Part 10. Security, Privacy and Assurance

Chapter 2. Physical Security Program

Section 5. Identification Media

10.2.5 Identification Media

Manual Transmittal

April 28, 2021

Purpose

(1) This transmits revised IRM 10.2.5, Identification Media.

Material Changes

(1) This IRM was updated to reflect current organizational titles, scope, definitions, responsibilities, and authorized use.

(2) The following sections have been updated/clarified with this version of policy:

  1. IRM 10.2.5.1.3, Responsibilities: Added reporting requirement for separating employees, and monitoring training completion for contractor employees.

  2. IRM 10.2.5.1.3, Responsibilities and IRM 10.2.5.6.2, Replacement ID Cards: Added Interim Guidance Memorandum FMSS-10-1220-0007, Interim Guidance on FMSS Physical Security Lost, Stolen, or Compromised ID Media for IRM 10.2.5, Identification Media dated 12-02-2020.

  3. IRM 10.2.5.4, Mailing of ID Media: Added requirement to provide tracking number.

  4. IRM 10.2.5.6.1, Photo ID Cards: Added requirement to submit final staff-like access memorandum.

  5. IRM 10.2.5.6.2, Replacement ID Cards: Removed TIGTA reporting requirement.

  6. IRM 10.2.5.7, Vehicle ID Media: Updated section name from Parking Permits to Vehicle ID media. Added new policy and procedures for Vehicle ID media issuance.

  7. IRM 10.2.5.9, Recovery of ID Media: Updated procedures for recovering ID Media for employees/contractor employees placed in non-work status.

  8. IRM 10.2.5.10, Records and Accountability: Added new procedures for recoverable and non-recoverable ID Media.

Effect on Other Documents

This IRM supersedes IRM 10.2.5 dated July 5, 2018.
This IRM incorporates Interim Guidance Memorandum FMSS-10-1220-0007, Interim Guidance on FMSS Physical Security Lost, Stolen, or Compromised ID Media for IRM 10.2.5, Identification Media dated December 2, 2020.

Audience

All IRS Organizations

Effective Date

(04-28-2021)

Richard L. Rodriguez
Chief
Facilities Management and Security Services

10.2.5.1 (04-28-2021)

Program Scope and Objectives

  1. This section applies to the control, issuance, and disposition of Identification (ID) media. ID media are authorized forms of ID that are designed to provide evidence of the bearer’s identity, authorization to access IRS facilities or systems, or authority to act as an agent of the IRS in the performance of official duties.

  2. Purpose: This IRM provides an overview of the authorized forms of ID media issued by the IRS to employees and contractor employees, and establishes the policies for the control, issuance, and recovery of ID media.

  3. Audience: All IRS Organizations.

  4. Policy Owner: Chief, FMSS.

  5. Program Owner: FMSS, Associate Director (AD), Security.

  6. Primary Stakeholders: FMSS, Field Operations.

  7. Program Goals: To affirm IRS authorized ID media and establish the processes and procedures for the issuance, maintenance, and recovery of ID media to mitigate unauthorized access to IRS systems and facilities, and to protect IRS personnel, assets, and information.

10.2.5.1.1 (04-28-2021)

Background

  1. IRS ID media is issued solely for use by authorized IRS employees and contractor employees, other Federal agency employees and contractors, in the performance of official duties, and visitors (official or unofficial).

10.2.5.1.3 (04-28-2021)

Responsibilities

  1. The Chief, FMSS, is authorized to prescribe ID media for use within the IRS per Delegation Order 1-23, Authorization to Perform Functions of the Commissioner, located in IRM 1.2.2, Servicewide Policies and Authorities, Servicewide Delegations of Authority.

  2. The AD, Security, is responsible for oversight of ID media for use within the IRS.

  3. The Chief, Access & Identification Management (AIM), is responsible for oversight of the planning, developing, implementing, evaluating, and controlling the ID Media Program.

  4. The Chief, Identity Credential and Access Management (ICAM), is responsible for planning, developing, implementing, evaluating, and controlling the ID Media Program.

  5. FMSS Territory Managers (TM) are responsible for ensuring FMSS Security Section Chief(s) (SSC) follow IRS policy and provide oversight in the implementation and enforcement of the ID Media Program.

  6. FMSS SSC are responsible for implementing and enforcing the ID Media Program within their assigned territory, ensuring that IRS policy and procedures are followed.

  7. All IRS managers, Contracting Officer’s Representatives (COR), and Government Officials with personnel administrative functions have a responsibility for:

    1. Informing all employees in their span of control of the importance of following ID media practices.

    2. Verifying only authorized personnel are in the work area for which they are responsible and immediately challenging and/or reporting the presence of suspected unauthorized persons in a work area.

    3. Ensuring that authorized employees in their span of control are issued the appropriate ID media, use, and display their ID media at all times.

    4. Recovering ID media of employees and contractor employees who separate or are placed in non-work status on their last workday and immediately sending the recovered ID media to the local FMSS physical security office for disposition or retention.

