10.2.1 Physical Security

Manual Transmittal

August 20, 2020

Purpose

(1) This transmits revised Internal Revenue Manual (IRM) 10.2.1, Physical Security.

Material Changes

(1) Effective August 16, 2020, organizational changes have been made within Facilities Management and Security Services (FMSS):

  1. Renamed Security Policy to Security.

  2. Renamed Physical Security Protection Programs to Physical Security Program (PSP).

(2) This IRM was updated to reflect current organizational titles, terminology, references, and citations.

Effect on Other Documents

This supersedes IRM 10.2.1 dated September 27, 2017.

Audience

Servicewide

Effective Date

(08-20-2020)

Richard L. Rodriguez
Chief
Facilities Management and Security Services

Program Scope and Objectives

  1. Purpose: The purpose of this IRM is to establish the responsibilities for IRS physical security programs protecting IRS personnel, facilities, and assets.

  2. This IRM provides IRS standards for protecting personnel, property, assets and information.

  3. Audience: Servicewide.

  4. Policy Owner: Chief, FMSS.

  5. Program Owner: FMSS Associate Director (AD), Security.

  6. Primary Stakeholders: Business Unit executives, senior managers and Chief Counsel Executives, Senior Managers and Chief Counsel.

  7. Program Goals:

    1. Establish appropriate physical security measures, processes and procedures to best protect IRS personnel, assets and information.

    2. Comply with federal regulations and laws, Treasury directives and Department of Homeland Security (DHS) Interagency Security Committee (ISC) standards.

    .

Background

  1. As the nation’s tax collection agency, the IRS is often the target of direct and implied threats by citizens who are affected by US tax laws. To safeguard the security and safety of personnel, facilities, and assets, IRS develops and implements physical security policies, procedures, and processes to mitigate current and emerging threats.

Authority

  1. Executive Order 12977, Interagency Security Committee

  2. Treasury Security Manual 71–10

Responsibilities

  1. Chief, FMSS:

    1. Prescribes the IRS Physical Security Program.

    2. Provides oversight, guidance, and resources to safeguard an effective IRS Physical Security Program.

  2. AD, Security:

    1. Provides oversight for planning, developing, implementing, and evaluating the IRS Physical Security Program.

    2. Approves deviations of security policy.

  3. Physical Security Program (PSP) Section Chief:

    1. Develops IRS physical security programs in accordance with Department of Treasury and ISC standards for the physical protection of personnel, facilities and assets to ensure the continued operation and fulfilment of essential functions and services.

    2. Monitors and evaluates the effectiveness of IRS physical security programs.

    3. Maintains awareness of current and emerging security threats, vulnerabilities, and industry-wide standards to support the analysis and selection of countermeasures.

    4. Standardizes physical security equipment at IRS-controlled facilities.

  4. FMSS Territory Managers (TM):

    1. Oversee IRS Physical Security Program in their assigned territory.

    2. Provide guidance, oversight, and assistance to client sites for the Physical Security Program.

  5. FMSS Security Section Chiefs (SSC):

    1. Manage physical security programs for their client sites, including planning, developing, implementing, and evaluating their programs.

    2. Confirm the implementation of IRS physical security policy and procedures meet established minimum protective standards.

  6. IRS Employees and Contractors:

    1. Comply with established physical security policies, practices and procedures.

    2. Report security incidents to manager or Contracting Officer’s Representative (COR), local FMSS physical security staff, and the Situational Awareness Management Center (SAMC).

Program Objectives and Review

  1. Program Reports:

    1. Federal Protective Service (FPS) Facility Security Assessment (FSA) and IRS Facility Security Assessment Addendum (FSAA).

    2. Space Time and Resources (STAR) tool for physical security countermeasure funding and tracking reports.

    3. Situation Awareness Management Center (SAMC) Incident Reports.

    4. IRS internal security program database deliverable completion reports.

  2. Program Effectiveness:

    1. Implementation of appropriate countermeasures for physical security risks noted in the FSA report and FSAA report.

    2. Compliance with ISC standards, as validated in the FSA reports. Compliance with Treasury and IRS requirements, as validated in the FSAA reports.

    3. Timely completion of FSAA reports in accordance with ISC Standards based on Facility Security Level (FSL) determination for the facility.

Acronyms

  1. Acronym Definition
    AD Associate Director
    COR Contracting Officer’s Representative
    DHS Department of Homeland Security
    FMSS Facilities Management and Security Services
    FPS Federal Protective Service
    FSA Facility Security Assessment
    FSAA Facility Security Assessment Addendum
    FSL Facility Security Level
    ISC Interagency Security Committee
    PAC Physical Access Control
    PSP Physical Security Program
    SAMC Situational Awareness Management Center
    SSC Security Section Chief
    STAR Space, Time, and Resources
    TM Territory Manager

Related Resources

  1. The Risk Management Process for Federal Facilities: An Interagency Security Committee Standard, latest edition.

  2. IRM 1.4.6, Managers Security Handbook

  3. IRM 10.2.8, Incident Reporting

  4. IRM 10.2.11, Basic Physical Security Concepts

  5. IRM 10.2.15, Minimum Protection Standards

  6. IRM 10.2.18, Physical Access Control (PAC)

  7. IRM 10.9.1, National Security Information

Basic Physical Security Principles

  1. The main principles of physical security in the IRS are:

    1. Physical security programs are designed to address risk, based on the ISC risk management process.

    2. All managers and employees are integral in safeguarding the physical security of personnel, facilities, and assets.

    3. Physical security policy compliance safeguards appropriate protection of IRS personnel, facilities, and assets.

  2. Established guidelines for minimum physical security standards are found in IRM 10.2.15, Minimum Protection Standards. It establishes a baseline for physical security measures, while allowing flexibility to develop higher standards when deemed necessary by appropriate risk assessments and threat information to meet local situations.