The URL can be used to link to this page

Resolution No. 8415r 1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 WM WE RESOLUTION NO. 8415 A RESOLUTION OF THE CITY COUNCIL OF THE CITY OF VERNON APPROVING AND AUTHORIZING THE EXECUTION OF AN AGREEMENT FOR PROFESSIONAL CONSULTING SERVICES BY AND BETWEEN THE CITY OF VERNON AND TRC ENGINEERED AUTOMATION SYSTEMS, INCORPORATED FOR PREPARATION OF A VULNERABILITY ASSESSMENT AND EMERGENCY RESPONSE PLAN WHEREAS, in accordance with the Public Health Security and IlBioterrorism Response Act of 2001 (H.R. 3448), as amended by the Public Health Security and Bioterrorism Preparedness and Response Act of 2002, (hereinafter collectively referred to as the "Act") and to comply with the requirements of the United States Environmental Protection Agency ("USEPA"), the City of Vernon is required to conduct by June 30, 2004, an assessment of the vulnerability of its water system to a terrorist attack or other intentional acts intended to substantially disrupt the ability of the system to provide a safe and reliable supply of drinking water (hereinafter referred to as "Vulnerability Assessment"); and WHEREAS, in accordance with the Act, the City of Vernon is also required to develop an emergency response plan ("ERP") within six (6) months after completion of its Vulnerability Assessment (December 31, 2004) incorporating the results of the Vulnerability Assessment; and WHEREAS, on November 5, 2003, the City Council of the City of Vernon adopted Resolution No. 8298 approving Request for Proposals ("RFP") from qualified firms to assist the City in conducting a Vulnerability Assessment and developing an ERP to comply with the newly promulgated federal Vulnerability Assessment and USEPA requirements; } 1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 and WHEREAS, the RFP was sent and responses were received from Bookman-Edmonston, HDR Security Operations, Risk Management Professionals and TRC Engineered Automation Systems, Incorporated ("TRC-EASI"), all of which were reviewed and evaluated by the Community Services & Water Department; and WHEREAS, the Community Services & Water Department deemed TRC-EASI to be the lowest responsible qualified consultant submitting a proposal; and WHEREAS, by letter dated March 18, 2003, Bruce V. Malkenhorst, City Administrator/City Clerk recommended that the proposal from TRC-EASI be accepted at a cost of Eighteen Thousand Nine Hundred Eighty Dollars and No Cents ($18,980.00) and an agreement be executed. NOW, THEREFORE, BE IT RESOLVED BY THE CITY COUNCIL OF THE CITY OF VERNON AS FOLLOWS: SECTION 1: The City Council of the City of Vernon hereby finds and determines that the recitals contained hereinabove are true and correct. SECTION 2: The City Council of the City of Vernon hereby accepts the proposal of TRC-EASI and approves the Agreement for Professional Consulting Services, a copy of which is attached hereto as Exhibit "A" and made a part hereof. SECTION 3: The City Council of the City of Vernon hereby authorizes the Mayor and the City Clerk to execute said Agreement for, and on behalf of, the City of Vernon. SECTION 4: The City Council of the City of Vernon hereby directs the City Clerk, or his designee, to send one fully executed - 2 - K r 1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 Agreement to: TRC Engineered Automation Systems, Incorporated Attn. James Black, Project Manager 21 Technology Drive, Suite 200 Irvine, CA 92618 SECTION 5: The City Clerk of the City of Vernon shall certify to the passage of this resolution, and thereupon and thereafter the same shall be in full force and effect. APPROVED AND ADOPTED this 24th day of March, 2004. ATTEST: BRUCE V. MALKENHORST, City Clerk LEONIS C. MAL IRG, M yor - 3 - K Y 1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 j 20 21 22 23 24 25 26 27 28 STATE OF CALIFORNIA ) ) ss COUNTY OF LOS ANGELES ) I, BRUCE V. MALKENHORST, City Clerk of the City of Vernon, do hereby certify that the foregoing Resolution, being Resolution No. 8415, was duly adopted by the City Council of the City of Vernon at an adjourned regular meeting of the City Council duly held on Wednesday, March 24, 2004, and thereafter was duly signed by the Mayor of the City of Vernon. (SEAL) BRUCE V. MALKENHORST, City C erk - 4 - EXHIBIT " I 1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 e • iF 1 3 AGREEMENT FOR PROFESSIONAL CONSULTING SERVICES THIS AGREEMENT is made, entered into and executed in duplicate originals, either copy of which may be considered and used as the original hereof for all purposes, as of this day of March, 2004, in the City of Vernon, County of Los Angeles, California BY AND BETWEEN THE CITY OF VERNON (hereinafter referred to as "City") 4305 Santa Fe Avenue Vernon, California 90058-0805 AND TRC Engineered Automation Systems, Incorporated (hereinafter referred to as "TRC EAST") 21 Technology Drive, Suite 200 Irvine, CA 92618 WHEREAS, the City of Vernon sought bids from consulting firms for the preparation of a Vulnerability Assessment ("VA") and Emergency Response Plan ("ERP") in accordance with Public Health Security and Bioterrorism Act of 2001, as amended by the Public Health Security Preparedness and Response Act of 2002; and WHEREAS, the United States Environmental Protection Agency ("USEPA") has mandated that cities serving populations between 3,301 and 49,999 complete a VA by June 30, 2004 and an ERP update within six months of this date; and WHEREAS, the Department of Community Services & Water received four bids in response to its Request for Proposal ("RFP"), a copy of which is attached hereto as Exhibit "A" and incorporated herein by reference as though fully set forth; and WHEREAS, TRC EAST submitted a proposal (hereinafter referred 1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 to as the "Proposal"), a copy of which is attached hereto as Exhibit "B" and made a part hereof; and WHEREAS, TRC EASi's proposal was not only the lowest of the four submitted, but was also comprehensive in terms of design and 1construction; and WHEREAS, TRC EASi having performed over 250 VAs, in addition to designing and integrating security systems for several hundred projects in California, represents that it is qualified, properly licensed and capable of furnishing the VA and ERP that the City requires, as set forth in the RFP and is willing to do so on the terms and conditions set forth below; and WHEREAS, the City desires to enter into an agreement with TRC EAST to provide the services necessary for the preparation of the VA and ERP. NOW, THEREFORE, THE PARTIES HERETO DO MUTUALLY AGREE AS SET (FORTH HEREIN: 1. SCOPE OF WORK. TRC EASi shall perform its services under the general supervision of City's Director of Community Services and Water and/or City Administrator. TRC EASi's services shall include, but shall not be limited to the following tasks: (1) scoping review and planning, (2) information gathering, (3) characterize facilities, (4) hydraulic modeling, (5) assess risk, (6) preparation of a vulnerability assessment document, and (7) develop and complete the VA and ERP. It is understood and agreed that in the event of a conflict between TRC EASi's Proposal and this Agreement, the terms of this Agreement shall prevail. TRC EAST agrees that all services provided will be - 2 - 1 2 3 4 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 conducted by its principal and, if staff members or subcontractors are used, their work will be under the supervision of the principal. TRC EASi shall undertake and carry on the work diligently to conclusion, using that standard of care, skill, and diligence normally provided by a professional person in the performance of such services. 2. PROGRESS REPORTS. TRC EAST shall meet with City staff, upon City's request, or as needed, in order to provide reports or information concerning the services being performed by TRC EAST under this Agreement. TRC EAST shall provide monthly written progress reports to the City. In addition, TRC EAST shall advise City, as quickly as possible, of any significant issues that will affect City's ability to complete the VA and updated ERP within the time frame prescribed by law. 3. TIME OF PERFORMANCE. TRC EASi's services shall commence upon the full execution of the Agreement. TRC EAST shall have till May 31, 2004 to complete the VA and the ERP update as identified in the RFP and Proposal. 4. COMPENSATION. A. Consulting Costs. City shall pay TRC EASi on a time and materials basis according to the "Fee Schedule," a copy of which is attached hereto as Exhibit "C" and incorporated herein by this reference as though fully set forth at length. The total amount to be paid to TRC EAST for the services under this Agreement shall not exceed the sum of Eighteen Thousand Nine Hundred Eighty Dollars and No Cents ($18,980.00). This sum includes TRC EASi's travel expenses. If changes and extra Services are requested by City pursuant to Paragraph 6 of this Agreement, then City shall pay for those - 3 - 1 2 3 4 5 6 7 8 9 10 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 11services on a time and materials basis according to Exhibit "C." B. Other Expenses. Expenses may only be billed if written approval has been obtained in advance from the City Administrator. 5. METHOD OF PAYMENT. TRC EAST shall submit within thirty (30) days after the last day of any month in which services have been performed or costs incurred hereunder an invoice to City for payment. Invoices shall contain an itemization of services rendered, directly related job expenses and subcontractor charges incurred by TRC EAST for which compensation is due, and an estimate of the percentage completed for each milestone or task. TRC EASi shall be responsible for paying any subcontractors used in the performance of this Agreement. Subcontractors shall not bill City directly. Payment of each invoice shall be made after acceptance and approval by City within thirty (30) days of receipt. City's approval of the invoice shall not be unreasonably withheld. 6. CHANGES AND EXTRA SERVICES. City reserves the right to request changes in the services to be performed by TRC EAST. All such changes shall be incorporated in written change orders executed by City and TRC EAST that shall specify the changes ordered and the adjustment of compensation and completion time required thereof. Any services added to the scope of this Agreement by a change order shall be executed under all applicable conditions of this Agreement. No claim for additional compensation or extension of time shall be recognized unless contained in a duly executed change order. - 4 - 1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 7. PRODUCTS OF CONSULTING. All documents, data, databases, studies, surveys, drawings, maps, models, photographs and reports prepared by TRC EAST under this Agreement shall be considered the property of City. Such documents and materials shall be delivered to City by TRC EAST as they are generated; however, TRC EASi may take and retain copies of such documents and materials as desired. 8. CONFLICTS OF INTEREST. In the event that a potential conflict should arise between the interests of City and the interests of any one of TRC EASi's other clients, during TRC EASi's performance of services under this Agreement, TRC EAST shall notify City of such potential conflict. Notice of the existence of a potential conflict of interest shall be given in writing to City within ten (10) days of the perceived conflict. The conflict of interest letter shall specify when the potential conflict arose, the identity of the other party(ies) and the facts that give rise to the potential conflict. In the event that a potential conflict of interest is deemed by City to be an actual conflict of interest, City may, at its discretion, terminate this Agreement immediately. 9. TERMINATION. This Agreement may be terminated by City without cause on ten (10) days written notice to TRC EASi. In the event of such termination by City, TRC EAST shall be entitled to only the compensation earned by it prior to the date of the termination notice, plus compensation for necessary work performed during the ten (10) day notice period and authorized in the termination notice. - 5 - 1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 10. NOTICES. Notices to the parties, unless otherwise requested in writing, shall be sent to: City: CITY OF VERNON ATTN: BRUCE V. MALKENHORST CITY ADMINISTRATOR 4305 SANTA FE AVENUE VERNON, CA 90058=0805 Consultant: TRC ENGINEERED AUTOMATION SYSTEMS, INCORPORATED TRC EASI) ATTN: JAMES BLACK, PROJECT MANAGER 21 TECHNOLOGY DRIVE, SUITE 200 IRVINE, CA 92618 11. CONFIDENTIAL INFORMATION. A. Access to Confidential Information. City may provide TRC EASI and/or its subcontractor with, or allow TRC EASI access to, certain information not available to the public concerning City, or businesses located in City. The information may include company information, taxes, sales, value of assets, or other such information. All such information shall be known as "Confidential Information" and may not be used to circumvent the responsibility of either party to this Agreement. B. No Disclosure. Except as expressly permitted, TRC EASI and/or its subcontractor shall not disclose, permit the disclosure of, release, disseminate, or transfer, whether orally or by any other means, any part of such Confidential Information to any other person or entity, whether corporate, governmental, or individual, without the express prior written consent of an authorized representative of City. TRC EASI and/or its subcontractor shall return any written Confidential Information and all copies made of such items to City upon City's - 6 - 1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 written request, but in any event not later than the date that TRC EAST has performed all Services to be performed pursuant to this Agreement. TRC EAST hereby agrees that such Confidential Information and any documents provided may be used by TRC EAST and/or its subcontractor only as authorized by City. TRC EAST shall include a contract provision lin its contract with subcontractors that binds the subcontractors to this non -disclosure requirement. TRC EAST shall take reasonable measures to avoid any disclosure of any such Confidential Information to any unauthorized person. C. Court Ordered Disclosure. TRC EAST shall immediately notify City of any court order or subpoena requiring disclosure of Confidential Information, and shall cooperate with City's legal counsel in responding to any such order or subpoena. TRC EASi may only disclose Confidential Information required to be disclosed pursuant to court order or subpoena after legal counsel has exhausted any lawful and timely appeal or challenge. D. Remedies. In addition to any other remedies that it may have at law or in equity, City shall be entitled to a temporary and permanent injunction by a court of competent jurisdiction against any breach or threatened breach of the Confidential Information provisions of this Agreement. TRC EASi acknowledges that in case of such breach or threatened breach of said provisions, City would have no adequate remedy at law. 12. RIGHT OF ENTRY. The City.will provide for right of entry of TRC EASi's personnel and all necessary equipment, in order to complete the work. While TRC EAST will take all reasonable precautions to minimize any damage to the property, including underground utilities, it is - 7 - 1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 acknowledged and agreed by City that in the normal course of work some damage may occur, the correction of which is not part of this Agreement. Accordingly, City shall waive any claim against TRC EAST and agree to defend and indemnify TRC EASi from any claims arising from entering or working on the site which is the subject of the work, except when the claim arises from the negligence of TRC EAST where the 11claim arises from the willful, wanton, or reckless conduct of TRC EASi. 13. GENERAL PROVISIONS. A. Independent Contractor. At all times during the term of this Agreement, TRC EAST shall be an independent contractor and shall not be an employee of City. City shall have the right to control TRC EAST only insofar as the results of TRC EASi's services rendered pursuant to this Agreement; however, City shall not have the right to control the means by which TRC EAST accomplishes services rendered pursuant to the Agreement except to the extent that such services involve the use of City property or Confidential Information. B. Consultant Not Agent. Except as City may specify in writing, TRC EASi shall have no authority, express or implied, to act on behalf of City in any capacity whatsoever as an agent. TRC EASi shall have no authority, expressed or implied, pursuant to this Agreement to bind City to any obligation whatsoever. C. Indemnification. TRC EAST shall indemnify, defend, protect and hold the City and its officers, agents and employees, free and harmless from and against any and all claims, demands, losses, damages, liabilities, fines, charges, penalties, orders, judgments and all costs and expenses incurred in connection therewith, including reasonable attorney's fees and costs of defense arising out of or - 8 - 1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 attributable to the negligent or wrongful acts of TRC EAST or its subcontractors, employees or agents in the performance of services under this Agreement, except to the extent arising from or caused by the sole negligence or willful misconduct of the City, its officers, agents or employees. D. Insurance. Prior to commencing work hereunder, TRC EAST shall provide City with proof of insurance providing and maintaining the coverage and endorsements set forth in the Insurance Schedule attached hereto as Exhibit "D" and made a part hereof by reference. Said proof of insurance shall also provide that said policy or policies shall not be canceled or materially reduced in coverage without giving at least thirty (30) days prior written notice to City. TRC EAST shall not permit a subcontractor or vendor to perform work on City premises unless and until a certificate of insurance is obtained showing that such subcontractor or vendor has worker's compensation coverage. If TRC EAST employs subcontractors as part of the services rendered, TRC EASi's protective coverage is required. TRC EASi may include all subcontractors as insureds under its own policy or shall furnish separate insurance for each subcontractor, meeting the requirements set forth herein. E. Governing Law. The validity, interpretation and performance of this Agreement shall be controlled and construed under the laws of the State of California. F. Assignment and Subcontracting Prohibited. TRC EASi may not assign or subcontract any right or obligation pursuant to this Agreement except with the express written consent of City. Any other attempted or purported assignment of any right or obligation pursuant - 9 - 1 2 3 4 5 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 PAVM 11to this Agreement shall be void and of no effect. G. Amendments. This Agreement may be modified or amended only by a written document executed by both TRC EASi and City and approved as to form by the City Attorney. H. Entire Agreement. This Agreement is the entire agreement of the parties. TRC EAST represents that in entering into this Agreement, it has not relied on any previous representations or understandings of any kind or nature. I. Benefit of Agreement. This Agreement shall bind and benefit the parties hereto and their heirs, successors, and permitted assigns. This Agreement shall not create any rights or benefits to parties other than City or TRC EAST. Nothing contained in this Agreement shall create a contractual relationship with or cause of action in favor of a third party against either the City or TRC EAST. No third -party shall have the right to rely on TRC EASi's opinion rendered in connection with TRC EASi's services without TRC EASi's written consent and the third-party's agreement to be bound to the same terms and conditions as City. J. Forum Selection. Any action brought relating to this Agreement shall be brought and held exclusively in a State Court in the County of Los Angeles, California. K. Recitals. All recitals are incorporated by reference. L. Waiver. Any waiver at any time by either party of its rights with respect to a default under this Agreement, or with respect to any other matters arising in connection with this Agreement, shall not be deemed a waiver with respect to subsequent default or other matter. - 10 - 1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 Form 18 19 20 21 22 23 24 25 26 27 28 M. Force Majeure. Neither Party shall be considered to be in default in any of its obligations under this Contract when a failure of performance shall be due to an uncontrollable force. The term "uncontrollable force" shall mean any cause beyond the control of the party affected, including, but not restricted to, flood, earthquake, storm, fire, lightening, epidemic, war, riot, civil disturbance or disobedience, labor dispute, labor material shortage, sabotage, federal, state, or municipal action, statute, ordinance, or regulation, embargoes of the United States Government or any other government, which by exercise of due diligence such party could not reasonably have been expected to avoid and by exercise of due diligence has been unable to overcome. Either party rendered unable to fulfill any of its obligations under this Agreement by reason of an uncontrollable force, shall give written notice within five (5) Business Days of such fact to the other party and shall exercise due diligence to remove such inability with all reasonable dispatch. N. Warranty. TRC EAST warrants that the services to be rendered pursuant to this Agreement shall be performed in accordance with the standards customarily provided by an experienced and competent professional organization rendering the same or similar services. 