The URL can be used to link to this page

Home My WebLink About*AGMT - Risk Management Professionals 1 rl AGREEMENT FOR ON -CALL ENGINEERING CONTRACT SERVICES THIS AGREEMENT FOR CONTRACT SERVICES (the "Agreement ") is made and entered into as of day of , 2004 by and between the CITY OF SEAL BEACH, a- . mUnicipal corporation ( "City ") and Risk Management Professionals. ( "Consultant "). - RECITALS WHEREAS, City desires to employ the services of a consultant to provide on -call engineering services and • WHEREAS, Consultant represents that it has the expertise and experience to provide such services; NOW THEREFORE, and for good consideration, the City and Consultant agree as follows: 1. Location of Subject Project/Studies. City Water System - Various Locations. 2. Description of Services to be Provided. Consultant shall perfrom contractSecurity Vulnerability Assessment and Emergency Response Plan Requirementsand engineering related services as described in Attachment 1, Scope of Work. 3. Term. Unless terminated earlier as set forth in this Agreement, the services shall commence on April 26, 2004 ( "Commencement Date ") 4. Party Representatives. The City designates Douglas A. Danes, P.E. to act on City's behalf. The Consultant designates thesteven T. Maher, PE. to act on Consultant's behalf: 3. Attachments. This Agreement incorporates by reference the following Attachments to this Agreement: • Attachment 1: Scope of Work Attachment 2: Rate Schedule Attachment 3: Schedule • 6. Integration. This Agreement represents the entire understanding of City and Consultant as to those matters contained herein. No prior oral or written • It understanding shall be of any force or effect with regard to those matters covered by this Agreement. This Agreement supersedes and cancels any and all previous ■ negotiations, arrangements, agreements, and understandings, if any, between the parties, and none shall be used to interpret this Agreement. This Agreement may only be amended by the mutual consent of the parties by an instrument in writing. 7. Standard of Performance. Consultant agrees that all services shall be performed in a competent, professional, and satisfactory manner in accordance with the standards prevalent in the industry, and that all goods, materials, equipment or personal property included within the services herein shall be o f good quality, fit for the purpose intended. 8. Performance to Satisfaction of City. Consultant agrees to perform all work to the satisfaction of City within the time specified. If Consultant's work is not satisfactory in the opinion of City's designated representative, City has the right to take appropriate action, including but not limited to any or all of the following: (i) meeting with Consultant to review the quality of the work and resolve matters of concern; (ii) • requiring Consultant to repeat or correct the work at no additional fee until it is satisfactory; (iii) suspending the delivery of new or additional work to Consultant for an indefinite time; (iv) withholding payment; and (v) terminating this Agreement as hereinafter set forth. City's options set forth herein are non - exclusive, and are in addition to any remedy available at law to City. 9. Prohibition Against Subcontracting or Assignment. Consultant shall not contract with any other entity to perform in whole or in part the services required hereunder • without the prior express written approval of City: In addition, neither the Agreement nor any interest herein may be transferred, assigned, conveyed, hypothecated, or encumbered voluntarily or by operation of law, whether for the benefit of creditors or otherwise, without the prior written approval of City. In the event of any unapproved transfer, including in any bankruptcy proceeding, City may void the Agreement at City's- option in its sole and absolute discretion. No approved transfer shall release any surety of Consultant of any liability hereunder without the express consent of City. 10. Compensation. Consultant shall be compensated on a time and material basis per the attached Schedule 2. In no event shall compensation exceed the approved task order . limit set by the Director of Public Works. 11. Insurance. Consultant shall have insurance as follows: 11.1 General "Liability (including premises and operations, contractual liability, personal injury, independent contractors liability): .One Million Dollars ($1,000,000.00) Single Limit, per occurrence. • If commercial general liability insurance or other form with a general aggregate limit is used, either the general aggregate shall apply separately to this project, or the general aggregate limit shall be three times the occurrence limit. 11.2 Automobile Liability (including owned, non - owned, and hired autos): One Million Dollars ($1,000,000.00), Single limit, per occurrence for bodily injury and property damage. • \ \Datafile\PWD Common \042 CIP 1.2 PSA Consultants \Prof Say Agreement Risk Manager Professionals doc 40- ., 11.3 Employer's Liability One Million Dollars ($1,000,000.00) per occurrence for injuries incurred in providing services under this Agreement (if Consultant is required to have per the laws of California). • 11.4 Workers Compensation Consultant shall, to the extent required by state law, provide Employee's Insurance Workers' Compensation Insurance for the protection of Consultant's employees. Consultant shall file a certificate of insurance which evidences that Consultant is in compliance with said Worker's Compensation Insurance requirement. Consultant shall require all subcontractors similarly to provide such Workers' Compensation Insurance and certificates of insurance for their respective employees. 11.5 Professional Liability Insurance Consultant shall have errors and omission insurance in the amount of $1,000,000. 11.6 General Requirements. All of Consultant's and its sub - contractor's policies of insurance shall: A. Name City, its officers, officials, employees, agents, representatives and volunteers (collectively hereinafter "City and City Personnel ") as additional insureds and contain no special limitations on the scope of protection afforded to City and City Personnel; B. Be primary insurance and shall provide that any insurance or self- insurance maintained by City or City Personnel shall be in excess of Consultant's insurance and shall not contribute with it; C. Be "occurrence" rather than "claims made" insurance; • D. Apply separately to each insured against whom claim is made or suit is brought, except with respect to the limits of the insurer's liability; E. Be endorsed to state that the insurer shall waive all rights of subrogation against City and City Personnel; and F. Be written by good and solvent insurer(s) admitted to do business in the State of California and acceptable to City. 11.7 Deductibles. Any deductibles or self - insured retentions must be declared to and approved by City prior to the execution of this Agreement by City. 11.8 Notice of Policy Changes. Each such insurance policy shall be endorsed to state that coverage shall not be suspended, voided, cancelled, reduced in coverage or in limits, non - renewed, or materially changed for any reason, without thirty (30) days prior written notice thereof given by the insurer to City by U.S. mail, certified, or by personal delivery. In addition to such notice provided to City by the insurer, Consultant shall also provide City with thirty (30) days prior written notice, by certified mail, return receipt requested, of the suspension, voiding, cancellation, 1\Datafile\PWD Common1042 CIP 1 2 PSA Consultants \Prof Sery Agreement Risk Managem3nt Professionals doc reduction in coverage or in limits, non - renewal, or material change for any reason, of any such insurance policy or policies. 11.9 Evidence of Coverage. Consultant shall furnish City with certificates of insurance demonstrating the coverage required by this Agreement which shall be received and approved by City not less than five (5) working days before work commences. The duplicate originals and original endorsements for each insurance policy shall be signed by a person authorized by that insurer to bind coverage on its behalf. The procuring of such insurance or the delivery of duplicate originals and endorsements evidencing the same shall not be construed as a limitation on Consultant's obligation to indemnify City and City Personnel. 