1. Purpose and Scope
This reference defines the safety, security, and compliance framework for GridCore campuses. It is not a final safety manual, security plan, regulatory determination, compliance certification, permit filing, emergency response plan, cybersecurity plan, insurance document, or legal opinion.
It is intended to structure project-specific development of safety programs, security programs, compliance registers, emergency response plans, site rules, training programs, audit routines, and corrective action processes. Final implementation is project-specific and must be developed by qualified practitioners with appropriate regulatory, engineering, legal, and operational authority.
2. Framework Premise
GridCore campuses may integrate electrical generation, medium-voltage distribution, complex cooling systems, fuel handling, high-density compute environments, carrier infrastructure, and occupied customer spaces within a single operating boundary. Risks emerge from the interaction of electrical, mechanical, thermal, security, construction, environmental, customer, and human systems — not from any single system in isolation.
Safety and security must be designed into access control, work planning, load release, operations, maintenance, vendor management, visitor handling, and incident response. Compliance is not a static checklist — it is a governed operating process requiring ownership, evidence, review cadence, and corrective action.
3. Safety, Security & Compliance Domains
| Domain | Purpose | Typical Program Owner | Project-Specific Variables |
|---|---|---|---|
| EHS governance | Safety leadership, program management, incident tracking | EHS lead / site manager | Regulatory jurisdiction, site scale, contractor interface |
| Permit-to-work | Control hazardous and high-impact work activities | Operations / EHS | Work types, approval authority, cross-permit coordination |
| Lockout/tagout | Control hazardous energy during maintenance | Maintenance / EHS | Equipment types, group LOTO procedures, customer equipment |
| Electrical safety | Protect personnel from electrical hazards | Electrical engineering / EHS | Voltage levels, arc flash study, qualified person definition |
| Construction safety | Manage hazards during active construction phases | Construction manager / EHS | General contractor requirements, concurrent operations |
| Fire/life safety | Protect life and property from fire and related hazards | Facilities / EHS / security | Suppression type, occupancy, AHJ requirements |
| Emergency response | Structured response to on-site emergencies | Site leadership / EHS | Scenario types, local emergency services coordination |
| Hazard communication | Identify, document, and communicate chemical/process hazards | EHS / facilities | Chemical inventory, SDS program, label standards |
| Environmental compliance | Manage site environmental obligations and permits | EHS / permitting team | Jurisdiction, permit types, stormwater, air, water |
| Fuel/gas safety | Control hazards from generation fuels or gas systems | EHS / plant operations | Applicable only where generation or gas systems are in scope |
| Process safety review | Evaluate risk from high-consequence chemical or energy systems | EHS / engineering | Applicable only where PSM thresholds or similar triggers apply |
| Physical security | Perimeter, access, credential, and monitoring controls | Security operations | Customer requirements, regulatory requirements, threat level |
| Visitor access | Control and record visitor presence on campus | Security / operations | Visitor categories, escort rules, tenant-controlled spaces |
| Contractor management | Qualify and manage vendor/contractor safety performance | Operations / EHS / procurement | Prequalification standards, insurance, work authorization |
| OT cybersecurity | Protect operational technology systems and controls | OT/controls team / IT security | System scope, remote access model, vendor access |
| Corporate IT cybersecurity | Protect corporate information systems and data | IT security | Separation from OT, tenant boundaries, endpoint standards |
| Tenant security interface | Define boundary between campus and tenant security controls | Operations / security / tenant | Customer requirements, lease/contract terms, access rights |
| Incident reporting | Capture, investigate, and learn from adverse events | EHS / operations | Reporting tiers, regulatory obligations, customer notification |
| Audit and corrective action | Verify program performance and close gaps systematically | EHS / management | Internal vs. external audit cadence, corrective action tracking |
| Training and competency | Ensure all personnel are qualified for their roles | EHS / operations / HR | Role-specific training, refresher cadence, authorization records |
| Documentation control | Maintain and control safety and operating records | Operations / EHS | Record retention, version control, site rules |
4. EHS Governance
Effective EHS governance begins with visible leadership and clear role assignments. The site safety plan should define who owns safety, who has authority to stop work, how contractors are managed, how incidents are reported, and how corrective actions are tracked to closure.
