General Services Administration Mail Communications Policy Office Mail Center Security Guide

Download 205.82 Kb.
Size205.82 Kb.
  1   2   3   4   5   6   7   8   9   10

GSA Mail Center Security Guide – Third Edition

General Services Administration
Mail Communications Policy Office
Mail Center Security Guide
Third Edition – 2004

Introduction 3

A Note For Smaller Federal Facilities. 4

What Should a Mail Center Security Plan Include? 4

Critical Elements of a Mail Center Security Plan 4

I. Risk Assessment 5

Components of a Risk Assessment with Definitions of Terms 5

Questions Addressed by Risk Assessment 5

Conducting a Risk Assessment 6

Step One: Asset and mission identification – What are you trying to protect? 6

Step Two: Threat Assessment – What bad things could happen? 7

Step Three: Vulnerability Assessment – What are your weaknesses? 8

Step Four: Impact Assessment – What would happen if your security measures failed? 8

Step Five: Risk Analysis – What does it all add up to? 9

Sample Questions to Ask as Part of Your Risk Assessment 9

Federal Security Risk Management Chart 10

II. Mail Center Operating Procedures – Creating a Safe and Secure Environment 11

Incoming Mail Procedures 11

Handling Accountable Mail 11

Personal Mail 12

Loss Prevention and Cost Avoidance 12

Physical Security in a Mail Center/Facility 13

Daily Opening and Closing Procedures 13

The checklist for opening the mail center should include: 14

The checklist for closing the mail center should include: 14

Building Security Committees 14

Offsite Processing Of Incoming Mail 14

Personal Protective Equipment 15

Psychological Effects 15

Workplace Violence 16

III. Training, Testing, and Rehearsal 17

The importance of testing the plan 17

X-Ray training 17

Contents of a complete training program 17

IV. Managing Threats 18

Suspicious letters and packages 18

Characteristics of suspicious packages or letters 18

Post examples. 18

Rehearse. 18

Question every suspicious letter or package. 19

Mail Bombs 21

V. Communications Plan 23

Management 23

Customers 23

Mail Center Personnel 23

Communications During an Emergency. 23

Relationships with partner organizations (First Responders, Public Health Authorities, FBI, FPS, Regional USPIS, Fire, Hazmat and Law Enforcement Officials) 24

VI. Occupant Emergency Plan (OEP) 25

Occupant Emergency Program 25

Occupant Emergency Organization 25

Designated Official 25

Occupant Emergency Plan (OEP) 25

Evacuation Plans 25

Whom to Contact in the Event of an Emergency 26

Building/Occupant Information 26

The Command Center (COMMAND CENTER) 26

VII. Continuity of Operations Planning (COOP) 27

What are the Key Elements of a COOP? 27

What are the Responsibilities of the Mail Manager in a COOP? 27

What are the Objectives of a COOP for a mail facility? 27

COOP background documents 27

Fly-away kits 28

VIII. Review of the Security Plan 29

Initial Review 29

Annual Review 29

Contractors 29

Conclusion 30

Appendix A – Risk Analysis Worksheet 31

Appendix B – On Line Resources For Keeping Your Mail Center Safe 32

Appendix C – Mail Center Security Checklist 34


Throughout the seven years since the General Services Administration (GSA) established the Office of Governmentwide Policy (OGP), federal mail managers have requested training for themselves and their employees. The OGP Mail Policy Team has fulfilled these requests by offering quarterly Interagency Mail Policy Council meetings, the Annual Educational Forums, and a web site full of training resources and other information.

Mail center security was always a significant part of this training. It became much more important after the anthrax attacks of October 2001. The subject of mail center security has always been broader than biological threats – it also includes mail bombs and bomb threats, preventing theft in the mail center, emergency planning, and comprehensive security management.
We published the First Edition of this Mail Center Security Guide in December 2001 and the Second Edition in October 2002. We also published several documents on specific security topics. Most recently, in December 2003, we published the “National Guidelines for Assessing and Managing Biological Threats in Federal Mail Facilities.” This Third Edition of the Mail Center Security Guide incorporates new information that has become available, as this nation’s understanding of homeland security has evolved. Significant additions to this edition include a step-by-step process for performing a risk assessment, updated information on managing threats, and information about Occupant Emergency Plans and Continuity of Operations Plans. The risk assessment should be performed by a security professional, mail management input is critical to its success.
This Guide’s purpose is to assist federal mail center managers in keeping mail centers safe and secure. It provides an outline of the planning and preparation that is appropriate for a federal mail center. It encourages you to communicate with others in the planning process by making you more familiar with their process. In particular, this Guide offers:

  • Elements of a Mail Center Security Plan

  • Descriptions and discussion of those elements

  • Tips for operations, training, and communications

  • A list of on-line resources

  • A security checklist

The mail center security plan has many objectives, including these:

  • Protecting staff and all other employees and building occupants;

  • Avoiding unwarranted, costly and disrupting evacuations;

  • Providing a visible mail screening operation that demonstrates to all employees that management is committed to their safety;

  • Supporting employee morale and reducing stress by providing reassurance to all employees about the safety of mail;

  • Minimizing the likelihood of litigation, which could arise from suggestions that the mail center manager had not taken proper measures to keep employees safe while at work.

Throughout this Guide, “you” refers to the mail center manager, and “we” refers to GSA.

A strong plan for mail center security, supplemented with regular training, rehearsals, and reviews, helps instill a culture that emphasizes the importance of security. Involving all members of the team – executives, managers, employees, contractors, security managers, building management personnel, and union representatives -- during development and throughout is critical to the security plan’s success.

A Note For Smaller Federal Facilities.

Many federal agencies have satellite facilities where mail operations are performed in a small room, one corner of a room, or one corner of a desk. In these facilities, responsibility for processing mail is divided among professional and support staff. Security plans for small facilities are, of course, limited by both the size of the facility and the resources available to develop and implement plans. Small facilities will, therefore, adopt those recommendations from this Guide that are appropriate to them. Nonetheless, every federal facility should have a security plan that considers each of the elements listed in Figure 1. For the most part, security policy should be developed at a headquarters level, with procedures tailored to the smaller location developed and implemented onsite. Your threats and vulnerabilities will determine the measures to protect your facility.

What Should a Mail Center Security Plan Include?

A complete mail center security plan includes the elements listed in Figure 1, and every federal mail center manager should make sure that all of these are included. For most mail centers, each of these elements should be represented in a written document.

Critical Elements of a Mail Center Security Plan

  1. Risk Assessment

  2. Operating Procedures

  3. Training, Testing, and Rehearsal Plan

  4. Managing Threats

  5. Communications Plan

  6. Occupant Emergency Plan (OEP)

  7. Continuity of Operations Plan (COOP)

  8. Annual Reviews

Figure 1.

The mail center manager will not be required to prepare all of these plans. They should participate actively in the development and implementation of each of these elements, but other parts of the agency or outside security experts should have the lead on most of them. The mail center manager must ensure that they have addressed each of these elements by identifying and working with the appropriate others.

Download 205.82 Kb.

Share with your friends:
  1   2   3   4   5   6   7   8   9   10

The database is protected by copyright © 2022
send message

    Main page