oversight

Audit of the U.S. Office of Personnel Management's Security Guard Contract

Published by the Office of Personnel Management, Office of Inspector General on 2010-01-21.

Below is a raw (and likely hideous) rendition of the original report. (PDF)

                                                                   U.S. OFFICE OF PERSONNEL MANAGEMENT
                                                                         OFFICE OF THE INSPECTOR GENERAL
                                                                                          OFFICE OF AUDITS




    Final Audit Report
    Subject:


            AUDIT OF THE U.S. OFFICE OF PERSONNEL
           MANAGEMENT'S SECURITY GUARD CONTRACT


                                                           Report No. 4A-CA-OO-09-043                                                                                (
                                                                                                                                                                     \




                                                           Date:    January 21,         2010




                                             . , ..   ,.
..... :.                            :
                         ":':', ... . ....                                                                                               . '.;'   ~


                                "'-',




                                                                      --CAUTION-­
           This audit report has be~n distributed to Federal officials who are 'responsible for the administration of the audited program.
           This audit report may contain proprietary data which is protected by Federal law (18 U.S.c. 1905). Therefore, wbile this
           audit report is available umler the Freedom of III formation Act and made available to the publk on the OIG web page, caution
           needs to be extrci$Cd before releasing the report 10 Ihe general public as it may contain proprietary information tbal was
           redacted from the publ,icly distributed copy.
                                                                                                                                                      "   ....   ,
                         UNITED STATES OFFICE OF PERSONNEL MANAGEMENT 

                                           Washington, DC 20415 



   Office of the
Inspector General


                                        AUDIT REPORT




                       AUDIT OF THE U.S. OFFICE OF PERSONNEL 

                      MANAGEMENT'S SECURITY GUARD CONTRACT 





                      Report No. 4A-CA-OO-09-043        Date: January 21, 2010




                                                                    ~~
                                                                    Michael R. Esser
                                                                    Assistant Inspector General
                                                                      for Audits




        www.opm.gov                                                                     www.usajobs.gov
                              UNITED STATES OFFICE OF PERSONNEL MANAGEMENT 

                                                  Washington, DC 20415 


  Office of the
Inspector General



                                          EXECUTIVE SUMMARY



                         AUDIT OF THE U.S. OFFICE OF PERSONNEL 

                        MANAGEMENT'S SECURITY GUARD CONTRACT 





                            Report No. 4A-CA-OO-09-043         Date: January 21, 2010


       The Office of the Inspector General has completed a performance audit of the U.S. Office of
      .PersOimel Management's (OPM's) Security Guard Contract. Our main objective was to
       determine whether the Center for Security and Emergency Actions (CSEA) is providing effective
       oversight ofOPM's Security Guard Contract. In order to make this determination, our audit
       included the following specific objectives: (1) to detemline if the OPM security guards working
       under the cunent contract meet the qualifications and training requirements; and (2) to detelmine
       ifCSEA is effectively monitoring the perfonnance of the contracted guard force.

       Our audit was conducted fiom July 20,2009 through September 30, 2009 at OPM's headqumters
       in Washington, D.C. OUf audit identified three areas requiring improvement.

            A.        Security Guard Qualifications

                       1.     Lack of Training and Certification Policies                   Procedural

                              The Center for Security and Emergency Actions did not have
                              documented policies aIld procedures in place to ensure that
                              all security guards working on the OPM contract had cunent
                              training and certifications.




        www.opm.goy                                                                            www.usajobs.goY
B.   Security Guard Contract Oversight

      1.   Inadequate Quality Assurance Surveillance Plan (QASP)          Procedural
           Performance Measurements

           The current QASP is ineffective in measuring the true
           performance of the security guard contract.

     2.    Post Inspection Policy Not Followed                            Procedural

           CSEA has not effectively followed its Post Inspection policy
           to ensure that the security guards are properly securing the
           Theodore Roosevelt Building.