Key governance elements include safety orientations for all personnel entering the site, toolbox talks for ongoing work crews, near-miss and safety observation programs, management review of leading and lagging indicators, and defined interfaces between construction and operations teams during concurrent activity phases. Corrective action tracking must include owners, due dates, and verification of closure — not just documentation of the finding.
5. Permit-to-Work Framework
The permit-to-work system is a formal control for hazardous or high-impact work. PTW is not a paperwork exercise — it is a communication and verification mechanism that ensures work is planned, hazards are identified, appropriate controls are in place, and the right people have authorized the work before it begins.
| Work Type | Typical Permit Requirement | Required Review | Closeout Evidence |
|---|---|---|---|
| Electrical work (de-energized) | PTW + LOTO | Qualified electrical supervisor | Energy isolation verification, LOTO restoration record |
| Energized electrical work | PTW + energized work permit where allowed | Qualified electrical engineer / safety | Signed work record, PPE compliance |
| LOTO | Energy control procedure + PTW reference | LOTO coordinator + supervisor | Zero energy verification, lock removal records |
| Hot work | Hot work permit + fire watch | Safety officer / operations | Fire watch duration, area inspection after work |
| Excavation | Excavation permit + locate clearance | Site engineer + utilities | Locate records, shoring verification, backfill inspection |
| Confined space | Confined space permit + atmospheric testing | Qualified confined space supervisor | Entry log, exit count, atmospheric readings |
| Lifting/crane | Lift plan + PTW reference | Rigging supervisor + engineer for critical lifts | Rigging inspection records, lift plan approval |
| Work at height | Height work permit + fall protection plan | Safety officer + supervisor | Fall protection inspection, rescue plan verification |
| Fuel/gas work | Gas work permit + isolation + detection | Plant engineer + EHS | Isolation confirmation, atmospheric tests |
| Fire system impairment | Impairment permit + fire watch | Facilities + AHJ notification if required | Restoration record, system test, AHJ closeout if required |
| OT/control system work | Change management authorization + PTW reference | Controls engineer + operations lead | Change record, system test, operations sign-off |
| Restricted area work | Area access permit + work authorization | Security + operations | Access log, area inspection, access revocation |
6. Lockout/Tagout and Energy Isolation
Hazardous energy control is a non-negotiable safety requirement at GridCore campuses. The complexity of energy isolation increases where campus power systems, customer equipment, UPS/battery systems, and cooling systems operate in proximity. Group LOTO procedures must be established for maintenance activities that involve multiple workers or multiple energy sources.
| Energy Source | Isolation Consideration | Verification Requirement | Interface Risk |
|---|---|---|---|
| MV electrical | Switchgear open/locked, upstream verified | Test-before-touch, phase-by-phase verification | Campus/customer boundary coordination |
| LV electrical | Breaker open/locked, PDU/panel isolation | Voltage test, panel inspection | Multiple supply paths, customer-side feeds |
| UPS/battery | UPS bypass required before isolation, battery disconnect | Output voltage test, bypass verification | Stored energy release, bypass bus energization risk |
| Mechanical rotating equipment | Motor starter lockout, valve isolation | Zero-speed confirmation, de-energization test | VFD bleed-down time, mechanical brake verification |
| Pressurized fluid systems | Valve isolation + pressure bleed | Pressure gauge to zero, vent verification | Residual pressure in long runs, trapped fluid |
| Fuel/gas systems | Valve isolation + purge where required | Gas detection, pressure test | Gas detection equipment, purge duration requirements |
| Thermal energy | Fluid isolation, temperature normalization | Temperature verification | High-temperature fluid burns, steam systems |
| Control circuits | Control power isolation, CPU/controller lockout | Signal test, output verification | Interlocks overriding isolation, remote commands |
| Customer equipment | Customer notification + joint isolation | Customer sign-off, state confirmation | Customer SLA impact, coordinated shutdown timing |
7. Electrical Safety
GridCore campuses operate medium-voltage distribution systems, complex low-voltage power paths, UPS systems, and in some cases generation assets. Electrical safety must be treated as a first-priority operating discipline, not a documentation exercise.
