AGENCY:

Office of Government-wide Policy (OGP), General Services Administration (GSA).

ACTION:

Final rule.

SUMMARY:

GSA is issuing a final rule amending the Federal Management Regulation (FMR) to clarify the responsibilities of agencies for maintaining physical security standards in and at federally owned and leased facilities and grounds under the jurisdiction, custody, or control of GSA, including those facilities and grounds that have been delegated by the Administrator of General Services, in light of current law, Executive orders, and facility security standards. The revision will also update nomenclature and reorganize the subparts for better readability and clarity.

DATES:

Effective: September 23, 2022.

FOR FURTHER INFORMATION CONTACT:

For clarification of content, contact Mr. Chris Coneeney, Director, Real Property Policy Division, Office of Government-wide Policy, at 202-501-2956 or chris.coneeny@gsa.gov. For information pertaining to status or publication schedules, contact the Regulatory Secretariat at 202-501-4755. Please cite FMR Case 2018-102-2.

SUPPLEMENTARY INFORMATION:

I. Background and Authority for This Rulemaking

The provisions in 6 U.S.C. 232 reaffirm that, except for the law enforcement and related security functions that were transferred to the U.S. Department of Homeland Security (DHS) under the Homeland Security Act of 2002 (available at https://www.dhs.gov/​sites/​default/​files/​publications/​hr_​5005_​enr.pdf), Public Law 107-296, 116 Stat. 2135 (the Act), discussed in greater detail below, the GSA Administrator retains the authority to operate, maintain, and protect buildings and grounds owned or occupied by the Federal Government and under the jurisdiction, custody, or control of the Administrator (GSA-controlled facilities). This final rule amends in its entirety 41 CFR part 102-81, Security, last published in the Federal Register on November 8, 2005 (70 FR 67856), in light of changes to law, Executive orders, and facility security standards. This regulation is applicable to all GSA-controlled facilities, including those owned and leased by the Federal Government under GSA authority and those delegated under GSA authority.

Six months after the bombing of the Alfred P. Murrah Federal Building, President William Clinton issued Executive Order (E.O.) 12977: Interagency Security Committee, creating the Interagency Security Committee (ISC) within the Executive Branch (60 FR 54411, Oct. 19, 1995). The ISC, which consists of 66 Federal departments and agencies, has a mandate to enhance the quality and effectiveness of physical security in, and the protection of, nonmilitary Federal facilities, and to provide a permanent body to address continuing governmentwide security issues for these facilities. Pursuant to E.O. 12977, the ISC prepares guidance for the Facility Security Committees (FSC), which are responsible for addressing and implementing facility-specific security issues at each multi-occupant nonmilitary Federal facility.

In response to the terrorist attacks on September 11, 2001, Congress enacted the Act to enhance the protection of the assets and critical infrastructure of the United States. The Act established DHS and transferred the Federal Protective Service (FPS) from GSA to DHS. FPS was established as a component of GSA in January 1971. Historically, FPS serves as the security organization responsible for conducting investigations to protect GSA-controlled facilities, enforce Federal laws to protect persons and property, and make arrests without a warrant for any offense committed on Federal property in the presence of the arresting officer or for any felony that the arresting officer has reasonable grounds to believe the person to be arrested has committed or is committing. Section 1706 of the Act, codified at 40 U.S.C. 1315, transferred FPS's specific security and law enforcement functions and authorities to the Secretary of Homeland Security.

Section 422 of the Act references 6 U.S.C. 232, which reaffirms the authority of the Administrator of General Services to operate, maintain, and protect GSA-controlled facilities.

Following enactment of the Act, President George Bush issued E.O. 13286: Amendment of Executive Orders, and Other Actions, in Connection With the Transfer of Certain Functions to the Secretary of Homeland Security, which, among other things, transferred responsibility for chairing the ISC from the Administrator of General Services to the Secretary of Homeland Security (68 FR 10619, March 5, 2003).