0. Attorneys Fees. In the event that it becomes necessary for either party to this Agreement to enforce any of the provisions of this Agreement, the parties agree that a court of competent jurisdiction may determine and fix reasonable attorney's fees to be paid to the successful litigant. 1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 IN WITNESS WHEREOF, the parties have caused this Agreement to be executed by and through their authorized officers on the date, month and year first written above. ATTEST: BRUCE V. MALKENHORST, City Clerk APPROVED AS TO FORM: ERIC T. FRESCH, City Attorney CITY OF VERNON By: LEONIS C. MALBURG, Mayor TRC Engineered Automation System, Incorporate,o (TRC EAST) DA I LLNER Title: Gam' By. ROBERT M. SMI Title: ��C,p - 12 - EXHIBIT 0 CITY COUNCIL LEONIS C. MALBURG Mayor THOMAS A_ YBARRA Mayor Pro-Tem WM. 'BILL" DAVIS Councilman H. "LARRY" GONZALES Councilman W. MICHAEL MCCORMICK Councilman BRUCE V. MALKENHORST City Administrator/City Clerk FAX (323) 826-1438 CITY HALL 4305 SANTA FE AVENUE, VERNON, CALIFORNIA 90058 TELEPHONE (323) 583- IJ REQUEST FOR PROPOSAL EDUARDO OLIVO City Attorney FAX: (562) 869-1883 KEVIN WILSON Director of Community Services & Water FAX: (323) 826-1435 KENNETH J. DeDARIO Director of Light & Power FAX:'(323) 826-1425 STEVEN E. PARKER Fire Chief FAX: (323) 826-1407 BRUCE W. OLSON Police Chief FAX: (323) 826-1481 FOR THE PREPARATION OF A VULNERABILITY ASSESSMENT AND EMERGENCY RESPONSE PLAN FOR THE CITY OF VERNON INTENT The City of Vernon is seeking a professional Consulting Firm to prepare a Vulnerability Assessment (VA or Assessment) and emergency response plan (ERP) in accordance with the Public Health Security and Bioterrorism Act of 2001 as amended by the Public Health Security Preparedness and Response Act of 2002. The Assessment shall be a precise and systematic evaluation conducted in full compliance with the United States Environmental Agency (USEPA) requirements. The Assessment shall provide the City with analytical data and detailed recommendations for prevention measures and response to terrorist and intentional attacks on the City of Vernon's water system. As required by FIR 3448, the. City wishes to conduct a Vulnerability Assessment (VA) and develop an ERP for its drinking waxer system. All system components, including transmission storage, distribution; and treatment facilities shall be evaluated. The City requires the successful bidder to provide proof of insurance, including a standard certificate of insurance, in at least the amounts and coverage indicated on the insurance schedule. In addition to the standard certificate of insurance, proof of liability coverage shall also be furnished in the form indicated on the attached insurance schedule (Exhibit "A"). The proof of insurance shall be in the form of a notarized letter of insurance or a certified copy of the insurance policy. Proof of insurance shall be provided by the insurance company. This RFP describes the proposal format, preliminary scope of services, and the minimum information that must be included in the Proposal and in the selection process. Failure to submit the Proposal in accordance with the procedures outlined may be cause for disqualification. BACKGROUND The City's Department of Community Services manages and operates the water distribution system. The City's water system serves a population of approximately 45,000 through nearly 2,000 service connections. Vernon's water distribution system consists of nine wells, three booster plants, six ground level reservoirs, one below ground reservoir, one elevated tank and four backup power generators. The total storage capacity is approximately 16.75 million gallons. In addition, Vernon produces approximately seventy three percent of its water supply from its ground water supplies and purchases approximately twenty seven percent of these supplies from the Metropolitan Water District (MWD). The Assessment will include as evaluation of the City's water supply, transmission, treatment, storage and distribution facilities. The proposed work shall include an evaluation of the existing security systems, including physical and mechanical vulnerabilities. This information shall be used to quantify the risk posed to each facility, prioritize the most critical systems and/or facilities and develop preliminary design recommendations and cost estimates for facility - specific improvements. When completed, this Assessment must meet the newly promulgated federal vulnerability assessment and USEPA vulnerability assessment requirements. CONSULTANT QUALIFICATIONS The City proposes to retain a qualified Consultant to develop the Assessment and ERP. Only Consultants with demonstrated experience and training in the area of water system vulnerability assessments and emergency response plans will be considered. Minimum Consultant qualifications are listed below: • Trained in conducting the Risk Assessment Methodology for Water (RAM-W) vulnerability assessments by Sandia National Laboratory and other agencies; • Demonstrated experience in conducting vulnerability assessments including physical security, water utility operations and internet functions; • Demonstrated experience with the design and implementation of Supervisory Control and Data Acquisition (SCADA)'system components; • Demonstrated experience in security systems evaluation, design and implementation; • Demonstrated experience in drinking water operations including source water management, facilities and information technology systems; • Demonstrated experience in drinking water quality risk and monitoring/detection related issues; 2 • Demonstrated methods and procedures for ensuring the confidentiality of all work project related documents; • Demonstrated experience with the Standardized Emergency Management System (SEMS) and emergency operations planning concepts, training and implementation; • Experience with scenario planning and emergency response exercises; • Experience with the development and implementation of emergency response plans; and • Certified Protection Professional certification desirable. PROPOSED FORMAT The Proposal shall be concise, well organized and demonstrate the Consultant's qualifications and experience relating to the proposed project. The Proposal shall include, at minimum, the following information: 1) Consultant Identification: Legal name of business, form of business (corporation, partnership, or other), location and address, telephone and fax numbers, e-mail address and contact person. 2) Executive Summary: An executive summary of the Proposal identifying the entity/team being presented for consideration. The summary shall include a brief history of the organization, background information and relevant experience. Provide proof of capabilities of your firm/team to meet USEPA Guidelines and to comply with the Sandia National Laboratory Vulnerablity Assessment methodology. 3) Experience: Previous experience in the preparation of vulnerability assessments and ERP. 4) Key Staff. Provide a list of key staff that will be assigned to this project and their relevant qualifications. Include resumes of all key personnel listed. Key personnel, as defined by the City, shall not be removed from the project without prior written approval from the City. Only personnel with equil or better qualifications will be considered for substitution. 5) Project Understanding: A statement demonstrating understanding of the Vulnerability Assessment and ERP requirements shall be included with your proposal. 6) Approach and Scope of Work: Description of services to be provided and how the services and activities will be accomplished. The Preliminary- Scope of Work that follows this section is considered to be a general guideline, however, the Consultant shall develop and submit the final scope of work as part of the Proposal. 7) Project Costs: The Assessment and ERP costs are to be included and shall indicate the proposed "not -to -exceed" cost for completing the tasks identified and presented by the Consultant in the Scope of Work. The fee schedule shall be enclosed in a separate envelope titled "fee schedule" and include man-hour estimates per task, hourly -billing rates of personnel to be utilized on the project, and other associated costs, The total "not 3 to -exceed" cost shall include the costs of all personnel, subconsultants, administration, overhead, meeting attendance, research, travel, postage, reproduction, and all other related costs, both direct and indirect, necessary to complete the Project. PRELEMNARY SCOPE OF WORK Proiect Management: Specify estimate of the Consultant's fee for project management, and required costs to implement recommendations of this assessment. Project ScheuiYiE: Consultant shall submit an initial schedule with the pertinent milestones for major tasks involved in the Assessment and ERP. The schedule shall be updated and submitted monthly to City staff. Meetings: The Consultant shall meet with City's representatives not less than once a month for the duration of the project to discuss the progress of the work, including schedules, budgets, and overall status of the project. Monthly Proiect Status: The Consultant shall submit to _the City on a monthly basis an accurate record of tasks completed. Research and Data Collection: Specific site information, engineering reports and SCADA system operating manuals will be provided at the project kickoff meeting to be scheduled following the issuance of the Notice to Proceed to the Consultant. V t bl'11,-• t. uiu2rnivaiier t�.S3cS3ut2ua. The Consultant shall conduct an assessment relating to the vulnerability of the City's water distribution system to a terrorist attack or other intentional acts intended to substantially disrupt the ability to provide safe and reliable drinking water supply. The vulnerability assessment shall include a review of the City's existing facilities including pipes, constructed conveyances, water treatment, storage, distribution facilities, computer automated systems and the operation and maintenance of facilities. The consultant must certify that the Vulnerability Assessment fulfills all USEPA requirements. The following items shall be evaluated and discussed in the Assessment: 4 • Determinelidentify the terrorist and intentional acts that could damage or disrupt the missions and functions of the system and cause significant public health hazards. • Identify the important missions/functions of the system; • Identify the undesirable consequences of the damage and disruption of the system, • Specifically identify the actions, methods and means to mitigate and prevent the damage and disruption and prioritize; • Identify and recommend the necessary actions, methods and means to recover from the damage and disruption and prioritize. System Evaluation: Perform a systematic_ site evaluation of the City's water system. The. Consultant shall evaluate each facility's existing processes, controls, operations, and security to include the collection of performance data on the following: • Important/critical facilities, processes and assets; • Physical protection system features of deterrence, detection, delay and response; • Internet/SCADA protection system features; • Security policies and procedures and compliance with these policies and procedures; • Computer accounting system. Iden ' : Identify the potential adverse risks that could affect the distribution system and the City's service area, to include: • The loss of critical functions and/or major service disruption; and • Intentional_ attack on City assets or systems with the intention of affecting public safety or health by contamination of the water supply, chemical release or chemical theft. Terrorist and Intentional Acts: Define how terrorist and intentional acts could be carried out that would result in: • Infliction of physical damage; • Chemical, biological, and radiological contamination; • Cyber attacks on the SCADA system or any other process control system within the distribution system that has the potential to affect the water. supply, • Interdependency"disruptions (e.g. electrical, reservoir or pump station failure); • Assess the likelihood of such terrorist and intentional acts from defined threat sources (e.g. terrorist, insider, vandalism);. 5 Approach to Assessment: • The approach to the Assessment shall be a system evaluation that will evaluate the risk to the water system based on the effectiveness of the security system against the specific terrorist and intentional acts determined in the initial step; • The Assessment shall determine the most critical assets in the water system, detail their interrelationships with other assets in the system, identify the consequences of terrorist and intentional acts that could be directed against them, and evaluate the effectiveness of both existing and proposed protection; • The Assessment shall identify system vulnerabilities and provide a prioritized plan for security upgrades, modifications of operational procedures, including financial accounting systems and/or policy changes to mitigate identified risks to critical assets; • The Assessment shall provide a comparison of the relative safety of the existing security configuration versus the risk after identified improvements have been completed. The Assessment shall include an analysis comparing the cost of protection against the potential risk. The consultant shall prepare a prioritization plan for security upgrades, modifications of operational procedures, and/or policy changes to mitigate identified risks to critical assets. The consultant shall also identify initial costs and annual operating and maintenance costs for the recommended security improvements. The consultant shall develop a schedule for final design and construction of proposed facilities. In addition, the consultant shall consider costs, construction methods, service area, land use, in developing a plan to sequentially incorporate the recommended security improvements; • The consultant shall conduct a review of the exposure and risk associated with illicit introduction of chemical, biological, and radiological water quality contaminants into the water system and make recommendations on the feasibility, cost/benefit, and practical logistics of installing water quality monitoring devices and other devices to prevent and mitigate the contamination. • The consultant shall describe operation and maintenance requirements, including time and costs for any specialized training needed by City staff. The consultant shall determine the necessary permits from the City to construct, operate and maintain the improvements proposed under this project; 4. Emergency Response Plan: • The consultant shall review the City's existing Emergency Response Plan and develop an ERP for the City based on the findings of the Assessment and in order to improve emergency responsiveness, efficiency, security and minimize security risks; and • The consultant shall certify that the ERP fulfills all USEPA requirements. 31 DELIVERABLES: Based on its investigations, assessments and recommendations, the consultant shall prepare necessary documents to support its findings in the Assessment and ERP. The Consultant shall Prepare documents, which shall include, but not limited to, the following: • Assessment Report, due concurrently with the ERP; • Emergency Response Plan, due concurrently with the VA; • The consultant shall prepare an assessment and engineering report with cost estimates for implementation of major components and prevention measures with estimated costs of the damage from different types of terrorist attacks; • A completed checklist of all facilities shall be included in the Assessment and ERP; • Technical reports which include a prioritized list of critical systems and/or facilities, . security strategy, prioritized plan for security upgrades, risk and cost analysis, and the results of the review of contaminant monitoring systems; • Recommended modifications for operational procedures; • Recommended policy changes to improve security and training documents; • The consultant shall submit draft copies of the reports for the City's review. In conformance with the City's recommendations and upon mutual agreement of modifications deemed necessary by the City and consultant, the consultant shall reevaluate, revise, and finalize the reports. The final copy of the Assessment shall be in sufficient detail to facilitate the final system -wide and site -specific engineering for security improvements; and • The consultant shall perform routine and final review prior to making submittals to the City to insure accuracy, conformance and integrity of all work. The consultant shall Perform quality assurance1quality control checks on all submittals made to the City. The City will not accept for review any submittal that has not been reviewed and signed by the consultant's and/or his or her designee to certify the accuracy and completeness of the submittal. CONSULTANT SELECTION: The selection of a firm to provide services will be based on demonstrated competence, profess±enal q•,?liFcatiors, staffing and previous experience necessary for the satisfactory performance of the services required. Prior experience with providing similar services is hi gli desirable. The City of Vernon will evaluate the proposals, interview the best candidatey consultants and select the consultant. 