Key program elements include definition and documentation of qualified persons, current arc flash hazard analysis with labeled equipment, established approach boundaries, PPE matrix by task and voltage level, formal switching procedures, energized work restrictions with appropriate approval authority, test-before-touch requirements, grounding and bonding standards, relay/protection settings documentation, maintenance windows, and emergency switching procedures.
Load release should be treated as an electrically controlled operation — not a commercial or schedule decision made independently of the electrical safety program. The applicable project codes, standards, AHJ requirements, and utility interface rules are project-specific determinations.
8. Fire and Life Safety
| Fire/Life Safety Element | Framework Treatment | Site-Specific Design Input | Operating Evidence |
|---|---|---|---|
| Detection | Addressable system, zoned to building/area | AHJ requirements, occupancy type, tenant spaces | Alarm test records, inspection reports |
| Suppression | Type selected by occupancy and risk | Water availability, chemical systems, special hazards | Commissioning report, flow tests, inspection records |
| Egress | Code-compliant exit routes, clear at all times | Occupancy load, construction phase changes | Inspection records, drill observations |
| Emergency lighting | Battery backup, exit sign maintenance | Power failure scenarios, generator interface | Test records, inspection reports |
| Hot work | Permit required, fire watch duration defined | Work area, adjacent materials, suppression impairment | Permit log, fire watch records |
| Fire watch | Active during impairment, post-hot work | Duration, qualified personnel, equipment | Watch log, hours recorded |
| Fire system impairment | Permit required, operations notified, fire watch active | AHJ notification requirements, tenant notification | Impairment log, restoration record |
| First responder access | Coordinated pre-incident, gate access plan active | Knox box, site map distribution, AHJ coordination | Coordination meeting records, site map version |
| Drills | Scheduled and unannounced, documented | Occupancy, tenant participation, construction phase | Drill records, corrective actions |
| Inspection/testing | Per AHJ, NFPA, or project requirements | System type, AHJ schedule, insurance requirements | Third-party inspection reports, test records |
Battery and UPS systems present specific fire hazards that should be addressed in the fire/life safety program where applicable. High-density lithium-based systems require analysis of suppression compatibility, ventilation, thermal runaway detection, and first responder coordination. Fuel and gas systems where present require parallel fire protection analysis and emergency response coordination.
9. Fuel, Gas & Generation Safety — Where Applicable
This section applies only where a GridCore campus includes on-site generation, gas supply, fuel handling, or related industrial systems. Not all GridCore campuses include generation. Where applicable, these systems require site-specific safety analysis, operating procedures, emergency response coordination, maintenance programs, and regulatory review.
Key considerations include gas supply hazard controls, fuel gas detection and ventilation systems, turbine or engine safety where applicable, fire protection design for generation areas, isolation valve locations, emergency shutdown procedures, noise and heat hazard management, maintenance access planning, and first responder coordination regarding fuel type, storage quantities, and emergency isolation.