    5. Reporting unrecovered ID media of employees and contractor employees who separate or are placed in non-work status to the local FMSS physical security office, the Situational Awareness Management Center (SAMC), and Treasury Inspector General for Tax Administration (TIGTA) in accordance with IRM 10.2.8, Physical Security Program, Incident Reporting.

    6. Certifying the disposition of issued ID media items to include the return of recovered ID media items to the local FMSS physical security office, using the automated Human Resources (HR) Connect Separating Employee Clearance (SEC) module for employees, and attaching Form 14604, Contractor Separation Checklist to the Separating Contractor Clearance (SCC) module for contractor employees.

    7. Completing a request for a replacement ID media for their employees and contractor employees when ID media:

      1. Is worn or damaged.

      2. Is reported lost or stolen.

      3. No longer accurately depicts the bearer.

      4. Is not displaying accurate legal or pseudonym name.

      5. Is no longer required with designator.

    8. Ensuring staff-like access eligibility requirements are met, as per IRM 10.2.18, Physical Security Program, Physical Access Control (PAC).

    9. Ensuring all contractor employees in their span of control complete Security Awareness Training timely in accordance with IRM 10.23.2, Personnel Security, Contractor Investigations, and ensuring it is documented in Integrated Talent Management (ITM).

  8. All employees and other persons issued ID media are responsible for:

    1. Safeguarding their ID media.

    2. Displaying their ID media properly at all times when present at an IRS facility and/or performing work duties.

    3. Promptly reporting loss of their ID media to their manager.

    4. Presenting their ID media when requested by their manager, the COR, or the local FMSS physical security office to allow for IRS accountability of such ID media.

    5. Returning their ID media to their manager/COR when placed in a non-work status or upon separation from the IRS.

    6. Reporting lost or stolen ID media immediately to their manager, the local FMSS physical security office, and to SAMC in accordance with IRM 10.2.8, Physical Security Program, Incident Reporting.

10.2.5.1.4 (04-28-2021)

Program Management and Review

  1. Program Reports:

    1. HRConnect Personal Identity Verification (PIV) Data Synchronization

    2. USAccess Applicant Status Report

  2. Program Effectiveness:

    1. Timely revocation of physical access

    2. Recovery of all ID media from unauthorized persons

    3. Timely completion of all SmartID card maintenance requirements

    4. Issuance of ID media only to authorized personnel

  3. Annual Review: ICAM conducts annual reviews to assess all processes of the program and ensures the program operates in compliance with laws and regulations of the Department of the Treasury ("Treasury" ).

10.2.5.1.5 (04-28-2021)

Terms/Definitions/Acronyms

  1. Access - The permissions granted to employees and contractor employees that provide opportunity to physically come into contact with (including, but not limited to reading, transporting, and/or transcribing/interpreting) Sensitive But Unclassified (SBU) data in the performance of official duties, entering an IRS controlled facility or space, and/or to login to IRS systems with approved credentials.

    Note:

    For additional information related to facility access, see IRM 10.2.18, Physical Security Program, Physical Access Control.

  2. Compromised - ID media in the possession of an unauthorized user.

  3. Contracting Officer’s Representative (COR) - An individual designated and authorized by the Contracting Officer (CO) to perform contract administration activities on his/her behalf within the limits of delegated authority for a specific acquisition or contract.

    Note:

    For additional information, see IRM 10.23.2, Personnel Security, Contractor Investigations.

  4. Contractor employee - An individual, not a federal employee, who performs work for or on behalf of the Federal Government.

    Note:

    For additional information, see IRM 10.23.2, Personnel Security, Contractor Investigations.

  5. Employee - A federal employee, employed by the IRS.

  6. Escorted Access - Access given to an individual (such as a contractor employee, visitor, or vendor) who is not approved for staff-like access and must be accompanied by a "qualified escort" during work performance and/or entry and movement throughout the facility.

    Note:

    For additional information related to escorted access, see IRM 10.2.18, Physical Security Program, Physical Access Control (PAC).

  7. ID Card - A form of ID media that verifies the identity of the bearer through identifiable data, which may include the bearer’s photograph, name, agency affiliation, and card number.

  8. ID Card Designations - Symbols that appear on ID cards that indicate a specified privilege or level of physical access, including concealed weapon, limited area, or federal emergency response official.

  9. ID Media - IRS ID media includes any pass, badge, credential, photo or non-photo ID card, pocket commission, or similar items, which contain the IRS name, seal, or symbol, that is normally issued to and displayed by the bearer. ID media may also contain one or more of the following:

    1. The bearer’s photograph.

    2. A serial number.

    3. An authorizing or validating signature.

    4. Information indicating the purpose of the media or indicating the bearer has been officially authorized to perform certain acts or duties.

  10. Insignia - A badge, usually attached to an article of clothing, which identifies the bearer’s affiliation with the IRS.

  11. Logical Access - Access to IRS information systems or to Information Technology (IT) resources.

  12. Non-Work Status - An IRS employee in a temporary non-pay status as a seasonal or intermittent worker, or on extended Leave Without Pay (LWOP), extended Absence Without Leave (AWOL), furlough, suspension, or other non-pay status.