7 CITY RESPONSIBLITIES The City of Vernon shall provide the consultant with the following: • Access to copies of all available existing data, information, reports, risk management plans, records and maps which maybe relevant to this project; • Access to City staff including Public Works, Police, and other City Departments as required; • City staff will support consultant's access to the collection of existing data, information, reports, etc.; • Access to all facilities included in this project; and • Support staff to assist consultant when required. JOB WALK A non -mandatory job walk will be held on Tuesday, November 18, 2003, at 10:00 A.M., starting at the City of Vernon City Hall, 4302 Santa Fe Avenue, Vernon, CA, 90058. Please contact Scott Rigg at (323) 583-8811, Ext. 279 for further details. PROPOSAL SUBMITTAL The Proposal shall be submitted to Samuel Kevin Wilson, Director of Community Services, 4305 Santa Fe Avenue, Vernon CA, 90058, no later than 3:00 P.M., December 10, 2003. The consultant shall provide insurance according to the attached insurance schedule. It is mandatory that the insurance provided be in either of the two forms specified in Section II-b of the schedule. The consultant fee schedule shall be submitted in a separate sealed envelope. The fee schedule shall detail the cost of the deliverables and any other costs required with unit costs for additional services. INSURANCE SCHEDULE (CONSULTANT) The Consultant shall provide proof of insurance, including a standard certificate of insurance, in at least the following amounts and coverage (combined single limit permitted): I. Hazards Automobile Liability Owned Automobiles Hired Automobiles Non -Owned Automobiles Workers' Compensation Employers' Liability H. General and Professional Liability Coverage and Limits Bodily Ini Property Damage Each Person Each Accident Each Accident $500,000 $500,000 $500,000 $ Statutory $1,000,000 $1,000,000. $1,000,000 $1,000,000 per employer Premises Operations $1,000,000 $2,000,000 Elevators (if applicable) Independent Contractors Products - Completed Operations Contract Liability $500,000 $500,000 $500,000 $1,000,000 $1,000,000 $2,000,000 $1,000,000 $1,000,000 $2,000,000 $1,000,000 $2,000,000 $1,000,000 $2;000,000 Professional Liability $2,000,000 $2,000,000 $1,000,000 $1,000,000 $1,000,000 $2,000,000 a. The general liability policy shall contain the following special endorsements which shall be noted on or attached to the standard certificate of insurance: 1. An endorsement naming the City of Vernon, its officers, and employees as insureds under the policy. 2. An endorsement providing the City of Vernon thirty (30) days notice of cancellation or material reduction of coverage. 3. An endorsement providing coverage for all operations under this agreement. 4. Such other endorsement as may be required by addendum hereto. b. In addition to the standard certificate of insurance, proof of general and professional liability coverage shall be furnished in the form checked below. Certification of the following_ proofs by the insurance agent or broker will not be accepted: X For each policy, a notarized letter from the underwriter or carrier certifying that the coverage and statements in the standard certificate of insurance (attached thereto) are true and correct and that the signator is an officer authorized to so certify, or X A copy of each policy certified by an officer of the underwriter or carrier and notarized. EXHIBIT IN IL-maILW.■■■ CITY OF VERNON SECURITY VULNERABILITY ASSESSMENT AND EMERGENCY RESPONSE PLAN SERVICES TABLE OF CONTENTS EXECUTIVESUMMARY....................................................................................... I QUALITY ASSURANCE/QUALITY CONTROL...........................................................3 KEY PERSONNEL ......................................... :...................................................... 8 RELATED EXPERIENCE AND REFERENCES......................................................... 12 APPROACH.......................................................................................................15 EXECUTIVE SUMMARY TRC-EASI is pleased to submit our qualifications to the City of Vernon to perform a Security Vulnerability Assessment and Emergency Response Plan for the City's water System. TRC, a $300 million dollar corporation whose main focus is in the areas of critical infrastructure security, improvements and environmental management, acquired Engineered Automated Systems, Inc. (EASI) in 2001, expanding our capabilities with a network of over 2000 employees and skill sets, plus over 80 offices across the United States. TRC-EASI has performed over 250 vulnerability security assessments, as well as designed and integrated security systems for several hundreds of projects in California, applying appropriate security solutions from concept through completion of installation during the past 25 years. WATERFMFMIENCE TRC has designed new facilities for water treatment and has provided methods for improving existing facilities. TRC has also worked with numerous public agencies to assist in the master planning of water systems including: modeling, systems design and construction management. We specialize in designing improvements to existing facilities to improve capacity, efficiency and planning for future upgrades. Our experts understand and plan for the need to make improvements with minimal disruption to existing operations. CMTIFICATION TRC-EASI team members are trained and licensed to perform in AWWARF/Sandia National Laboratories Vulnerability Assessment Methodology (RAM-W) for water systems. TRC-EASI also offers extensive security technology experience, as well as in-house water systems engineering capabilities. Our personnel have extensive expertise in risk management for water and wastewater facilities, engineering, design, and construction management of wat infrastructures, including mechanical engineers that have 20+ components and architecture. Our In-house staff of 35+ includes: ➢ AWWA Members ➢ Certified Protection Professionals (CPP) ➢ Physical Security Professionals (PSP) ➢ Registered Civil, Mechanical and Electrical Engineers. er supply and distribution years with SCADA system Our project team has served a strong client base of water agencies and water treatment systems. With the diverse knowledge and expertise of security design, systems and equipment, as well as years of water engineering experience, we have completed and assisted in numerous vulnerability assessments consistently addressing the required elements of the United States Environmental Protection Agency plus. City of Vemon Page 1 12/9/03 CONFIDENCE TRC-EASI has maintained working relationships with a large number of clients for 25 years because we understand their needs and continue to build upon them through the principals of communication, accountability, and our commitment to provide the absolute best project results. Our team will brainstorm and work thoroughly with the City's staff to understand and address key issues. Our technical expertise on current and future security technology, equipment and engineering capabilities in regards to systems design and implementation allows us to make the most appropriate and detailed recommendations to improve existing physical security measures, emergency response planning and training. Our knowledge of the local conditions, contractors, threats, vulnerabilities and other critical security and emergency response needs and capabilities will result in the most thorough, accurate, constructible and affordable security vulnerability assessment for the City. Our multi - disciplined team assures the City a professional services resource pool that has broad capabilities, beyond security and in areas that either affects or could be affected by proposed security upgrades. This broad capability skill set enables the TRC-EASI team to address any issue that could be practically confronted during the course of this work. COMPANY INIFORIi ATION Identification of Responder TRC-EASI Legal Name and Address of the Company TRC-EASI 21 Technology Drive Suite 200 Irvine, CA 92618 Lezal Form of Compan Subsidiary Identification of Parent Company TRC 21 Technology Drive Irvine, CA 92618 Contact Gregory W. Brandon, Director 21 Technology Drive, Suite 200 Irvine, CA 92618 949/341-8204 FAX 949/341-0374 City of Vernon Page 2 12/9/03 j ouAuTy AssuRANcE & ouA ry c®NTR®L PRoG Focus on Manaatmeut Pmetices TRC-EASI is set up to respond to clients in a vital and cost effective . manner. Focus on project management practices will assure that the project will meet the time schedules, budget and performance requirements. This core capability assures the City that appropriate professional experience and team credibility are being applied to this proj ect. The project team is functionally organized to address the activities needed to achieve the objectives and responsibilities of the project. TRC-EASI can and will dedicate the necessary resources for successful and timely project completion. A RAM-W certified project manager with relevant expertise and experience is assigned to each activity. The project manager is responsible for ensuring that the assigned tasks are conducted with quality. Vocus can QuAW Assurmce The City's security vulnerability assessment requires our utmost care and attention, and therefore will receive a formal quality control process. TRC-EASI has an established internal quality assurance practice that requires work products to be reviewed by an independent, senior member of the project team. That senior member of the staff is identified as the person responsible for quality control and is not assigned any efforts associated with that project task. The project manager and the Quality Control Director jointly develop a list of interim work products, which will be reviewed for quality, and the level of review required. As each work product is drafted, the Quality Control Director reviews it and then generates an internal memo .providing comments back to the technical leads. The work product is updated by the responsible analyst and resubmitted for quality control review. The review process is repeated until the person Quality Control Director verifies completion of the work product. The same review process is applied to all deliverables to the client. All Q deliverables must receive an authorization from the person responsible for quality control to be released to the client for review. Documentation for the review process is created and maintained with the project files. 'I l City of Vernon Page 3 12/9/03 Focus ou OuAty Control Given the security sensitive nature of the proposed effort, we have augmented our quality control program with security requirements to ensure that high quality services and products do not present any measurable risk to the District. Our Quality Control and Security Program includes written office policies and procedures that specify the control of security -sensitive information. Only project team members that have been trained in the control of security - sensitive information, and have signed commitment forms are allowed access to security - sensitive information. The Quality Control Director manages control of both paper -based and electronic -based security -sensitive information. Paper -based security -sensitive information is maintained in a safe with electronic keypad lock and 2-hour fire protection, is signed out by the Project Team Member and is returned after use. During direct usage, information accessibility is limited and under constant control by the responsible project team member. All drafts arc destroyed, and upon completion of the project all documents obtained from the district are returned. M"AURS/Woro>s We realize communication is extremely important in order to understand and address the City's key issues during the Security Vulnerability Assessment. Throughout the scope of the entire project we will schedule meetings and workshops so as to consistently review options and comments with the District in order to address any and all questions, or concerns, in the decision -making process. These meetings will be valuable regarding the City's input, and involve members of the City's staff to familiarize themselves with the process and to learn key points that will be addressed during the vulnerability assessment. The knowledge gained during these meetings will serve the City's staff well after the new security concepts are developed and implemented. pruiect &htdt& & status Rem" A more refined project schedule will be presented to the District at the kick-off meeting that will highlight all tasks, sub -tasks, reviews_ and major milestones that reflect TRC-EASI's understanding of the Security Vulnerability Assessment. The project schedule will guarantee each task is assessed with the greatest amount of focus and care possible. It sets the pace of the project, identifying each separate milestone that is reached by completing each specific task. The schedule is reviewed consistently to determine if the current pacing is in the best interest of the - strict. If the pace is not meeting the expectations of the project schedule, adjustments are made immediately to ensure the success of the project meeting its goals. The project schedule is updated monthly and will be submitted monthly, with the Status Report. s utus Renow u Key accomplishments and milestones will be generated in monthly Status Reports in narrative form. Progress that has been achieved with each task will be detailed in the report, as well as the work expected to be accomplished with the next task and time frame. This is an excellent tool that enables the District to observe the pacing of the project, track goals that are met and accomplished and maintains open communication throughout the life of the project. City of Vernon Page 4 12/9/03 proket Wfina Staffing is truly essential to create a successful team. TRC-EASI has assembled a highly trained, highly qualified, and highly experienced team to successfully complete this project. Each staff member who makes up our team is an integral part of the success of the vulnerability assessment. Proper staffing is critical to assess each and every task. Security COMM16011 & Btu smices TRC-EASI is best known for its award -winning Security Consulting and Design Group. We have provided Integrated Security System Design, Management and Architectural Planning services for over two decades. Our approach to water facilities security system design is based on our success and on similar types of projects. If project budget allows, we can submit initial Conceptual Designs for the Security Enhancement Phase, in which TRC-EASI will review the findings and recommendations (deficiencies) of the Vulnerability Assessment, discuss/define/refine project scope and security philosophy as appropriate. We will review any architectural and engineering plans, specifications and other information regarding the facilities requirements, and determine the extent to which the security measures should integrate with other systems. Furthermore, our technology design is provided through a core group of experienced, full time security consultants; therefore, we are familiar with the necessary standards for good equipment selection, and the results of a successful selection process. Proper security design and equipment selection can avoid the following results: • Increased system cost. • An inadequate and inflexible system. • A system that will be outdated in only a few years. • A system that locks the District into an unacceptable relationship with a single manufacturer or vendor. • A system that is difficult to maintain • A system that is difficult or costly to expand. Security systems should be integrated to provide a cohesive user -oriented interface with minimal requirements for manual control and operation. A comprehensive security system with automatic system responses will lower security -staffing requirements and shorten both training and response intervals. Lower risk/higher reliability security is achieved at lower recurring costs. City of Vernon Page 5 12/9/03 TRC-EASI provides Integrated Security System Consulting, Design, Management and Architectural Planning services through a core group of full time security consultants. The following is an abbreviated list of services offered: Integrated Security Systems Design • Engineered Plans and Specifications • Bidding and Negotiation Assistance • Installation Quality Review • Acceptance Testing • As -Built Documentation Security Management Consulting • Security Vulnerability Assessments • Emergency Response Plans and Updates • Programming and Master Planning • Security Program Consulting • Proprietary Information Protection Programs • Due Diligence • Crisis Management & Disaster Recovery Programs Security Architectural Planning Services • Perimeter Fencing • Crime Prevention Through Environmental Design Consulting (CPTED) • Security Monitoring Rooms Se"I taw T"huolfqes S"e ed Security Systems Integration • Alarm Systems • Access Control Systems • Photo Identification Badging Systems • CCTV Systems • Digital Video Systems • Security Intercoms • Duress Voice Communications Systems • Critical Systems Alarms • 2-Way Radio Communications Systems • Computer Aided Dispatch Systems Access Control Systems • Identification Badge Technologies • Visitor/Temporary Contractor Badging Systems • Vehicle Access Control Systems • Elevator Access Control • Electronic Turnstiles Alarm and Detection Systems • Fire Alarm Systems • Duress Alarms • Weapons Detection Systems • Explosives Detection Systems City of Vernon Page 6 12/9/03 • Door/Window/Portal Status Monitoring • Critical Systems Status Monitoring • Volumetric Motion Detection • Video Motion Detection • Central Station Alarms Closed Circuit Video Systems • Analog and Digital Video Cameras • Digital Storage and Transmission Systems • Switchers, Multiplexers, Quad Display Technologies • Video Storage Technologies • Video Archiving Systems • 6.Eviddence Resoureing and EnhancPmant Systems Security Intercom Systems • Emergency Phone Stations • Threshold Audio Monitoring Systems • Master Station Console Integration • Single/Multiple and Networked Exchanges • Fiber -Optic Interfaces • High Security and High Aesthetic Intercom Stations • High Noise Environment Stations Audio/Video Recording Systems • CCTV and Related Audio • Audio Logging Systems • Telephone • CCTV Related • 2-Way Radio • Security Intercoms City of Vernon Page 7 12/9/03 TRC-EASI is an interdisciplinary team of professionals with rac 94 advanced certifications and credentials in all relevant fields of Engineered AutomoNon Systems, Incorpmted security, security design and water engineering. Our multi- disciplinary team provides the City with a highly professional partner that has broad capabilities, beyond security, and in areas directly relevant to crafting an effective and efficient security vulnerability assessment. Mr. Robert Smith, P.E., CPP, CEM, RAM-W will be the Principal in Charge. Robert has twenty five years of project experience utilizing a unique skill set spanning mechanical, electrical and SCADA systems coupled with security risk assessment and security design skills and training, as well as supervising the •^^� 4 A, -, n4 c��' A_+ 41 + nr� A 1, m 1 4 onfrv.on4 le designs VI water L11J L11% L VVVll LLl LL1Vl.LL1V11 a11LL �11e1111 Li GL1 Lrl,UL111N11L systems. He has overall responsibility for all aspects of the project. James Black, CPP, PSP, RAM-W is the lead project manager for vulnerability assessments, related tasks and will be involved in day-to-day activities and responsible for task assignments and oversight of other team members. James has ten years experience specializing in threat and vulnerability assessments and also with planning, design, construction and implementation of security, CCTV, access control, fire alarm, audio/visual, and special -function, low voltage control systems. The Complete Project Team follows: Robert Smith, P.E., CPP, CEM, RAM-W, Principal Senior level project management, quality control/assurance, Scada System review, design assistance, review, commissioning and quality control services. 