10. Environmental Compliance Framework
| Environmental Topic | Campus-Level Consideration | Customer-Level Consideration | Evidence / Record |
|---|---|---|---|
| Stormwater | SWPPP, BMP maintenance, permit compliance | Customer construction or outdoor activities | Inspection reports, permit records, BMP photos |
| Air emissions | Generator permits, stack testing where required | Customer equipment exhaust where applicable | Permit, test records, fuel usage logs |
| Water use | Cooling water supply, process water, potable | Customer processes if applicable | Utility bills, permit records, water tracking |
| Wastewater | Cooling discharge, sanitary, process if applicable | Customer process discharge if applicable | Permit, discharge monitoring reports |
| Chemicals | Coolant inventory, fuel, cleaning chemicals, batteries | Customer chemicals in tenant spaces | SDS library, storage records, inspections |
| Waste | Solid waste, hazardous waste, e-waste disposal | Customer equipment waste, packaging | Manifest records, vendor documentation |
| Noise | Generator/cooling equipment limits, construction hours | Customer equipment outside limits | Baseline survey, complaint log |
| Spill prevention | SPCC plan where required, secondary containment | Customer fuel or chemical spills in tenant areas | SPCC document, inspection records, response reports |
| Construction controls | Erosion control, dust suppression, waste staging | Powered land customer construction activities | SWPPP, inspection records, contractor compliance |
| Environmental incident reporting | Regulatory notification requirements | Customer-caused incidents within campus boundary | Incident report, regulatory correspondence |
11. Physical Security Framework
| Security Layer | Purpose | Typical Control | Operating Record |
|---|---|---|---|
| Perimeter | Prevent unauthorized site entry | Fence, wall, berm, natural barrier, signage | Perimeter inspection log |
| Gate/access point | Control vehicle and pedestrian entry | Staffed gate, automated gate, intercom, barrier | Access log, shift reports |
| Visitor processing | Verify identity, log entry, issue credentials | Check-in station, ID verification, registration | Visitor log, sponsor records |
| Badge/credential | Authorize access to defined zones | Proximity card, PIN, biometric where used | Access event log, badge issuance records |
| Data hall / building access | Restrict entry to authorized personnel and tenant teams | Card reader, PIN, mantraps where deployed | Access log, anomaly reports |
| Critical infrastructure zones | Restrict entry to qualified personnel only | Multi-factor credential, escort, logged entry | Access log, authorization records |
| Delivery/logistics area | Control cargo and delivery vehicle access | Scheduled delivery, manifest check, driver credentialing | Delivery log, manifest records |
| CCTV | Record activity, deter unauthorized behavior | Fixed and PTZ cameras, recorded retention | Camera health log, retention schedule, incident pulls |
| Incident reporting | Document and escalate security events | Security incident form, escalation matrix | Incident log, investigation records |
| Access audits | Verify access assignments are current and appropriate | Periodic review of access lists | Audit report, corrective actions |
12. Visitor, Contractor & Vendor Controls
All visitors, contractors, and vendors must go through a documented access process before entering controlled areas of the campus. Pre-registration, identity verification, sponsor approval, safety orientation, PPE verification, escort assignment, and sign-in/sign-out records are expected baseline controls.
Contractors performing work on site have additional requirements beyond visitor access: work authorization, PTW where applicable, tool and equipment list, contractor safety documentation, and site safety orientation. Device and photography restrictions apply to all personnel and visitors. Removal from site for noncompliance must be a defined and supported procedure. Detailed visitor access procedures are addressed in the Visitor Access & Site Conduct Reference.
13. OT/IT Cybersecurity Boundary
Operational technology systems — including BMS, EPMS, SCADA, generation controls, fire/life safety systems, and access control — are operational infrastructure, not ordinary corporate IT endpoints. They must be treated with security disciplines appropriate to their criticality, availability requirements, patching constraints, and consequence of failure.