12. Indemnification. Consultant shall indemnify, defend, and hold City and City Personnel harmless from and against any and all actions, claims, demands, judgments, attomey's fees, costs, damage to persons or property, penalties, obligations, expenses or liabilities that may be asserted or claimed by any person or entity arising out of the acts, errors, or omissions of Consultant, its employees, agents, representatives or subcontractors in the performance of any tasks or services for or on behalf of City, whether or not there is concurrent -active or passive negligence on the part of City and/or City Personnel; provided, however, that the Consultant shall not be required to indemnify, defend or hold harmless City or City Personnel against claims arising from the sole active negligence or willful misconduct of City or City Personnel. In connection therewith: 12.1 Consultant shall defend, with Counsel acceptable to City, any action or actions filed in connection with any such claimed damage, injury, penalty, obligation or liability, and shall pay all costs and expenses, including attorney's fees, incurred therewith. 12.2 In the event City and/or any City Personnel is made a party to any action or proceeding filed or prosecuted for any such claimed damage, injury, penalty, obligation or liability, Consultant shall defend City and pay to City any and all costs and expenses incurred by City in such action or proceeding, together with actual attorney's fees and expert witness fees. 13. Compliance with Laws. The Consultant shall put forth reasonable professional efforts to comply with applicable laws, codes and regulations in effect as of the date of the execution of this Agreement. Materially increased or duplicative services occasioned by design changes made necessary by newly enacted laws, codes and regulations after this date shall entitle the consultant to a reasonable adjustment in the schedule and, ' additional compensation commensurate with any agreed -upon modification in the Scope of Work provisions of this Agreement. 14. Independent Contractor. Contractor shall perform all services required herein as an independent contractor of City and shall remain at all times as to City a wholly independent contractor. City shall not in any way or for any purpose become or be deemed to be a partner or employer of Contractor in its business or otherwise, or a joint venturer, or a member of any joint enterprise with Contractor. Contractor shall not at any time or in any manner represent that it or any of its agents or employees are \ \Datafile \PWD Common \042 CIP 1 2 PSA Consultants\Prof Sery Agreement Risk Managennt Professionals doc agents or employees of City. Neither Contractor nor any of Contractor's employees shall, at any time, or in any way, be entitled to any sick leave, vacation, retirement, or • other fringe benefits from City; and neither Contractor nor any of its employees shall be paid by City any wage or overtime benefit. City is under no obligation to withhold State and Federal tax deductions from Contractor's compensation. Neither Contractor nor any of Contractor's employees shall be included in the competitive service, have any property right to any position, or any of the rights a City employee might otherwise have in the event of termination of employment. 15. Covenant Against Discrimination. Consultant covenants for itself, its heirs, executors, assigns, and all persons claiming under or through it, that there shall be no discrimination against any person on account of race, color, creed, relation, sex, marital status, national origin, or ancestry, in the performance of this Agreement. Consultant further covenants and agrees to comply with the terms of the Americans with Disabilities Act of 1990 (42 U.S.C. §12101 et seq.) as the same may be amended from time to time. 16. Termination By City. City reserves the right to terminate this Agreement at any time, with or without cause, upon written notice to Consultant. Upon receipt of any notice of termination from City, Consultant shall immediately cease all services hereunder except such as may be specifically approved in writing by City. Consultant shall be entitled to compensation for all services rendered prior to receipt of City's notice of termination and for any services authorized in writing by City thereafter. 17. Waiver. No delay or omission in the . exercise of any right or remedy by a nondefaulting party on any default shall impair such right or remedy or be construed as•a waiver. A party's consent to or approval of any act by the other party require the party's consent or approval shall not be deemed to waive or render unnecessary the other party's consent to or approval of any subsequent act. Any waiver by either party of any default must be in writing and shall not be a waiver of any other default concerning the same or any other provision of this Agreement. 18. Legal Actions. The Municipal and Superior Courts of the State of Califomia in the County of Orange shall have the exclusive jurisdiction of any litigation between the parties arising out of this Agreement. This Agreement shall be governed by, and construed under, the laws of the State of California. The rights and remedies of the parties are cumulative and the exercise by either party of one or more of such rights or remedies shall not preclude the exercise by it, at the same or different times, of any other rights or remedies for the same default or any other default by the other party. 19. Attorneys' Fees. If either party to this Agreement is required to initiate or defend, or is made a party to, any action or proceeding in any way connected with this - Agreement, the party prevailing in the final judgment in such action or proceeding, in addition to any other relief which may be granted, shall be entitled to litigation costs, including actual attorney's fees and expert witness fees. 20. Force Majeure. The time period specified in this Agreement for performance of work may be extended by City because of any delays due to unforeseeable causes beyond the control and without the fault or negligence of Consultant, including, but not restricted to, acts of God or of the public enemy, unusually severe weather, fires, earthquakes, floods, epidemics, quarantine restrictions, riots, strikes, freight \\Datafile\PWD Common \042 CIP 1 2 PSA Consultants\Prof Sery Agreement Risk Managen5nt Professionals doc • • iit embargoes, wars, litigation, and/or acts of any governmental agency, including City, provided that Consultant shall within ten (10) days of the commencement of such delay notify City in writing of the causes and length of the delay. If Consultant gives notice of such delay, City shall ascertain the facts and the extent of delay, and extend the time for performing the services for the period of the enforced delay, when and if in the judgement of City, such delay is justified. City's determination shall be made in writing, and shall be final and conclusive upon the parties to this Agreement. In no event shall Consultant be entitled to recover damages against City for any delay in the - performance of this Agreement, however caused. Consultant's sole remedy shall be extension of this Agreement. 21. Notices. Unless otherwise provided herein, all notices required to be delivered under this Agreement or under applicable law shall be personally delivered, or delivered by United States mail, prepaid, certified, return receipt requested, or by reputable document delivery service that provides a receipt showing date and time of delivery. Notices personally delivered or delivered by a document delivery service shall be effective upon receipt. Notices delivered by mail shall be effective at 5:00 p.m. on the second calendar day following dispatch. Notices shall be delivered to the following addresses: To City: Director of Public Works City of Seal Beach 211 Eighth Street Seal Beach, CA 90740 To Consultant: Risk Management Professionasl 27405 Puerta Real, Suite 220 Mission Viejo, CA 92691 22. Time of Essence. Time is of the essence in the performance of this Agreement. 23. Interpretation: Severability. The terms of this Agreement shall be construed in accordance with the meaning of the language used and shall not be construed for - or against either party by reason of the authorship of this Agreement or any other rule of construction which might otherwise apply. The Section headings are for purposes of convenience only, and shall not be construed to limit or extend the meaning of this Agreement. Each provision of this Agreement shall be severable from the whole. If any provision of this Agreement shall be found contrary to law, the remainder of this Agreement shall continue in full force. 