25% of time available for this project versus current work load. James Black, CPP, RAM-W, Senior Security Consultant, Project Manager. Site assessments report writing, peer review, client -meetings, and coordination of all aspects of documentation, implementation, scheduling, inter -discipline coordination and quality control. 50% of time available for this project versus current work load. Keith Kushner, RAM-W, Quality Control Director and Technology Expert. Participate in security technology application and quality control/assurance. 15% of time available for this project versus current work load. David Hill, Senior Project Engineer. Provide specialized services in the design of water distribution systems, deep ground water wells, pumping stations, filter plants, waste water treatment facilities, pressures systems and SCADA systems. Estimated contribution to this project 15% versus current workload. Lawrence B. Joffe, Senior Water Consultant. Provide expert chemical engineering and water expertise for this Project. 20% of time available for this project versus current work load. Stephen A. Dopudja, Director of Water, Resources. Provide expert water resources engineering and management expertise for this Project. 20% of time available for this project versus current work load. City of Vernon Page 8 12/9/03 CONSULTANT MUMES Jim Black, CPP Project Manager Trained and Certified in the Sandia RAM-W Methodology Ten years experience specializing in security vulnerability assessments and planning, design, construction and implementation of security, CCTV, access control, fire alarm, audio/visual, and special -function, low voltage control systems. Special expertise in security system integration, working with design teams, and estimating. Project Management, master planning, design development, construction documentation; construction administration and commissioning of security systems, monitoring, access control, video surveillance, network fiber optic infrastructures and communication systems projects. Special expertise in multiple entity coordination, design team interface and security planning. Practical background in specification/design of video security systems, system integration, end user relations/presentations and project management. • Hyperion Wastewater Treatment Facility • Western Municipal Water District • Moulton Niguel Water District • Sonoma County Water District • Santa Margarita Water District • Orange Water District • Mesa Consolidated City of Vernon Page 9 12/9/03 David Hill I Senior Project Engineer, SCADA Twenty-six years experience in mechanical system design, retrofit and optimization of existing mechanical systems. He is responsible for preparation of engineering plans and specifications for mechanical systems. Responsibilities include building envelope heating/cooling load calculations; layout and sizing of HVAC and hydronic piping systems; preparation of mechanical details, control diagrams, equipment layout; selection and scheduling of equipment; and review of contractor's shop drawings. Comprehensive knowledge of industry references and codes such as UBC, NFC, UMC, ASME B&PV and piping codes and ASHRAE. Preparation of engineering plans and specifications for building automation systems for HVAC controls, mechanical design and energy conservation design including building envelope heating/cooling load calculations, building audit and retrofit strategies. Responsible for design and construction on various projects. Systems designed include: HVAC, water distribution, automatic control logic, emergency power distribution, fire suppression systems, detection, monitoring and control systems. SCADA Projects: o City of Huntington Beach, Pumping Stations. Ground water pump(s) control, flow monitoring, chlorination system, alarms flow control. Phone/modem and telemetry signalization. o San Diego Gas & Electric Company. City of San Diego Municipal water distribution pump controls for flow demand. Telemetry. o Arabian American Oil Company, Dhahran, Saudi Arabia. Deep well groundwater pumps control and flow monitoring. Telemetry. Incoming crude oil emergency control valves. Telemetry. City of Vernon Page10 12/9/03 Lawrence B. Joffe Senior Water Consultant Mr. Joffe is a chemical engineer and senior project manager in the water and wastewater treatment field. He provides clients with analyses of applicable treatment methodologies that will enable water treatment to be sh accomplished to the required levels. The analyses include: capital cost, operational costs, manpower requirements, maintenance costs and requirements, and expected reliability. Based on the evaluations, a process flow sheet representative is provided of the best overall methodology for the specific project. As part of the project, he serves as the technical preparer and or project manager for the preparation of required regulatory permits and provides client support during public and regulatory hearings as required. Mr. Joffe is affiliated with the Water Environmental Federation and holds a California Water Environment Association - Class IV Operations License. • Designed Major Water Treatment Plant Upgrade — Fort Collins, Colorado • Pacific Coast Pipeline Federal Superfand Site — Ventura, California • Implemented & Managed Treatment System — PAB Superfund Site Abbeville, Louisiana • Evaluated & Designed Water Treatment System — Molycorp's Mountain Pass Mine • Designed In -Situ Treatment of Polluted Lake — Bogota, Columbia • Designed & Supervised Ground Water Treatment Facility — EPA Superf ind Site, CT • Design Report for Water Extraction and Treatment System — Purity Oil Federal Site • Evaluated Ground Water Contamination at an industrial site in Florida City of Vernon Pagel I 12/9/03 City of Vernon Project Description: Completed Vulnerability Assessment for the District. Performed a complete assessment utilizing the Sandia National Laboratory RAM-W Methodology, reviewed existing security measures, and recommended upgrades to security/ technology, policies/procedures. Currently providing specifications and construction drawings, assisting in the bidding process and providing construction management for security technology upgrades. Project Description: Completed Security Vulnerability Assessment to determine the critical facilities and assets, reviewed existing physical security, and made recommendations to upgrade security technology, policies/procedures, specifications and construction drawings, administer the bidding process and provide construction management for security technology upgrade. Currently updating the Emergency Response Plan, recommended policy and training practices. Providing specifications and construction drawings for security technology upgrade. Page12 12/9103 Project Description: Currently providing a master, comprehensive Vulnerability Analysis, Security Design and detailed site surveys for this 140-acre site, remote tanks and pumping stations, located throughout Los Angeles. Update and recommend changes to the Emergency Response Plan, recommend policy and training practices, construction administration, and commissioning. Project Description: Complete Security Vulnerability Assessment to determine the critical facilities reviewed existing physical security, and make recommendations to upgrade security technology, policies/procedures. Currently updating the Emergency Response Plan, recommended policy and training practices. Providing specifications and construction drawings for security technology upgrade. City of Vernon Pagel 3 12/9/03 Project Description: Currently providing a 100% complete Vulnerability Assessment as mandated by the EPA to provide assessments of the City's drinking water. Performed a complete assessment utilizing the Sandia National Laboratory RAM-W Methodology. Currently updating the Emergency Response Plan, recommended policy and training practices. Providing specifications and construction drawings for security technology upgrade. Proiect Description: Performing a comprehensive facilities assessment of threats, vulnerabilities and security environment which characterizes existing security policies, assets and protection features, and defines expected threats, criticality and consequences of loss for four (4) bridges, a rail transit system, a port facility, a ferryboat, and its docking terminals. Involvement by Consultant: Studying alternatives and develop detailed recommendations for security countermeasures to address facility and site vulnerabilities. Probable construction budgets will be developed to assist planning the implementation of these recommendations. Creating a "Summary Report" delineating the threat and vulnerability assessment results, recommended countermeasures, budgets and other pertinent information. This plan will serve as a "blueprint" for successful implementation of enhanced security countermeasures. Creating a set of detailed Plans and Specifications that address the implementation of "short term protection recommendations" presented in the Summary Report, to be used as a basis for a construction bid solicitation. City of Vernon Page14 12/9/03 APPROACH The City of Vernon (CITY) is seeking a security vulnerability assessment of its water systems, which includes transmission storage, distribution and treatment facilities. The City's water system serves a population of about 45,000 and operates nine wells, 3 booster pumping stations and 6 ground level reservoirs as well as one below ground reservoir, one elevated tank and 4 backup power generators, with total storage capacity of 16.75 million gallons. TRC-EASI's vulnerability assessment will consist of developing a security strategy and comprehensive project plan by balancing industry standards with the City's facilities specific conditions while also utilizing RAM-W AWWARF/ Sandia National Laboratories Vulnerability Assessment Methodology. Specified by the City, the following process and methodology meets the requirements of the EPA mandated Security Risk Assessment, and exceeds those requirements by additionally providing a means of evaluating the deployment of resources based on the ranking of critical assets. I. Scone of Work A. TASK 1— Planning the Vulnerability Assessment: The Vulnerability Assessment is performed by an assessment team that combines local knowledge of the water system with local knowledge of real threats faced by the City of Vernon. This means local city management, utility operations, law enforcement, the city attorney, emergency planners and others can be intimately involved in the assessment process. The planning process includes: 1. Meet with the city officials and other water system stakeholders to review project scope, objectives and strategy and form the assessment team. 2. Review existing operational procedures with assessment team either in team meetings or as individual in-depth interviews. 3. Review the water system mission(s) and prioritize customers (e.g., hospitals, fire fighting, constant water supply, critical industries, etc.) 4. Inspect all facilities in detail with city personnel. 5. For each facility, identify and record the process equipment, command and control systems, existing security measures, key personnel, and key outside utilities and materials providers, such as electric, gas and chemicals. 6. Identify operating and management practices to achieve mission objectives B. TASK 2 - Threat Assessment and Characterization To determine the vulnerability of a facility, real threats must be considered and their consequences considered. Impacts to public health, economic impacts, and public confidence need to be considered for each possibility for service disruption. The assessment team will determine the threat spectrum from which the city needs to be protected. Steps to determine the threat spectrum are: City of Vernon Pagel 12/9/03 1. Research public and open source information to determine possible threats against facilities. 2. Research the City's historical records of incidents and potential threats. 3. Research local law enforcement records and evaluations of potential and actual threats, such as FBI, Internet sources, private/facility security, InfraGard, and relevant Information Sharing and Analysis Centers (ISAC). Threats to be considered include: Outsider Threats Identify potential Outsider Adversaries. Examples: terrorists, protestors, activists, disgruntled ex -employees, extremists, criminals, computer hackers, or vandals. For each Outsider Adversary ident;A7 their expected attrih,.;tes. Examples: Viimber of attackers, technical knowledge, motivation, tactics, equipment/tools, weapons, transportation, intelligence gathering skills, financial resources, potential collusion with insiders. • For each Outsider Adversary, identify the expected method(s) of attack. Insider Threats • Identify expected insider adversaries. "Insiders" are employees or vendors who may seek to damage the Utility. Examples: Insider terrorist, criminals, revenge, abnormal (psychotic) behavior. • For each Insider Adversary, identify their expected attributes. Examples: Potential for active or passive role, access to critical assets, access to security system, access to SCADA control, and opportunity for sabotage, violence or collusion. • For each Insider Adversary, identify the expected method(s) of attack. Cyber Threats • General: both insiders and outsiders may attempt Cyber attacks. They receive special consideration because they can access the facility remotely. • Identify possible sources of cyber attack, including physical attack on equipment or infrastructure by hackers, hacker coalitions, foreign intelligence, and organized crime. C. Task 3 — Site Characterization and Vulnerability Identification Determine the relative importance of all assets at all facilities, based on their importance to the city's mission. This process establishes and ranks primary objectives, and allows the Team to determine which facilities require the most immediate focus of attention and resources (critical assets). 1. Identify and describe each individual asset in each facility, including external assets critical to the operation of the facility. 2. Describe operations for all assets for each facility. 3. Prioritize critical facility assets and processes. 4. Identify the weak points in each facility, which will require protection or mitigation plans (critical assets). 5. Identify single points of failure in the equipment and processes. City of Vernon Page16 12/9/03 F ' 6. Determine means and methods for operational mitigation of process failure. D. TASK 4 — Consequence Assessment The purpose of this task is to identify and prioritize adverse consequences, which are to be avoided. The potential consequences can include illness or death, economic loss and denial of service, for example. The following steps are taken: 1. Develop measures of consequence. 2. Develop a site -specific consequence matrix ranking consequences as very high (WMD), high, medium or low. 3. idelitX.rY VVllsequence V "A" J fcr prlVrltlLatlVn. E. TASK 5 - System Effectiveness and Risk Analysis In this task, the effectiveness of the existing physical protection systems and operational policies is analyzed for each facility to prevent undesired events (loss of critical assets). For each facility, identify weaknesses in the facility protection systems, and develop the most vulnerable adversary strategies and scenarios, related to each critical asset. These scenarios would take advantage of the lowest levels of early detection and shortest delays to penetration. 1. Physical Protection: Estimate the System Effectiveness for each scenario, using High, Medium, and Low levels of effectiveness. 2. Operational Policies and Procedures Protection: Estimate the effectiveness of policies and procedures for each scenario, using High, Medium, and Low levels of effectiveness. 3. Overall System Effectiveness: List the Overall System Effectiveness for each scenario. (Lowest value of detection, delay and response). 4. List Facility Vulnerabilities, based on the weaknesses revealed by the above process. 5. Determine relative risk to assets and prioritize to determine which need to be addressed soonest. F. TASK 6 — Risk Reduction This process assesses the level of protection afforded by existing security system's physical protection features, policies and procedures, and evaluates the effectiveness of those measures in meeting security objectives. Then additional countermeasures are identified to increase protection of the most vulnerable assets. Steps include: 1. Existing countermeasures characterization 2. Survey each facility to determine the location of critical assets, and physical and electronic protection features. 3. Research, identify and review security, emergency operations, and operating policies and procedures. 4. Create a drawing for each facility, showing assets and existing means of protection. City of Vernon Pagel? 12/9/03 5. Re -determine relative risk based on upgraded countermeasures. Risk is reduced by increasing the system effectiveness and/or decreasing the consequences. System effectiveness can be increased by increasing the Physical Protection Systems (PPS) and changes to organizational policies related to security. Such actions could include, but may not be limited to, the following: • Increase security against unauthorized access to facilities (i.e. improve doors and locks, add or improve fencing, enclose or bury presently exposed piping) • Add or improve provisions for detection of unauthorized entry to facilities (i.e. alarm systems, video surveillance, patrols) PrUieci iiie cefiirdl SCADA s}%stein against cyuei`-a%tacks • Modify system components to reduce the possibility of contaminants being introduced through such components (i.e. tank vents, hydrants on major pipelines) • Improve monitoring via computer -based automated system(s) to allow quicker detection of abnormal conditions that may be indicative of an attack or other emergency (i.e. abnormal pressures or flow rates; or sudden changes in flows or pressures, at key points throughout the system). G. TASK 7 - Analysis, Report and Risk Reduction Plan Create the Vulnerability Assessment Report, which will include: 1. Analysis of critical assets, operations, consequences and existing countermeasures to determine existing risk levels 2. Analysis of existing threats and determination of threat spectrum 3. Recommendations to reduce existing risks 4. Documentation of information gathered and analytical procedures H. Task 8 - Emergency Operations Plan (EOP) TRC-EASI will update the City of Vernon's Operations Plan to include the following: 1. Obtain and review the existing City of Corsicana's Emergency Response Plan 2. Identification of malevolent hazards from VA 3. Management of the impact of hazards, through response, recovery and remediation 4. Maintenance of service plan 5. Alternate water sources 6. Development of training and exercise programs to ensure the smooth implementation of emergency plans and procedures. 