| System Domain | Security Concern | Boundary Control | Escalation Trigger |
|---|---|---|---|
| SCADA | Unauthorized commands, data manipulation, denial of service | Network isolation, jump host, MFA for remote access | Unauthorized login attempt, command anomaly |
| EPMS | Power metering tampering, load control interference | Separate network segment, access control, logging | Configuration change outside change window |
| BMS | Environmental setpoint manipulation, system disruption | Separate VLAN, vendor access restrictions, logging | Unauthorized setpoint change, alarm suppression |
| Fire/life safety monitoring | Alarm inhibition, false activation, system unavailability | Dedicated network, hardened endpoints, audit trail | Alarm system offline, unauthorized configuration change |
| Access control | Credential cloning, door release manipulation | Encrypted communications, audit log, tamper detection | Forced entry alarm, credential anomaly |
| CCTV | Recording gap, camera tampering, feed interception | Dedicated VLAN, encrypted storage, retention controls | Camera offline, storage failure, access event without video |
| Corporate IT | Data breach, ransomware, corporate network disruption | EDR, segmentation from OT, MFA, patch management | Malware detection, ransomware indicator, data exfiltration alert |
| Tenant networks | Lateral movement from tenant to campus OT | Physical and logical separation, no shared switch ports | Cross-network traffic anomaly |
| Customer portal/API | Unauthorized access to operational views | Authentication, RBAC, read-only access where possible | Anomalous access pattern, bulk data pull |
| Vendor remote access | Unauthorized vendor session, persistent access abuse | Session-limited credentials, MFA, logging, break-glass procedure | Unscheduled vendor connection, prolonged session |
Frameworks such as NIST guidance, IEC/ISA concepts, SOC controls, ISO programs, or customer-specific security requirements may be considered where applicable. This reference does not claim certification or compliance with any specific standard. Project-specific cybersecurity obligations must be determined by qualified security practitioners with appropriate scope and authority.
14. Compliance Register
A serious campus should maintain a compliance register or obligation register identifying applicable obligations, responsible owner, required evidence, reporting cadence, renewal dates, and open corrective actions. The register should be a living document reviewed on a defined schedule and updated when regulatory requirements, site conditions, or operating scope change.
| Obligation Area | Owner | Evidence | Review Cadence | Notes |
|---|---|---|---|---|
| Safety training records | EHS lead | Training completion records, sign-in sheets | Annual / role change | Refresher schedule maintained |
| PTW records | Operations / EHS | Permit log, completed permit archive | Monthly review, annual audit | Retained per project requirements |
| LOTO records | Maintenance / EHS | Energy control procedure log | Quarterly audit | Equipment-specific procedures current |
| Electrical maintenance | Electrical engineering / facilities | Test reports, maintenance records | Per maintenance plan | ARC flash labels current |
| Fire/life safety inspections | Facilities / EHS | Third-party inspection reports, test logs | Per AHJ requirements | Impairment log maintained |
| Environmental inspections | EHS / permitting | SWPPP inspections, permit reports | Per permit requirements | Regulatory submissions tracked |
| Security audits | Security operations | Access review records, penetration test results where applicable | Annual / triggered by incident | Remediation tracked |
| Incident reports | EHS / operations | Incident reports, OSHA logs where applicable | Monthly review, annual summary | Regulatory reporting confirmed |
| Contractor records | EHS / procurement | Insurance certificates, orientation records, PTW archive | Per project and contract renewal | Expired certificates flagged |
| Emergency drills | EHS / operations | Drill records, corrective actions | Per emergency response plan schedule | First responder participation tracked |
| Customer compliance deliverables | Operations / commercial | Customer audit reports, SLA records | Per contract terms | Customer obligations identified in agreement |
| Permit renewals | EHS / permitting / legal | Permit applications, renewal confirmations | Per permit expiration schedule | Advance renewal schedule maintained |
15. Incident Reporting and Corrective Action
| Event Type | Reporting Trigger | Immediate Action | Closeout Requirement |
|---|---|---|---|
| Injury | Any work-related injury or illness | First aid / medical response, scene preservation | Investigation report, corrective actions, regulatory report if required |
| Near miss | Any event with injury potential | Document and report within defined timeframe | Root cause, corrective action, lessons shared |
| Electrical event | Shock, arc flash, unplanned energization | Protect personnel, isolate if safe, notify EHS | Electrical investigation, equipment inspection, PTW review |
| Fire/life safety event | Fire alarm, fire, suppression activation | Evacuate, call fire department, incident command | System inspection, root cause, AHJ coordination if required |
| Environmental release | Spill, discharge, emission event | Contain if safe, notify EHS, document | Cleanup, regulatory notification if required, corrective action |
| Security event | Unauthorized access, theft, threat | Notify security, preserve evidence, restrict access | Security investigation, corrective action, law enforcement if required |
| Cybersecurity event | OT or IT anomaly, detected intrusion | Isolate affected systems, notify IT security | Forensic review, remediation, customer notification if required |
| Customer-impacting event | Power, cooling, connectivity, or security event affecting tenant | Notify customer, initiate response | Incident report, SLA review, corrective action |
| Contractor violation | Safety rule violation, unauthorized work | Stop work, document, notify site management | Corrective action, re-orientation, removal if warranted |
| Permit nonconformance | Work performed without required permit or outside permit scope | Stop work, document, investigate | PTW process review, corrective action, accountability |
16. Training and Competency
A qualified workforce is a prerequisite for safe and compliant campus operations. Training requirements must be defined by role and risk exposure, not applied uniformly. Authorization to perform controlled work — electrical, LOTO, PTW, confined space, crane operation, emergency response — must require specific qualification evidence, not just attendance.
