Order Code RS22121
April 22, 2005
CRS Report for Congress
Received through the CRS Web
The Interagency Security Committee and
Security Standards for Federal Buildings
Stephanie Smith
Analyst in American National Government
Government and Finance Division
Summary
The federal government owns or leases 3.4 billion square feet of space in 491,465
buildings which may be vulnerable to acts of terrorism and other forms of violence. The
Interagency Security Committee (ISC) was created by E.O. 12977 in 1995, following
the domestic terrorist bombing of the Alfred P. Murrah Federal Building in Oklahoma
City, OK, to address the quality and effectiveness of physical security requirements for
federal facilities. The September 2001 terrorist attacks on the Pentagon and the World
Trade Center renewed concerns about the vulnerability of federal buildings to bombing
or other forms of attack. On February 28, 2003, the chairmanship of the ISC was
transferred to the Secretary of Homeland Security from the Administrator of General
Services by E.O. 13286. In July 2004, based on Homeland Security Presidential
Directive/HSPD-7, the ISC began reviewing federal agencies’ physical security plans
to better protect the nation’s critical infrastructure and key resources. The ISC issued its
updated Security Design Criteria on September 29, 2004, which set forth enhanced
physical security requirements for the construction of new federal buildings, as well as
for major renovations of existing buildings. This report will be updated to reflect any
policy changes in security standards for federal facilities.
Background and Introduction
As of September 30, 2003, the federal government’s real property portfolio consisted
of 3.4 billion square feet of space in 437,185 owned and 54,280 leased federal facilities.1
The General Services Administration (GSA), through its Public Buildings Service (PBS),
is the primary federal real property and asset management agency, and is responsible for
1 U.S. General Services Administration, Office of Governmentwide Policy, Overview of the
United States Government’s Owned and Leased Real Property: Federal Real Property Profile,
as of Sept. 30, 2003, Table 1: Highlight Summary of the Federal Government’s Owned and
Leased Real Property, p. 3.
Congressional Research Service ˜ The Library of Congress
CRS-2
45.5% of the federal government’s total space requirements.2 In addition to GSA, 27
other federal agencies have independent landholding and leasing authorities that enable
them to acquire or construct specific types of buildings.3
GSA is responsible for the design and construction of its buildings, and for
alterations and repairs to existing facilities. One of its primary goals has always been to
assure the physical safety of federal employees who work in, and the private citizens who
visit, government-owned or -leased buildings. However, the federal government had no
formally established building security standards for either federally owned or leased
buildings when the April 1995 domestic terrorist bombing of the Alfred P. Murrah
Federal Building occurred in Oklahoma City, OK.4
The Oklahoma City bombing brought a new awareness to the potential for violent
acts directed at federal buildings as symbolic attacks against the federal government as
a whole. The day following the April 19, 1995, bombing, President William Clinton
directed the Department of Justice (DOJ) to assess the vulnerability of federal facilities
to acts of terrorism or violence, and to develop recommendations for minimum security
standards.5 Because of its expertise in federal courts’ security, the U.S. Marshals Service
(USMS) coordinated two working groups to accomplish these tasks, a Standards
Committee and a Profile Committee. The Standards Committee, composed of security
specialists and representatives from GSA, the Federal Bureau of Investigation, the U.S.
Secret Service, the Social Security Administration, and the Departments of Defense and
State, identified and evaluated the various types of security measures that could be used
to strengthen potential vulnerabilities. The committee compiled a list of proposed
minimum standards pertaining to secure perimeter buffer zones; the security of entrances
and exits and related access procedures; the identification and admittance of employees
and visitors; garage and vehicle service entrances; the location of day care centers; and
the use of closed circuit television monitoring.
Because of the differences among federal buildings and their related security issues,
the Standards Committee categorized federal facilities into five different levels (with
corresponding security standards) based on factors such as building size, agency mission
and function, tenant population, and volume of public access. A Level I building is
defined as having not more than 2,500 square feet (sq. ft.) of space, with 10 or fewer
federal employees, and little public access. A Level II building contains between 2,500
to 80,000 sq. ft., and has between 11 and 150 federal employees engaged in routine
activities, with a moderate level of public access. An example of a Level II building is
2 For further information, see CRS Report RL32368, The General Services Administration and
Federal Real Property Management: Overview and Current Legislation, by Stephanie Smith.