                                        11
                               TABLE OF CONTENTS 





      EXECUTIVE SUMMARY ..................................................... . 


  I. INTRODUCTION AND BACKGROUND......... ......... ...... ..... ......                1


 II. OBJECTIVES, SCOPE, AND METHODOLOGy......................                          3


III. AUDIT FINDINGS AND RECOMMENDATIONS....................                            5


      A. Security Guard Qualifications
         1. Lack of Training and Certification Policies...... ............ ......      5


      B. Security Guard Contract Oversight
         1. Inadequate Quality Assurance Surveillance Plan 

            Performance Measurements ..........................................        7


          2. Post Inspection Policy Not Followed........ ............... ..... .....   8



IV.   MAJOR CONTRlBUTORS TO THIS REPORT.................... .....                      10 


      APPENDIX 	         (Center for Security and Emergency Actions Response, dated
                          November 19, 2009, to our draft report)
                     I. INTRODUCTION AND BACKGROUND 

Introduction

This final audit report details the findings, conclusions, and recommendations resulting from our
performance audit ofthe U.S. Office of Personnel Management's (OPM) Security Guard
Contract. The audit was performed by OPM's Office of the Inspector General (OIG), as
authorized by the Inspector General Act of 1978, as amended.

Background

41 CFR 102-81.10 states that "Federal agencies on Federal property under the charge and control
of the Administrator and having a security delegation of authority from the Secretary of
Homeland Security must provide for the security and protection of the real estate they occupy,
including the protection of persons within the property." OPM's Management Services
Division's (MSD) Center for Security and Emergency Actions (CSEA) administers and provides
oversight ofOPM's Security Guard Contract. The Contracting Officer Technical Representative
(COTR) is responsible for the administration of the contract and for assuring compliance by the
contractor with the requirements of the contract. CSEA's primary mission is to ensure a safe and
secure work environment so that OPM business can proceed in an uninterrupted fashion at the
Theodore Roosevelt Building (TRB).

OPM provides for the protection of the TRB via contract security guards. OPM awarded a fixed
price contract (Contract no. P00407000425) through the General Services Administration
schedule in August 2007 to American Security Programs (ASP). The base year of the contract
was from September 1,2007 to August 31, 2008 with four one-year renewal options through
December 28,2012. American Security Programs is currently in the second of the four one-year
renewal options.

The contract states that the contractor shall provide armed guard services and appropriate
supervision to satisfactorily perform the access control and security services at the TRB in
accordance with established post orders. In addition, the contract maintains that the contractor
shall use properly trained employees at all times to perform the services, as prescribed in the
contract. The contractor will certify completion of all training requirements. No employee will
be assigned to perfonn under the contract without written notice to the contractor from the
Contracting Officer's Representative (COR), approving the firearms licensing and qualifications
ofthe individual employees.

The Federal Protective Service (FPS) Security Guard Information Manual provides information
on the primary responsibilities of security guards to control access to Federal property and to
assist in ensuring the safety of Federal property, employees, and visitors. Access controls
include checking visitors' and employees' identification; operating security equipment, such as
X-ray machines and Magnetometers to screen for prohibited materials; and reporting crimes and
incidents to security personnel.




                                                1

OPM's Post Instructions and Orders provide the duties required of the security guards at each
guard post. The post instructions contain all current policies, orders/instructions, emergency
procedures, and any other information deemed pertinent to the TRB. The security guards are to
comply with all post instructions detailing responsibilities and duties to be performed at each
post, including general security guard code of conduct policies.

Contractor performance is evaluated via the Quality Assurance Surveillance Plan (QASP). The
QASP contains performance metrics that the security guards are evaluated against in terms of
compliance with the tenns of the contract and related policies and procedures and contractor
responsibilities. These include staffing, physical security, updating and maintaining
certifications, reconciliation of 139s (Record of Time of Arrival and Departure Contract Guard
Duty Register), management and customer service/public relations, and professionalism. The
categories of performance have an acceptable quality level (AQL) with payment
incentives/reductions based on the actual level of perfonnance attained as compared to the AQL.

