R 252057Z JAN 13
UNCLASSIFIED/
MARADMIN 051/13
MSGID/GENADMIN/CMC WASHINGTON DC PPO PS//
SUBJ/INSTALLATION PERIMETER PHYSICAL ACCESS CONTROL SYSTEMS//
REF/A/MSGID:MCO 5530.14A//
REF/B/MSGID:DODIG-2012-122//
REF/C/MSGID:FIPS-201//
REF/D/MSGID:HSPD-12//
REF/E/MSGID:DTM-09-12//
REF/F/MSGID:DOD 5200.08-R//
POC/CHRISTOPHER ISELY/SSGT/UNIT:PPO PS/-/EMAIL: CHRISTOPHER.ISELY@USMC.MIL/TEL:(703)692-4272//
POC/MR. TONY PIERCE/CIV/UNIT:PPO PS/-/EMAIL: CHARLES.A.PIERCE@USMC.MIL/TEL:(703)695-7202//
NARR/REFERENCE A IS THE MARINE CORPS PHYSICAL SECURITY PROGRAM MANUAL WHICH IDENTIFIES THE DEPUTY COMMANDANT (DC) PLANS, POLICIES AND OPERATIONS (PPO) AS RESPONSIBLE FOR PHYSICAL SECURITY FOR THE MARINE CORPS. WITHIN PPO, SECURITY DIVISION (PS) IS RESPONSIBLE FOR PHYSICAL SECURITY POLICY DEVELOPMENT AND IMPLEMENTATION. REFERENCE B IS THE DEPARTMENT OF DEFENSE INSPECTOR GENERAL (DODIG) REPORT "DOD SHOULD PROCURE COMPLIANT PHYSICAL SECURITY ACCESS CONTROL SYSTEMS TO REDUCE THE RISK OF UNAUTHORIZED ACCESS".  REFERENCE C IS FEDERAL INFORMATION PROCESSING STANDARDS-201 (FIPS-201), "PERSONAL IDENTITY VERIFICATION OF FEDERAL EMPLOYEES AND CONTRACTORS". REFERENCE D IS HOMELAND SECURITY PRESIDENTIAL DIRECTIVE 12 (HSPD-12) "POLICIES FOR A COMMON IDENTIFICATION STANDARD FOR FEDERAL EMPLOYESS AND CONTRACTORS". REFERENCE E IS "DIRECTIVE TYPE MEMORANDUM 09-12 (DTM-09-12) "INTERIM POLICY GUIDANCE FOR DOD PHYSICAL ACCESS CONTROL" THAT PROVIDES CURRENT DEPARTMENT OF DEFENSE POLICY REGARDING INSTALLATION ACCESS CONTROL, INCLUDING PHYSICAL ACCESS CONTROL SYSTEMS. REFERENCE F IS THE DEPARTMENT OF DEFENSE REGULATION "PHYSICAL SECURITY PROGRAM".//
GENTEXT/REMARKS/1. PURPOSE. TO ANNOUNCE ADDITIONAL REQUIREMENTS REGARDING COMMERCIAL PHYSICAL ACCESS CONTROL SYSTEM IN USE ABOARD MARINE CORPS INSTALLATIONS.