3 U.S. General Services Administration, Office of Government Policy, Overview of the United
States Government’s Owned and Leased Real Property: Federal Real Property Profile, as of
Sept. 30, 2003, Table 8: Owned and Leased Office Area by Agency within the United States, p.
9.
4 U.S. Department of Justice, U.S. Marshals Service, Vulnerability Assessment of Federal
Facilities, June 28, 1995 (Washington: 1995), p. 1-1.
5 U.S. General Accounting Office, Building Security: Interagency Security Committee Has Had
Limited Success in Fulfilling Its Responsibilities, GAO Report GAO-02-1004 (Washington: Sept.
2002), p. 5.
CRS-3
the Social Security Administration Office in El Dorado, CO. A Level III building is
defined as occupying between 80,000 to 150,000 sq. ft. of space, and housing between
151 and 450 federal employees, with a moderate to high volume of public access. Level
III facilities may house several federal tenants, law enforcement agencies, or court-related
or archival agencies. Level IV facilities are categorized as occupying more than 150,000
sq. ft. of space, and housing more than 450 federal employees. These Level IV facilities
are defined as having “high volume public contact” and include federal courthouses with
high-risk court chambers, judicial offices, and buildings that house highly sensitive
government records. Level V facilities are similar to Level IV buildings in size and
numbers of federal employees. However, the missions of Level V facilities are
considered “critical to national security.” The Central Intelligence Agency headquarters
and the Pentagon, for example, are both classified as Level V for security purposes.
The Profile Committee, composed of USMS deputies and GSA security specialists,
conducted inspections at more than 1,200 federal facilities to obtain security data on
buildings for use in upgrading existing conditions to comply with the proposed minimum
standards. Sixty days later, the working groups’ findings and recommendations were
published in a June 1995 report entitled Vulnerability Assessment of Federal Facilities.6
Security Standards and Design Criteria
The publication of the 1995 Vulnerability Assessment report was significant in that
it represented the first time that broad security standards were applied to federal facilities,
and they are still in effect. In conjunction with publication of the report, President Clinton
directed all executive branch agencies to begin immediately upgrading their facilities to
meet the recommended minimum security standards, to the extent possible within funding
limitations. Based on the DOJ recommendations, he also required GSA to establish
building security committees for all GSA facilities, and called upon other landholding
agencies to establish programs for upgrading their facilities to appropriate minimum
security standards.7
Four months later, on October 19, 1995, President Clinton issued E.O. 12977, which
established a permanent Interagency Security Committee (ISC) within the executive
branch to address “continuing government-wide security” for federal facilities.8 Chaired
by the GSA Administrator, the ISC was composed of representatives from each of the
executive branch agencies, the Office of Management and Budget, the Environmental
Protection Agency, and the Central Intelligence Agency. Other members included the
following individuals or their designees: the Director of USMS; the Assistant
Commissioner of the Federal Protective Service (FPS);9 the Assistant to the President for
6 U.S. Department of Justice, U.S. Marshals Service, Vulnerability Assessment of Federal
Facilities.
7 U.S. President (Clinton), “Memorandum on Upgrading Security at Federal Facilities,” Public
Papers of the Presidents of the United States, vol. I, June 28, 1995, pp. 964-965.
8 U.S. President (Clinton), “Interagency Security Committee,” Executive Order 12977, Federal
Register, vol. 60, Oct. 24, 1995, pp. 54411-54412.
9 The Federal Protective Service was transferred from GSA to DHS by the Homeland Security
(continued...)