7. Notification list and procedure 8. Contaminated water sampling methodology 9. Water sample lab analysis matrix City of Vernon Pagel 12/9/03 EXHIBIT C i d i PROPOSED FEE A. Fee Schedule: Based on the Scope of Work described herein, TRC-EASI's proposed Not to Exceed fee is $18,980.00. Travel Expenses are inclusive. PHASE FEE Vulnerability Assessment $14,660.00 Emergency Response Plan $.4,320.00 TOTAL $18,980.00 B. The City of Vernon will be notified in writing whenever supplemental services are necessary. Verbal direction by the City of Vernon! to Proceed with the requested work after notification by TRC-EASI for supplemental services will constitute an agreement to provide additional compensation for these supplemental services. Supplemental services and time charged services are billed monthly at our standard hourly rates. Principal $150.00/hour Senior Security Consultant/Project Manager $135.00/hour Quality Control Director/Technology Expert $135.00/hour Senior Project Engineer $135.00/hour Water Consultants $125.00/hour Administration $ 50.00/hour CONDITIONS C. Invoices are due and payable 30 days after issuance. D. We provide the following insurance coverage: Professional Liability $1,000,000 with $15,000 deductible General Liability $1,000,000 Automobile Liability $1,000,000 Workers Compensation Per Statute Employer Liability $ 500,000 do 2 = 2 C)mm m mg� z M- 0 mm N z 0 m D °z zzm (A� ci Q o � o cn o v+ � m CD cDi m m w org cn lullw ca �z N N m CJ (� z D U) t�+ � z N A fil 'nT1 �? Orn prn c �A U1 GJ z yy m C7 z 4.4 z -� o 4+ 0 O b+ J V/ O � m z;< 21 m m� m C M c 5 3 0 D w w r� IINI ��I ��IIIIIIIIIIIII�I��I III II ��I��ljj�IIIIInII�I8111111INI. . .INNII��I v _n Fn v 0 ao 0 z EXHIBIT Ic 1 2 9 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 EXHIBIT D INSURANCE SCHEDULE TRC EASi shall provide proof of insurance, including a standard certificate of insurance, in at least the following amounts and coverage (combined single limit permitted): I. Coverage and Limits Hazards Automobile Liability Bodily Injury Pro e�rty Damage Each Person Each Accident Each Accident Owned Automobiles $ 500,000 $1,000,000 $ 500,000 Hired Automobiles $ 500,000 $1,000,000 $ 500,000 Non -Owned Automobiles $ 500,000 $1,000,000 $ 500,000 Workers' Compensation $ Statutory Employers' Liability $1,000,000 per employer II. Liabili General Liability $1,000,000 $2,000,000 $1,000,000 Premises Operations $1,000,000 $2,000,000 $1,000,000 Elevators (if applicable) $1,000,000 $2,000,000 $1,000,000 Independent Contractors $1,000,000 $2,000,000 $1,000,000 Products - Completed Operations $1,000,000 $2,000,000 $1,000,000 Contractual Liability $1,000,000 $2 0001000 $1,000,000 Professional Liability $2,000,000 $2,000,000 $2,000,000 a. The general liability policy shall contain the following special endorsements which shall be noted on or attached to the standard certificate of insurance: 1. An endorsement naming the City of Vernon, its officers, and employees as additional insureds . under the policy. 2. An endorsement providing the City of Vernon thirty (30) days notice of cancellation or material reduction of coverage. 3. Q.n e::dorsernent providing coverage for all operations under this Agreen-lent. 4. Such other endorsement as may be required by addendum hereto. b. In addition to the standard certificate of insurance, proof of liability coverage shall be furnished in the form checked below. X For each policy, a notarized letter from the underwriter or carrier certifying that the coverage and statements in the standard certificate of insurance (attached thereto) are true and correct and that the signator is an officer authorized to so certify. OR A copy of each policy certified by an officer of the underwriter or carrier and notarized. City will not accept the above proofs of insurance when certified by an insurance agent or broker. EXHIBIT "D SUPPORTING DOCUMENTS A 1 2 3 4 5 6 7 8 9 10 11 12 13 It's 15 16 17 18 19 20 21 22 23 24 25 26 27 W AGREEMENT FOR PROFESSIONAL CONSULTING SERVICES THIS AGREEMENT is made, entered into and executed in duplicate originals, either copy of which may be considered and used as the original hereof for all purposes, as of this day of March, 2004, in the City of Vernon, County of Los Angeles, California BY AND BETWEEN THE CITY OF VERNON (hereinafter referred to as "City") 4305 Santa Fe Avenue Vernon, California 90058-0805 AND TRC Engineered Automation Systems, Incorporated (hereinafter referred to as "TRC EAST") 21 Technology Drive, Suite 200 Irvine, CA 92618 RECITALS WHEREAS, the City of Vernon sought bids from consulting firms for the preparation of a Vulnerability Assessment ("VA") and Emergency Response Plan ("ERP") in accordance with Public Health Security and Bioterrorism Act of 2001, as amended by the Public Health Security Preparedness and Response Act of 2002; and WHEREAS, the United States Environmental Protection Agency ("USEPA") has mandated that cities serving populations between 3,301 and 49,999 complete a VA by June 30, 2004 and an ERP update within six months of this date; and WHEREAS, the Department of Community Services & Water received four bids in response to its Request for Proposal ("RFP"), a copy of which is attached hereto as Exhibit "A" and incorporated herein by reference as though fully set forth; and WHEREAS, TRC EAST submitted a proposal (hereinafter referred w 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 to as the "Proposal"), a copy of which is attached hereto as Exhibit "B" and made a part hereof; and. WHEREAS, TRC EASi's proposal was not only the lowest of the I1four submitted, but was also comprehensive in terms of design and construction; and WHEREAS, TRC EAST having performed over 250 VAs, in addition to designing and integrating security systems for several hundred projects in California, represents that it is qualified, properly licensed and capable of furnishing the VA and ERP that the City requires, as set forth in the RFP and is willing to do so on the terms and conditions set forth below; and WHEREAS, the City desires to enter into an agreement with TRC EAST to provide the services necessary for the preparation of the VA and ERP. NOW, THEREFORE, THE PARTIES HERETO DO MUTUALLY AGREE AS SET FORTH HEREIN: 1. SCOPE OF WORK. TRC EASi shall perform its services under the general supervision of City's Director of Community Services and Water and/or City Administrator. TRC EASi's services shall include, but shall not be limited to the following tasks: (1) scoping review and planning, (2) information gathering, (3) characterize facilities, (4) hydraulic modeling, (5) assess risk, (6) preparation of a vulnerability assessment document, and (7) develop and complete the VA and ERP. It is understood and agreed that in the event of a conflict between TRC EASi's Proposal and this Agreement, the terms of this Agreement shall prevail. TRC EAST agrees that all services provided will be - 2 - r . . 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 services on a time and materials basis according to Exhibit "C." B. Other Expenses. Expenses may only be billed if written approval has been obtained in advance from the City Administrator. 5. METHOD OF PAYMENT. TRC EAST shall submit within thirty (30) days after the last day of any month in which services have been performed or costs incurred hereunder an invoice to City for payment. Invoices shall contain an itemization of services rendered, directly related job expenses and subcontractor charges incurred by TRC EAST for which compensation is due, and an estimate of the percentage completed for each milestone or task. TRC EASi shall be responsible for paying any subcontractors used in the performance of this Agreement. Subcontractors shall not bill City directly. Payment of each invoice shall be made after acceptance and approval by City within thirty (30) days of receipt. City's approval of the invoice shall not be unreasonably withheld. 6. CHANGES AND EXTRA SERVICES. City reserves the right to request changes in the services to be performed by TRC EAST. All such changes shall be incorporated in written change orders executed by City and TRC EAST that shall specify the changes ordered and the adjustment of compensation and completion (time required thereof. Any services added to the scope of this Agreement by a change order shall be executed under all applicable conditions of this Agreement. No claim for additional compensation or extension of time shall be recognized unless contained in a duly executed change order. - 4 - 1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 19 20 21 22 23 24 25 26 27 28 7. PRODUCTS OF CONSULTING. All documents, data, databases, studies, surveys, drawings, maps, models, photographs and reports prepared by TRC EAST under this Agreement shall be considered the property of City. Such documents and materials shall be delivered to City by TRC EASi as they are generated; however, TRC EAST may take and retain copies of such documents and materials as desired. 8. CONFLICTS OF INTEREST. In the event that a potential conflict should arise between the interests of City and the interests of any one of TRC EASi's other clients, during TRC EASi's performance of services under this Agreement, TRC EASi shall notify City of such potential conflict. Notice of the existence of a potential conflict of interest shall be given in writing to City within ten (10) days of the perceived conflict. The conflict of interest letter shall specify when the potential conflict arose, the identity of the other party(ies) and the facts that give rise to the potential conflict. In the event that a potential conflict of interest is deemed by City to be an actual conflict of interest, City may, at its discretion, terminate this Agreement immediately. 9. TERMINATION. This Agreement may be terminated by City without cause on tens (10) days written notice to TRC EAST. In the event of such termination by City, TRC EAST shall be entitled to only the compensation earned by it prior to the date of the termination notice, plus compensation for necessary work performed during the ten (10) day notice period and authorized in the termination notice. - 5 - 1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 10. NOTICES. Notices to the parties, unless otherwise requested in writing, shall be sent to: City: CITY OF VERNON ATTN: BRUCE V. MALKENHORST CITY ADMINISTRATOR 4305 SANTA FE AVENUE VERNON, CA 90058=0805 Consultant: TRC ENGINEERED AUTOMATION SYSTEMS, INCORPORATED TRC EASI) ATTN: JAMES BLACK, PROJECT MANAGER 21 TECHNOLOGY DRIVE, SUITE 200 IRVINE., CA 92618 11. CONFIDENTIAL INFORMATION. A. Access to Confidential Information. City may provide TRC EASI and/or its subcontractor with, or allow TRC EASI access to, certain information not available to the public concerning City, or businesses located in City. The information may include company information, taxes, sales, value of assets, or other such information. All such information shall be known as "Confidential Information" and may not be used to circumvent the responsibility of either party to this Agreement. B. No Disclosure. Except as expressly permitted, TRC EASI and/or its subcontractor shall not disclose, permit the disclosure of, release, disseminate, or transfer, whether orally or by any other means, any part of such Confidential Information to any other person or entity, whether corporate, governmental, or individual, without the express prior written consent of an authorized representative of City. TRC EASI and/or its subcontractor shall return any written Confidential Information and all copies made of such items to City upon City's - 6 - 1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 acknowledged and agreed by City that in the normal course of work some damage may occur, the correction of which is not part of this Agreement. Accordingly, City shall waive any claim against TRC EAST and agree to defend and indemnify TRC EAST from any claims arising from entering or working on the site which is the subject of the work, except when the claim arises from the negligence of TRC EASi where the claim arises from the willful, wanton, or reckless conduct of TRC EAST. 13. GENERAL PROVISIONS. A. Independent Contractor. At all times during the term of this Agreement, TRC EASi shall be an independent contractor and shall not be an employee of City. City shall have the right to control TRC EASi only insofar as the results of TRC EASi's services rendered pursuant to this Agreement; however, City shall not have the right to control the means by which TRC EASi accomplishes services rendered pursuant to the Agreement except to the extent that such services involve the use of City property or Confidential Information. B. Consultant Not Agent. Except as City may specify in writing, TRC EAST shall have no authority, express or implied, to act on behalf of City in any capacity whatsoever as an agent. TRC EAST shall have no authority, expressed or implied, pursuant to this Agreement to bind City to any obligation whatsoever. C. Indemnification. TRC EAST shall indemnify, defend, protect and hold the City and its officers, agents and employees, free and harmless from and against any and all claims, demands, losses, damages, liabilities, fines, charges, penalties, orders, judgments and all costs and expenses incurred in connection therewith, including reasonable attorney's fees and costs of defense arising out of or - 8 - l 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 attributable to the negligent or wrongful acts of TRC EASi or its subcontractors, employees or agents in the performance of services under this Agreement, except to the extent arising from or caused by the sole negligence or willful misconduct of the City, its officers, agents or employees. D. Insurance. Prior to commencing work hereunder, TRC EAST shall provide City with proof of insurance providing and maintaining the coverage and endorsements set forth in the Insurance Schedule attached hereto as Exhibit "D" and made a part hereof by reference. Said proof of insurance shall also provide that said policy or policies shall not be canceled or materially reduced in coverage without giving at least thirty (30) days prior written notice to City. TRC EASi shall not permit a subcontractor or vendor to perform work on City premises unless and until a certificate of insurance is obtained showing that such subcontractor or vendor has worker's compensation (coverage. If TRC EASi employs subcontractors as part of the (services rendered, TRC EASi's protective coverage is required. TRC EAST may include all subcontractors as insureds under its own policy or shall furnish separate insurance for each subcontractor, meeting the requirements set forth herein. E. Governing Law. The validity, interpretation and performance of this Agreement shall be controlled and construed under the laws of the State of California. F. Assignment and Subcontracting Prohibited. TRC EAST may not assign or subcontract any right or obligation pursuant to this Agreement except with the express written consent of City. Any other attempted or purported assignment of any right or obligation pursuant - 9 - 1 Y 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 to this Agreement shall be void and of no effect. G. Amendments. This Agreement may be modified or amended only by a written document executed by both TRC EAST and City and approved as to form by the City Attorney. H. Entire Agreement. This Agreement is the entire agreement of the parties. TRC EAST represents that in entering into this Agreement, it has not relied on any previous representations or understandings of any kind or nature. I. Benefit of Agreement. This Agreement shall bind and benefit the parties hereto and their heirs, successors, and permitted assigns. This Agreement shall not create any rights or benefits to parties other than City or TRC EAST. Nothing contained in this Agreement shall create a contractual relationship with or cause of action in favor of a third party against either the City or TRC EAST. No third -party shall have the right to rely on TRC EASi's opinion rendered in connection with TRC EASi's services without TRC EASi's written consent and the third-party's agreement to be bound to the same terms and conditions as City. J. Forum Selection. Any action brought relating to this Agreement shall be brought and held exclusively in a State Court in the County of Los Angeles, California. K. Recitals. All recitals are incorporated by [reference. L. Waiver. Any waiver at any time by either party of its rights with respect to a default under this Agreement, or with respect to any other matters arising in connection with this Agreement,, shall not be deemed a waiver with respect to subsequent default or other matter. - 10 - 1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 M. Force Majeure. Neither Party shall be considered to be in default in any of its obligations under this Contract when a failure of performance shall be due to an uncontrollable force. The term "uncontrollable force" shall mean any cause beyond the control of the party affected, including, but not restricted to, flood, earthquake, storm, fire, lightening, epidemic, war, riot, civil disturbance or disobedience, labor dispute, labor material shortage, sabotage, federal, state, or municipal action, statute, ordinance, or regulation, embargoes of the United States Government or any other government, which by exercise of due diligence such party could not reasonably have been expected to avoid and by exercise of due diligence has been unable to overcome. Either party rendered unable to fulfill any of its obligations under this Agreement by reason of an uncontrollable force, shall give written notice within five (5) Business Days of such fact to the other party and shall exercise due diligence to remove such inability with all reasonable dispatch. N. Warranty. TRC EAST warrants that the services to be rendered pursuant to this Agreement shall be performed in accordance with the standards customarily provided by an experienced and competent professional organization rendering the same or similar services. 0. Attorneys Fees. In the event that it becomes necessary for either party to this Agreement to enforce any of the provisions of this Agreement, the parties agree that a court of competent jurisdiction may determine and fix reasonable attorney's fees to be paid to the successful litigant. 