In August 2004, President George Bush issued Homeland Security Presidential Directive 12 (HSPD-12) (available at https://www.dhs.gov/​homeland-security-presidential-directive-12), which requires, to the maximum extent practicable, the use of identification by Federal employees and contractors that meets the standard promulgated by the Secretary of Commerce ( e.g., Federal Information Processing Standard Publication 201) to gain physical access to federally controlled facilities.

On December 15, 2020, the Office of Personnel Management issued the memorandum, “Credentialing Standards Procedures for Issuing Personal Identity Verification Cards under HSPD-12 and New Requirement for Suspension or Revocation of Eligibility for Personal Identity Verification Credentials” (available at https://www.opm.gov/​suitability/​suitability-executive-agent/​policy/​cred-standards.pdf), which set forth credentialing standards procedures for Executive Branch departments and agencies to use when making eligibility determinations to issue personal identity verification credentials to Federal employees and contractors for access to federally controlled facilities or information systems, or both.

HSPD-12 was followed by the REAL ID Act of 2005, Public Law 109-13, 119 Stat. 302 (the REAL ID Act), which establishes minimum security standards for license issuance and production and prohibits Federal agencies from accepting for certain purposes driver's licenses and identification cards from States not meeting the REAL ID Act's minimum standards. Accessing Federal facilities, entering nuclear power plants and boarding federally regulated commercial aircraft are within the purview of the Real ID Act.

In June 2006, GSA and DHS signed a Memorandum of Agreement (MOA) outlining the responsibilities of each agency with regard to facility security. According to the MOA, FPS is required to conduct facility security assessments Start Printed Page 51916 of GSA buildings in accordance with ISC standards. The resulting facility security assessment report should include recommended countermeasures for identified vulnerabilities. In addition, the MOA clarified that both agencies are responsible for the implementation of approved countermeasures, with FPS responsible for security equipment and GSA responsible for facility security fixtures. This 2006 MOA was superseded by an MOA executed by DHS and GSA as of September 27, 2018.

In February 2013, Presidential Policy Directive 21: Critical Infrastructure Security and Resilience (available at https://obamawhitehouse.archives.gov/​the-press-office/​2013/​02/​12/​presidential-policy-directive-critical-infrastructure-security-and-resil) required the Secretary of Homeland Security to conduct comprehensive assessments of the vulnerabilities of the Nation's critical infrastructure. This directive designated both GSA and DHS as the responsible agencies for providing institutional knowledge and specialized expertise in support of security programs and activities for Government buildings.

In August 2013, the ISC issued the initial The Risk Management Process for Federal Facilities (the RMP Standard), a standard to define the criteria and processes to determine the facility security level (FSL) and provide a single source of physical security countermeasures for nonmilitary Federal facilities. The ISC updated the standard in November 2016 and again in March 2021. See, The Risk Management Process for Federal Facilities: An Interagency Security Committee Standard (2021 Edition) https://www.cisa.gov/​publication/​risk-management-process.

The following terms used in this final rule have the same definition as ascribed to them in the RMP Standard:

• Baseline Level of Protection,
• Facility Security Assessment,
• Facility Security Committee,
• Facility Security Level,
• Risk,
• Risk Mitigation,
• Level of Protection,
• Level of Risk, and
• Vulnerability.

Some notable provisions of the RMP Standard are described below:

(a) According to the RMP Standard, buildings with two or more Federal tenants with funding authority will have an FSC. FSCs are responsible for addressing building-specific security issues and approving the implementation of recommended countermeasures and practices. FSCs include representatives of all Federal occupant agencies in the building, as well as FPS and GSA. However, FPS and GSA do not have voting rights unless they are occupants in the building. If the FSC approves a countermeasure, each Federal occupant agency in the building is responsible for funding its pro rata share of the cost. According to the RMP Standard, in a building with only one Federal occupant agency, the sole agency with funding authority is the decision-maker for the building's security. Therefore, these types of buildings do not require an FSC.