24. Corporate Authority. The person(s) executing this Agreement on behalf of the parties hereto warrant that (i) such party is duly organized and existing, (ii) they are duly authorized to execute and deliver this Agreement on behalf of said party, (iii) by so executing this Agreement, such party is formally bound to the provisions of this Agreement, and (iv) the entering into this Agreement does not violate any provision of any other Agreement to which said party is bound. \\Datafle \PWD Common \042 CIP 12 PSA Consultants\Prof Sery Agreement Risk Managenent Professionals doc 0 • IN WITNESS WHEREOF, the parties have executed and entered into this Agreement for Contract Services as of the date first set' forth above. CITY OF SEAL BEACH CONSULTANT By: - By: Its: City Manager Its: - Attest: By: Its: City Clerk APPROVED AS TO FORM: - Quinn Barrow _ City Attorney • llDatafilelPWD Common1042 OP 12 PSA Consmltants\Prof Sery Agreement Risk Managcn7 t Professionals doc e Attachment 1 SCOPE OF WORK \\Datafile\PWD Common \042 CIP 1 2 PSA Consultants\Prof Sety Agreement Risk Managemgnt Professionals doc A 0 200 GENERAL REQUIREMENTS FOR THE SCOPE OF WORK • 200.1 EXAMINATION OF RFP /RFQ DOCUMENTS: The Consultant shall be solely responsible for examining the City's RFP /RFQ documents, including any addenda issued, and for informing itself with respect to any and all conditions which may in any way affect the amount or nature of the proposal, or the performance of the Services in the event the Consultant is selected. No relief for error or omission will be . given. 200.3 E MAIL: The Consultant shall supply and maintain individual Internet E — mail addresses for each of the project managers and principals involved in the project and other consultant personnel as the City deems necessary. 200.4 INVOICES: The Consultant shall submit not more than one invoice a month and shall obtain a copy of the accounts payable schedule. The invoice will be in a format that is acceptable to City Engineering Staff and shall detail individual personnel who worked on the project, specific tasks performed, hours worked, billing rate, total costs, and previous billing history, percentage of work completed, percentage of dollars spent. The Consultant shall prepare invoices that show costs against each major milestone task. The 'Consultant shall notify the City when the cumulative compensation payable under this Contract has reached 75% of the Contract not to exceed price. If at any time_the Consultant has reason to believe that the total cost to the Authority for the performance of this Contract will be greater or substantially less that the Contract not to exceed price, the Consultant shall notify the Consultant in writing to that effect and , give its revised estimate of the total cost for the performance of this Contract. The notice shall state the estimated amount of additional funds required to continue performance for the remainder of the contract term. In no event is the Consultant authorized to exceed the "not to exceed price" without prior written approval from the - City. 200.5 COMPUTER FILES: The Consultant shall supply the City with a digital and editable copy of all files that are included in the hard copy of the report. The Consultant shall use or transfer into the following formats: Word Processing: Microsoft Word, Spreadsheets: Excel, Databases: Filemaker Pro, Microsoft Access, GIS: ArcView, Drawings: Autocad. All final plans shall be submitted also on CD readable by City computers. All digital files shall be submitted on a CD ROM. The City shall have the right to use, duplicate, modify or disclose the technical data and the information contained therein. The Consultant agrees to provide any proprietary software or data used in conjunction with the project to the City, if requested, as long as the City pays for any additional licensing costs. _ 200.6 KEY PERSONNEL: The Consultant shall not reassign any personnel mentioned in the RFQ /Interview process unless under extraordinary circumstances. The Consultant shall secure the prior written approval the City for any change or reassignment of the key personnel, submitting written documentation of the new individual's qualification. \ \Datafile \PWD Common \042 CIP 1 2 PSA Consultants \Prof Sen• Agreement Risk Managemytt Professionals doe • I/ The Consultant's project manager shall supervise and direct the services, and have overall responsibility for the services in accordance with the Consultant agreement and Scope of Work. The Consultant shall be solely responsible for implementation of all services, means, methods, techniques, sequences, and procedures and for coordination of all portions of the services. All workers shall have sufficient skill and experience to perform the work assigned to them. The City shall have the right, in its absolute discretion to require the removal of the Consultant's personnel at any level assigned to the performance of the Services at no additional fee to the City, if the City considers such removal necessary and in its best interest and request such removal in writing. Further, an employee who is dismissed for any of the above reasons shall not be re- employed on this Contract. 200.7 UNAUTHORIZED WORK: Any services not required by the terms of the final scope of work or proposal that are performed without written authority from the City, will be considered as unauthorized and at the sole expense of the Consultant. Services so performed will not be paid for, and no extension in the period of performance shall be granted on account thereof. 200.8 AUDITS: The Consultant shall keep and maintain full and complete records and books of account of its costs and expenses relating to the performance of the Services, in accordance with generally accepted accounting practices. Such records _ and accounts shall permit the Consultant to furnish the City, upon written notice, an accurate written allocation of the costs to the various elements of the Services, as may be required by the Authority. Upon reasonable advance written notice the City or its representatives shall have the, right to examine, any books, records, accounts, and other documents of the Consultant directly pertaining to costs when such costs are the basis of. a claim or of reimbursement to the Consultant hereunder. The Consultant will make reasonable efforts to assure that the any such representative is not a competitor of the Consultant to which the disclosure of such cost information would have a detrimental effect on the Consultant's business. The Consultant shall keep and preserve all such books, records, accounts, and other documents for a period of at least three years after completion of the Services and Final Payment or if this Contract is terminated in whole or in part after the final termination agreement. 200.9 CONSULTANT'S INTERACTION WITH MEDIA AND THE PUBLIC: The Consultant shall refer all inquiries from the news media to the City. If the Consultant receives a complaint from a citizen or the community, the Consultant shall inform the City what action was taken to alleviate the • 200.10 SUBCONTRACTORS /SUBCONSULTANT: The City reserves the right of prior approval of all subcontractors and retains the right to request the Consultant to terminate any subcontractor, for any reason appropriate by the City, by so notifying the Consultant in writing. Should said notification be submitted to the Consultant, it shall terminate said subcontractor immediately. • The City shall have no liability to any subcontractor(s) for payment for services under this Contract or other work performed for Consultant. Any subcontract entered into by Consultant under the contract shall duly note that the responsibility for payment \ \Datafile\PWD Common\042 CIP 12 PSA Consultants\Prof Sery Agreement Risk Managenrot Professionals doc 0 . 0 for the technical services or any other services performed shall be the sole responsibility of the Consultant. 200.11 DIRECT EXPENSES: It is expected that the Consultant has extensive knowledge and experience performing this type of work. The Consultant shall prepare a not to exceed budget for direct expenses and breakdown costs for services such as copying, blue prints, computer time, reproduction, delivery, and any other foreseeable expense not covered in the Consultant's hourly rates. Therefore, the Consultant shall receive no additional compensation beyond that which is detailed in their budget. The City will not pay for mileage charges. - 200.12 INSURANCE: The Consultant shall obtain a minimum of $1,000,000 worth of professional error and omissions insurance prior to entering into an agreement with the City. The insurance requirement is non - negotiable. 