Physical Access Control Systems in U.S. General Services Administration Controlled Space

1.  Purpose

This Order establishes an agency-wide approach and policy to update, procure, and install compliant Physical Access Control Systems (PACS) in General Services Administration (GSA) controlled space.

2.  Background

The memorandum titled “GSA/Public Buildings Service (PBS) Physical Access Control Directive” dated September 11, 2013, was signed by PBS and the Office of Mission Assurance (OMA).  That memorandum established the implementation of fully compliant PACS and the migration of disparate PACS to an enterprise-level, fully compliant Homeland Security Presidential Directive-12 (HSPD-12) PACS within GSA-controlled facilities.  Given the enterprise level solution, which requires an agency-wide approach and specific functions for individual Offices, an Order encompassing all of GSA is necessary.

3.  Scope and applicability

This Order applies to all GSA managed PACS in all facilities under the custody and control of GSA and any PACS procured under a delegation from GSA that GSA will manage.  The provisions of this Order shall not be construed to interfere with or impede the legal authorities or independence of the Office of Inspector General (OIG) or the Civilian Board of Contract Appeals (CBCA).

4.  Policy

This Order outlines a coordinated effort between PBS, the Office of GSA IT, the Office of Human Resources Management (OHRM), the Office of Administrative Services (OAS), and OMA to procure and to install as well as update existing non-compliant PACS components/systems with PACS that are compliant with HSPD-12, GSA IT, and GSA Network policies.  Any changes to a PACS must also integrate with an enterprise-level PACS that meets the Federal Identity Credential and Access Management (FICAM) and OMA National PACS Framework requirements capable of reading and authenticating a Personal Identity Verification (PIV) Card for facilities nationwide.

5.  Responsibilities

GSA is responsible for managing HSPD-12 compliant PACS within facilities under the custody and control of GSA, which allows for access to controlled space, including restricted or secured areas.  GSA is also responsible for the replacement of existing legacy perimeter PACS in GSA-controlled space with fully compliant (“end to end”) PACS in coordination with the Department of Homeland Security – Federal Protective Service (FPS), the Facility Security Committees (FSC), and tenant agencies.  Those responsibilities are outlined in Appendix A.

Within a reasonable timeframe of the Order’s signature, OMA, in conjunction with those Offices, will release a GSA PACS Plan with a timeline and a list of targeted GSA buildings and timelines, and instructions for facilities management.