The recommendations from our previous audit of OPM's Security Guard Contract (Report No.
4A-CA-OO-03-034), dated July 23, 2003, have been satisfactorily resolved.




                                               2

             II. OBJECTIVES, SCOPE, AND METHODOLOGY 


Objectives

Our audit objective was to detemline whether OPM has effective oversight ofOPM's
Security Guard Contract. Specifically, our objectives were to:

        • 	 Determine if the OPM security guards working under the current contract
            meet the qualification and training requirements.

        • 	 Determine if CSEA is monitoring performance of the security guard force
            according to the QASP.

The recommendations included in this final report address these objectives.

Scope and Methodology

We conducted this performance audit in accordance with generally accepted government
auditing standards as established by the Comptroller General of the United States. Those
standards required that we plan and perform the audit to obtain sufficient, appropriate
evidence to provide a reasonable basis for our findings and conclusions based on our
audit objectives. We believe that the evidence obtained provides a reasonable basis for
our findings and conclusions based on our audit objectives.

The scope of our audit covered OPM's current contract with ASP.

We performed our audit from July 20 to September 30, 2009 at OPM headquarters in
Washington, D.C.

To accomplish the audit objectives noted above, we:

       • 	 Sampled, reviewed, and tested guard qualifications and certifications for
           compliance with requirements;
       • 	 Sampled, reviewed, and tested CSEA's implementation of the QASP;
       • 	 Sampled, reviewed, and tested CSEA's post inspection policies and
           procedures; and,
       • 	 Interviewed key representatives from CSEA responsible for managing the
           security guard contract.

In planning our work we gained an understanding of the internal controls over CSEA's
oversight ofthe security guard contract. We also considered the internal control structure
to the extent necessary to develop our audit procedures. These procedures mainly were
substantive in nature. We did gain an understanding of management procedures and
controls to the extent necessary to develop our audit objectives. The purpose of our audit
is not to provide an opinion on internal controls, but merely to evaluate controls over the
processes that were included in the scope of our audit. Our audit included tests of


                                             3

contract guard training and certification files~ verification and validation of QASP results
and post inspections; and other auditing procedures as we considered necessary under the
circumstances. The resuJts of our tests indicate that CSEA has adequate controls in place
for providing effective oversight ofOPM's security guard contract (P00407000425),
except for the areas set forth in the details of this audit report.

In conducting our audit, we judgmentally selected 24 of 67 security guards assigned to
work on OPM ContractP00407000425. We reviewed training folders in order to
determine if each security guard received the following training:

       •   Basic training as described in the FPS Security Guard Information Manual;
       •   Supervisory training (for supervisory level guards);
       •   40-hour firearms training course and yearly recertification;
       •   Cardiopulmonary resuscitation (CPR) training with yearly recertification;
       •   First Aid course with recertification every three years; and
       •   Baton training course with recertification every two years.

In addition, we randomly selected four months (February, April, May and June) ofQASP
results and post inspections from the current contract period to test CSEA's oversight of
the security guard contract.

The results from the various samples were not projected to the population.




                                             4

                 III. AUDIT FINDINGS AND RECOMMENDATIONS 

Our audit disclosed that, with respect to the items tested, OPM has adequate controls in place for providing
effective oversight of its security guard contract, except for the areas set forth in the details of this audit
report. The areas requiring improvements are described below.

A. Security Guard Qualifications

     1. Lack of Training and Certification Policies

         CSEA did not have documented policies and procedures in place to ensure that all security
         guards working on the OPM Contract had current training and certifications. During our
         audit, we found that 3 of the 24 security guards' training folders sampled did not contain
         evidence of training or certification for one or more of the required training classes and
         certifications.