200.13 RETENTION FOR CALTRANS: Not Used. • \ \Datafile\PWD Common \042 CIP 1 2 PSA Consultants \Prof Sery Agreement Risk Managettleyt Professionals doc • • . • 201 SPECIFIC REQUIREMENTS FOR THE SCOPE OF WORK \ \Datafile\PWD Common \042 CIP 1 2 PSA Consultants\Prof Sery Agreement Risk Manageni 2t Professionals doc 0 0 APPROACH AND SCOPE OF WORK Methodology The purpose of the proposed effort is to perform a Vulnerability Assessment of the security of the drinking water system as required by the Public Health Security and Bioterrorism Preparedness and Response Act of 2002. We will use the Risk Assessment Methodology for Water Utilities (RAM -W developed by Sandia National Laboratories as our approach to perform the Security Vulnerability Assessment (SVA). Based on this approach and the USEPA's Instructions to Assist Community Water Systems in Complying with the Public Health Security and Bioterrorism Preparedness and Response Act of 2002, we have prepared a project plan which provides a comprehensive, pragmatic, and cost - effective solution to determining vulnerabilities. We have not reiterated the RAM -W methodology in this proposal, but have instead focused on describing the effective application of the methodology to meet your specific needs. As identified in the RAM -W methodology, the SVA is the foundation upon which informed decisions can be made to reduce risks from malevolent actions. This basis for decisions is needed to ensure that you will gain as much as possible from the funds set aside to implement the recommended improvements to facilities, equipment, and procedures. This decision - making platform is developed by creating a comprehensive list of scenarios and an assessment of the likelihood and severity for each scenario. This list will be developed through the use of a systematic approach and the participation of a team with expertise in security. Our experience has shown that a prioritized list of recommendations (typically not provided by SVA Contractors) provides significantly increased value to you by allowing the prioritization of capital funds. This team approach (that includes specific participation by the water utility) is a unique approach used by the RMP Project Team that removes the potential for impractical and unusable recommendations (often produced by SVA Contractors that perform this key evaluation without direct customer involvement). Using the enhanced RAM -W methodology and other techniques which have been applied in the process safety field, we will identify and evaluate potential scenarios based upon malevolent acts towards critical facilities. These scenarios will be ranked according to their severity and likelihood by a panel of experts from our Project Team and key water personnel. The ranked list of scenarios will provide the basis for recommending changes to current emergency response and security programs, and improvements to other programs and activities, facilities, and systems (i.e., capital ill 6 -1 R� , JP do • improvements). The ranking also allows water management to prioritize the recommendations and develop a cost - effective plan for improving security and reducing vulnerability. In summary, the foundation of our approach builds on the lessons - learned from our Tier I through Tier III SVA projects to enhance the Sandia RAM -W methodology to: • Focus on the analysis tasks that yield the greatest information for the effort expended • Provide recommended improvements that are usable to you • Prioritize the recommendations to facilitate the development of an action plan Security and Confidentiality of Project Information We understand that disclosure of any information gathered as part of the assessment has the potential to pose a significant risk to public health and safety. During the project, RMP and all member companies of the Project Team will take every precaution to secure all project records and destroy all drafts. After the project is completed, RMP and all member companies of the Project Team will return all documents obtained or generated during the course of this project. We have developed specific procedures for obtaining, processing, storing, and transporting security- sensitive information. The procedure offers various options for our clients, and our standard security procedures include use of secure computer drives, use of a fireproof safe, and use of latest electronic encryption methods. These procedures and options will be discussed with your management team during the project initiation task to make a final determination of the approach that will be used to ensure long -term security of the information. All members of the Project Team (including support staff) will be specifically instructed to keep confidential all information (paper, electronic, and verbal) obtained or generated in the course of the proposed project. Task leaders and project management will maintain strict vigilance while implementing this critical aspect of the project. Quality Control RMP has an established internal quality assurance practice that requires work products to be reviewed by an independent, senior member of the project team. For projects on #1 6 -2 R U P MY 411i • which our clients require a formal quality control process, RMP implements the following . steps: • A senior member of the technical staff is identified as the person responsible for quality control and is not assigned any efforts associated with that project task. • As each work product is drafted, the person responsible for quality control reviews it and then generates an internal memo providing comments back to the technical leads. • The work product is updated by the responsible analyst and resubmitted for quality control review. • The review process is repeated until the Project Manager verifies completion of the work product. • The same review process is applied to all deliverables to the client. All deliverables must receive an authorization from the Project Manager to be released to the client for review. Documentation for the review process is created and maintained with the project files. Project Approach This section of the proposal has been partitioned into sequential work tasks. The next several sections contain our proposed methodology and the requisite tasks which are required per the USEPA's Instructions to Assist Community Water Systems in Complying with the Public Health Security and Bioterrorism Preparedness and Response Act of 2002. Work Plan — Identification and resolution of issues during the early stages of the project are critical to delivering a quality project to you on time and on budget. One tool that we have found to be helpful is having a work plan that generally shows the key elements of the project. The work plan identifies submittals, meetings, activities, reviews, and goals for the project. A proposed work plan for the project is shown on the following page. This work plan may be modified according to your preferences. J 6 -3 Raj SNP O E la . t , • 1 Z m T u c 6 ..v.p ,�,i1.', 5,, '4 _ LL el.,;', Y � . , { a $ ` , ' ,,p• , -, 3• < m gg J p �[3 �$'.�y j m i. 4.,4 E G � @ Q µ, ,: T Y W a m 1 '' „.' 4 e P ¢ 1 1 $ m W 'f° a W cot.. V 5, • u i ' _ , &' a < b " 4 �w ` a It Q q w , • _ € ¢ . • � , t • y" qSr e 1 r . , fi r ; ''• • ' -C i :.�%.`.',. t .at - 7,.7''1 S ,�!r v : is•`. w 6 ' i • •t T ''�fis ' $ • Z r . 1 2. p r;yt• ...47,14 �g 3 LL 3 0 1 ca m _ N 11 Z F .^ . 3a g,.'{`;',. itIv A i r _g N m * 2E rm, gm " S a ., '. • • a. w '. �. ' • 4�..,t . :' � I. as arc 1 " r LN f � t , ' < } :. 44'e". 0' , ^ cal Y 1 a E - , • ce F (• vt `:,.• +e: ., a ,A' fit a x i_ .. , • • - _ (5 , 1. :-. zL‘. 4 . 4 . ▪ .4t& : Ce a 'Ir' • - ‘.p I --01, ,J.4:4;14,,, JA, . ." ); ZI .,:,.. i ' 'N'iticp• "I'• • .i ‘ eztitam /� Q J Z g p l x . %.,: J R }t Y :\ • t V h •Y �t �`tp. •ioat'" e ' 3 Ai l 3 t x}4n1fSt� al S t Y; % go; T �t F a Q c d . t� • , w•. • 11 � 1 i `. N' .1 E r t y ; . . ar ► q w rj ffi $ r ; 1.4 < ev'y c2,2 t c 7 „g , „ , ' LL F Nn ate LL t , , m at t . st• + � Ct § Ey .; `_ ' - -4,si /// C V. :. x: s 47 l 2 `•S i• K � � -�'.,, Z 4" ,C4',,,,:‘.7,4 ..� , a yy.W. . yy � am .,, �� ¢.fi M`f1;r� ' R .' + t • , t $;t�'• ) ' (! +r' - ; ' 3 �,yy� .S aF' L - ,+'2,,,*` ` • • 'l . R tx ,, F ., . t L , LiJ al C k .: it.': a -51 $y • •;s LA�J• ell r 4 i I m 6 • •i: > Ya+ .r.:,R% .•a. . fir, , , - , 1 .1 t p; t " . 1 4 6.,, a z....s ,,, tr,. 0 t : , .; . , • , oz.''' a r;:k .• .. - ,ex e .ce=„- 1.4 "1: i : g ' : j ,.(2 ; !I : ” yt tta• •1 � a c 4 m . Y � : a s G ` ,Y L, k . ,•„n E i:,,,4,,.