  13. Physical Access Control (PAC) Card - A photo ID card issued in accordance with HSPD-12 that verifies the identity of the bearer for facility access.

  14. Pseudonyms - A pseudonym is a fictitious name. The use of a pseudonym is issued to IRS employees for the protection of personal safety and the prevention of harm or danger.

    Note:

    For additional information, see IRM 10.5.7, Privacy and Information Protection, Use of Pseudonyms by IRS Employees.

  15. Qualified Escort - An authorized (designated) IRS employee or a contractor employee approved for final staff-like access at the same or higher position risk level as the individual who requires escorting, and with knowledge of the task or activity to be performed.

    Note:

    For additional information on qualified escorts, see IRM 10.2.18, Physical Security Program, Physical Access Control.

  16. Recovered - A classification for ID media returned to the manager or COR and forwarded to the local FMSS physical security office for final disposition.

  17. Routine Access - Access to facilities on a consistent basis, generally multiple times per week.

  18. SmartID - An ID card issued in accordance with HSPD-12 that verifies the identity of the bearer through visible and embedded biometric data. The SmartID card provides logical and physical access.

  19. Staff-like Access - Unescorted access to Treasury-owned or controlled facilities, information systems, security items and products, and/or to areas storing or processing SBU data, as determined by Treasury/bureau officials. Staff-like access is initially granted on an interim basis; final access granted once full background investigation has been completed.

    Note:

    For additional information, see IRM 10.23.2, Personnel Security, Contractor Investigations.

  20. Unescorted Access - Access without escort to IRS facilities, IT systems, and SBU data. Unescorted access is granted to all IRS employees, and to contractor employees who are granted staff-like access. Unescorted access is an element of staff-like access authorization.

    Note:

    For additional information regarding unescorted access, see IRM 10.2.18, Physical Security Program, Physical Access Control.

  21. Vehicle ID Media - Vehicle ID media includes any pass, sticker, decal, permit, or similar items, which authorize individuals to enter IRS parking garages, lots, and other designated structures with their vehicle. Vehicle ID media may also contain one or more of the following:

    1. License plate number

    2. A serial number

    3. Permit number

    4. Information that indicates the purpose of the media or the bearer has been officially authorized for vehicular access.

    Note:

    Vehicle ID media applies to Facility Security Level (FSL) III through IV facilities. For additional information, see IRM 10.2.11, Physical Security Program, Basic Physical Security Concepts.

  22. Visitor - A person visiting an IRS facility who has not been issued an IRS photo ID card. Visitors may include contractor employees who have or have not been approved for staff-like access, other federal agency employees and contractors, and the general public.

  23. Unrecoverable - A classification for ID media not returned to the manager or COR after reasonable attempts have been made for its return.

  24. Acronyms

    Acronym Definition
    AD Associate Director
    AIM Access and ID Management
    AWOL Absence Without Leave
    CMM Contractor Management Module
    CO Contracting Officer
    COR Contracting Officer’s Representative(s)
    ESSO-LM Enterprise Single Sign-On Logon Manager
    FIPS Federal Information Processing Standards
    FMSS Facilities Management and Security Services
    FSL Facility Security Level
    HCO Human Capital Officer
    HR Human Resource
    HSPD Homeland Security Presidential Directive
    ICAM Identity, Credential and Access Management
    ID Identification
    IT Information Technology
    ITM Integrated Talent Management
    LAK Light Activation Kits
    LWOP Leave Without Pay
    NTEU National Treasury Employees Union
    OMB Office of Management & Budget
    PAC Physical Access Card
    PIV Personal Identity Verification
    PTSP Public Transportation Subsidy Program
    SAMC Situational Awareness Management Center
    SBU Sensitive But Unclassified
    SCC Separating Contractor Clearance
    SEC Separating Employee Clearance
    SSC Security Section Chief(s)
    TIGTA Treasury Inspector General for Tax Administration
    TM Territory Manager
    USC United States Code
    USPS United States Postal Services
     

10.2.5.1.6 (04-28-2021)

