12 FAM 360
CONSTRUCTION SECURITY CERTIFICATION PROGRAM
(CT:DS-423; 04-15-2024)
(Office of Origin: DS/C/PSP)
12 FAM 361 SCOPE, AUTHORITIES, AND APPLICABILITY
12 FAM 361.1 Purpose
(CT:DS-423; 04-15-2024)
a. Public Law 100-204, as amended, requires the Department to confirm and certify appropriate and adequate security for new construction or major renovation projects in foreign facilities intended for classified activities, before construction begins. The Department's Project Certification Program establishes the processes and procedures needed to fulfill this mandate, including for projects that require certification to Congress and those that require internal Department certification.
b. Because the construction, renovation, and maintenance of Department facilities results in a wide range of project types with varying costs, timeframes, and security considerations, the Department established a multi-tiered program to account for these differences while enabling the Department to make the required security certifications in a timely and informed manner.
12 FAM 361.2 Authorities
(TL:DS-423; 04-15-2024)
a. The requirement for a Project Certification program is established by Public Law 100-204, the Foreign Relations Authorization Act for Fiscal Years 1988 and 1989, Section 160, as amended by Public Law 101- 246, the Foreign Relations Authorization Act, Fiscal Year 1990 and 1991, Section 135 (22 U.S.C. Section 4851 note). Before construction begins, and after consultation with the Center for Security Evaluation (CSE) in the Office of the Director of National Intelligence (ODNI), the required certification by the Department is the verification and confirmation that:
(1) Appropriate and adequate steps have been taken to ensure the security of the construction project (including an evaluation of how all security-related factors with respect to such project are being addressed);
(2) The facility resulting from such project incorporates:
(a) adequate measures for protecting classified information and national security-related activities; and
(b) adequate protection for the personnel working in the diplomatic facility; and
(3) A plan has been put into place for the continued evaluation and maintenance of adequate security at such facility, which plan shall specify the physical security methods and technical countermeasures necessary to ensure secure operations, including any personnel requirements for such purposes.
b. The Omnibus Diplomatic Security and Antiterrorism Act of 1986 and National Security Policy Directive 1 (NSPD-1) provide authority for the Overseas Security Policy Board (OSPB).
12 FAM 361.3 Applicability
(CT:DS-423; 04-15-2024)
a. All new construction or renovation projects under chief of mission (COM) security responsibility are subject to Project Certification as detailed in 12 FAM 363 when:
(1) The project will result in a new Department facility or building and is intended to include a Controlled Access Area (CAA), or
(2) The project is in an existing Department facility and:
(a) includes construction activities in an existing CAA,
(b) will create a new CAA, or
(c) includes construction activities that will penetrate the outermost plane of the CAA.
b. For projects described in12 FAM 361.3.a. (1), construction on the structure that will include CAA, including construction of the foundation, is not authorized to begin until the project proponent has received notification from the Department that the required Project Certification has been completed.
Note: Foundation includes spread footings, mat foundations, grade beams, slab on grade, and similar structural elements. Other below grade work not mentioned is authorized. Piles, piers, and caissons are considered soil stabilization and are not considered part of the foundation.
c. For projects described in 12 FAM 361.3.a.(2), construction activities in existing CAA, on new CAA, or that will penetrate the outermost plane of the CAA are not authorized to begin until the project proponent has received notification from the Department that the required Project Certification has been completed.
d. As contemplated by Public Law 100-204, there are limited exclusions to the Project Certification requirement for projects impacting existing CAA. These limited exclusions are noted in 12 FAM 363.4.
12 FAM 362 rESPONSIBILITIES
(CT:DS-423; 04-15-2024)
a. The chief of mission (COM), in coordination with the regional security officer (RSO), is responsible for ensuring that no construction project described in12 FAM 361.3, paragraph a, is initiated prior to receipt of Project Certification notification.
b. The proponent of a project covered by 12 FAM 361.3, paragraph a, in coordination with appropriate offices in the Bureau of Overseas Buildings Operations (OBO), is responsible for providing the Bureau of Diplomatic Security (DS) with Overseas Security Policy Board (OSPB) compliant project designs and construction security plan (CSP).
c. Following consultation with CSE, DS is responsible for confirming the project designs and CSP meet applicable OSPB technical and physical security requirements, prior to Project Certification.