(b) The RMP Standard requires FPS to conduct facility security assessments to identify vulnerabilities and recommend countermeasures. FSCs use a building's facility security assessment report to—

1. Evaluate security risk;

2. Implement countermeasures to mitigate risk; and

3. Allocate security resources effectively.

For example, a facility security assessment report might include a recommendation to install cameras and relocate a loading dock. Upon deliberation, the FSC might decide only to install the cameras. FPS, in consultation with the FSC, helps determine a facility's security level, which determines the baseline level of protection. FSLs range from Level 1 (lowest risk) to Level 5 (highest risk), and dictate the frequency of the facility security assessments for that building. The FSL is based on five factors: mission criticality, symbolism, facility population, facility size, and threat to occupant agencies. In addition, intangibles (such as short duration occupancy) can be used to adjust the security level.

Occupant agencies or FSCs use the facility security assessment reports prepared by FPS to inform their deliberations regarding recommended risk mitigation countermeasures and other security-related actions. GSA will facilitate the implementation of the countermeasures or other actions after occupant agency or FSC approval and commitment of each occupant agency to pay its pro rata share of the cost.

II. Discussion of the Final Rule

A. Summary of Significant Changes

Subpart A—General Provisions

Section 102-81.5

GSA is changing this section to describe more accurately the scope and coverage of the regulation. The regulation uses the phrase “under the jurisdiction, custody, or control of GSA,” which is consistent with the terminology that appears in 6 U.S.C. 232, to describe the buildings and grounds owned or occupied by the Federal Government that are covered by this part. This phrase replaces and clarifies the phrase “operating under, or subject to, the authorities of the Administrator of General Services,” which was used in the previous version. The definitions of “Federal facility” and “Federal grounds” are included to clarify any confusion in the scope.

Section 102-81.10

GSA is changing this section to clarify that, under E.O. 12977, the ISC is responsible for setting policies and recommendations that govern physical security at nonmilitary Federal facilities and buildings. The ISC issues standards, such as the ISC Risk Management Process Standard (2021 Edition), which is the current RMP Standard. ISC policies do not supersede other laws, regulations, and Executive orders that are intended to protect unique assets.

Section 102-81.15

GSA is adding this section to clarify the governing authorities that pertain to this regulation.

Section 102-81.20

GSA is eliminating in its entirety the previous § 102-81.20 because the RMP Standard supersedes all previous guidance contained in the Department of Justice's report entitled “Vulnerability Assessment of Federal Facilities” (June 28, 1995). GSA is adding the replacement provision to clarify that Federal agencies are required to follow this regulation in nonmilitary Federal facilities and grounds under the jurisdiction, custody, or control of GSA, including those facilities and grounds that have been delegated by the Administrator of General Services. Federal agencies must cooperate and comply with ISC policies and recommendations for nonmilitary facilities, except where the Director of National Intelligence determines that compliance would jeopardize intelligence sources and methods or the Secretary of Energy determines that compliance would conflict with the authorities of the Secretary of Energy over Restricted Data and Special Nuclear Material under, among others, sections 141, 145, 146, 147, and 161 of the Atomic Energy Act of 1954, as amended, the Department of Energy Organization Act, or any other statute. Start Printed Page 51917

Subpart B—Physical Security

Section 102-81.25

GSA is eliminating in its entirety the previous § 102-81.25 because the RMP Standard supersedes all previous guidance contained in the Department of Justice's report entitled “Vulnerability Assessment of Federal Facilities” (June 28, 1995). GSA is adding the replacement provision to clarify that Federal agencies are responsible for meeting physical security standards at nonmilitary facilities in accordance with ISC standards, policies, and recommendations. An occupant agency, if it is the only Federal occupant agency in the building, or the FSC, as applicable, uses the facility security assessment reports they receive from FPS to inform deliberations regarding recommended countermeasures and other security-related actions, such as the documentation of risk acceptance. GSA will facilitate the implementation of the countermeasures or other actions after occupant agency or FSC approval, as applicable, and commitment of each occupant agency to pay its pro rata share of the cost.