• f p D E S n ' � r a �` y ++ ' 1 f 4 •r t � , M V m LL1� N d -,t* P;jr s : ; t 'Y., - ; ,4 , t'`' . S12lOdd3 )1110A11 S3187213AI13Q' SdOHSJIaOM S1ifS32f '8 S9NI133W 1 •\ Proposed Scope of Work for Compliance with EPA Requirements The final products of the proposed effort will include the following: • A Security Vulnerability Assessment Report • A ranked list of potential sources of threat to critical facilities • A list of recommendations and their risk -based justification • A Security Enhancement/Prioritization Plan to present budget level cost and schedule information Proposed Technical Approach Security Vulnerability Assessment: Task 1 Project Initiation and Facility Prioritization (define mission objectives) Task 2 Threat Assessment • Physical Threat Assessment • Cyber Threat Assessment • Chemical, Biological, and Radiological Threat Background Information (Optional) Task 3 Analysis of Priority Level A Facilities (Facility Characterization, System Effectiveness Determination, and Risk Assessment) • Facility Walkdowns (Site Visits) • Scenario Identification and Analysis (SIA) Workshops involving Utility Personnel • Development of Risk Values and Risk - Ranked Recommendations Task 4 Prepare Reports Task 5 Project Reporting (Optional) Task 6 Security Enhancement/Prioritization Plan (SEPP) — Capital Improvements Emergency Response Plan: , Task 1 Emergency Response Plan Development 6 -5 RAP • • Task 1 Project Initiation and Facility Prioritization (define mission objectives) A kick -off meeting and familiarization training will be held with utility management and key members of the Project Team. The following subjects will be addressed during this meeting: Proiect Initiation • Scope Verification - The physical systems to be included in the Security Vulnerability Assessment (SVA) will be verified. • Methodology - A presentation of the specific methodology for the SVA will be provided by the Project Manager. As noted in the preceding section, key elements of the RAM -W methodology developed by Sandia will be used as the basis of the SVA. • Criteria for Facility /Systems Prioritization - A set of criteria for prioritizing facilities will be proposed for review and approval. Measures such as "Percentage of Demand" and "Criticality of Users" may be used to develop the facility prioritization criteria. These criteria will then be used to work with utility personnel to interactively prioritize facilities. • Schedule - Key milestones for: interim results presentation, draft reports submittals, and final report submittals will be discussed. • Resources (Utility Personnel) - Operational and supervisory personnel are specifically included in the brainstorming sessions and management personnel will be involved in making key decisions. The project kick -off meeting will also summarize the roles of utility personnel and the specific levels of effort for each project activity. For Scenario Identification and Analysis (SIA) Workshops, the participation of area managers from water operations, operations personnel, the security manager, engineering personnel, and SCADA system personnel will be required to achieve the desired quality. • Resources (Documentation) — You will be provided with a list of data which will be required including: engineering drawings, procedures, water quality reports, etc. • Resources (Local Authorities) — You are encouraged to invite the participation of personnel from local law enforcement and emergency response organizations having jurisdiction over utility assets. Participation from other interfacing water agencies might also be desirable. These personnel may also be providing documentation to be used during the brainstorming sessions and other portions Of 6 -6 Ft 1 • • of the project. During the course of the project, we will discuss your preferred method of approaching other groups for information and participation. • Communication - Electronic communication policies (i.e., file encryption) will be discussed. • Information Control - Steps which RMP and the utility will take to protect and control the information that will be generated while conducting this project will be verified during the Project Kick -off Meeting. • Facility Prioritization Immediately subsequent to the kick -off meeting, utility facilities will be prioritized using the criteria assigned. For example, for the measure "Percentage of Demand," each facility will be compared to all the other facilities based on the amount of water provided. The process will be repeated for each criteria defined in this Task. We plan to hold the prioritization meeting immediately following the Project Initiation meeting to ensure that efforts are focused. During the course of the Facility Prioritization session, the Project Team will use ' customized software assembled by Risk Management Professionals to interactively rank the facilities in terms of their contributions to utility criteria. The prioritized list will allow the Project Team to focus on the facilities which are higher priority. Based on past experience of the Project Team in analyzing large complex systems, 'it is expected that ' the facilities will be binned into two priority groups. • Priority Level A, the high priority facilities, will be analyzed first using the full extent of recommended approach. A maximum of 10 Priority Level A facilities or . groups will be analyzed as part of the Scenario Identification and Analysis (SIA) Workshop in Task 3. • Priority Level B, the lower priority facilities, may be visited during the Walkdowns, and if there is sufficient time during the schedule meetings, will be analyzed as appropriate. Task 1 Deliverables: • Criteria for facility prioritization • Project plan presentation • Methodology summary presentation • Schedule of deliverables, meetings, topics, and participants • A description of prioritization methodology • pit 6 -7 Roil' rr.o.rwv...rw • • • A prioritized list of facilities and systems • A list of facilities to be included in the Security Vulnerability Assessment Task 1 Specialties: • Customized software that enhances performance efficiency and allows interactive projection of results during the team meetings. • Experience which facilitates the rapid completion of this task. Task 2 Threat Assessment Several key issues will be addressed in Task 2: Physical Threat Assessment — The objective of the Physical Threat Assessment is to gain an understanding of the nature and motives of groups or individuals who might wish to cause harm to utility facilities or its customers. This task requires participation of local law enforcement to assist in determining possible sources of threat, their motivations, past activities, modus operandi, and possible interest in utility facilities. Risk Management Professionals has developed a customized Threat Evaluation Matrix that includes a list of potential adversaries and the associated potential risk ranking (High, Medium, Low) for each adversary. During the Scenario Identification and Analysis (SIA) Workshop, local law enforcement will provide insight to determine the probability of attack based upon law enforcement intelligence and knowledge of past incidents. From these insights, the Project Team will rank, (High, Medium, Low) the adversaries' probability of attack based upon the above variables. In addition to terrorist acts, the Project Team will also evaluate sabotage threats. As an option, in addition to the input from law enforcement, Risk Management Professionals can also offer an independent threat assessment of adversaries active in the utility's local area. Cyber Threat Assessment — Risk Management Professionals will assess the utility SCADA system using a customized audit checklist derived from the Sandia RAM -W Methodology and provide the utility with a customized list of "Best Practices" for the utility to implement at their discretion. As an optional task, the Project Team will analyze the utility SCADA System for potential vulnerabilities via the internet or dial -up links. These vulnerabilities, in conjunction with the Physical Threat Assessment, will provide a likelihood of attack on the SCADA System via electronic methods and identify recommendations for 6 -8 R dP 0 • improvement. This portion of the SVA will focus on potential weaknesses and will include an analysis of firewall protection and dial -in weaknesses (if any). Physical security of access points and direct access to control equipment by authorized personnel will have already been evaluated, in detail, during the Scenario Identification and Analysis Workshop. Particular emphasis on this evaluation will be placed on any modem access points, intrusion detection systems, routers, firewall, switches, and radio and land -based telemetry systems. This SCADA System design does not typically include connections to the business network, so an Information Technology assessment is not planned for this Cyber Threat Assessment task, however, specific concerns will be addressed as appropriate. Additionally, as part of this optional task, a review of IS and SCADA policies will be conducted. This will include a review of e-mail policies, acceptable internet use policies, password policies, hiring /termination policies, anti -virus policies, system log policies, incident response policies, remote access policies, , system /network administrator