Related Resources

  1. Form 13716, Request for ID Media for IRS Employees

  2. Form 13716-A, Request for ID Media for Non-IRS Employees

  3. Form 14604, Contractor Separation Checklist

  4. Form 3210, Document Transmittal

  5. Form 4589, Lost or Forgotten Identification (ID) Media Record

  6. Form 6662, Daily ID Card Inventory Report

  7. IRM 1.2.2, Servicewide Policies and Authorities, Servicewide Delegations of Authority

  8. IRM 1.17.7, Publishing, Use of the Official IRS Seal, IRS Logo, Program Logos and Internal Logos

  9. IRM 1.22.3, Mail and Transportation Management, Addressing and Packaging

  10. IRM 1.32.15, Servicewide Travel Policies and Procedures, Public Transportation Subsidy Program (PTSP)

  11. IRM 9.11.3, Fiscal and Personnel Matters, Investigative Property

  12. IRM 10.2.6, Physical Security Program, Civil Enforcement and Non-Enforcement Pocket Commissions

  13. IRM 10.2.8, Physical Security Program, Incident Reporting

  14. IRM 10.2.11, Physical Security Program, Basic Physical Security Concepts

  15. IRM 10.2.14, Physical Security Program, Methods of Providing Protection

  16. IRM 10.2.18, Physical Security Program, Physical Access Control (PAC)

  17. IRM 10.5.7, Privacy and Information Protection, Use of Pseudonyms by IRS Employees

  18. IRM 10.8.1, Information Technology (IT), Policy and Guidance

  19. IRM 10.23.2, Personnel Security, Contractor Investigations

10.2.5.2 (04-28-2021)

Authorized Use

  1. Only ID media issued in accordance with, or as referenced in, this IRM section are authorized for use by IRS employees and contractor employees during performance of official duties. The issuance and use of pocket commissions is covered in IRM 10.2.6, Physical Security Program, Civil Enforcement and Non-Enforcement Pocket Commissions, and enforcement badges in IRM 9.11.3, Fiscal and Personnel Matters, Investigative Property.

  2. IRS employees and contractor employees must take precautions to prevent loss, theft, or destruction of pocket commissions, ID cards, and enforcement badges. In the hands of an unauthorized person, these ID media items have the potential of bringing serious discredit and adverse publicity to the IRS. IRS employees and contractor employees are responsible for safeguarding their ID media on their person or in a locked container. ID media must never be left unattended in briefcases, unlocked desk drawers, automobiles, etc.

  3. No IRS employee or contractor employee may possess more than one IRS ID card. No IRS employee or contractor employee may be issued more than one of each type of authorized ID media at any given time, including ID card, pocket commission, and enforcement badge, unless otherwise authorized by the AD, Security.

  4. IRS employees and contractor employees must return all ID media when they separate or terminate employment (resignation or retirement, transferring to another federal agency, removal, etc.).

  5. IRS employees and contractor employees must never copy or photograph their ID media, nor allow anyone to copy or photograph their ID media, as per 18 USC 701.

  6. ID media may not be used for retirement mementos, honorary presentations, or similar purposes, except as prescribed in IRM 10.2.6 , Physical Security Program, Civil Enforcement and Non-Enforcement Pocket Commissions and IRM 9.11.3, Fiscal and Personnel Matters, Investigative Property.

10.2.5.4 (04-28-2021)

Mailing of ID Media

  1. ID media may be mailed when an ID card must be:

    1. Transferred to another credentialing station, including non-IRS credentialing stations, or to a Light Activation Kit (LAK) station.

    2. Returned to the local FMSS physical security office due to employee or contractor employee separation or placement in a non-work status.

  2. When mailing ID media, a controlled means must be used. The mailing package must be accompanied by a Form 3210, Document Transmittal, including the name of the package recipient, date sent, serial number, type of ID media, quantity of blank stock (if applicable) and cardholder’s name (if applicable). Form 3210 must be retained for use in ensuring the timely receipt of the transmitted items. The recipient must return the signed Form 3210 indicating receipt. A copy of the signed Form 3210, signifying receipt of the documents, must be retained in the local FMSS physical security office.

  3. When ID media must be mailed:

    1. Use a sealed envelope with the name of the receiving employee or contractor employee recorded on the face of the envelope. The sealed envelope containing the ID media must then be enclosed in an envelope or package prepared for mailing.

    2. Use traceable means such as the United States Postal Service (USPS) registered mail or by a traceable means with a tracking number. The tracking number must be sent to the package recipient once it is received from the mailing service.

    Note:

    For additional information, see IRM 1.22.3, Mail and Transportation Management, Addressing and Packaging.

10.2.5.5 (04-28-2021)

Authorized ID Media

  1. The authorized forms of ID media approved for use by IRS employees, contractor employees, and visitors are as follows:

    1. ID cards (photo and non-photo).

    2. Non-enforcement Pocket Commissions, as per IRM 10.2.6, Physical Security Program, Civil Enforcement and Non-Enforcement Pocket Commissions.

    3. Enforcement Pocket Commissions as per IRM 9.11.3, Fiscal and Personnel Matters, Investigative Property

    4. Parking permits to IRS controlled parking areas.

    5. Insignia provided to IRS personnel for attachment to issued apparel.

  2. IRS employees, contractor employees, and visitors may not display any form of ID media associating them with the IRS except as referenced in this IRM unless otherwise officially authorized by the Chief, FMSS.

  3. Requests for the development of new, or modification of existing ID media, and/or the method of use, assembly, or display, must be submitted through the Operating Business Commissioner, Chief Officer, or Chief Counsel of the requesting organization to the FMSS AD, Security, for coordination and approval.

  4. The Chief, FMSS is the approving authority for any amendments to any type of IRS ID media, unless otherwise indicated in this IRM.