CRS-4
National Security Affairs; the Director of the Security Policy Board; and other federal
officials appointed by the President. The ISC was also authorized to consult with other
parties, including the Administrative Office of the U.S. Courts, in order to perform its
duties. Section 5 of E.O. 12977 required the ISC to develop and evaluate existing security
policies, and to take necessary actions to enhance the quality of security and protection
for federal facilities. These actions might include encouraging agencies with security
responsibilities to share security-related intelligence in a timely manner; evaluating
technology and information systems to facilitate cost-effective security upgrades;
developing long-term construction standards for high-risk facilities that require blast-
resistant structures or have other specialized security requirements; evaluating standards
for the location and security of day care centers in federal facilities; and assisting the GSA
Administrator in creating and maintaining a centralized security database of all federal
facilities.
While the 1995 Vulnerability Assessment report provided guidance for overall
security standards for existing facilities, it did not provide criteria for the design and
construction of new federal buildings. In January 1997, GSA completed its first draft of
a document entitled GSA Security Criteria, which was revised and issued on October 8,
1997, to establish design standards for the protection of federal employees in civilian
facilities.10 The GSA security document attempted to integrate security standards
throughout all functional and design phases of the building process, including site and
interior space planning, as well as structural and electrical design elements.
Building upon GSA’s 1997 Draft Security Criteria, the members of the ISC
established a series of working groups that addressed new technology developments, cost
considerations, the experience of architects and builders in applying GSA’s design
criteria, and the need to balance security standards with public access to federal buildings.
In May 2001, the ISC issued its Security Design Criteria for New Federal Office
Buildings and Major Modernization Projects, based on the five security levels for federal
facilities.11 New ISC security requirements for future construction projects included the
use of glazing protection for windows, the establishment of distances that buildings
should be set back from the street, the control of vehicular access to the buildings, and the
location and securing of air intakes. In July 2001, the ISC issued a second product for
federal agencies to implement that set forth minimum standards for federal building
access procedures. Two draft documents, one that addressed entry security technology,
9 (...continued)
Act of 2002(116 Stat. 2178), and is now part of DHS’s Bureau of Immigration and Customs
Enforcement (ICE), Border and Transportation Security Directorate. The FPS protects federally
owned or occupied facilities under GSA’s and DHS’s jurisdictions.
10 U.S. General Services Administration, Public Buildings Service, Building Technologies
Division, Office of Property Development, GSA Security Criteria, Oct. 8, 1997, Limited Official
Use Only. GSA also publishes The Facilities Standards for the Public Buildings Service, which
is updated on a regular basis, and contains a chapter on security design. A brief overview can be
found at [http://www.gsa.gov],visited on Apr. 5, 2005.
11 Interagency Security Committee, ISC Security Design Criteria for New Federal Office
Buildings and Major Modernization Projects, May 28, 2001, available on a limited-access
website at [http://www.oca.gsa.gov], visited on Mar. 29, 2005.
CRS-5
and the second, which pertained to preparedness for nuclear, biological, and chemical
attacks, were not officially issued by the ISC membership.
The September 2001 terrorist attacks on the Pentagon and the World Trade Center
heightened concerns about the vulnerability of federal buildings to violence or bombing
attacks. In response to these events, the ISC issued revised procedures to respond to
potential vehicle bomb attacks by recommending that new federal buildings be
constructed at a minimum distance of between 20 to 50 feet from the nearest perimeter
barrier, depending upon the security level.12
Even though the ISC successfully completed its Security Design Criteria and related
draft documents, a 2002 General Accounting Office (GAO)13 report found that the
committee had made “little progress” in other mandated responsibilities. Although the
ISC had established 13 working groups since 1995, only two of the groups were still
active as of July 2002. Also, while GAO reported that the ISC was successfully
disseminating security information to member agencies, it also found that the group’s
effectiveness was hindered by GSA’s “lack of aggressive leadership and support,” in that
the agency failed to issue operating procedures, and did not provide sufficient staff
support and funding. GSA was also unable to provide any documention indicating that
the agency or the ISC had actually monitored agency compliance with the ISC’s security
recommendations.14
Recent Developments
Congressional enactment of the Homeland Security Act15 in 2002 and the associated
creation of the Department of Homeland Security centralized the federal government’s
efforts to respond to terrorism, including physical security for federal facilities. On
February 28, 2003, the chairmanship of the ISC was transferred from the GSA
Administrator to the Secretary of Homeland Security, and a representative from GSA was
added to the ISC’s membership.16 Within DHS, the chairmanship of the ISC was
subsequently delegated to the Director of the Federal Protective Service in January 2004.17
Given the challenges that the ISC faces to successfully integrate security initiatives
encompassing diverse agency needs, GAO recommended in September 2004 that DHS
direct the ISC to develop a plan that “identifies resource needs, implementation goals, and
12 U.S. General Services Administration, Public Buildings Service, Memorandum for Assistant
Regional Administrators, Implementation of the Interagency Security Committee (ISC) Design
Criteria Regarding Site Selection, Apr. 26, 2002, pp. 1-2.