1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 IN WITNESS WHEREOF, the parties have caused this Agreement to be executed by and through their authorized officers on the date, month and year first written above. CITY OF VERNON BY� . MALBUR�,Ma�yo ATTEST: EONIS C BRUCE V. MALKENHORST, City Clerk APPROVE !7;ORM: ERIC T. FRE CH, Ci Attorney TRC Engineered Automation f-�aaporpojat�d (TRC EAST) ROBERT M. SMITH Title: - 12 - CITY COUNCIL LEON S C. MALBURG Mayor THOMAS A_ YBARRA Mayor Pro-Tem WM. 'BILL" DAVIS Councilman H. "LARRY- GONZALES Councilman W. MICHAEL MCCORMICK Councilman -------------- BRUCE V. MALKENHORST City Administrator/City Clerk FAX (323) 826-1438 CITY HALL 4305 SANTA FE AVENUE, VERNON, CALIFORNIA 90058 TELEPHONE (323) 583-8811 EDUARDO OLIVO City Attorney FAX: (562) 869-1883 KEVIN WILSON Director of Community Services & Watcr FAX: (323) 826-1435 KENNETH J. DeDARIO Director of Light & Power FAX:*(323) 826-1425 STEVEN E. PARKER Fire Chief FAX: (323) 826-1407 BRUCE W. OLSON Police Chief FAX: (323) 826-1481 REQUEST FOR PROPOSAL FOR THE PREPARATION OF A VULNERABILITY ASSESSMENT AND EMERGENCY RESPONSE PLAN FOR THE CITY OF VERNON INTENT The City of Vernon is seeking a professional Consulting Firm to prepare a Vulnerability Assessment (VA or Assessment) and emergency response plan (ERp) in accordance with the Public Health Security and Bioterrorism Act of 2001 as amended by the Public Health Security Preparedness and Response Act of 2002. The Assessment shall be a precise and systematic evaluation conducted in full compliance with the United States Environmental Agency (USEPA) requirements. The Assessment shall provide the City with analytical data and detailed recommendations for prevention measures and response to terrorist and intentional attacks on the City of Vernon's water system. As required by FIR 3448, the City wishes to conduct a Vulnerability Assessment (VA) and develop an ERP for its drinking water system. All system components, including transrnission storage, distribution, and treatment facilities shall be evaluated. The City requires the successful bidder to provide proof of insurance, including a standard certificate of insurance, in at least the amounts and coverage indicated on the insurance schedule. In addition to the standard certificate of insurance, proof of liability coverage shall also be furnished in the form indicated on the attached insurance schedule (Exhibit "A"). The proof of insurance shall be in the form of a notarized letter of insurance or a certified copy of the insurance policy. Proof of insurance shall be provided by the insurance company. This RFP describes the proposal format, preliminary scope of services, and the minimum information that must be included in the Proposal and in the selection process. Failure to submit the Proposal in accordance with the procedures outlined may be cause for disqualification. BACKGROUND The City's Department of Community Services manages and operates the water distribution system. The City's water system serves a population of approximately 45,000 through nearly 2,000 service connections. Vernon's water distribution system consists of nine wells, three booster plants, six ground level reservoirs, one below ground reservoir, one elevated tank and four backup power generators. The total storage capacity is approximately 16.75 million gallons. In addition, Vernon produces approximately seventy three percent of its water supply from its ground water supplies and purchases approximately twenty seven percent of these supplies from the Metropolitan Water District (1VIWD). The Assessment will include an evaluation of the City's water supply, transmission, treatment, storage and distribution facilities. The proposed work shall include an evaluation of the existing security systems, including physical and mechanical vulnerabilities. This information shall be used to quantify the risk posed to each facility, prioritize the most critical systems and/or facilities and develop preliminary design recommendations and cost estimates for facility - specific improvements. When completed, this Assessment must meet the newly promulgated: federal vulnerability assessment and USEPA vulnerability assessment requirements. CONSULTANT QUALIFICATIONS The City proposes to retain a qualified Consultant to develop the Assessment and ERP. Only Consultants with demonstrated experience and training in the area of water system vulnerability assessments and emergency response plans will be considered. Minimum Consultant qualifications are listed below: • Trained in conducting the Risk Assessment Methodology for Water enie vulnerability assessments by Sandia National Laboratory and other agencies • Demonstrated experience in conducting vulnerability assessments including physical security, water utility operations and internet functions; • Demonstrated experience with the design and implementation of Supervisory Control and Data Acquisition (SCADA)'system components; • Demonstrated experience in security systems evaluation, design and implementation; • Demonstrated experience in drinking water operations including source water management, facilities and information technology systems; • Demonstrated experience in drinking water quality risk and monitoring/detection related issues; Ea • Demonstrated methods and procedures for ensuring the confidentiality of all work project related documents; • Demonstrated experience with the Standardized Emergency Management System (SEMS) and emergency operations planning concepts, training and implementation; • Experience with scenario planning and emergency response exercises; • Experience with the development and implementation of emergency response plans; and • Certified Protection Professional certification desirable. PROPOSED FORMAT The Proposal shall be concise, well organized and demonstrate the Consultant's qualifications and experience relating to the proposed project. The Proposal shall include, at minimum, the following information: 1) Consultant Identification: Legal name of business, form of business (corporation, Partnership, or other), location and address, telephone and fax numbers, e-mail address and contact person. 2) Executive Summary: An executive summary of the Proposal identifying the being presented for consideration. The summary, shall include a brif ltory of the organization, background information and relevant experience. Provide proof of capabilities of your firm/team to meet USEPA Guidelines and to comply with the Sandia National Laboratory Vulnemblity Assessment methodology. 3) Experience: Previous experience in the preparation of vulnerability assessments and ERP. 4) Key Staff. Provide a list of key.staffthat will be assigned to this project and their relevant qualifications. Include resumes of all key personnel listed. Key personnel, as defined by the City, shall not be removed from the project without prior written approval from the City. Only personnel with equal or better qualifications will be considered for substitution 5) Project Understanding: A statement demonstrating understanding of the Vulnerabi-ity Assessment and ERP requirements shall be included with your proposal. 6) Approach and Scope of Work: Description of services to be provided and how the services and activities will be accomplished. The Preliminary. Scope of Work that follows this section is considered to be a general guideline, however, the Consultant shall develop and submit the final scope of work as part of the Proposal. 7) Project Costs: The Assessment and ERP costs are to be included and shall indicate the proposed "not -to -exceed" cost for completing the tasks identified and presented by the Consultant in the Scope of Work. The fee schedule shall be enclosed in a separate envelope titled "fee schedule" and include man-hour estimates per task, hourly -billing rates of personnel to be utilized on the project, and other associated costs. The total "not- 3 to -exceed" cost shall include the costs of all personnel, subconsultants, administration, overhead, meeting attendance, research, travel, postage, reproduction, and all other related costs, both direct and indirect, necessary to complete the Project. PRELIMINARY SCOPE OF WORK Proiect Management: Specify estimate of the Consultant's fee for project management, and required costs to implement recommendations of this assessment. Proiect Schedule: Consultant shall submit an initial schedule with the pertinent milestones for major tasks involved in the Assessment and ERP. The schedule shall be updated and submitted monthly to City staff. Meetings: The Consultant shall meet with City's representatives not less than once a month for the duration of the project to discuss the progress of the work, including schedules, budgets, and overall status of the project. Monthly Proiect Status: The Consultant shall submit to the City on a monthly basis an accurate record of tasks completed. Research and Data Collection: Specific site information, engineering reports and SCADA system operating manuals will be provided at the project kickoff meeting to be scheduled following the issuance of the Notice to Proceed to the Consultant. . uaua.iaU�u�r EiSs"cSsauvut" The Consultant shall conduct an assessment relating to the vulnerability of the City's water distribution system to a terrorist attack or other intentional acts intended to substantially disrupt the ability to provide safe and reliable drinking water supply. The vulnerability assessment shall include a review of the City's existing facilities including pipes, constructed conveyances, water treatment, storage, distribution facilities, computer automated systems and the operation and maintenance of facilities. The consultant must certify that the Vulnerability Assessment fulfills all USEPA requirements. The following items shall be evaluated and discussed in the Assessment: 4 • DetermineJidentify the terrorist and intentional acts that could damage or disrupt the missions and functions of the system and cause significant public health hazards. • Identify the important missions/functions of the system; • Identify the undesirable consequences of the damage and disruption of the system; • Specifically identify the actions, methods and means to mitigate and prevent the damage and disruption and prioritize; • Identify and recommend the necessary actions, methods and means to recover from the damage and disruption and prioritize. System Evaluation: Perform a systematic_ site evaluation of the City's water system. The. Consultant shall evaluate each facility's existing processes, controls, operations, and security to include the collection of performance data on the following: • Important/critical facilities, processes and assets; • Physical protection system features of deterrence, detection, delay and response; • Internet/SCADA protection system features; • Security policies and procedures and compliance with these policies and procedures; • Computer accounting system. Identify: Identify the potential adverse risks that could affect the distribution system and the City's service area, to include: • The loss of critical functions and/or major service disruption; and • Intentional. attack on City assets or systems with the intention of affecting public safety or health by contamination of the water supply, chemical release or chemical theft. Terrorist and Intentional Acts: Define how terrorist and intentional acts could be carried out that would result in: • Infliction of physical damage; • Chemical, biological, and radiological contamination; • Cyber attacks on the SCADA system or any other process control system within the distribution system that has the potential to affect the water supply; • Interdependency"disruptions (e.g. electrical, reservoir or pump station failure); • Assess the likelihood of such terrorist and intentional acts from defined threat sources (e.g. terrorist, insider, vandalism);. 5 Approach to Assessment: • The approach to the Assessment shall be a system evaluation that will evaluate the risk to the water system based on the effectiveness of the security system against the specific terrorist and intentional acts determined in the initial step; • The Assessment shall determine the most critical assets in the water system, detail their interrelationships with other assets in the system, identify the consequences of terrorist and intentional acts that could be directed against them, and evaluate the effectiveness of both existing and proposed protection; • The Assessment shall identify system vulnerabilities and provide a prioritized plan for security upgrades, modifications of operational procedures, including financial accounting systems and/or policy changes to mitigate identified risks to critical assets; • The Assessment shall provide a comparison of the relative safety of the existing security configuration versus the risk after identified improvements have been completed. The Assessment shall include an analysis comparing the cost of protection against the potential risk. The consultant shall prepare a prioritization plan for security upgrades, modifications of operational procedures, and/or policy changes to mitigate identified risks to critical assets. The consultant shall also identify initial costs and annual operating and maintenance costs for the recommended security improvements. The consultant shall develop a schedule for final design and construction of proposed facilities. In addition, the consultant shall consider costs, construction methods, service area, land use, in developing a plan to sequentially incorporate the recommended security improvements; The consultant shall conduct a review of the exposure and risk associated with illicit introduction of chemical, biological, and radiological water quality contaminants into the water system and make recommendations on the feasibility, cost/benefit, and practical logistics of installing water quality monitoring devices and other devices to prevent and mitigate the contamination. The consultant shall describe operation and maintenance requirements, including time and costs for any specialized training needed by City staff. The consultant shall determine the necessary permits from the City to construct, operate and maintain the improvements proposed under this project; 4. Emergency Response Plan: • The consultant shall review the City's existing Emergency Response Plan and develop an ERP for the City based on the findings of the Assessment and in order to improve emergency responsiveness, efficiency, security and minimize security risks; and • The consultant shall certify that the ERP fulfills all USEPA requirements. 5*1 DELIVERABLES: Based on its investigations, assessments and recommendations, the consultant shall prepare necessary documents to support its findings in the Assessment and ERP. The Consultant shall prepare documents, which shall include, but not limited to, the following: • Assessment Report, due concurrently with the ERP; • Emergency Response Plan, due concurrently with the VA; • The consultant shall prepare implementation of major components and pre eengineering measures with with estimates for ntithe damage from different types of terrorist attacks; t cost of • A completed checklist of all facilities shall be included in the Assessment and ERP; • Technical reports which include a prioritized list of critical stems and/or facilities, security strategy, prioritized plan for security upgrades, riskys and cost analysis, and the results of the review of contaminant monitoring systems; • Recommended modifications for operational procedures; • Recommended policy changes to improve security and training documents; • The consultant shall submit draft copies of the reports for the City's review. In conformance with the City's recommendations and upon mutual agreement of modifications deemed necessary by the City and consultant, the consultant shall reevaluate, revise, and finalize the reports. The final co sufficient detail to facilitate the final system -wide andsite-specific i e s of the Assessment shall be in security improvements; and pecific engineering for • The consultant shall perform routine and final review prior to making submittals to the City to insure accuracy, conformance and integrity of all work. The consultant shall Perform quality assurance/quality control checks on all submittals made to the City. The City will not accept for review any submittal that has not been reviewed and signed by the consultant's and/or his or her designee to certify the accuracy and completeness of the submittal. CONSULTANT SELECTION: The selection ��aon'of a firm to provide services will be based on demonstrated competence, z ± .-..- s:afthig and previous experience necessary for the satisfactory Performance of the services required. Prior experience with providing similar services is highly desirable. The City of Vernon will evaluate the proposals, interview the best candidate consultants and select the consultant. 7 CITY RESPONSIBLITIES The City of Vernon shall provide the consultant with the following: • Access to copies of all available existing data, information, reports, risk management plans, records and maps which maybe relevant to this project; • Access to City staff including Public Works, Police, and other City Departments as required; • City staff will support consultant's access to the collection of existing data, information, reports, etc.; • Access to all facilities included in this project; and • Support staff to assist consultant when required. JOB WALK A non -mandatory job walk will be held on Tuesday, November 18, 2003, at 10:00 A.M., starting at the City of Vernon City Hall, 4302 Santa Fe Avenue, Vernon, CA, 90058. Please contact Scott Rigg at (323) 583-8811, Ext. 279 for further details. PROPOSAL SUBMITTAL The Proposal'shall be submitted to Samuel Kevin Wilson, Director of Community Services, 4305 Santa Fe Avenue, Vernon CA, 90058, no later than 3:00 P.M., December 10, 2003. The consultant shall provide insurance according to the attached insurance schedule. It is mandatory that the insurance provided be in either of the two forms specified in Section 11-b of the schedule. The consultant fee schedule shall be submitted in a separate sealed envelope. The fee schedule shall detail the cost of the deliverables and any other costs required with unit costs for additional services. H., INSURANCE SCHEDULE (CONSULTANT) The Consultant shall provide proof of insurance, including a standard certificate of insurance, in at least the following amounts and coverage (combined single limit permitted): I. Hazards Automobile Liability Owned Automobiles Hired Automobiles Non -Owned Automobiles Workers' Compensation Employers' Liability II. General and Professional Liability Coverage and Limits Bodily Iri uu[y Property Damage Each Person Each Accident Each Accident $500,000 $1,000,000 $500,000 $1,000,000. $500,000 $1,000,000 $ Statutory $1,000,000 per employer Premises Operations $1,000,000 $2,000,000 Elevators (if applicable) $1,000,000 $2,000,000 Independent Contractors $1,000,000 $2,000,000 Products - Completed Operations $1,000,000 $2,000,000 Contract Liability $1,000,000 $2;000,000 Professional Liability $2,000,000 $2,000,000 $500,000 $500,000 $500,000 $1,000,000 $1,000,000 $1,000,000 $1,000,000 $1,000,000 $2,000,000 a. The general liability policy shall contain the following special endorsements which shall be noted on or attached to the standard certificate of insurance: 1. An endorsement naming the City of Vernon, its officers, and employees as insureds under the policy. 