  5. All other forms of ID media not specifically covered in this IRM, IRM 10.2.6, Physical Security Program, Civil Enforcement and Non-Enforcement Pocket Commissions, or IRM 9.11.3, Fiscal and Personnel Matters, Investigative Property are not authorized.

10.2.5.6 (04-28-2021)

ID Cards

  1. ID cards (including, but not limited to photo and non-photo ID cards) are used to verify the bearer’s identity and/or to designate their type of authorized access.

10.2.5.6.1 (04-28-2021)

Photo ID Cards

  1. Photo ID cards are only issued by the local FMSS physical security office to employees and contractor employees who meet the eligibility requirements for staff-like access, as per IRM 10.2.18, Physical Security Program, Physical Access Control (PAC), IRM 10.23.2, Personnel Security, Contractor Investigations, and require physical and/or logical access to IRS facilities and systems.

  2. Authorized photo ID cards are the SmartID and PAC cards.

  3. Authorized personnel who require specified access or privilege must have ID designations on the front of the ID card in accordance with FIPS 201 guidance. The ID designations are as follows:

    1. Emergency Response Official: Personnel designated as emergency responders.

    2. Concealed Weapon: Personnel authorized to carry concealed weapons in conjunction with their official duties.

    3. Limited Area Access: Personnel authorized to access designated limited areas.

  4. SmartID cards may be issued to individuals who meet the eligibility requirements for staff-like access and require routine access to IRS controlled facilities and/or information systems.

    Note:

    SmartID cards are issued to IRS National Treasury Employees Union (NTEU) Chapter Presidents who meet the eligibility requirements for staff-like access.

  5. PAC cards may be issued to individuals who meet the eligibility requirements for staff-like access and only require routine access to IRS controlled facilities.

    Note:

    PAC cards are used for physical access only and are normally designed to be temporary in nature.

  6. Employees must complete and submit Form 13716, Request for ID Media for IRS Employees prior to the issuance of a photo ID card.

  7. Contractor employees must complete and submit Form 13716-A, Request for ID Media for Non-IRS Employees and provide a copy of their current staff-like access memorandum issued by Human Capital Officer (HCO) Personnel Security prior to the issuance of a photo ID card. Final staff-like access memorandums issued to contractor employees after card issuance must be forwarded to the local FMSS physical security office.

  8. Personnel that require photo ID cards are required to have a photograph taken to provide an immediate visual verification of the bearer’s identity. Personnel must provide a neutral facial expression for the photo, where all facial muscles are in a relaxed state. Wearing hats, scarves, caps, or items that may obstruct the facial features are prohibited unless worn for reasons of religion or health. Exceptions must be approved by the employee’s manager or COR and the local FMSS SSC and notated in the employee’s USAccess record.

  9. All personnel must ensure ID cards are in their possession when conducting official business. ID cards must be worn at or above the waist and displayed visibly from the front when in IRS facilities. SmartID cards must be carried in an IRS issued holder to safeguard the ID card certificate. When the SmartID card is being utilized for work processes, such as Enterprise Single Sign-On Logon Manager (ESSO-LM), it is allowable to not have the card displayed as long as it is in the cardholder’s physical possession at all times.

  10. Authorized IRS personnel visiting an IRS facility on official business must display their issued ID card. Authorized IRS visitors requiring access to Limited Areas must display a photo or non-photo ID card with a "Limited Area" designation.

    Note:

    For additional information, see IRM 10.2.18, Physical Security Program, Physical Access Control (PAC).

  11. Employees with an approved pseudonym, as prescribed in IRM 10.5.7, Privacy and Information Protection, Use of Pseudonyms by IRS Employees must be issued a SmartID or PAC card in their pseudonym name only. Previously issued ID cards must be recovered and returned to the local FMSS physical security office prior to the issuance of a new ID card. The pseudonym name must match on the SmartID card and the enforcement or non-enforcement pocket commission, if applicable.

10.2.5.6.2 (04-28-2021)

Replacement ID Cards

  1. Employees and contractor employees must request a replacement card if the:

    1. Current ID card has expired (ID cards must be updated every five years).

    2. ID card is lost (a wait of five to seven business days is usually appropriate to ensure a card is lost and not merely misplaced).

    3. ID card is stolen.

    4. Cardholder’s name has changed.

    5. ID card is damaged.

    6. Image of the cardholder no longer accurately depicts the cardholder.

  2. Cardholders must immediately report lost, stolen, or compromised ID cards to:

    1. Their manager or COR

    2. The local FMSS physical security office by submitting Form 4589, Lost or Forgotten Identification (ID) Media Record

    3. SAMC in accordance with IRM 10.2.8, Physical Security Program, Incident Reporting

  3. IRS employees who require a replacement ID card must complete and submit Form 13716, Request for ID Media for IRS Employees to the local FMSS physical security office to obtain a replacement ID card.

  4. Contractor employees who require a replacement ID card must complete and submit Form 13716-A, Request for ID Media for Non-IRS Employees and a copy of their current staff-like access memorandum issued by HCO, Personnel Security to the local FMSS physical security office to obtain a replacement ID card.