Section 102-81.30

GSA is eliminating in its entirety the previous § 102-81.30 because the requirements are addressed in section 231 of Public Law 101-647, now codified at 34 U.S.C. 20351. GSA is adding the replacement provision to be consistent with the RMP Standard. This section now describes physical security considerations associated with existing nonmilitary facilities.

Section 102-81.31

GSA is adding this section to be consistent with the RMP Standard. This section describes physical security considerations associated with nonmilitary leased facilities and new construction.

B. Analysis of Public Comments

In the proposed rule published in the Federal Register at 85 FR 12489 on March 3, 2020, GSA provided the public a 60-day comment period, which ended on May 4, 2020. GSA did not receive any comments from the public.

III. Executive Orders 12866 and 13563

E.O.s 12866 and 13563 direct agencies to assess all costs and benefits of available regulatory alternatives and, if regulation is necessary, to select regulatory approaches that maximize net benefits (including potential economic, environmental, public health and safety effects, distributive impacts, and equity). E.O 13563 emphasizes the importance of quantifying both costs and benefits, of reducing costs, of harmonizing rules, and of promoting flexibility. This is a significant regulatory action and, therefore, was subject to review under section 6(b) of E.O. 12866, Regulatory Planning and Review, dated September 30, 1993.

IV. Congressional Review Act

This rule is not a major rule under 5 U.S.C. 804(2). Subtitle E of the Small Business Regulatory Enforcement Fairness Act of 1996 (codified at 5 U.S.C. 801-808), also known as the Congressional Review Act or CRA, generally provides that before a rule may take effect, the agency promulgating the rule must submit a rule report, which includes a copy of the rule, to the U.S. Senate, the U.S. House of Representatives, and the Comptroller General of the United States. GSA will submit a report containing this rule and other required information to the U.S. Senate, the U.S. House of Representatives, and the Comptroller General of the United States. A major rule under the CRA cannot take effect until 60 days after it is published in the Federal Register . The Office of Management and Budget's Office of Information and Regulatory Affairs has determined that this is not a “major rule” as defined by 5 U.S.C. 804(2).

V. Regulatory Flexibility Act

This final rule will not have a significant economic impact on a substantial number of small entities within the meaning of the Regulatory Flexibility Act, 5 U.S.C. 601 et seq., because it applies to agency management or personnel.

Therefore, an Initial Regulatory Flexibility Analysis has not been performed. GSA invites comments from small business concerns and other interested parties on the expected impact of this rule on small entities.

GSA will also consider comments from small entities concerning the existing regulations in subparts affected by the rule in accordance with 5 U.S.C. 610. Interested parties must submit such comments separately and should cite 5 U.S.C. 610 (FMR Case 2018-102-2) in correspondence.

VI. Paperwork Reduction Act

The Paperwork Reduction Act does not apply because the changes to the FMR do not impose recordkeeping or information collection requirements, or the collection of information from offerors, contractors or members of the public, that require the approval of the Office of Management and Budget under 44 U.S.C. 3501 et seq.

VII. Regulatory Impact Analysis

A. Public Costs

GSA determined there is no impact or cost associated with this final rule for either large or small businesses.

B. Government Costs

GSA determined a series of compliance activities for the establishment, training, and operations of future FSCs; initial determination of future FSLs; and future facility risk assessments.

Prior to determining the FSL of a facility, all prospective members of the facility's FSC must successfully complete a series of mandatory training outlined within the ISC's RMP Standard.^[1] GSA consulted with ISC subject matter experts (SME) to determine the duration of each training and the average labor category of the FSC members. In addition, GSA consulted with the ISC and GSA Public Buildings Service (PBS) SMEs to determine the number of new facilities for both GSA and GSA-delegated authority agencies entering the portfolio requiring an FSC within the purview of the analysis. ISC SMEs also estimated the number of hours per FSL to determine the initial FSL and conduct a risk assessment at the appropriate juncture of the lease in accordance with the RMP Standard.