certification and training policies, backup and restore policies, and business continuity disaster recovery plans and policies. Chemical, Biological, and Radiological Threat Technical Memorandum (Optional) — In addition, a technical memorandum detailing the impacts of chemical, biological, and radiological contaminants will be provided to the utility as background information for the Scenario Identification and Analysis (SIA) Workshops. Chemical, biological, and radiological contamination issues will be addressed during the SIA sessions. Recommendations of the feasibility, cost/benefit, and practical logistics of installing water quality monitoring devices will precipitate from these sessions. Task 2 Deliverables: • A technical memorandum describing the updated data gathered and records researched to determine threats, and providing updated Probability of Attack Ranking Values. • A list of system deficiencies /vulnerabilities and common industry best practices for implementation Task 2 Specialties: • Experience in security and threat assessment maximizes the value of the Physical Threat Assessment results. Re ItliP • 0 Task 3 Analysis of Priority Level A Facilities (Facility Characterization, System Effectiveness Determination, and Risk Assessment) The objectives of Task 3 are as follows: • Identify a comprehensive list of scenarios for possible avenues of attack, and existing safeguards that may prevent or mitigate an attack • Determine a consequence level for each scenario • Determine qualitative probabilities for each scenario • Determine the risk of each scenario • Create a preliminary list of recommendations For Priority Level A facilities, the Project Team and utility personnel will conduct inspections of the facilities, and determine both the likely routes of attack and any safeguards already present to prevent or mitigate an attack as appropriate. Facilities will be photographed during the inspections. Our experience has shown that extensive use of facility and equipment photographs has been conducive to creating a high - quality product. In an effort to reduce travel costs, RMP plans to conduct Facility Walkdowns subsequent to the Facility Prioritization. Brainstorming sessions (Scenario Identification and Analysis (SIA) Workshops) will be held with the Project Team and utility staff to identify scenarios, their consequences, their safeguards, and their severities. Both hardware and administrative /operational procedures will be taken into account when determining safeguards. During the . process, the Emergency Response Plan, the emergency training practices, and utility administrative policies, procedures, and programs will also be assessed. Safeguards will be categorized as Deterrence, Detection, Delay, Response, or Mitigation. In addition to the core members, various experts from both the Project Team and utility staff may be invited to portions of the meeting to provide insight into particular scenarios. The SIA Workshops will produce a list of specific recommendations for protecting vulnerable water distribution system elements, enhancing the physical security of the facilities, modifying existing administrative programs and procedures, and updating the Emergency Response Plan. Recommendations will be categorized based upon implementation, for example: as Security Hardware, Administrative, etc. RAP 6 -10 • • ;,...a Risk Management Professionals' custom rWrs,x�o gym 9. • r software (PHAPIusTM) will be used to "� �9.. r{ tlwu_IYierl ®o.+.6r.r�61�+e1!•rrl - • - • r._• r� rw_. ®' record and document the sessions, and r ; •- . for tracking recommendations. This off ( r ..��. � • • _ • : ; software includes support for Security -°�`°' '"°` ( Vulnerability Assessments, and as a Rd r - - . 1 J """ - J� Y w• ,(.• • S , value -added benefit, RMP, will provide a •.- copy of PHAPIus to provide flexibility and the option to perform periodic N x .� , -�.�:, • . updates. RMP is the only Security • • ; ice ' • = • • Vulnerability Assessment specialist with • • - • • this particular capability. Task 3 Deliverables: • Facility photographs, site sketches, and /or other appropriate documentation (a provided CD at the end of the project will include all original digital image files (JPG), as well as a cataloged collection suitable for report documentation and referencing) • A description of the physical system (production, distribution, storage, population, area, etc.) • A description of water sources and their locations • A report section documenting the methodology used to determine the scenarios • Worksheets containing the scenarios characterizing malevolent acts, existing safeguards, and risk of the scenarios for critical facilities • A preliminary list of recommendations that will include a brief description and basis • A complementary copy of PHAPIus Software following project completion Task 3 Specialties: • Use of PHAPIus enhances performance efficiency and has an integrated action item tracking tool for SVA recommendations that saves time and effort for SVA follow -up activities and minimizes the potential for the non - completion of recommendations (which are predicted to be a subject of future USEPA or DHS audits). 6 -11 Ku wP 0 0 • The SIA Session approach used by Risk Management Professionals is a hybrid approach where we have adopted some of the practices that we have employed for years in the performance of safety assessments. A unique feature of our SIA Sessions is the use of two individuals and two personal computers when appropriate to help efficiently guide the Project Team. One individual uses a personal computer to display key photographs from our walkdowns, using , a projector, to help focus and guide the team discussions, while the other individual records key information using the PHAPIus Task 4 Prepare Report A complete Security Vulnerability Assessment Report will be provided to the utility and will include the following:_ • A summary of the methodology and approach employed, including prioritization criteria • A prioritized list of facilities reviewed • Names and qualifications of both Project Team and utility members • A ranked list of scenarios identified for critical facilities, along with existing mitigation features - . • Final prioritized list of recommendations • A USEPA submittal document During the Project Initiation Meeting, the report contents will be reviewed with the Project Team and adjusted as necessary to optimize report usefulness. The table on the following page contains a typical table of contents for one of our Tier III SVA Reports. ' All reports and deliverables will undergo a thorough quality control review process by the Project Team before delivery. In addition, a draft of each portion of the report will be issued for key utility personnel to review and approve so their comments can be incorporated into the final version. As noted in the preceding section, all reports and work products will be treated as confidential materials and will be strictly controlled by all members of the Project Team. Task 4 Deliverables: • Draft Security Vulnerability Assessment Report for Review (1 hardcopy) ilf IP 6 -12 RI) • • • Final Security Vulnerability Assessment Report (1 hardcopy and a CD containing all electronic files) • All Security Vulnerability Assessment Supporting Documentation • USEPA Submittal Document (1 hardcopy) Task 4 Specialties: • Unlike many pure security firms, the RMP Team Members are accustomed to report writing and the logistics associated with producing a quality report. iii 6 -13 F a iP • • Example Tier III SVA Report Table of Contents TABLE OF CONTENTS Executive Summary 1.0 Introduction and Compliance Matrix 2.0 Methodology 3.0 Prioritization 4.0 Threat Assessment • Adversary Threats • Cyber Threats • Biological, Chemical, and Radiological Contaminant Threats 5.0 Site Characterization — Scenario Identification & Analysis (SIA), and Risk Assessment 6.0 Risk - Ranked Recommendations and Security Enhancement/Prioritization Plan (SEPP) • Appendix A — Threat Assessment • Adversary Threats Assessment • Cyber Threat Assessment • Evauation of Biological, Chemical, and Radiological Agents for Use in a Malevolent Act Appendix B — Site Photographs Appendix C — Full Scenario Identification and Analysis (SIA) Worksheets Appendix D — Security Enhancement/Prioritization Plan (SEPP) Appendix E — Team Member Qualifications Statements Note: Appendices are not included in the EPA submittal Task 5 Project Reporting (Optional) RMP will present the SVA report at 90% completion to utility management to discuss process and results. This proposal has been prepared using the assumption that only one such meeting for a management presentation will be required. Task 5 Deliverables: . • A formal