  5. Local physical security offices must complete revocation procedures within 18 hours of notification of lost, stolen, or compromised cards. In emergency situations where there is suspicion the missing ID card could be misused, the local FMSS physical security office must take immediate action to disseminate the information to SAMC and TIGTA to prevent unauthorized access to IRS facilities and systems.

10.2.5.6.3 (04-28-2021)

Non-Photo ID Cards

  1. Non-photo ID cards are issued by the local FMSS physical security office to:

    1. Visitors who meet the eligibility requirements for staff-like access, as per IRM 10.2.18, Physical Security Program, Physical Access Control (PAC).

    2. Visitors who do not meet the eligibility requirements for staff-like access.

    3. Individuals who are not granted unescorted entry authorization within Limited Areas, as per IRM 10.2.18, Physical Security Program, Physical Access Control (PAC).

    4. Employees/contractor employees reporting to IRS facilities without their photo ID card.

    Note:

    Non-photo ID cards to designated limited areas are issued by designated Business Unit limited area monitors.

  2. The authorized non-photo ID cards are Visitor, Visitor Escort Only, Visitor Limited Area, and Temporary ID cards. Individuals who require non-photo ID cards must have ID designations on the front of the ID card. The ID designations are as follows:

    1. "V" in a red field – Visitor

    2. "E" in a red field – Visitor Escort Only

    3. "R" in a yellow field – Visitor Limited Area

    4. "T" in a blue field – Temporary

  3. Visitors and federal or non-federal personnel who have met the eligibility requirements for staff-like access as set forth in IRM 10.2.18, Physical Security Program, Physical Access Control (PAC) must be issued non-photo "Visitor" ID cards by the local FMSS physical security office for unescorted access.

  4. Visitors who have not met the eligibility requirements must:

    1. Be escorted by an IRS employee, who must request his/her placement on the facility visitor access list.

    2. Present a government or state issued photo ID card for identity verification and submit to facility entry screening procedures.

    3. Be issued a non-photo "Visitor Escort Only" ID card.

  5. Visitors who have not been granted unescorted entry authorization within Limited Areas as set forth in IRM 10.2.18 must:

    1. Be placed on the Limited Area Register by the Business Unit limited area monitor.

    2. Be escorted by an IRS employee.

    3. Present a government or state issued photo ID card for identity verification and submit to Limited Area screening procedures.

    4. Be issued a non-photo "Visitor Limited Area" ID card.

  6. Employees/contractor employees who report to IRS facilities without their IRS issued photo ID card must complete and submit Form 4589, Lost or Forgotten Identification (ID) Media Record to the local FMSS physical security office and must be issued a "Temporary" ID card.

  7. Non-photo ID cards cannot be removed from the issuing facility and should never be used as access authorization to a facility. Non-photo ID cards must be returned to local FMSS physical security office or guard post by the individual assigned the card when the individual departs the facility or security area.

  8. Contractor employees who have been denied final staff-like access by HCO Personnel Security cannot be allowed entry or escorted.

10.2.5.6.4 (04-28-2021)

Proxy/Access Cards

  1. Employees and authorized contractor employees requiring routine access to an IRS controlled facility or space (government owned or leased) with an electronic access control system may be issued a proxy/access card, where required.

  2. Proxy/access cards are non-photo, electronic cards that work with the access control system to unlock a door or a similar structure, replacing a traditional key and lock. Proxy/access cards further restrict access to an area and provide an alternate method to provide access when coding of the SmartID or PAC is not practical.

  3. Employees who require a proxy/access card must complete and submit Form 13716, Request for ID Media for IRS Employees to the local FMSS physical security office to obtain a proxy/access card.

  4. Contractor employees who require a proxy/access card must complete and submit Form 13716-A, Request for ID Media for Non-IRS Employees and a copy of their current staff-like access memorandum issued by HCO, Personnel Security, to the local FMSS physical security office to obtain a proxy/access card.

  5. Proxy/access cards must be issued by the local FMSS physical security office for applicable IRS controlled facilities or space. Proxy/access cards must be returned to the local FMSS physical security office upon separation or non-work status by the individual assigned the card or their manager. Note: Proxy/access cards are not transferable.

10.2.5.7 (04-28-2021)

Vehicle ID Media

  1. The local FMSS TM has authority to designate the locations where vehicle ID media is used and the procedures for issuance and control.

  2. The local FMSS physical security office is responsible for development, implementation, maintenance, and control of the vehicle ID media.

  3. Vehicle ID media is issued by the local FMSS physical security office for applicable IRS controlled parking areas and must meet the following specifications:

    1. Materials used in stickers must be reflective vinyl

    2. Dimensions – 2 3/4” x 4 3/4” (minimum)

    3. All printing (including serial numbers) 1 1/2” high (minimum)

    4. Style of printing – block letters in upper case

    5. Colors may be used to further identify owners of registered vehicles

    6. Media should be designed to prevent reuse when removed

    Note:

    Vehicle ID media are not transferable.