2. BACKGROUND. DURING 2012, THE DEPARTMENT OF DEFENSE INSPECTOR GENERAL (DODIG) CONDCUCTED AN AUDIT OF SERVICE PHYSICAL ACCESS CONTROL SYSTEMS (PACS). REFERENCE B, IDENTIFIED FINDINGS BASED ON REQUIREMENTS OUTLINED IN REFERENCES C THROUGH F.  REFERENCE C PROVIDES MINIMUM REQUIREMENTS FOR A FEDERAL PERSONAL IDENTITY VERIFICATION (PIV) SYSTEM THAT MEETS THE CONTROL AND SECURITY OBJECTIVES OF REFERENCE D, INCLUDING PERSONAL IDENTITY PROOFING, REGISTRATION, AND ISSUANCE. REFERENCE C ALSO PROVIDES DETAILED SPECIFICATIONS THAT WILL SUPPORT TECHNICAL INTEROPERABILITY AMONG PIV SYSTEMS OF FEDERAL DEPARTMENTS AND AGENCIES. REFERENCE D MANDATES A SECURE AND RELIABLE FORM OF IDENTIFICATION ISSUED BASED ON SOUND CRITERIA FOR VERIFYING AN INDIVIDUAL EMPLOYEE'S IDENTITY THAT IS STRONGLY RESISTANT TO IDENTITY FRAUD, TAMPERING, COUNTERFEITING, AND TERRORIST EXPLOITATION; CAN BE RAPIDLY AUTHENTICATED ELECTRONICALLY; AND IS ISSUED ONLY BY PROVIDERS WHOSE RELIABILITY HAS BEEN ESTABLISHED BY AN OFFICIAL ACCREDITATION PROCESS. THE STANDARD WILL INCLUDE GRADUATED CRITERIA, FROM LEAST SECURE TO MOST SECURE, TO ENSURE FLEXIBILITY IN SELECTING THE APPROPRIATE LEVEL OF SECURITY FOR EACH APPLICATION. THE STANDARD SHALL NOT APPLY TO IDENTIFICATION CARDS AND OTHER TOKENS ASSOCIATED WITH NATIONAL SECURITY SYSTEMS AS DEFINED BY 44 U.S.C. 3542(B)(2).
3. POLICY. ANY AND ALL COMMMERCIAL PHYSICAL ACCESS CONTROL SYSTEMS IN USE ABOARD MARINE CORPS INSTALLATIONS MUST MEET REQUIREMENTS OUTLINED IN REFERENCES C THROUGH F. PACS WILL USE ONLY EQUIPMENT THAT HAS BEEN APPROVED BY THE GENERAL SERVICES ADMINISTRATION (GSA) AND INCLUDED ON THE GSA APPROVED PRODUCTS LIST (APL). PACS EQUIPMENT MUST ALSO MEET PERSONAL IDENTITY PROOFING, REGISTRATION, AND ISSUANCE REQUIREMENTS OF REFERENCE D. COMMANDERS ARE DIRECTED TO CONDUCT A COMPREHENSIVE REVIEW OF ALL CURRENT CONTRACTS TO ENSURE COMPLIANCE WITH REFERENCES C THROUGH F. A FORMAL WRITTEN DOCUMENT FROM THE PACS COMPANY IDENITFYING CURRENT COMPLIANCY WITH REFERENCES C AND D IS REQUIRED IMMEDIATELY. ALL CONTRACTS WILL BE HONORED THROUGH THE CURRENT PERFORMANCE PERIOD.
A. NO NEW CONTRACTS, CONTRACT EXTENSIONS, OR OPTION YEARS MAY BE APPROVED OR SIGNED WITHOUT A FORMAL DOCUMENT FROM THE PACS COMPANY ATTESTING THAT ALL REQUIREMENTS OF REFERENCES C THROUGH F ARE ADHERED TO AND THAT ANY EQUIPMENT IN THE PACS IS FIPS 201 COMPLIANT, GSA APPROVED, AND INCLUDED ON THE APL.
B. COMMANDERS MUST ALSO ENSURE THAT COMMAND PERSONNEL INVOLVED WITH PHYSICAL ACCESS CONTROL SYSTEMS HAVE REVIEWED AND ARE KNOWLEDGABLE OF REQUIREMENTS OF REFERENCES A THROUGH F AS THE GUIDANCE CONTAINED IN THESE DOCUMENTS PROVIDES CURRENT FEDERAL, DEPARTMENT OF DEFENSE AND MARINE CORPS POLICY FOR INSTALLATION PERIMETER ACCESS CONTROL.
C. THIS POLICY IS NOT WAIVERABLE. WIDEST DISSEMINATION TO ALL  COMMAND AND TENANT UNITS IS DIRECTED.
4. RELEASE AUTHORIZED BY MR. RAYMOND F. GEOFFROY, ASSISTANT DEPUTY COMMANDANT FOR PLANS, POLICIES, AND OPERATIONS (SECURITY).//