         FPS stipulates the following training requirements and certifications that all contract guards
         in Federal buildings must complete:

             •   Basic training as described in the FPS Security Guard Information Manual;
             •   Supervisory training (for supervisory level guards);
             •   40-hour firearms training course and yearly recertification;
             •   Cardiopulmonary resuscitation training with yearly recertification;
             •   First Aid course with recertification every three years; and
             •   Baton training course with recertification every two years.

         Contract P00407000425 states that the contractor shall use properly trained employees at all
         times to perform the services as prescribed in the Contract and will certify completion of all
         training requirements. No employee will be assigned to perform under the Contract without
         written notice to the contractor from the COR or COTR, approving the firearms licensing and
         qualifications of the individual employees. In addition, no contractor employee shall work
         under the Contract without a valid Federal Protective Service (FPS) certification card.

         CSEA does not proactively evaluate the training and certifications of the security guards
         working on the OPM Contract. While all missing documentation was provided during the
         course of our audit, the lack of documented policies and procedures for obtaining and
         maintaining evidence of training increases the risk that the contracted security guards
         responsible for securing the Theodore Roosevelt Building may be working on the OPM
         Contract without proper training.

         Recommendation 1

         We recommend that CSEA perform a comprehensive review of all security guards' training
         and certification documentation to ensure that training and certifications are current and
         available.
                                                        5
 Recommendation 2

 We recommend that CSEA develop policies and procedures for reviewing training and
 certification documentation for contracted security guards.

 CSEA~s   Response:

 "While there is no regulatory, statutory or contractual requirement for the tracking or
 maintenance of documentation of each individual training!certification element which
 comprises the FPS A-I certification, CSEA has traditionally tracked this infonnation as an
 added assurance that guards working on the TRB contract are appropriately trained and
 vetted. While the training records CSEA maintains were incomplete for 3 of the 24
 individuals sampled, it is important to note that all 3 individuals maintained valid FPS A-I
 certifications. As such, at no time were any of the guards assigned to OPM posts without
 proper and valid training certifications."

 "As recommended, CSEA has conducted a thorough review of all the training and
 certifications for each guard. Documentation for each individual training/certification
 element is current. The OIG has been provided with evidence to show that the 3 individuals
 missing training records were in fact current at the time of the OIG review. We will continue
 to maintain up-to-date training and certifications for all guards. As noted in the OIG draft
 report, we have prepared a draft standard operating procedure (SOP) for our COR in an effort
 to improve our oversight ofthe guard program. We look forward to working with the OIG
 closely to fine tune the SOP prior to issuance."

 OIG Comment for Recommendation 1:

  CSEA provided documentation to support the review of all security guards' training files and
 the creation of a binder to maintain and support training and certification of all security
- guards working on the contract. We have reviewed the documentation and consider this
  recommendation closed.

 OIG Comment for Recommendation 2:

 CSEA provided documented standard operating procedures for reviewing security guard
 training and certification documentation. The procedures detail the training and certification
 documentation that must be obtained and documented for each security guard workingon the
 contract. We have reviewed the documentation and consider this recommendation closed.




                                              6

B. Security Guard Contract Oversight

    1. Inadequate Qualitv Assurance Surveillance Plan (QASP) Performance Measurements

        The current QASP is ineffective in measuring the true performance of the security guard
        contract. Specifically, the performance measures used in evaluating security guard
        performance and completing the QASP are primarily SUbjective. During our audit, we were
        unable to validate how actual perfonnance levels were obtained for the months sampled. The
        COTR provided explanations of how the QASP actual perfonnance levels are calculated,
        which include post inspections, incident reporting, customer complaints (non-verbal), and
        reviewing Form 139s, which record the security guards' time of arrival and departure.
        However, the COTR also utilizes undocumented measures, such as individual knowledge of
        the contractor's operations, daily observation, and verbal customer complaints to measure the
        contractor's performance.

        Contract P00407000425 states that the QASP is OPM's codification of its method of
        implementing FAR 37.601, which requires that performance-based contracts describe
        requirements in terms of results rather than methods of work perfonnance; use measurable
        performance standards (i.e., quality, timeliness, quantity, etc,) and quality assurance
        surveillance plans; and specify the procedures used in reducing fees or the price of a fixed­
        price contract when services are not performed or do not meet contract requirements.