Key training categories include site orientation for all personnel, electrical qualified person training, LOTO authorization, PTW issuer and receiver training, emergency response procedures, security escort training, contractor safety induction, OT/cybersecurity awareness for relevant roles, environmental procedures, and defined refresher cadences. Training records must be maintained and authorization to perform controlled work documented against the individual.
17. Emergency Preparedness
Emergency preparedness is not a document exercise. The campus must have an active emergency response plan, a trained and available emergency response team, working relationships with local first responders, documented evacuation routes and muster points, and tested escalation procedures.
18. Audit and Assurance
Internal audits should review program documentation, records, physical conditions, and operating practices against established standards. Audit findings must produce corrective actions with owners and due dates — not observations that disappear into a report archive.
Customer audits, where contractually scoped, must be managed within defined boundaries. Regulatory inspections must be coordinated with appropriate organizational authority. Insurance inspections may trigger recommendations that should be tracked as compliance obligations. Management review should include trends from audits, incidents, near misses, corrective actions, and customer feedback — and should produce visible leadership response.
19. Interface with Load Release
No load should be released unless the safety, security, and compliance prerequisites for that release are active. The safety program is a prerequisite to load release — not a parallel activity.
| Safety/Compliance Prerequisite | Load Release Dependency | Evidence Required |
|---|---|---|
| EHS program active | Blocking | Site safety plan signed, roles assigned |
| PTW/LOTO active | Blocking | PTW system operational, authorized personnel in place |
| Emergency response plan active | Blocking | ERP current, first responder coordination complete |
| Access control active | Blocking | Perimeter, gates, badges, and restricted zones operational |
| Fire/life safety systems commissioned | Blocking | Commissioning report, inspection record, monitoring active |
| Required permits/approvals in place | Blocking | Permit register reviewed, no unresolved blocking items |
| Electrical safety documentation complete | Blocking | Arc flash labels, switching procedures, qualified persons documented |
| Monitoring and alarm escalation active | Blocking | BMS, EPMS, alarm routing tested and verified |
| Customer responsibilities documented | Blocking | Tenant handbook or equivalent acknowledged |
| Operations teams trained | Blocking | Training records complete for assigned operators |
| Incident escalation matrix active | Blocking | Escalation contacts confirmed, notification paths tested |
This framework cross-references the Load Release & Readiness Review Reference for the complete load release gate model.
Framework Disclaimer: This reference describes a safety, security, and compliance framework only. Actual legal obligations, regulatory determinations, safety procedures, emergency response requirements, cybersecurity controls, environmental obligations, customer audit rights, and compliance evidence must be developed for each site and documented in approved project-specific materials. Nothing in this reference constitutes a safety certification, regulatory determination, or compliance confirmation.
Implementation Notice
This reference describes a framework model. It is not a substitute for project-specific engineering, permitting, interconnection approval, environmental review, safety review, legal documentation, procurement, commissioning, or operating procedures. All capacity, availability, timeline, and commercial terms are project-specific and subject to applicable approvals and agreements.