presentation to utility management • Presentation notes Task 6 Security Enhancement/Prioritization Plan (SEPP) — Capital Improvements Recommendations precipitating from this SVA are expected to include recommendations for capital improvements, such as installation of tamper- resistant equipment, alarm and surveillance systems, etc. While the utility can develop cost and schedule for these items on its own, we find that many clients wish to determine the budget and schedule, and so we have included this information. An estimated Security Enhancement/Prioritization Plan (SEPP) and justification for the proposed capital l 6 -14 F • • improvements will be developed to explain why and how recommendations should be completed. Project estimates will be detailed enough to prepare construction cost, annual operations, and maintenance cost estimates within approximately 30 percent of actual costs. The cost estimate provided in this proposal is based on approximately 20 prioritized security and 20 prioritized engineering related recommendations. The Project Team will develop a security strategy that balances industry standards with critical Facility specific conditions. The strategy shall address physical equipment (types, locations, ranges, etc.), operational procedures, alarms, tiers of protection, etc. The Project Team will meet with stakeholders while developing this strategy. Please . note that system integration, while highly recommended, is not required by law or regulation as a part of the Security Vulnerability Assessment. Task 6 Deliverables: . • A report of the capital improvement recommendations including the following: o A description and basis for the capital improvement projects o A possible implementation schedule for each capital improvement project o Preliminary construction /maintenance cost estimates o Preliminary estimate for annual operating and maintenance expenses a y i 6 -15 • • Task 1 Emergency Response Plan Development to Address Contemporary ERP Issues and Incorporate SVA Requirements Although the US EPA's requirements for SVA Programs only address the incorporation of the emergency response to security - related scenarios and the incorporation of specific recommendations for ERP updates generated from the SVA, some existing ERPs do not reflect certain contemporary ERP practices. One of these requirements is ensuring that the ERP is compatible with Standardized Emergency Management System (SEMS) specifications. SEMS specifications were originally developed to apply to state and local emergency response agencies and to standardize response to emergencies involving multiple jurisdictions or multiple agencies. However, a good • quality ERP should be compatible with SEMS to allow for a smooth interface with the operations of the municipal emergency response agency to ensure effective response to an emergency and provide the ability to operate under Unified Command. In addition, as part of this task, the ERP will be organized in a manner that facilitates ease of use. This would include an intuitive organization, flow diagrams that guide the reader where to go to get more information, and tabs that identify where important items are located in the binder. The plan will define the responsibilities of various organizational entities of the City of Seal Beach, expected actions before, during, and after an emergency, equipment that should be maintained in a ready condition at all times, proper training of personnel, and maintenance of the ERP document. Scenario -based emergency response procedures will be reviewed and new scenarios added where appropriate. The scenarios will be selected based on the potential events identified during the workshops and concurrence of you and your staff. These emergency procedures will be added to the ERP, which will also serve as a stand -alone document that will address each scenario separately in terms of activation of a procedure, responsible persons, required tools, specific actions that should be taken, precautionary statements, criteria to contact other agencies, etc. The plan will include a list of all key contacts and their telephone numbers and addresses where relevant. The plan will also include administrative procedures for personnel training and maintaining the plan. The ERP produced in this task will be certified compliant with relevant requirements of the Federal EPA and State Regulations. '' 6 -15 R;�P r�� • • Two key additional requirements for the Emergency Response Plan (ERP) precipitate from the performance of the Security Vulnerability Assessment (SVA): a) incorporate specific recommendations for ERP updates generated during the SVA b) include responses to security- related scenarios (e.g., intrusion, physical attack, explosives, or contamination - nuclear, chemical, biological) As part of this task, the above ERP will be reviewed and augmented by personnel experienced in the creation of ERPs to address these specific requirements, as well as other SVA- related needs precipitating from this review. The ERP will be updated using the security threat scenarios postulated and ranked in the SVA, as well as the recommendations developed by the SVA Project Team. Task 1 Deliverables: • A SEMS compatible Emergency Response Plan that addresses contemporary issues with the incorporation of SVA recommendations and additional security - related scenarios. 6 -16 R � P ill • Attachment 2 SCHEDULE OF COMPENSATION \\Datafile \PWD Common \042 CIP 1 2 PSA Consultants\Prof Sery Agreement Risk Managenlegt Professionals doc • • PROJECT COSTS Based on our experience with Tier I and Tier II SVA Projects, Risk Management Professionals has adopted an approach for Tier III SVA Projects that uses those elements of the Sandia RAM -W Methodology that provide measurable insights and tangible results, but does not use those optional elements of the RAM -W Methodology that provide minimal value. In this manner, we have crafted a streamlined RAM -W approach that addresses all of the USEPA requirements in a focused manner. A description of the key tasks involved in the streamlined approach is detailed in the section entitled "Approach and Scope of Work ". Risk Management Professionals, Inc. will conduct the proposed scope described in this proposal on a time and materials basis with a not -to- exceed budget of $14,275 for the Security Vulnerability Assessment. The following page provides a detailed summary of this budget, delineated by task. As part of the cost summary, Risk Management Professionals, Inc. has partitioned the estimated Project Team personnel labor hours per task, including classification and billing rate, for each task separately. Included in this section is a table detailing the estimated involvement hours of all Project Team members listed by tasks as described in the scope of work in this proposal. In addition to the cost summary, we have further provided a standard rate schedule including hourly rate for each person assigned to this project and any other applicable direct costs, such as mileage and travel expenses in Appendix B. Invoices will be issued monthly, and will include a brief description of project work conducted within the billing period and a breakdown of the fee, by the hours charged and individuals charging those hours. During contract negotiations, we would be happy to discuss mechanisms for maximizing value and reducing cost, by varying task scope or through direct involvement of your personnel. �„ l 8 -1 11 nP • 1 City of Seal Beach Security Vulnerability Assessment and Emergency Response Plan • Cost Summary ._., ,-w 'Y ^': --rte T ,^�, ,..� ,,.- .++-,.. - , - 1 _.._ - _,...._ - ...._ .•.. Security Vulnerability Assessment P - ma Ts:' �'� Pya d' -mot "w" z" r .' '••�; �' . y v s`�° ,� _ .. ^'`'�.. •t r r _ p •U "HQ trs' -. y . "N($"' rya eak � ^ .s. ": ..•i ^.+_ •e...a....r i ..e � t xw 4.: " <� r r t 'P 7 :=.• .. Project Administration 4 PHASE 1 : Task:1'- Project. Initiation.; _ " I 7 - 1 a: ;t "4:.:Rry tr , :f:,,,: ,. ,, ? • ;° a : w . Kickoff Meeting and Familiarization Training 2 2 Prioritization _ 2 6 ;Mkt Th at Arseat v : � T - J r�N� °� , a v X � ++- n; n i y p� i . . e'7 �v s� 1 +^ ��tf��k �r _ '•t. e m ._.,.a.....m .�. ?�:.•el...tr. �" � 1374M, Physical Physical Threat Assessment Characterization (Assessment of Potential Adversaries) 3 2 -- , Cyber Threat Audit 2 10 1 a•. -w+•.. - .••- ei- s-- , . -'""' - .•• -• '-- •av -,w. ; - e .+- „...• - .. .,""'Y7`°'a"F"' s 7,SV i � ` Task3Analysis ,ofPNontyevel'AFacilities." _,, .;;+ °�`"'" °:� °g#;.. ?, �_" � �a Walkdowns - High Priority Facilities 5 5 Scenario Identification and Analysis (SIA) - High Priority Facilities 16 20 Risk Analysis and Recommendation Prioritization 5 8 2 ^8 :-x •c•-, '�r' � :" a �,.