12 FAM 363 project Certification Program
12 FAM 363.1 Bifurcated Project Certification
(CT:DS-423; 04-15-2024)
a. As required by Public Law 100-204, as amended, before construction begins on a project described in12 FAM 361.3.a, the Department’s Project Certification program confirms the completed project will provide adequate security measures based on applicable OSPB requirements. This Project Certification is based on known facts verified through project-specific document reviews, including, but not limited to, design documents, Scopes of Work (SOW), specifications, CSP, and other contract and project requirements.
b. As a significant component of the Project Certification program, the Department established a project accreditation program for all projects described in12 FAM 361.3.a. (1), and for all renovation projects described in 12 FAM 361.3. a.(2) that significantly impact upon a CAA.
c. The project accreditation program includes a series of on-site inspections, which are completed by multi-disciplined DS security teams and take place throughout the execution of construction. These inspections culminate with a final accreditation inspection of the completed facility that confirms all applicable OSPB security requirements have been incorporated into the project. The project accreditation program verifies the Project Certification made prior to the start of construction remains valid.
d. The project accreditation program enables a bifurcated Project Certification program whereby projects that will be accredited can be certified earlier in the design process than projects that will not be accredited. This facilitates an earlier construction start for those projects that will be accredited while remaining compliant with the statutory requirement for Project Certification prior to the start of construction. The bifurcated Project Certification program consists of:
(1) Project Certification Without Accreditation; and
(2) Project Certification With Accreditation.
e. The Memorandum of Understanding (MOU) Concerning Certification and Accreditation between DS, OBO, and CSE establishes the processes, procedures, and responsibilities for the Department’s bifurcated Project Certification program. Contact DS/PSD/CAT for a copy of the current MOU.
12 FAM 363.2 Congressional Project Certification
(CT:DS-423; 04-15-2024)
a. For all construction or renovation projects described in12 FAM 361.3, paragraph a, and which cost more than $5 million, the Secretary, or a delegate, will provide a Project Certification to the Senate Foreign Relations Committee (SFRC) and the House Foreign Affairs Committee (HFAC). This Project Certification fulfills the requirements listed in Public Law 100-204, as amended.
b. In certifying the requirements listed in 12 FAM 361.2, paragraph a, have been met, the following Project Certification elements are required before the Secretary, or a delegate, can provide the Project Certification to Congress:
(1) Director of National Intelligence (DNI) consultation on the design documents and CSP;
(2) DS CSP Approval; and
(3) DS Design Approval.
12 FAM 363.3 Departmental Project Certification
(CT:DS-423; 04-15-2024)
a. Except as specified in 12 FAM 363.4, the Assistant Secretary for DS, or a designate, will issue Departmental Certification for all construction or renovation projects described in 12 FAM 361.3, paragraph a, which:
(1) Cost $5 million or less, but equal to or more than $250,000; or
(2) Cost less than $250,000, but require more than 15 calendar days to complete; or
(3) DS determines the project to be of such security significance that it warrants Departmental Certification
b. In certifying the requirements listed in 12 FAM 361.2, paragraph a, have been met, the following Project Certification elements are required before the Assistant Secretary for Diplomatic Security, or a designate, can issue Project Certification for the Department:
(1) DNI consultation on the design documents and CSP;
(2) DS CSP Approval; and
(3) DS Design Approval.
12 FAM 363.4 Project Certification Exclusions
(CT:DS-423; 04-15-2024)
a. As contemplated by Public Law 100-204, as amended, the Project Certification requirement is subject to limited exclusions. Projects that take place in a CAA or that include work that will penetrate the outermost plane of the CAA are not subject to Project Certification requirements if:
(1) The project cost and duration does not exceed the thresholds established in 12 FAM 363.3; or
(2) The project cost or duration exceeds the thresholds established in 12 FAM 363.3, but meets the criteria established in 12 FAM 363.4.c, to be designated a Maintenance and Repair (M&R) project.
b. Projects described in12 FAM 363.4.a. (1), are Post Confirmed projects.
c. Projects described in 12 FAM 363.4.a.(2), and that meet all the following criteria are M&R projects:
(1) The project will replace specific items on a one-for-one basis (new models of the same equipment are authorized, e.g., generator replacement);
(2) Except for the replacement of the item(s) and any related work facilitating the installation of the new item(s), the project will not alter the physical environment surrounding the item(s), e.g., generator replacement without changes to generator room; and
(3) The project will not increase, expand, or alter existing conditions or capabilities except as resulting from the repair of a failed system, e.g., replacement of generator with new model but same capacity.
d. In all cases, DS reserves the right to determine if a project does not meet the criteria required for an M&R designation or if the Post Confirmed or M&R project is of such security significance that it warrants Departmental Certification.
e. Prior to beginning work in any CAA, Post Confirmed and M&R projects require a DS-approved CSP to verify applicable OSPB construction security requirements are incorporated into the project execution.
f. In the event of an emergency that threatens national security activities or information, life or safety, or immediate and substantial damage to a facility, emergency repairs may be made in a CAA prior to obtaining the DS-approved CSP. Security procedures for emergency repairs must meet applicable OSPB construction security requirements to the extent feasible based on the nature of the emergency. Repairs must be limited to those necessary to remove the immediate danger or to limit additional damage. Permanent repairs and restoration require Project Certification in accordance with 12 FAM 361.3.
g. In the event of an emergency, the RSO or post security officer (PSO) must immediately notify the cognizant Engineering Security Office (ESO), the Office of Security Management (OBO/CFSM/SM), and the Certification, Accreditation, Transit Security Branch (DS/PSD/CAT). A review of the implemented security procedures will be completed to determine if procedures were adequate, or if additional mitigation is required.
12 FAM 364 THROUGH 369 UNASSIGNED