GSA identified five training courses required to be completed by FSC members prior to joining the committee. ISC staff estimated it will take an FSC member no more than two hours to complete and review each training. The trainings are the following:

• IS-1170: Introduction to the Interagency Security Committee and Risk Management Process Training
• IS-1171: Introduction to Interagency Security Committee Publications Training
• IS-1172: Interagency Security Committee Risk Management Process: Facility Security Level Determination Training
• IS-1173: Interagency Security Committee Risk Management Process: Levels of Protection and Application of the Design Basis Threat Report

• IS-1174: Interagency Security Committee Risk Management Process: Facility Security Committees. Start Printed Page 51918

GSA, in consultation with PBS SMEs, determined 263 ^[2] new facilities are procured each year requiring an FSC to be established after reviewing GSA portfolio historical trends.^[3] GSA applied an annual 1% reduction of the portfolio to the analysis in accordance with current portfolio acquisition and disposition trends.^[4]

GSA, in consultation with PBS and ISC SMEs, determined the average FSC is composed of four members. For the analysis, GSA assumed an average of two agencies per facility.^[5] The FSC consists of a chair and voting member representing the agencies. GSA and FPS are included as non-voting members, unless they are occupants in the building, in which case they would have a vote. Historically, agencies nominate a senior official or the most senior official of the facility to the FSC.^[6] Following consultation with PBS and ISC SMEs, GSA assumes the senior official to be the equivalent of a GS-15 at an hourly rate of $94.76. GSA estimated the duration of the activities required to operate an FSC to be four hours; one hour for each quarter.

Based on the analysis resulting from GSA's consultations, GSA estimated the cost to the Government for the training of each FSC member per course on a yearly basis to be $1,993,750 (2 hours × 1,052 FSC members × $94.76 [GS-15 rate]).

GSA determined 130 FSL 1 ^[7] facilities, 115 FSL 2 facilities, 14 FSL 3 facilities, 3 FSL 4 facilities, and 1 FSL 5 facility ^[8] will be acquired and introduced to the portfolio on a yearly basis.

GSA estimated the cost to the Government for the operations of an FSC chairperson for an FSL 1 facility on a yearly basis to be $49,275 (4 hours × 130 facilities × $94.76 [GS-15 rate]).^[9]

GSA estimated the cost to the Government for the operations of an FSC chairperson for an FSL 2 facility on a yearly basis to be $43,590 (4 hours × 115 facilities × $94.76 [GS-15 rate]).

GSA estimated the cost to the Government for the operations of an FSC chairperson for an FSL 3 facility on a yearly basis to be $5,307 (4 hours × 14 facilities × $94.76 [GS-15 rate]).

GSA estimated the cost to the Government for the operations of an FSC chairperson for an FSL 4 facility on a yearly basis to be $1,137 (4 hours × 3 facilities × $94.76 [GS-15 rate]).

GSA estimated the cost to the Government for the operations of an FSC chairperson for an FSL 5 facility on a yearly basis to be $379 (4 hours × 1 facilities × $94.76 [GS-15 rate]).^[10]

GSA estimated the cost to the Government for the operations of an FSC voting member for an FSL 1 facility on a yearly basis to be $49,275 (4 hours × 130 facilities × $94.76 [GS-15 rate]).

GSA estimated the cost to the Government for the operations of an FSC voting member for an FSL 2 facility on a yearly basis to be $43,590 (4 hours × 115 facilities × $94.76 [GS-15 rate]).

GSA estimated the cost to the Government for the operations of an FSC voting member for an FSL 3 facility on a yearly basis to be $5,307 (4 hours × 14 facilities × $94.76 [GS-15 rate]).