2. An endorsement providing the City of Vernon thirty (30) days notice of cancellation or material reduction of coverage. 3. An endorsement providing coverage for all operations under this agreement. 4. Such other endorsement as may be required by addendum hereto. b. In addition to the standard certificate of insurance, proof of general and professional liability coverage shall be furnished in the form checked below. Certification of the following proofs by the insurance agent or broker will not be accepted: - . X For each policy, a notarized letter from the underwriter or carrier certifying that the coverage and statements in the standard certificate of insurance (attached thereto) are true and correct and that the signator is an officer authorized to so certify, or X A copy of each policy certified by an officer of the underwriter or carrier and notarized. r I GA l0 ■ M 0 Engineered r= CUM ■ CITY OF VERNON SECURITY VULNERABILITY ASSESSMENT AND EMERGENCY RESPONSE PLAN SERVICES TABLE OF CONTENTS EXECUTIVESUMMARY.......................................................................................I QUALITY ASSURANCE/QUALITY CONTROL ............... ...........3 ................................. KEYPERSONNEL................................................................................................8 RELATED EXPERIENCE AND REFERENCES......................................................... 12 APPROACH.......................................................................................................15 EXECUTIVE SUMMARY TRC-EASI is pleased to submit our qualifications to the City of Vernon to perform a Security Vulnerability Assessment and Emergency Response Plan for the City's water System. TRC, a $300 million dollar corporation whose main focus is in the areas of critical infrastructure security, improvements and environmental management, acquired Engineered Automated Systems, Inc. (EASI) in 2001, expanding our capabilities with a network of over 2000 employees and skill sets, plus over 80 offices across the United States. TRC-EASI has performed over 250 vulnerability security assessments, as well as designed and integrated security systems for several hundreds of projects in California, applying appropriate security solutions from concept through completion of installation during the past 25 years. WAT M"I CE TRC has designed new facilities for water treatment and has provided methods for improving existing facilities. TRC has also worked with numerous public agencies to assist in the master planning of water systems including: modeling, systems design and construction management. We specialize in designing improvements to existing facilities to improve capacity, efficiency and planning for future upgrades. Our experts understand and plan for the need to make improvements with minimal disruption to existing operations. MRTIFICATION TRC-EASI team members are trained and licensed to perform in AWWARF/Sandia National Laboratories Vulnerability Assessment Methodology (RAM-W) for water systems. TRC-EASI also offers extensive security technology experience, as well as in-house water systems engineering capabilities. Our personnel have extensive expertise in risk management for water and wastewater facilities, engineering, design, and construction management of wat infrastructures, including mechanical engineers that have 20+ components and architecture. Our In-house staff of 35+ includes: ➢ AWWA Members ➢ Certified Protection Professionals (CPP) ➢ Physical Security Professionals (PSP) ➢ Registered Civil, Mechanical and Electrical Engineers. er supply and distribution years with SCADA system Our project team has served a strong client base of water agencies and water treatment systems. With the diverse knowledge and expertise of security design, systems and equipment, as well as years of water engineering experience, we have completed and assisted in numerous vulnerability assessments consistently addressing the required elements of the United States Environmental Protection Agency plus. City of Vernon Page 1 12/9/03 CONFIDENCE TRC-EASI has maintained working relationships with a large number of clients for 25 years because we understand their needs and continue to build upon them through the principals of communication, accountability, and our commitment to provide the absolute best project results. Our team will brainstorm and work thoroughly with the City's staff to understand and address key issues. Our technical expertise on current and future security technology, equipment and engineering capabilities in regards to systems design and implementation allows us to make the most appropriate and detailed recommendations to improve existing physical security measures, emergency response planning and training. Our knowledge of the local conditions, contractors, threats, vulnerabilities and other critical security and emergency response needs and capabilities will result in the most thorough, accurate, constructible and affordable security vulnerability assessment for the City. Our multi - disciplined team assures the City a professional services resource pool that has broad capabilities, beyond security and in areas that either affects or could be affected by proposed security upgrades. This broad capability skill set enables the TRC-EASI team to address any issue that could be practically confronted during the course of this work. COMPANY INFORMATION Identification of Responder TRC-EASI Legal Name and Address of the Company TRC-EASI 21 Technology Drive Suite 200 Irvine, CA 92618 Legal Form of Compan Subsidiary Identification of Parent Company TRC 21 Technology Drive Irvine, CA 92618 Contact Gregory W. Brandon, Director 21 Technology Drive, Suite 200 Irvine, CA 92618 949/341-8204 FAX 949/341-0374 City of Vernon Page 2 12/9/03 FOCUS on management Practices TRC-EASI is set up to respond to clients in a vital and cost effective manner. Focus on project management practices will assure that the project will meet the time schedules, budget and performance requirements. This core capability assures the City that appropriate professional experience and team credibility are being applied to this project. The project team is functionally organized to address the activities needed to achieve the objectives and responsibilities of the project. TRC-EASI can and will dedicate the necessary resources for successful and timely project completion. A RAM-W certified project manager with relevant expertise and experience is assigned to each activity. The project manager is responsible for ensuring that the assigned tasks are conducted with quality. Fueus an Ourafitw Assurance The City's security vulnerability assessment requires our utmost care and attention, and therefore will receive a formal quality control process. TRC-EASI has an established internal quality assurance practice that requires work products to be reviewed by an independent, senior member of the project team. That senior member of the staff is identified as the person responsible for quality control and is not assigned any efforts associated with that project task. The project manager and the Quality Control Director jointly develop a list of interim work products, which will be reviewed for quality, and the level of review required. As each work product is drafted, the Quality Control Director reviews it and then generates an internal memo providing comments back to the technical leads. The work product is updated by the responsible analyst and resubmitted for quality control review. The review process is repeated until the person Quality Control Director verifies completion of the work product. The same review process is applied to all deliverables to the client. All deliverables must receive an authorization from the person responsible for quality control to be released to the client for review. Documentation for the review process is created and maintained with the project files. City of Vernon Page 3 12/9/03 FOCUS an ouanty Central Given the security sensitive nature of the proposed effort, we have augmented our quality control program with security requirements to ensure that high quality services and products do not present any measurable risk to the District. Our Quality Control and Security Program includes written office policies and procedures that specify the control of security -sensitive information. Only project team members that have been trained in the control of security - sensitive information, and have signed commitment forms are allowed access to security - sensitive information. The Quality Control Director manages control of both paper -based and electronic -based security -sensitive information. Paper -based security -sensitive information is maintained in a safe with electronic keypad lock and 2-hour fire protection, is signed out by the Project Team Member and is returned after use. During direct usage, information accessibility is limited and under constant control by the responsible project team member. All drafts are destroyed, and upon completion of the project all documents obtained from the district are returned. meefinnalwarkANDS We realize communication is extremely important in order to understand and address the City's key issues during the Security Vulnerability Assessment. Throughout the scope of the entire project we will schedule meetings and workshops so as to consistently review options and comments with the District in order to address any and all questions, or concerns, in the decision -making process. These meetings will be valuable regarding the City's input, and involve members of the City's staff to familiarize themselves with the process and to learn key points that will be addressed during the vulnerability assessment. The knowledge gained during these meetings will serve the City's staff well after the new security concepts are developed and implemented. Pruiett ev" & %tus Reuwt A more refined project schedule will be presented to the District at the kick-off meeting that will highlight all tasks, sub -tasks, reviews and major milestones that reflect TRC-EASI's understanding of the Security Vulnerability Assessment. The project schedule will guarantee each task is assessed with the greatest amount of focus and care possible. It sets the pace of the project, identifying each separate milestone that is reached by completing each specific task. The schedule is reviewed consistently to determine if the current pacing is in the best interest of the District. If the pace is not meeting the expectations of the project schedule, adjustments are made immediately to ensure the success of the project meeting its goals. The project schedule is updated monthly and will be submitted monthly, with the Status Report. status RMONU Key accomplishments and milestones will be generated in monthly Status Reports in narrative form. Progress that has been achieved with each task will be detailed in the report, as well as the work expected to be accomplished with the next task and time frame. This is an excellent tool that enables the District to observe the pacing of the project, track goals that are met and accomplished and maintains open communication throughout the life of the project. City of Vernon Page 4 12/9/03 project stafflaft Staffing is truly essential to create a successful team. TRC-EASI has assembled a highly trained, highly qualified, and highly experienced team to successfully complete this project. Each staff member who makes up our team is an integral part of the success of the vulnerability assessment. Proper staffing is critical to assess each and every task. scuriw cuu$ulfluff & Bedan smiees TRC-EASI is best known for its award -winning Security Consulting and Design Group. We have provided Integrated Security System Design, Management and Architectural Planning services for over two decades. Our approach to water facilities security system design is based on our success and on similar types of projects. If project budget allows, we can submit initial Conceptual Designs for the Security Enhancement Phase, in which TRC-EASI will review the findings and recommendations (deficiencies) of the Vulnerability Assessment, discuss/define/refine project scope and security philosophy as appropriate. We will review any architectural and engineering plans, specifications and other information regarding the facilities requirements, and determine the extent to which the security measures should integrate with other systems. Furthermore, our technology design is provided through a core group of experienced, full time security consultants; therefore, we are familiar with the necessary standards for good equipment selection, and the results of a successful selection process. Proper security design and equipment selection can avoid the following results: • Increased system cost. • An inadequate and inflexible system. • A system that will be outdated in only a few years. • A system that locks the District into an unacceptable relationship with a single manufacturer or vendor. • A system that is difficult to maintain • A system that is difficult or costly to expand. Security systems should be integrated to provide a cohesive user -oriented interface with minimal requirements for manual control and operation. A comprehensive security system with automatic system responses will lower security -staffing requirements and shorten both training and response intervals. Lower risk/higher reliability security is achieved at lower recurring costs. City of Vernon Page 5 12/9/03 TRC-EASI provides Integrated Security System Consulting, Design, Management and Architectural Planning services through a core group of full time security consultants. The following is an abbreviated list of services offered: Integrated Security Systems Design • Engineered Plans and Specifications • Bidding and Negotiation Assistance • Installation Quality Review • Acceptance Testing • As -Built Documentation Security Management Consulting • Security Vulnerability Assessments • Emergency Response Plans and Updates • Programming and Master Planning • Security Program Consulting • Proprietary Information Protection Programs • Due Diligence • Crisis Management & Disaster Recovery Programs Security Architectural Planning Services • Perimeter Fencing • Crime Prevention Through Environmental Design Consulting (CPTED) • Security Monitoring Rooms Security Techikoka-l" Sw6med Security Systems Integration • Alarm Systems • Access Control Systems • Photo Identification Badging Systems • CCTV Systems • Digital Video Systems • Security Intercoms • Duress Voice Communications Systems • Critical Systems Alarms • 2-Way Radio Communications Systems • Computer Aided Dispatch Systems Access Control Systems • Identification Badge Technologies • Visitor/Temporary Contractor Badging Systems • Vehicle Access Control Systems • Elevator Access Control • Electronic Turnstiles Alarm and Detection Systems • Fire Alarm Systems • Duress Alarms • Weapons Detection Systems • Explosives Detection Systems City of Vernon Page 6 12/9/03 • Door/Window/Portal Status Monitoring • Critical Systems Status Monitoring • Volumetric Motion Detection • Video Motion Detection • Central Station Alarms Closed Circuit Video Systems • Analog and Digital Video Cameras • Digital Storage and Transmission Systems • Switchers, Multiplexers, Quad Display Technologies • Video Storage Technologies • Video Archiving Systems • 6.EvidanrP Resourcing and Enhancement Systems Security Intercom Systems • Emergency Phone Stations • Threshold Audio Monitoring Systems • Master Station Console Integration • Single/Multiple and Networked Exchanges • Fiber -Optic Interfaces • High Security and High Aesthetic Intercom Stations • High Noise Environment Stations Audio/Video Recording Systems • CCTV and Related Audio • Audio Logging Systems • Telephone • CCTV Related • 2-Way Radio • Security Intercoms City of Vernon Page 7 12/9/03 rac TRC-EASI is an interdisciplinary team of professionals with advanced certifications and credentials in all relevant fields of Engineered Automotion Systems, Incorporated security, security design and water engineering. Our multi- disciplinary team provides the City with a highly professional partner that has broad capabilities, beyond security, and in areas directly relevant to crafting an effective and efficient security vulnerability assessment. Mr. Robert Smith, P.E., CPP, CEM, RAM-W will be the Principal in Charge. Robert has twenty five years of project experience utilizing a unique skill set spanning mechanical, electrical and SCADA systems coupled with security risk assessment and security design skills and training, as vJCli as supervising the (ie$IgiiS of vJuter 1CtdUreiiS,dstib'uoia. 1iin d-1, ml treatment systems. He has overall responsibility for all aspects of the project. James Black, CPP, PSP, RAM-W is the lead project manager for vulnerability assessments, related tasks and will be involved in day-to-day activities and responsible for task assignments and oversight of other team members. James has ten years experience specializing in threat and vulnerability assessments and also with planning, design, construction and implementation of security, CCTV, access control, fire alarm, audio/visual, and special -function, low voltage control systems. The Complete Project Team follows: Robert Smith, P.E., CPP, CEM, RAM-W, Principal. Senior level project management, quality control/assurance, Scada System review, design assistance, review, commissioning and quality control services. 25% of time available for this project versus current work load. James Black, CPP, RAM-W, Senior Security Consultant, Project Manager. Site assessments report writing, peer review, client -meetings, and coordination of all aspects of documentation, implementation, scheduling, inter -discipline coordination and quality control. 50% of time available for this project versus current work load. Keith Kushner, RAM-W, Quality Control Director and Technology Expert. Participate in security technology application and quality control/assurance. 15% of time available for this project versus current work load. David Hill, Senior Project Engineer. Provide specialized services in the design of water distribution systems, deep ground water wells, pumping stations, filter plants, waste water treatment facilities, pressures systems and SCADA systems. Estimated contribution to this project 15% versus current workload. Lawrence B. Joffe, Senior Water Consultant. Provide expert chemical engineering and water expertise for this Project. 20% of time available for this project versus current work load. Stephen A. Dopudja, Director of Water Resources. Provide expert water resources engineering and management versus current work load. City of Vernon expertise for this Project. 