    Note:

    Vehicle ID media are not authorized for personnel who are also receiving compensation through the Public Transportation Subsidy Program (PTSP).

  4. Vehicle ID media must be placed so that it can be readily seen by the guard. The SSC determines the placement of the vehicle ID media, which may be on either rear side windows, front or rear windows, or any other prominent location that is compliant with state and local laws.

  5. If the vehicle ID media for an employee/contractor employee vehicle is a parking permit (ID stickers or decals) not permanently affixed to the vehicle, the media must contain a serial number and the employee must show their IRS photo ID to gain access.

  6. Temporary vehicle passes may be issued to employees/contractor employees who do not have vehicle ID media, provided they show an authorized IRS ID card.

    1. The temporary vehicle pass must display the license plate number, expiration date, and permit number.

    2. For an employee/contractor employee who does not have an authorized IRS ID card, employment status must be verified in Discovery Directory.

    3. Temporary vehicle passes for employees may not exceed 30 days. If necessary, the pass may be reissued after the 30-day period.

  7. Visitors can be issued a Visitor Vehicle Pass. See IRM 10.2.18, Physical Security Program, Physical Access Control (PAC) for further information on visitor access.

    1. Authorized individuals (e.g., employee or program manager) must submit an access request to the local FMSS physical security office.

    2. The local FMSS physical security office must sign and approve the request, which will now function as an approved access list.

    3. The local FMSS physical security office must provide the approved access list to the guard force.

    4. Visitors must show a government or state issued photo ID and must be on the approved access list for entry to designated parking areas.

    Note:

    The Visitor Vehicle Pass may not be used for in and out access. The visitor must show a government or state issued photo ID and be checked against the access list each time they require entry.

    Note:

    The Visitor Vehicle Pass must be dated and is valid for the date of issuance only.

  8. Temporary Vehicle Passes may be issued to vendors and others requiring access. See IRM 10.2.18, Physical Access Control (PAC) for further information on vendor access.

    1. Authorized individuals (e.g., COR or manager) must submit an access request to the local FMSS physical security office.

    2. The local FMSS physical security office must sign and approve the request. The approved request is now an approved access list.

    3. The local FMSS physical security office must provide the approved access list to the guard force.

    4. The vendor/individual must show a government or state issued photo ID and must be on the approved access list for entry to designated parking areas.

    Note:

    The temporary vehicle pass may not be used for in and out access. The vendor/individual must show a government or state issued photo ID and be checked against the access list each time they require entry.

    Note:

    The temporary vehicle pass must be dated and is valid for the date(s) of issuance only.

  9. Concurrent with the issuance of vehicle ID media, the employee must be informed of the requirement to remove and return the media or remains to the local FMSS physical security office prior to selling or trading the vehicle, or if that area on the vehicle where the media is affixed is damaged and replaced. In addition, the local FMSS physical security office must be informed when the vehicle ID media is destroyed, lost, or stolen.

  10. For vehicle ID media mass re-issue, color scheme and designation should be varied each time the identifiers are changed. The decision to conduct mass re-issue is at the discretion of the local FMSS physical security office; consideration should be given to loss rates and frequency of turnover.

10.2.5.8 (04-28-2021)

Insignia

  1. Only authorized insignia approved by the Chief, FMSS are authorized for official wear.

  2. Insignia designated for attachment to issued apparel must adhere to the policy set forth in IRM 1.17.7, Publishing, Use of the Official IRS Seal, IRS Logo, Program Logos and Internal Logos.

  3. Issuing Business Unit must safeguard insignia from unauthorized personnel. Business Unit may issue or transfer insignia to authorized personnel only. The Business Unit is responsible for the recovery of insignia from unauthorized personnel and the destruction of damaged insignia.

10.2.5.9 (04-28-2021)

Recovery of ID Media

  1. All issued ID media must be recovered and returned to the local FMSS physical security office when employees or contractor employees:

    1. Request replacement ID media.

    2. Separate and terminate employment (resignation or retirement, transferring to another federal agency, etc.).

    3. Are placed in non-work status.

    Note:

    Recovery of pocket commissions must follow procedures in IRM 10.2.6, Physical Security Program, Civil Enforcement and Non-Enforcement Pocket Commissions.

  2. All ID Media items must be recovered on the employee’s or contractor employee’s last workday prior to separating or terminating employment with IRS. The manager and/or COR are responsible for initiating the process of recovering the ID Media items for separated employees/contractor employees. Every effort must be made to contact the separating employee or contractor employee and recover all ID Media items (including tracked letter, documented phone call, etc.) prior to filing a SAMC and TIGTA report. The manager and/or the COR must report all unrecovered ID Media items to SAMC and TIGTA.

  3. The manager and/or COR are responsible for ensuring that all recovered ID Media is returned to the local FMSS physical security office no later than one business day after the effective date of the separation with Form 3210, Document Transmittal, either in person or via mail.