- -• - +,,.,. TMs.- .S!- ^t' • fie Yy r-. ; .M, _ - ��, v .,,•.,,._� y . � fi - . r;r; m, -�%� �+y, ma � - Task 4.��Pre Re ort "s - � . � • s �` �' .,µ �. r r . , ,,;,.�_;'. ,� '� i &;��' ° "" , � . •,?:�'` Pam.:... P. _:53�w, -zi,.: -- _�,.:. �?'.^.., i'.....�.: -s:.� �:..__,. -..�_ � sa -'� -:':: _..,...::•t.ga..:�,�t..-s Report Generation 8 8 16 Task =6 = Ca ifal'.Im royements'� rT�_ . -__ Yh •• _ �'; • 'a;•; , 3,, -� . : - Security Enhancement / Prioritization Plan (SEPP) 4 16 2 Subtotal Costs for Phase 1 Non -Optional Tasks $6,370 $6,750 $1,155 :; 770: 'tea :!1. T-7 - - '� :? a :.'GG 7 ".77"1.4 _° o- t• , -' - n -� it .1. , .t:IF:iiT;S;r. i N t•:y i. , -1 t ` - . -; , a.. ..`ra.. rja '"M:`' ',�� ^ "' ,, .'d •, r'� ., • .. }' ,. • •.. ••.. .'; •. .. .,r-i • T +'; . °. n -- ,•.b.,;d +:r'.'v:x, ^'llh• - � Recommended Optional Tasks - Not Required to Fulfill EPA Requirements: Phase 1 ::tTask 2:7,ThreatAseessment_ ^'�,s "•; . _;;,:, ` , r r Task 2 - Chemical /Biologlcal/Radiological Threat Background Information Technical Memorandum 1 4 1.5 Detailed Physical Threat Assessment (Incremental Cost) 1 16 Cyber Threat Assessment (Incremental Cost) 1 8 _ #4 l . �.. • � +� "t�'s 3. ........ ..._:. •- a ... = ' ?'• ...a 5;2t:: �di: 1 :.di..+.. A J 'i ` ! �liase:l': ~.'Task ar •Project Reportiri .� , "' � ': ;° ' � -- �� ., { " Y '°°'i' ° i ,��, Management Presentation 6 - - 2 Phase.i.; : Task 6 - Capital'Inipro V @t17@IttS ,.. F. • �' ..a � � .. 7 '�` t `, � -�` -' ' � � s� �:Q.: Recommendations Review with Client 2 6 1 Emergency Response Plan PHASE 2: likelt-taelitencyftelponse Plan Development. _L.: *: .r.:: ..... ; � , , i ... Emergency Response Plan Creation (compatible with SEMS' specifications) 24 60 12 'SEMS - Standardized Eme .en Mana • - ment S tem _. - - r w , .- , y ' •. ASx xca...i:',:•a�l�'...: y __r.. ,. � • ., _i...... , ., w •s., t. ,.,.r:. :a. ,^em '" .f �'i.e LEGEND: RMP Hourl Rate PC - Princi.al Consultant SRM STM $130 PE II - ConsultanUPro'ect En, sneer II JAL MGM $90 PE I - Consultant/Proiect En!ineer I MDL, MRB, EMB) $75 TS - AdministrativelTechnical S S. -cellist KDS $55 - Please note that 1 set of the Draft SVA Re. • rt and 1 set of the Final SVA Resort are included in the estimated bud .et Additional cosies ma be re.uested at $150 .er co. . - The o• tonal Items should be treated as se.arate tasks Customer ma choose to .erform an or all tasks se.aratel , at its discretion, to offset the •ro ect cost - During contract negotiations, we would be happy to discuss mechanisms for maximizing value and reducing cost (possibly 5-20%), by varying task scope or through direct involvement of Ci •ersonnel • • • trif Risk Management Professionals, Inc. o !! 27405 Puerta Real, Suite 220, Mission Viejo, CA 92691 Phone: 949/282 -0123 - FAX: 949/282 -0068 - E -mail: info @RMPCorp.com - WWW: http: / /www.RMPCorp.com A Member of RMP Services Partnership Standard Fee Schedule Professional Services: Principal Engineer /Consultant $115 to 135 /hr Senior Consultant/Engineer II $95 to 120 /hr Senior Consultant/Engineer I $80 to 100 /hr Consultant/Project Engineer II $70 to 95 /hr Consultant/Project Engineer I $60 to 80 /hr Technical Scribe /Specialist or CAD _ $40 to 70 / hr Support / Clerical Staff II $30 to 45 /hr Support / Clerical Staff I $25 to 40 /hr General This schedule of charges for professional services is provided on a time and materials basis. If services are provided on a fixed fee basis, the Client agrees to pay the fixed fees as scheduled in the proposal. Expenses The fee for professional services already includes such incidental expenses as telephone, copying, materials, etc. However, for special reports, copying will be billed as incurred based on 5 cents a page and the cost of the binders. Equipment rental (if needed), permit fees, or other expenses unique to the proposed project will be billed as incurred. Travel and living expenses will be reimbursed at reasonable rates for accommodations and living (for work outside Southem California). Mileage will be reimbursed at the current IRS - established rate per mile. All travel and living expenses are subject to a handling charge of 10% to cover administrative processing costs. Invoices Invoices are issued monthly and will reflect costs associated with personnel, subcontractors, travel and living costs, and materials costs. Legal The above rates will be increased by 50% for hours spent in court as an expert witness or in preparing_for, or giving legal deposition. April 2004 Attachment 3 Work Schedule \ \Datafile\PWD Common \042 CIP 1 2 PSA Consultants\Prof Sery Ayeement Risk Managenrgt Professionals doc • • PROJECT SCHEDULE Since the project schedule is such an important element, RMP is prepared to complete the project according to your needs. The figure on the following page depicts a comfortable 3 -month project schedule that also presents the schedule for anticipated meetings and various deliverables of the project. Should a shorter project schedule be required, the RMP Project Team has a history of responsiveness to client needs. The final meeting will be at your discretion following approval of the final report by your staff. The project schedule will be monitored throughout the project and the status of each task will be reviewed with your staff monthly or more frequently, if needed. Reviewing the project schedule regularly will keep the project on track. In addition, this will allow the Project Team to identify if additional effort may be required. Statement of Availability Risk Management Professionals, Inc. has the necessary staff available to meet the USEPA completion deadline. Since the project schedule is such an important element, we are prepared to complete the project by the USEPA deadline of June 30, 2004. Staffing is key to successful project management and an integral part of our quality management program. Ourfundamental approach is to assemble the best qualified team to match the project requirements. We then review the scope of the project and a labor -hour estimate is then made for each task in the scope of work. The estimate includes time for site visits and meetings, as well as actual engineering work for the project. The project schedule has a significant impact on staffing planning. Project milestones are identified and labor hour requirements per task are estimated to determine staffing levels to complete the task by the milestone date. The staffing levels are broken down by discipline, to determine overall office personnel planning. A database on staffing needs and current staff assignments is maintained and updated bi- weekly. The database allows us to project workloads and identify if staff becomes over- committed or needs additional work. Currently the average workload is 50% for the individuals identified in this proposal; therefore the Project Team will be able to comfortably accommodate the SVA needs of the utility. �,�I 7 -1 0 0 a 3 - < 5 . o. W G a t o 0 . Y O , q 3 m L• 3 E • a E o o Z a< o0 m 2 m ° g of w m 2 '= 1 ¢ iW a 6m < m 2 e- : e e e w c — t 5 z E z w d E • - u C < - - 0 3 t m- 5 -e - - — E p < K V g g g o e e ae y • O e i e : Y • $ 7 s o. • o m • m °; z m 3 .. • d e w _°e E— s E A° g 2 o O W 0 w 3 2. .- ..�..�..�...._. • a • N C 9 J IL CD o ... _........ I m H W 3 6 C a W $ i i • J to e le IL W O 2 7 Y N ° m• V J E c e a z LL 5 o m y e. m e p •= 2 a o 0 . a ° a 3 a ; a z 0 t 9 C a 4 s L` E e 1 C m r•- 7 w e a 2 ^` y 2 w = a 1114* 2 z , `o , a= 1. 0. / L ' o a . o m m W �, m O . ., 0 5 E 6 e H CL. 2 w > m 2 2 a ` d 3 t C `ul W 30 e ? 3. E o W : 8 Y = W e e • E ++ y e a t G 3 6 e m W_. 3 D C m E W n V o C w a o. H LI a e 5 d a E c� m E 03 w ` o o C e d - ° p W • • z e C 2 $ v ° ° e m a 6 e z C C/) • w 5 1 • E Y p - - • m rc • $ a o - -- N m < w • °e ♦ • A o ew Y a ° m o o f m > < E e • o _ 22 .5 F - W, a g t ; a W (n 3 3 a E < < e 1. m o Cn ` ° ° e a e ♦ 8 < u Y te a• E Q _ O o < 1 a °e E ee E a m E M3 a s ° m> 0 m i E e .' w •a C r o 0 2 e e _ 2. 2 L c C d E Y E a 2` y 0 y � e : g J C > 7 W p C ° 9 W m I 7� o � :I .i 0 z o a ~ 9 Q / \ � < w o o I. m Y I S o a i w W m / L � - 3 Y i • a Y A q A K d O• 1�• ' W ^ Y 6 p m Y F m h PI 6 •, A C W .r7 M L C • • w `° ~ a . m E 1E 12 e 0 Z w °~ 3 w e 3 m ,to & d - C m m = Y 2 2.40, a Q2Y 2 • _ W r°. W p' a IL H 0 a m e 3 ++ • < ° E e $ a a "L 0 m E. P o Y 5 p C C 4 J 6 a O. m 4 m U 3 - E —° a W m 03 3 M m 9 1 ' E 1 m Tel m a p H 2 a 0 2 $1 e m a O 0 'm m p °< e e W e ° e v t q • ~ m 12 0. 2 O J N 0 .v C O . e p e a. — 3 E • m e F- el 0 °e =+ °u '• e m n ` 5 LL 0 Z $ — N 3 3 H; O 5 e m o: 30 m o r' '2 Y e 2 pe m H a. A m 9 15 11 a .2 2 a • 2. s A O C E n N N A F g N a O O Y M M m m m 0 !� q ~ H ~ ~ t • .. O 1 3 > a 2 a` . o f — ♦ a 3 0.d - m S ,_ M I- .- '5 H O Y m m F • d 3 a ~ ~ O. 0