GSA estimated the cost to the Government for the operations of an FSC voting member for an FSL 4 facility on a yearly basis to be $1,137 (4 hours × 3 facilities × $94.76 [GS-15 rate]).

GSA estimated the cost to the Government for the operations of an FSC voting member for an FSL 5 facility on a yearly basis to be $379 (4 hours × 1 facility × $94.76 [GS-15 rate]).^[11]

GSA estimated the cost to the Government for the operations of the two FSC non-voting members ^[12] for an FSL 1 facility on a yearly basis to be $98,550 (4 hours × 260 non-voting members × $94.76 [GS-15 rate]).^[13]

GSA estimated the cost to the Government for the operations of an FSC non-voting member for an FSL 2 facility on a yearly basis to be $87,179 (4 hours × 230 non-voting members × $94.76 [GS-15 rate]).

GSA estimated the cost to the Government for the operations of an FSC non-voting member for an FSL 3 facility on a yearly basis to be $10,163 (4 hours × 28 non-voting members × $94.76 [GS-15 rate]).

GSA estimated the cost to the Government for the operations of an FSC non-voting member for an FSL 4 facility on a yearly basis to be $2,274 (4 hours × 6 non-voting members × $94.76 [GS-15 rate]).

GSA estimated the cost to the Government for the operations of an FSC non-voting member for an FSL 5 facility on a yearly basis to be $758 (4 hours × 2 non-voting members × $94.76 [GS-15 rate]).^[14]

GSA consulted ISC staff to determine the duration per year for single tenant facilities to operate their facility and determined the duration to be 1/4 of the time spent by an FSC member.^[15] In addition, GSA estimated 360 single tenant facilities per year to be added to the portfolio.^[16]

GSA estimated the cost to the Government for the operation of single tenant facilities on a yearly basis to be $34,114 (1 hour × 360 facilities × $94.76 [GS-15 rate]).

GSA consulted with ISC staff to determine the duration of an FSL determination based on the FSL of a facility and the average rate of the individuals performing the assessment.^[17 18] Following consultation with ISC SMEs, GSA assumes the rate to be the equivalent of a GS-12 at an hourly rate of $57.33. Again, GSA used a 3/4 reduction of time in the analysis for single agency FSL determinations.

GSA estimated the cost to the Government for the FSL determination for new FSL 1 facilities on a yearly basis to be $149,058 (20 hours × 130 facilities × $57.33 [GS-12 rate]).

GSA estimated the cost to the Government for the FSL determination for new FSL 2 facilities on a yearly basis to be $263,718 (40 hours × 115 facilities × $57.33 [GS-12 rate]).

GSA estimated the cost to the Government for the FSL determination for new FSL 3 facilities on a yearly basis to be $48,157 (60 hours × 14 facilities × $57.33 [GS-12 rate]).

GSA estimated the cost to the Government for the FSL determination for new FSL 4 facilities on a yearly basis to be $13,759 (80 hours × 3 facilities × $57.33 [GS-12 rate]).

GSA estimated the cost to the Government for the FSL determination for new FSL 5 facilities on a yearly basis to be $5,733 (100 hours × 1 facility × $57.33 [GS-12 rate]).^[19]

GSA consulted with ISC staff to determine the duration of an FSL determination based on the FSL of a single agency facility and the average grade of the individuals performing the assessment.^{[20 21 22]}

GSA estimated the cost to the Government for the FSL determination for new single agency FSL 1 facilities on a yearly basis to be $16,052 (5 hours × 56 facilities × $57.33 [GS-12 rate]).

GSA estimated the cost to the Government for the FSL determination for new single agency FSL 2 facilities on a yearly basis to be $151,925 (10 hours × 265 facilities × $57.33 [GS-12 rate]).