        The Contract also states that the QASP should contain a performance standard element in
        which important items are measurable; performance is auditable and capable of validation
        (less subjective, quantifiable measures are preferred); and have a level of detail that
        corresponds to the intent of the stated measure and expectation.

        Based on the current QASP, the COTR does not have an effective tool to measure ASP's
        contract performance.

        Recommendation 3

        We recommend that OPM's CSEA work with the Contracting Officer to revise its QASP to
        ensure that it includes perfonnance measures that are auditable and capable of validation.

        CSEA's Response:

        "Toe QASP was incorporated in the Guard Services Contract, OPMP0040700042[5], and
        modification 002, as required by Federal Acquisition Regulation (FAR) 37.601. The QASP
        identifies critical categories, performance standards of those categories, the acceptable
        quality level, and the method in which those categories would be monitored. Furthermore,
        the QASP established performance incentives and addressed disincentives in compliance
        with the FAR. We believe the measures are objective, though we welcome all infOlmation
        on how to improve the performance measures."


                                                     7
   OIG Comment:

   CSEA provided its revised draft QASP for review. The revised QASP contains measurable
   performance standards, and the QASP procedures define exactly how to measure each
   standard. This recommendation will remain open until the revised QASP is approved by
   Contracting and CSEA has implemented the QASP and provides actual performance results
   for verification and validation.

2. 	 Post Inspection Policy Not Followed

   CSEA has not effectively followed its Post Inspection policy to ensure that the security
   guards are properly securing the TRB. Based on our review of documented post inspections
   for the four months sampled, CSEA was not able to substantiate that post inspections were
   conducted in accordance with CSEA policy (two times per week). CSEA only conducted
   one post inspection for each of the months tested. From the documentation provided we
   established that:

       • 	 CSEA did not perform the required number afpast inspections for the months
           sampled, and
       • 	 There is no weighting of post inspections as it applies to the QASP.

   During our physical inspections, the following deficiencies were noted:

       • 	 One guard was reading while on duty;
       • 	 Some guards on duty stated they had not received random radio checks once every
           hour; and
       • 	 Post Orders were not in the proper locations (at the post for which the orders were
           established) .

 .-In addition, during our physical post inspection review, we observed an ASP training
   exercise where the contractor's test subject successfully gained access to the TRB with a
   "'fake" gun concealed in the bottom of a laptop case. Following the exercise, all TRB
   security guards were instructed in the proper handling of laptops. Furthermore, signage has
   been posted at TRB guard posts requesting the removal of laptops from bags prior to
   scanning.

   CSEA's Contract Guard and Post Inspection policy states that the COTR or designated
   representative is responsible for conducting inspections of contract security guards and posts
   at least twice a week during duty hours and at least once every other week during non-duty
   hours..

   If posts are not properly maintained, TRB security may be at risk.




                                                8
Recommendation 4

We recommend that OPM's CSEA follow its Post Inspection policy and perfonn inspections
at least twice a week during duty hours and at least once every other week during non-duty
hours.                            .

CSEA's Response:

"CSEA is currently conducting daily post inspections. Since CSEA has a 24 hour, 7 days per
week presence within the TRB, we have the ability to provide continuous oversight of the
guard contract to include weekends, holidays and non-core duty hours. We also confer daily
with the guard Project Manager to ensure proper compliance with our requirements. CSEA
has developed a draft updated CSEA Post Inspection Report checklist, which has been
provided to the OIG."

OIG Comment:

We evaluated the COTR's SOPs for the post inspections, which include specific
requirements for the post inspection process, such as defining what a post and post
inspections are and the types of post inspections that should be completed. CSEA also
provided a revised version of the post inspection checklist. CSEA has defined in their SOP's
what the post inspection process entails and has redesigned the checklist so that each guard
on duty can be evaluated at each post. We obtained the Post lnspection checklists for the
month of October and have validated that the inspections are being performed according to
CSEA's new "policy" of conducting daily post inspections. We consider this
recommendation closed. .