  4. The manager is required to use the HR Connect – SEC module to indicate ID Media recovery status as recovered or unrecoverable on the employee’s last workday. If the manager is unable to recover the ID media item(s), the manager must file a SAMC and TIGTA report, and update the SEC module to indicate the ID media as unrecoverable with a written explanation detailing the circumstances of non-recovery, including the SAMC and TIGTA (if available) report number. The SAMC and TIGTA reports must be completed prior to completing the SEC module in HRConnect to include the SAMC and TIGTA, if available, information in the SEC module written explanation. The manager must provide SAMC and TIGTA, if available, report numbers to the local FMSS physical security office no later than one business day after effective date of separation via email or hard copy with Form 3210, Document Transmittal. The manager is responsible for the timely completion of all recovery and separation procedures.

    Note:

    For additional guidance, see IRM 10.2.8, Physical Security Program, Incident Reporting.

  5. The manager and/or COR is required to complete and submit Form 14604, Contractor Separation Checklist on the contractor employee’s last workday and attach the checklist to the HRConnect- SCC module located on the Contractor Management Module (CMM). The manager or COR must indicate the status of the ID media as recovered or unrecoverable on the Contractor Separation Checklist. When the manager or COR fails to recover the ID media, the manager or COR must complete a SAMC and TIGTA report and provide a written explanation detailing the circumstances of non-recovery, including the SAMC and TIGTA (if available) report numbers. The SAMC and TIGTA reports must be completed prior to completion of Form 14604, Contractor Separation Checklist. The manager or COR must provide SAMC and TIGTA (if available) report numbers to the local FMSS physical security office no later than one business day after effective date of separation via email or hard copy with Form 3210, Document Transmittal. The COR’s manager is responsible for the timely completion of all recovery and separation procedures.

    Note:

    For additional guidance, see IRM 10.2.8, Physical Security Program, Incident Reporting.

  6. Employees and contractor employees should refer to IRM 10.2.5.3, Penalties, for the penalties of failing to return ID media and/or the misuse ID Media.

10.2.5.10 (04-28-2021)

Records and Accountability

  1. Unauthorized personnel must not have access to the ID media stock, supplies, or equipment to maintain the validity and reliability of ID media.

  2. The local FMSS physical security office must annotate the issuance of ID media on Form 13716 or 13716-A, Part IV, FMSS Physical Security Information and maintain an alpha file for every individual who has been issued a photo ID card, access card, vehicle pass, or any form of ID media. The file must consist of all applicable ID media related forms, such as:

    1. Form 13716, Request for ID Media for IRS Employees

    2. Form 13716-A, Request for ID Media for Non-IRS Employees

    3. Form 4589, Lost or Forgotten Identification (ID) Media Record

    4. Staff-like access approval memorandums

    5. Unrecoverable written explanations

  3. Alpha files for issued, replacement, recovered, and unrecovered ID media must be maintained by the local FMSS physical security office.

  4. Alpha files must be maintained by the local FMSS physical security office until:

    1. Replacement ID media is issued.

    2. ID media is recovered and terminated due to separation; at which time the record must be maintained for a minimum of three years after separation.

    3. ID media is unrecovered and terminated due to separation; at which time the record must be maintained for a minimum of three years after separation.

    Note:

    Refer to Document 12829, General Records Schedule for the approved records retention and disposition authority to ensure records, in hard copy and electronic format, are appropriately managed, retained and archived to prevent inadvertent/unlawful destruction of records. Refer to GRS 5.6-Security Records, Item 20-Key and card access accountability records; GRS 5.6-Security Records, Item 120-Personal identification credentials and cards; and GRS 5.6-Security Records, Item 130-Local facility identification and card access records, for the NARA-approved retention and disposition.

  5. The local FMSS physical security office must annotate recovery and termination/destruction of ID media on Form 13716 or Form 13716-A, Part V, Recovery.

  6. The local FMSS physical security office is responsible for verifying that a SAMC report has been completed for all unrecovered (lost, stolen, or compromised) ID media. The local FMSS physical security office must complete a SAMC report for all unrecovered ID media where the manager, COR, employee, or contractor employee has not completed the SAMC report. The local FMSS physical security office must annotate the SAMC report number on Form 13716 or Form 13716-A, Part VI, Unrecoverable ID Media.

  7. The local FMSS physical security office is responsible for verifying that a SAMC and TIGTA report has been completed for all unrecovered ID media for separating employees. The local FMSS physical security office must complete a SAMC and TIGTA report for all unrecovered ID media no later than 30 days after separation where the manager, COR, or manager of the COR has not completed the SAMC and TIGTA report. The local FMSS physical security office must annotate the SAMC and TIGTA, if available, report numbers on Form 13716 or Form 13716-A, Part VI, Unrecoverable ID Media.

  8. The local FMSS physical security office must complete a daily inventory of all non-photo ID cards. The local FMSS physical security office must annotate the results of the daily audit of each non-photo ID on Form 6662, Daily ID Card Inventory Report. Form 6662 must be maintained for a minimum of three years at the local FMSS physical security office.