13 In 2004, Congress changed GAO’s name from the General Accounting Office to the
Government Accountability Office. 118 Stat. 811.
14 U.S. General Accounting Office, Building Security, GAO Report GAO-02-1004, pp. 7-11.
15 116 Stat. 2135.
16 U.S. President (George W. Bush), “Amendment of Executive Orders, and Other Actions, in
Connection with the Transfer of Certain Functions to the Secretary of Homeland Security,”
Executive Order 13286, Federal Register, vol. 68, Mar. 5, 2003, p. 10624.
17 U.S. Government Accountability Office, Homeland Security: Further Actions Needed to
Coordinate Federal Agencies’ Facility Protection Efforts and Promote Key Practices, GAO
Report GAO-05-49 (Washington: 2004), p. 9.
CRS-6
time frames for meeting the ISC’s ongoing and yet-unfulfilled responsibilities.”18 GAO
reported that standard operating procedures had been approved by agency members in
September 2004, and included new requirements for attendance and participation at ISC
meetings. DHS is also helping the ISC meet its requirement to create and maintain a
centralized security database of all existing federal facilities. The ISC issued updated
security standards for leased facilities in July 2003, as well as new recommendations to
member agencies pertaining to the use of escape hoods. The updated version of the ISC
Security Design Criteria for New Federal Office Buildings and Major Modernization
Projects was approved by concurrence of the ISC membership on September 29, 2004.
In addition to its duties to coordinate federal facility security efforts and to develop
security standards for the construction of new federal facilities, the ISC has recently been
assigned responsibilities to review federal agencies’ physical security plans. Homeland
Security Presidential Directive/HSPD-7, issued on December 17, 2003, established
requirements for federal agencies “to identify and prioritize United States critical
infrastructure and key resources and to protect them from terrorist attacks,” and assigned
implementation responsibilities to DHS.19 In July 2004, the ISC was designated to
oversee and review each agency’s physical security plan pertaining to protection of the
nation’s infrastructure and key resources. According to GAO, the ISC’s successful
completion of these new responsibilities relating to homeland security issues would
“represent a major step” toward carrying out its existing duties pertaining to compliance
and oversight.20
The successful integration of the federal government’s facility protection standards
is a formidable challenge because it involves diverse agencies with varying perspectives
on security issues. Current ISC projects include the updating of the 1995 Vulnerability
Assessment Report to make the document more specific to agencies’ missions and
strategic plans. The ISC membership is also striving for better formulation of security
policies and directives to gain more consensus and compliance within the federal
community. Through greater accountability and oversight, the ISC hopes to provide one
leadership voice to integrate physical security initiatives successfully for the federal
government.21
18 Ibid., pp. 47-48.
19 U.S. President (Bush), “Directive on Critical Infrastructure Identification, Prioritization, and
Protection, Homeland Security Presidential Directive/HSPD-7,” Weekly Compilation of
Presidential Documents, vol. 39, Dec. 17, 2003, p. 1816.
20 U.S. Government Accountability Office, Homeland Security, GAO Report GAO-05-49 , p. 11.
21 Information based on telephone conversation with the ISC Executive Director on Apr. 1, 2005.