                                           9

         IV.    MAJOR CONTRIBUTORS TO THIS REPORT

Internal Audits Group



                     . Team Leader
                Jr., Chief




                                     10 

                                                                                                                                  APPENDIX


                              UNITED STATES OFFICE OF PERSONNEL MANAGEMENT
                                                                                                                                .,'   .•... - ..
                                   2009 NOV 20 f+t1~tn4~, DC 20415
Management Services
     Division                                                                                   November 19, 2009



         MEMORANDUM FOR
                                         Chief, Internal Audits Group
                                         Office of Inspector Geneml

          FROM:                          DEAN S. HUNTER
                                         Deputy Associate Director -
                                                                        ~~
                                         Center for Security and   rgency Actions

          SUBJECT: 	                     Response to Draft Report on the Audit of the U.S. Office of Personnel
                                         Management's (OPM) Security Guard Contract

          Please accept my sincere thanks and appreciation for the Office ofInspector General's (OIG) -F­
          audit of the Theodore Roosevelt Building (TRB) security guard contract (Report No. 4A-CA-OO- .
          00-043). The security and safety of OPM employees, contractors and visitors at the TRB require
          our strong commitment to provide a safe and secure work environment. Your audit provides an                                              o.



          opportunity to examine and improve our guard operations, as appropriate. Our response to the
          OIG draft audit report findings and recommendations is provided below:

          OIG Finding #1: Ineffective Training and Certification Policies: The Center for Security and
          Emergency Actions does not have policies and procedures in place to ensure that all secl.lrity
          guards working on the OPM contract have current training and certifications.

                      OIG Recommendation #1: We recommend that CSEA perform'a comprehensive
                      review of all security guards' training and certification documentation to ensure that
                      training and certifications are current and available.

                      OIG Recommendation #2: We recommend that CSEA develop policy and procedures
                      for reviewing training and certification documentation for contracted security guards.

                      CSEA Response: In accordance with the contract, a guard must obtain and maintain
                      Federal Protective Service (FPS) A-I certification. The guard demonstrates adherence to
                      the A-I certification by possession ofICE Form 78-3527, DHS Contract Guard
                      Certification Card, or Section J, Exhibit 4A, Contractor's Certification of Basic Tmining,
                      which are both issued by FPS, a component of the Department of Homeland Security
                      (DHS). Possession of the FPS Contract Guard Certification Cardandlor Section J,
                      Exhibit 4A, Contractor's Certification of Basic Training, satisfies by contract that the
                      guard meets the training and certification requirements for performance as a guard at
                      OPM.




         www.opm.gov          Our mission is to ensure the Federal Government has an effective civilian workforce   www.usaJ.obs.gov
       While there is no regulatory, statutory or contractual requirement for the tracking or
       maintenance of documentation of each individual training/certification element which
       comprises the FPS A-1 certification, CSEA has traditionally tracked this information as
       an added assurance that guards working on the TRB contract are appropriately trained
       and vetted. While the training records CSEA maintains were incomplete for 3 of the 24
       individuals sampled, it is important to note that all 3 individuals maintained valid FPS A­
       I certifications. As such, at no time were any of the guards assigned to OPM posts
       without proper and valid training and certifications.

       Before assignment of a guard at OPM, the guard company presents appropriate training
       and certification documentation to our COR. Upon favorable review of the training and
       certification by the COR the guard is permitted to perfonn as a guard at OPM. For
       example, we have recently completed the background investigation on 3 new guards, but
       they are not being permitted onsite at OPM to perfonn as a guard lllltil we receive
       validation of the guard training and certification requirements from the guard company.
       Additionally, the COR has a very close and daily relationship with the guard company
       Project Manager who is onsite at OPM, and our COR aggressively monitors any change
       in our guard's training, certification, or performance.