GSA estimated the cost to the Government for the FSL determination for new single agency FSL 3 facilities on a yearly basis to be $27,518 (15 hours × 32 facilities × $57.33 [GS-12 rate]).

GSA estimated the cost to the Government for the FSL determination for new single agency FSL 4 facilities on a yearly basis to be $8,026 (20 hours × 7 facilities × $57.33 [GS-12 rate]).

GSA estimated the cost to the Government for the FSL determination for new single agency FSL 5 facilities on a yearly basis to be $1,433 (25 hours × 1 facility × $57.33 [GS-12 rate]).^[23]

GSA consulted with ISC staff to determine the duration of a risk assessment based on the FSL of a facility and the average grade of the individuals performing the assessment.^[24 25]

GSA estimated the cost to the Government for the risk assessment of new FSL 1 facilities on a yearly basis to be $298,116 (40 hours × 130 facilities × $57.33 [GS-12 rate]).

GSA estimated the cost to the Government for the risk assessment of new FSL 2 facilities on a yearly basis to be $527,436 (80 hours × 115 facilities × $57.33 [GS-12 rate]).

GSA estimated the cost to the Government for the risk assessment of new FSL 3 facilities on a yearly basis to be $96,314 (120 hours × 14 facilities × $57.33 [GS-12 rate]).

GSA estimated the cost to the Government for the risk assessment of new FSL 4 facilities on a yearly basis to be $27,518 (160 hours × 3 facilities × $57.33 [GS-12 rate]).

GSA estimated the cost to the Government for the risk assessment of new FSL 5 facilities on a yearly basis to be $11,466 (200 hours × 1 facility × $57.33 [GS-12 rate]).^[26]

GSA consulted with ISC staff to determine the duration of a risk assessment based on the FSL of a new single agency facility and the average grade of the individuals performing the assessment.^{[27 28 29]}

GSA estimated the cost to the Government for the risk assessment of new single agency FSL 1 facilities on a yearly basis to be $32,105 (10 hours × 56 facilities × $57.33 [GS-12 rate]).

GSA estimated the cost to the Government for the risk assessment of new single agency FSL 2 facilities on a yearly basis to be $303,849 (20 hours × 265 facilities × $57.33 [GS-12 rate]).

GSA estimated the cost to the Government for the risk assessment of new single agency FSL 3 facilities on a yearly basis to be $55,037 (30 hours × 32 facilities × [$57.33 GS-12 rate]).

GSA estimated the cost to the Government for the risk assessment of new single agency FSL 4 facilities on a yearly basis to be $16,052 (40 hours × 7 facilities × $57.33 [GS-12 rate]).

GSA estimated the cost to the Government for the risk assessment of new single agency FSL 5 facilities on a yearly basis to be $2,867 (50 hours × 1 facility × $57.33 [GS-12 rate]).^[30]

C. Total Government Costs

D. Overall Total Additional Costs of This Final Rule

The overall total additional undiscounted cost of this final rule is estimated to be $46,703,404 over a 10-year period. GSA did not identify any cost savings based on the impact of the rule.

Analysis of Alternatives

The preferred alternative is the process laid out in the analysis above. However, GSA has analyzed an alternative to the preferred process below.

Alternative 1: GSA could decide to take no regulatory action. No action from the Government would compromise the security of Federal facilities. The Government would not incur the additional costs associated with this final rule; however, the benefits of a standardized security process outweigh the costs. As a result, GSA rejected this alternative.

List of Subjects in 41 CFR Part 102-81

• Federal buildings and facilities
• Government property management and physical security measures

For the reasons set forth in the preamble, GSA revises 41 CFR part 102-81 to read as follows:

PART 102-81—PHYSICAL SECURITY

Authority: 40 U.S.C. 121(c) and 581; 6 U.S.C. 232; Pub. L. 109-13, 119 Stat. 302; and Homeland Security Presidential Directive 12.

Subpart A—General Provisions

Subpart B—Physical Security

Footnotes