/or defense provided by the existing countermeasures is inadequate.
High This is a high profile regional facility that provides an attractive target. The level of deterrence and/or defense provided by the existing countermeasure is inadequate.
Moderate This is a moderate profile facility (not well known outside the local area) that provides a potential target. The levels of deterrence and/or defense provided by the existing countermeasures are marginally adequate.
Low This is not a high profile facility and provides a possible target. The level of deterrence and/or defense provided by the existing countermeasures is adequate.

Exhibit 10.2.11-3  (09-28-2009)
SAFEGUARDS and Their Related Protection Functions

Safeguards Deter Delay Detect Assess Identify Track Respond Deny
   Intervene Apprehend Access
 
Alarms x   x x* x x x** x**  
 
Areas x x x   x        
 
Building x x x            
 
CCTV x   x x x x      
 
Containers x x x            
 
Degaussers                 x
                                     
Document Destructors and Shredders                                
 
 
 
   
Entry Control Systems x     x x x x         x  
 
 
   
Fences x x                
   
Guards x x x x x x x x x  
   
ID Media Systems x     x     x                  
 
 
   
Locks x x x              
   
Procedures (e.g., Audit Trail) x     x     x x              
 
 
   
Secured Areas/ Security Rooms x x x                          
 
 
 
   
Signs x                  
   
Task Separation Compart- mentation x                                  
 
 
 
Note: The functions of each safeguard may vary according to the quality of the safeguard and the nature of the threat. The following chart represents generally the functions each safeguard provides. Not included here are other functions such as promoting awareness of security to meet responsibilities to prevent violations or crimes, and investigation and appropriate remedial actions for violations. These are not within the scope of the manual.  
*Alarms can be arranged to determine the extent of a fire (by zoning) or the nature of unauthorized entry (by duress to an authorized entrant).  
** Alarm systems can be designed to provide for a response force; by themselves of course, they merely annunciate an unauthorized access. Programmed into an integrated system can be instructions to automatically shut doors, operate cameras, start/stop sprinklers, or perform other actions which go beyond detection and assessment of a threat to intervening or, as in the case of some entry controls, rejecting personnel who attempt an unauthorized access.  

More Internal Revenue Manual