20% of time available for this project Page 8 12/9/03 CONSULTANT FUMES Jim Black, CPP Project manager Trained and Certified in the Sandia RAM-W Methodology Ten years experience specializing in security vulnerability assessments and planning, design, construction and implementation of security, CCTV, access control, fire alarm, audio/visual, and special -function, low voltage control systems. Special expertise in security system integration, working with design teams, and estimating. Project Management, master planning, design development, construction documentation, construction administration and commissioning of security systems, monitoring, access control, video surveillance, network fiber optic infrastructures and communication systems projects. Special expertise in multiple entity coordination, design team interface and security planning. Practical background in specification/design of video security systems, system integration, end user relations/presentations and project management. • Hyperion Wastewater Treatment Facility • Western Municipal Water District • Moulton Niguel Water District • Sonoma County Water District • Santa Margarita Water District • Orange Water District • Mesa Consolidated City of Vernon Page 9 12/9/03 David Hill I Senior Project Engineer, SCADA Twenty-six years experience in mechanical system design, retrofit and optimization of existing mechanical systems. He is responsible for preparation of engineering plans and specifications for mechanical systems. Responsibilities include building envelope heating/cooling load calculations; layout and sizing of HVAC and hydronic piping systems; preparation of mechanical details, control diagrams, equipment layout; selection and scheduling of equipment; and review of contractor's shop drawings. Comprehensive knowledge of industry references and codes such as UBC, NFC, UMC, ASME B&PV and piping codes and ASHRAE. Preparation of engineering plans and specifications for building automation systems for HVAC controls, mechanical design and energy conservation design including building envelope heating/cooling load calculations, building audit and retrofit strategies. Responsible for design and construction on various projects. Systems designed include: HVAC, water distribution, automatic control logic, emergency power distribution, fire suppression systems, detection, monitoring and control systems. SCADA Projects: o City of Huntington Beach, Pumping Stations. Ground water pump(s) control, flow monitoring, chlorination system, alarms flow control. Phone/modem and telemetry signalization. o San Diego Gas & Electric Company. City of San Diego Municipal water distribution pump controls for flow demand. Telemetry. o Arabian American Oil Company, Dhahran, Saudi Arabia. Deep well groundwater pumps control and flow monitoring. Telemetry. Incoming crude oil emergency control valves. Telemetry. City of Vernon Pagel 12/9/03 City of Vernon Project Description: Completed Vulnerability Assessment for the District. Performed a complete assessment utilizing the Sandia National Laboratory RAM-W Methodology, reviewed existing security measures, and recommended upgrades to security/ technology, policies/procedures. Currently providing specifications and construction drawings, assisting in the bidding process and providing construction management for security technology upgrades. Project Description: Completed Security Vulnerability Assessment to determine the critical facilities and assets, reviewed existing physical security, and made recommendations to upgrade security technology, policies/procedures, specifications and construction drawings, administer the bidding process and provide construction management for security technology upgrade. Currently updating the Emergency Response Plan, recommended policy and training practices. Providing specifications and construction drawings for security technology upgrade. Page12 12/9103 Proiect Description: er, comprehensive ,urity Design and detailed site te, remote tanks and pumping t Los Angeles. anges to the Emergency i policy and training practices, i, and commissioning. Project Description: Complete Security Vulnerability Assessment to determine the critical facilities reviewed existing physical security, and make recommendations to upgrade security technology, policies/procedures. Currently updating the Emergency Response Plan, recommended policy and training practices. Providing specifications and construction drawings for security technology upgrade. City of Vernon Pagel 3 12/9/03 Project Description: Currently providing a 100% complete Vulnerability Assessment as mandated by the EPA to provide assessments of the City's drinking water. Performed a complete assessment utilizing the Sandia National Laboratory RAM-W Methodology. Currently updating the Emergency Response Plan, recommended policy and training practices. Providing specifications and construction drawings for security technology upgrade. Project Description: Performing a comprehensive facilities assessment of threats, vulnerabilities and security environment which characterizes existing security policies, assets and protection features, and defines expected threats, criticality and consequences of loss for four (4) bridges, a rail transit system, a port facility, a ferryboat, and its docking terminals. Involvement by Consultant: Studying alternatives and develop detailed recommendations for security countermeasures to address facility and site vulnerabilities. Probable construction budgets will be developed to assist planning the implementation of these recommendations. Creating a "Summary Report" delineating the threat and vulnerability assessment results, recommended countermeasures, budgets and other pertinent information. This plan will serve as a "blueprint" for successful implementation of enhanced security countermeasures. Creating a set of detailed Plans and Specifications that address the implementation of "short term protection recommendations" presented in the Summary Report, to be used as a basis for a construction bid solicitation. City of Vernon Page14 12/9/03 APPROACH The City of Vernon (CITY) is seeking a security vulnerability assessment of its water systems, which includes transmission storage, distribution and treatment facilities. The City's water system serves a population of about 45,000 and operates nine wells, 3 booster pumping stations and 6 ground level reservoirs as well as one below ground reservoir, one elevated tank and 4 backup power generators, with total storage capacity of 16.75 million gallons. TRC-EASI's vulnerability assessment will consist of developing a security strategy and comprehensive project plan by balancing industry standards with the City's facilities specific conditions while also utilizing RAM-W AWWARF/ Sandia National Laboratories Vulnerability Assessment Methodology. Specified by the City, the following process and methodology meets the requirements of the EPA mandated Security Risk Assessment, and exceeds those requirements by additionally providing a means of evaluating the deployment of resources based on the ranking of critical assets. I. Scope of Work A. TASK 1— Planning the Vulnerability Assessment: The Vulnerability Assessment is performed by an assessment team that combines local knowledge of the water system with local knowledge of real threats faced by the City of Vernon. This means local city management, utility operations, law enforcement, the city attorney, emergency planners and others can be intimately involved in the assessment process. The planning process includes: 1. Meet with the city officials and other water system stakeholders to review project scope, objectives and strategy and form the assessment team. 2. Review existing operational procedures with assessment team either in team meetings or as individual in-depth interviews. 3. Review the water system mission(s) and prioritize customers (e.g., hospitals, fire fighting, constant water supply, critical industries, etc.) 4. Inspect all facilities in detail with city personnel. 5. For each facility, identify and record the process equipment, command and control systems, existing security measures, key personnel, and key outside utilities and materials providers, such as electric, gas and chemicals. 6. Identify operating and management practices to achieve mission objectives B. TASK 2 - Threat Assessment and Characterization To determine the vulnerability of a facility, real threats must be considered and their consequences considered. Impacts to public health, economic impacts, and public confidence need to be considered for each possibility for service disruption. The assessment team will determine the threat spectrum from which the city needs to be protected. Steps to determine the threat spectrum are: City of Vernon Page15 12/9/03 1. Research public and open source information to determine possible threats against facilities. 2. Research the City's historical records of incidents and potential threats. 3. Research local law enforcement records and evaluations of potential and actual threats, such as FBI, Internet sources, private/facility security, InfraGard, and relevant Information Sharing and Analysis Centers (ISAC). Threats to be considered include: Outsider Threats • Identify potential Outsider Adversaries. Examples: terrorists, protestors, activists, disgruntled ex -employees, extremists, criminals, computer hackers, or vandals. For e nb n,ifS;A,-v A d`.'ervnr , ;Al "f;Ar their ex^ected nttribiiteS. Fxamr�leS: AT,µmber of Vl V{A- VIAL. J{A11 Vai411' tJ r attackers, technical knowledge, motivation, tactics, equipment/tools, weapons, transportation, intelligence gathering skills, financial resources, potential collusion with insiders. • For each Outsider Adversary, identify the expected method(s) of attack. Insider Threats • Identify expected insider adversaries. "Insiders" are employees or vendors who may seek to damage the Utility. Examples: Insider terrorist, criminals, revenge, abnormal (psychotic) behavior. • For each Insider Adversary, identify their expected attributes. Examples: Potential for active or passive role, access to critical assets, access to security system, access to SCADA control, and opportunity for sabotage, violence or collusion. • For each Insider Adversary, identify the expected method(s) of attack. Cyber Threats • General: both insiders and outsiders may attempt Cyber attacks. They receive special consideration because they can access the facility remotely. • Identify possible sources of cyber attack, including physical attack on equipment or infrastructure by hackers, hacker coalitions, foreign intelligence, and organized crime. C. Task 3 — Site Characterization and Vulnerability Identification Determine the relative importance of all assets at all facilities, based on their importance to the city's mission. This process establishes and ranks primary objectives, and allows the Team to determine which facilities require the most immediate focus of attention and resources (critical assets). 1. Identify and describe each individual asset in each facility, including external assets critical to the operation of the facility. 2. Describe operations for all assets for each facility. 3. Prioritize critical facility assets and processes. 4. Identify the weak points in each facility, which will require protection or mitigation plans (critical assets). 5. Identify single points of failure in the equipment and processes. City of Vemon Page16 12/9/03 6. Determine means and methods for operational mitigation of process failure. D. TASK 4 — Consequence Assessment The purpose of this task is to identify and prioritize adverse consequences, which are to be avoided. The potential consequences can include illness or death, economic loss and denial of service, for example. The following steps are taken: 1. Develop measures of consequence. 2. Develop a site -specific consequence matrix ranking consequences as very high (WMD), high, medium or low. 3. Idelltll.' VV11J%'%I" lie -"XI AVO fvr privritIL"LIU11. E. TASK 5 - System Effectiveness and Risk Analysis In this task, the effectiveness of the existing physical protection systems and operational policies is analyzed for each facility to prevent undesired events (loss of critical assets). For each facility, identify weaknesses in the facility protection systems, and develop the most vulnerable adversary strategies and scenarios, related to each critical asset. These scenarios would take advantage of the lowest levels of early detection and shortest delays to penetration. 1. Physical Protection: Estimate the System Effectiveness for each scenario, using High, Medium, and Low levels of effectiveness. 2. Operational Policies and Procedures Protection: Estimate the effectiveness of policies and procedures for each scenario, using High, Medium, and Low levels of effectiveness. 3. Overall System Effectiveness: List the Overall System Effectiveness for each scenario. (Lowest value of detection, delay and response). 4. List Facility Vulnerabilities, based on the weaknesses revealed by the above process. 5. Determine relative risk to assets and prioritize to determine which need to be addressed soonest. F. TASK 6 — Risk Reduction This process assesses the level of protection afforded by existing security system's physical protection features, policies and procedures, and evaluates the effectiveness of those measures in meeting security objectives. Then additional countermeasures are identified to increase protection of the most vulnerable assets. Steps include: 1. Existing countermeasures characterization 2. Survey each facility to determine the location of critical assets, and physical and electronic protection features. 3. Research, identify and review security, emergency operations, and operating policies and procedures. 4. Create a drawing for each facility, showing assets and existing means of protection. City of Vernon Page17 12/9/03 5. Re -determine relative risk based on upgraded countermeasures. Risk is reduced by increasing the system effectiveness and/or decreasing the consequences. System effectiveness can be increased by increasing the Physical F Protection Systems (PPS) and changes to organizational policies related to security. Such actions could include, but may not be limited to, the following: • Increase security against unauthorized access to facilities (i.e. improve doors and locks, add or improve fencing, enclose or bury presently exposed piping) • Add or improve provisions for detection of unauthorized entry to facilities (i.e. alarm systems, video surveillance, patrols) T 1 1 f'1 /'� T A / 1__ • Protect ille centraS A I system agaltlst cyOer-attacks- • Modify system components to reduce the possibility of contaminants being introduced through such components (i.e. tank vents, hydrants on major pipelines) ' z • Improve monitoring via computer -based automated system(s) to allow quicker detection of abnormal conditions that may be indicative of an attack or other emergency (i.e. abnormal pressures or flow rates; or sudden 11 changes inflows or pressures, at key points throughout the system). G. TASK 7 - Analysis, Report and Risk Reduction Plan Create the Vulnerability Assessment Report, which will include: 1. Analysis of critical assets, operations, consequences and existing countermeasures to determine existing risk levels 2. Analysis of existing threats and determination of threat spectrum 3. Recommendations to reduce existing risks 4. Documentation of information gathered and analytical procedures H. Task 8 - Emergency Operations Plan (EOP) TRC-EASI will update the City of Vernon's Operations Plan to include the following: 1. Obtain and review the existing City of Corsicana's Emergency Response Plan 2. Identification of malevolent hazards from VA 3. Management of the impact of hazards, through response, recovery and remediation 4. Maintenance of service plan 5. Alternate water sources 6. Development of training and exercise programs to ensure the smooth implementation of emergency plans and procedures. 7. Notification list and procedure 8. Contaminated water sampling methodology 9. Water sample lab analysis matrix City of Vernon Page18 12/9/03 rr PROPOSED FEE A. Fee Schedule: Based on the Scope of Work described herein, TRC-EASI's proposed Not to Exceed fee is $18,980.00. Travel Expenses are inclusive. PHASE FEE Vulnerability Assessment $14,660.00 Emergency Response Plan $4,320.00 TOTAL $18,980.00 B. The City of Vernon will be notified in writing whenever supplemental services are necessary. Verbal direction by the City of Vernon to proceed with the requested work after notification by TRC-EASI for supplemental services will constitute an agreement to provide additional compensation for these supplemental services. Supplemental services and time charged services are billed monthly at our standard hourly rates. Principal $150.00/hour Senior Security Consultant/Project Manager $135.00/hour Quality Control Director/Technology Expert $135.00/hour Senior Project Engineer $135.00/hour Water Consultants $125.00/hour Administration $ 50.00/hour CONDITIONS C. Invoices are due and payable 30 days after issuance. D. We provide the following insurance coverage: Professional Liability $1,000,000 with $15,000 deductible General Liability $1,000,000 Automobile Liability $1,000,000 Workers Compensation Per Statute Employer Liability $ 500,000 _ m 'J �_ �m m m n `� 80 m z C)m D "3 zz m o - �m z m 0� �o � inZT 5 uM Zo i <� D znj v o cn o v+ 3 164 2 rn w m v► cn Z O N O N -i j n m m cn z° n -n crn o rn -rCi A c ;+ o 0 121 NI �II� IIII�II Ilnul� ��III IIIIIII IIIIIIII �I III . av m 0 � m z� m' Nm i� m v 0 0 w i z 1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 EXHIBIT D INSURANCE SCHEDULE TRC EASi shall provide proof of insurance, including a standard certificate of insurance, in at least the following amounts and coverage (combined single limit permitted): I. Coverage and Limits Hazards Automobile Liability Bodily InjurX Property ert Damage Each Person Each Accident Each Accident Owned Automobiles $ 500,000 $1,000,000 $ 500,000 Hired Automobiles $ 500,000 $1,000,000 $ 500,000 Non -Owned Automobiles $ 500,000 $1,000,000 $ 500,000 Workers' Compensation $ Statuto_ry Employers' Liability $1,000,000 per employer II. Liabili General Liability $1,000,000 $2,000,000 $1,000,000 Premises Operations $1,000,000 $2,000,000 $1,000,000 Elevators (if applicable) $1,000,000 $2,000,000 $1,000,000 Independent Contractors $1,000,000 $2,000,000 $1,000,000 Products - Completed Operations $1,000,000 $2,000,000 $1,000,000 Contractual Liability $1,000,000 $2,000,000 $1,000,000 Professional Liability $2,000,000 $2,000,000 $2,000,000 a. The general liability policy shall contain the following special endorsements which shall be noted on or attached to the standard certificate of insurance: 1. An endorsement naming the City of Vernon, its officers, and employees as additional insureds under the policy. 2. An endorsement providing the City of Vernon thirty (30) days notice of cancellation or material reduction of coverage. 3. An endorsement providing coverage for all operations under this Agreement. 4. Such other endorsement as may be required by addendum hereto. b. In addition to the standard certificate of insurance, proof of liability coverage shall be furnished in the form checked below. X For each policy, a notarized letter from the underwriter or carrier certifying that the coverage and statements in the standard certificate of insurance (attached thereto) are true and correct and that the signator is an officer authorized to so certify. OR A copy of each policy certified by an officer of the underwriter or carrier and notarized. City will not accept the above proofs of insurance when certified by an insurance agent or broker. EXHIBIT "D