10.2.15 Minimum Protection Standards (MPS)

Manual Transmittal

August 15, 2016


(1) This transmits revised (Internal Revenue Manual) IRM 10.2.15, Minimum Protection Standards.

Material Changes

(1) On October 1, 2014, Agency-Wide Shared Services (AWSS) Physical Security and Emergency Preparedness (PSEP) merged with AWSS Real Estate and Facilities Management (REFM) to become Facilities Management and Security Services (FMSS). This IRM was updated to reflect new organizational and position titles.

Effect on Other Documents

This IRM supersedes 10.2.15 dated September 26, 2008.



Effective Date


Related Resources

IRM 10.9.1, National Security Information

IRM 10.2.14, Methods of Providing Protection

Treasury Department Publication, TDP 15-71

National Institute Standards and Technology, NIST SP 800-53

Federal Information Security Management Act (FISMA)

Executive Order, Classified National Security Information (EO 13526)

Steven M. Artise
Acting Director
Facilities Management and Security Services
Agency-Wide Shared Services


  1. The Minimum Protection Standards (MPS) system establishes a uniform method for protecting data and items which require safeguarding. This system contains minimum standards which will be applied on a nationwide basis. Since local factors may require additional security measures, managers should work with their local Facilities Management and Security Services (FMSS) staff to analyze local circumstances to determine space, container and other security needs at individual facilities. The MPS has been designed to provide managers with a basic framework of minimum security requirements while still allowing flexibility to deal with local conditions. The MPS system developed for this IRM sets forth requirements to facilitate compliance with Executive Order (EO) 13526, Federal Information Security Management Act (FISMA), Physical Security and Environmental (PSE) Control as prescribed within the National Institute Standards and Technology (NIST SP 800-53), Treasury Department Publication (TDP 15-71), and Interagency Security Committee (ISC) Criteria.


  1. The Chief, AWSS, is authorized to prescribe the Minimum Protection Standards for use within the IRS.

  2. The Director, Facilities Management and Security Services (FMSS) is responsible for oversight of this IRS program.

  3. The FMSS Associate Director, Security Policy, is responsible for planning, developing, implementing, evaluating, and controlling the requirements set forth by this IRM.

  4. All IRS Managers are responsible for ensuring employees adhere to this IRM.

Protected Items/Data

  1. Items and data to be protected are divided into three groups:

    1. Normal Security (NS) — All information which has not been identified as requiring High Security or Special Protection.

    2. High Security (HS) — Items which require greater than normal security, due to their sensitivity and/or the potential impact of their loss or disclosure.

    3. Special Security (SP) — Items which require a specific type of containerization, regardless of the area security provided, due to special access control needs. This group of items is divided into three subcategories: Level 1 (SP–1) must be stored in a safe or vault; Level 2 (SP–2) must be stored in a security container or security room as described in IRM 10.2.14, Methods of Providing Protection, Level 3 (SP–3) must be stored in a locked container.

  2. Exhibit 10.2.15-1, Alternative Chart, identifies storage requirements and Exhibit 10.2.15-2, Protectable Items, provides a listing of protectable items and their security designations.

  3. Containers are grouped into four categories:

    1. Lockable container (SP-3) — any metal container with riveted or welded seams which is locked and to which keys and combinations are controlled

    2. Security container (SP-2) — lockable metal container that has a tested resistance to penetration and is approved for storage of high security items (e.g. metal lateral key lock file w/security modifications, metal lateral file equipped w/lock bars on both sides, etc.). Drop boxes, or any container used for the purpose of collecting payment, or information without human interaction is strictly prohibited within IRS facilities. Placement of these types of containers provide opportunity for malicious activity and pose unacceptable safety and security risks.

    3. Safes and vaults (SP-1) — safes which have been accepted for general use by IRS can be identified by General Service Administration (GSA) approval as Class I, II, IV or V or Underwriters Laboratories (UL) listings of TL-30, TRTL-30, TRTL-60 or TXTL-60. Vaults must have been constructed to specifications approved jointly by IRS and GSA.

Protection Methods

  1. Available methods of protection include the use of secured perimeter and/or area space and/or containerization.

Secured Areas

  1. For purposes of providing protection, all space can be classified as either secured or locked (non-secured).

  2. Secured areas are designed to prevent undetected entry by unauthorized persons.

  3. To qualify as a secured area, internal space must meet the following minimum standards:

    1. Space must be enclosed by slab-to-slab wall construction supplemented by periodic inspection. Walls/partitions that do not completely enclose the space to be secured from floor slab to ceiling slab, must be supplemented by Underwriters Laboratories approved electronic intrusion detection, woven wire fabric of a least 10 gauge or heavier, or chain link fence. Due to the complexity of intrusion detection systems, and the related specific annunciation/response requirement, review and approval by the local FMSS Physical Security office is required prior to implementation.

    2. Unless electronic intrusion detection devices are utilized, all doors entering the space must be locked in accordance with requirements set forth in IRM 10.2.14, Methods of Providing Protection.

    3. Cleaning, or any other contract work to be done in the area by non-employees, must be done during duty hours or in the presence of a regularly assigned employee.