       As recommended, CSEA has conducted a thorough review of al] the training and
       certifications of each guard. Documentation for each individual training/certification
       element is current. The OIG has been provided with evidence to show that the 3
       individuals missing training records were in fact current at the time of the OIG review.
       We win continue to maintain up-to-date training and certifications for all guards. As
       noted in the OIG draft report, we have prepared a draft standard operating procedure
       (SOP) for our COR in an effort to improve our oversight of the guard program. We look
       forward to working with the OIG closely to fme tune the SOP prior to issuance.

       In addition to the actions noted above, CSEA has undertaken additional efforts above and
       beyond the current contract to ensure that the TRB guard force is capable of ensuring the
       safety and security of OPM employees and visitors on a daily basis. CSEA has secured
       advanced x-ray and magnetometer training for all guards from the Federal Protective
       Service. Further, CSEA recently procured and provided to the guards advanced x­
       ray/video training for enhanced detection of explosives, which is accessible at any time
       during our x-ray operations. Our COR has attended guard firearm training qualifications
       and has provided enhanced training to the guards on response operations at OPM in event
       of an H1NI flu epidemic. In addition, we have partnered with the guard company in the
       development of a contract guard proficiency exam, as well as a covert testing of guard x­
       ray screening capabilities. These measures are not required by contract, but demonstrate
       CSEA's commitment to ensure high quality security guard services at the TRB.

OIG Finding # 2: Inadequate Quality Assurance Surveillance Plan (QASP) Performance
Measurements: The current QASP is ineffective in measuring the true perfonnance of the
security guard contract.
       OIG Recommendation #3: We recommend that OPM's CSEA revise its QASP to
       ensure that it includes quantifiable measures for evaluating guard performance.

       CSEA Response: TJIe QASP was incorporated in the Guard Services Contract,
       OPMP0040700042, and modification 002, as required by Federal Acquisition Regulation
       (FAR) 37.60L The QASP identifies critical categories, performance standards of those
       categories, the acceptable quality level, and the method in which those categories would
       be monitored. Furthermore, the QASP established performance incentives and addressed
       disincentives in compliance with the FAR. We believe the measures are objective,
       though we welcome all information on how to ~prove the performance measures. We
       are actively working with the OIG to address these issues.

OIG Finding #3: Ineffective Post Inspection Policy: CSEA's post inspection policy is not
effective in ensuring that OPM is properly secured.

    Recommendation #4 deleted by OPM/OIG/IAG. Recommendation #5 (below) is now 

    Recommendation #4. 


       OIG Recommendation #5: We recommend that OPM's CSEA follow its post
       inspection policy and perform inspections at least twice a week during duty hours and at
       least once every other week during non-duty hours:

       CSEA Response: CSEA is currently conducting daily post inspections. Since CSEA has
       a 24 hour, 7days per week presence within the TRB, we have the ability to provide
       continuous oversight of the guard contract to include weekends, holidays and non-core
       duty hours. We also confer daily with the guard Project Manager to ensure proper
       compliance with our requirements. CSEA has developed a draft updated CSEA Post
       Inspection Report checklist, which has been provided to the OIG.

       The post inspection process and depth ofreview/inspection recommended by the OIG
       does pose a concern to CSEA in regards to compliance with the existing contract. We
       will consult with the OPM Contracting Officer to ensure that revised inspection
       procedures are com~istent with the existing contract and do not constitute a personal
       services contract, which we understand is not permitted. Our staff comment about their
       "inspection" of the guards is actually surveillance of guard performance as it relates to
       the QASP. The QASP is the contractual vehicle by which we survey the guard
       company compliance with our security requirements.

Again, we thank you for your efforts to improve the contract guard services at the TRB and we
appreciate the opportunity to comment on the draft audit report.. If additional information is
required, please have a member of your staff contact                  Chief, Security Services
Group, at (202) 606_