Alternative Chart

Protected Item Classification IRS Perimeter Type Interior Area Type Container Type
Normal Security Secured Locked Locked
High Security
Alternative #1 Secured Locked Security
Alternative #2 Secured Secured Locked
Special Security
SP–1 Safe/Vault
SP–2 Security
SP–3 Locked

Protectable Items

Designation Item
SP–3 Adverse Action and Adverse Action Appeal files
NS All material, not classified as requiring high security or special protection.
HS All portable equipment which can be stored in a standard pull drawer or lateral file cabinet. This includes laptop computers, combination padlocks, cameras and similar highly portable items.
SP–3 Annual listing of undelivered refund checks
SP–1 Ammunition
SP-2 Ammunition - less than 60 rounds can be stored in a Security Container
HS Assault and Threat Reports
SP–3 Government Bill of Lading (GBL)
SP–2 Checks drawn on U.S. Treasury (except those endorsed to the IRS for the payment of taxes).
SP–3 Checks received for payment—including personal checks, cashiers checks, bank draft, money orders and U.S. Treasury checks endorsed to the IRS for the payment of taxes. NOTE: In a service center, checks must be in secured area or containerized.
HS Classification Stamps — "accepted as filed"
Classified Information—Top Secret/Secret/Confidential see IRM 10.9.1, National Security Information
SP–2 Combination Records Standard Form SF-700, Security Container Information, for container doors
SP–1 Combination Records Standard Form SF-700, Security Container Information, for safe and vaults
HS Coordinated Examination Records—including all open or closed project files, case files, correspondence, activity reports, and other material which contains taxpayer data or third party information acquired in connection with a planned, open or closed case
SP–1 Currency over $1,000
SP–2 Currency up to and including $1,000
NS Currency Transaction Reports — Forms 4789, Currency Transaction Report
SP–2 Director’s Seals
HS Disclosure Records relative to disclosures made to Department of Justice, Executive Departments, or Congressional Committees
HS Discriminant Function (DIF) formulas, program requirements packages and related materials
SP–3 Employee Underreporter Program/Cases
HS Examination Records — those maintained at the request of Congressional Committees
HS Examination Selection, Criteria and Formulas, Cycle Variables and Volume Controls
SP–1 Firearms (more than 4)
HS Fraud Referrals — all case files, correspondence, or related documents which contain information regarding items referred to Criminal Investigation
HS General Ledger and Subsidiary Records —revenue accounting only
SP–3 All government issued credit cards
SP–2* Grand Jury—Case file and information
SP–3 Grievance Files and Grievance Appeal Files
SP–2 IDRS Passwords and Password Registers
SP–3 IDRS Security Handbook
SP–2 IDRS Security Records (including reports, control documents, audit trail records and computer tapes)
SP–2 Identification Media (IRS) — all unused stock and completed media which is not in the possession of the employee to whom it was assigned
SP–3 Identification Media (IRS) — completed non-photo visitor and temporary cards
SP–2 Informant Communications File
SP–2 Informants’ Claims for Reward
SP–2 Informants’ Control File
SP–3 Internal Security Records — including all open or closed investigative reports, informant files, and other material that contain investigative information concerning employees and/or taxpayers, or taxpayer data, third party information, tax data, or specific information concerning IRS operations acquired in connection with a planned, open, or closed case.
SP–3 Internal Audit Records — including Internal Audit Reports and work papers, open or closed, and other material containing tax data, taxpayer information, functional records and information concerning service center operations, acquired in connection with planned, open or closed audits.
SP–3 Internal Revenue Service Employee — delinquency
SP–3 Key — to any locked container
SP–2 Key — to any room, area, secured area, or security container
SP–3 Law Enforcement Manual (LEM) (Normal Security will apply to service centers)
HS Legal Case Files and Records of Chief Counsel, Deputies Chief Counsel, and their Assistants
HS Magnetic Media — all discs, tapes, DVR, CD, VHS tapes, or similar media which contain program, taxpayer or other individual data
SP–3 Medical Records — employee health records, disability retirement records, and similar files containing personal medical information
HS Microfilm — all cartridges, cassettes or other microfilm media which contain taxpayer data or account information
SP–3 Minority Group Designator Data
SP–2 Negotiable and Non-negotiable Instruments — including stocks, bonds, securities or other collateral
SP–3 OFFICIAL USE ONLY Documents (unless otherwise increased by the originator)
SP–3 Personnel Records — including personnel folders, investigation reports, qualification statements, and other records containing privacy act or sensitive information
SP–2 Receipts unissued Form 809, Receipt for Payment of Taxes, (CP–444) or Form 4733, Receipt for Special Taxes, (CP–445)
HS Received with Remittance Stamps
SP–2 Relocated Witness Files
HS Risk Analysis Final Reports and associated supporting documentation
HS Sensitive investigative equipment — devices that can be used in the interception of telephonic communications or non-telephonic communications
HS Signature Stamps or Facsimile Signature Plates
HS Statutory Notices — signature stamps or facsimile signature plates
HS Taxpayer and Privacy Act Information (due to the protection provided, processing and computing centers are exempt from this requirement)
HS Tax Practitioner File — including extension files
HS TECS Data — which contains information regarding the involvement of Criminal Investigation with taxpayers of third parties
SP–3 Test Materials — OPM, IRS and commercial
HS Testimony of IRS Employees in non-tax matters
SP–3 Training Records — including individual ratings, examination record and register cards, and similar individual test result information
HS Unapplied Master File Credit Reports
SP–3 Undelivered Refund Check Notices
SP–3 Unidentified Remittance Record
HS Unit Ledger Cards
*If volume dictates, these items may be stored in a security room as specified in IRM 10.2.14, Methods of Providing Protection.