EXHIBIT A - TECHNICAL APROACH

OVERVIEW EasyLobby® Basic Installation

Data collection and configuration Visitor enrollment

Enrollment Devices

Authorized company employees EasyLobby eAdvance use the eAdvance software to web server (MS IIS) Camera pre-register a visitor through a simple web browser form Guard/Receptionist DL / passport uses the SVM software to register scanner and check in/out visitors Barcode scanner

Visitor badge printer

Administrator or Security Manager EasyLobby SQL/Oracle uses the Administrator software to set database server options and do monitoring/reporting

Kiosk User uses the SVM software in kiosk mode for visitor self check-in

© 2018 HID Global Corporation/ASSA ABLOY AB. All rights reserved. This document may not be reproduced, disseminated or republished in any form without the prior written permission of HID Global Corporation.

HID Global, HID, the HID Brick logo, the Chain Design and EASYLOBBY are the trademarks or registered trademarks of HID Global Corporation, or its licensors, in the U.S. and other countries. All other trademarks, service marks, and product or service names are trademarks or registered trademarks of their respective owners. PLT-03669 Rev A.0 EXHIBIT A - TECHNICAL APROACH

OVERVIEW EasyLobby® Architecture Overview

Data collection and configuration Visitor enrollment

Enrollment Devices

Authorized company employees EasyLobby eAdvance use the eAdvance software to web server (MS IIS) Camera pre-register a visitor through a simple web browser form Guard/Receptionist DL / passport uses the SVM software to register scanner and check in/out visitors Barcode scanner

Visitor badge printer

Fingerprint Administrator or Security Manager EasyLobby SQL/Oracle scanner uses the Administrator software to set database server options and do monitoring/reporting Card reader

Kiosk User uses the SVM software in kiosk mode for visitor self check-in

HR Manager Active Directory Server uses their HR management systems to or ODBC database source for enter employees into their database scheduled employee import

© 2018 HID Global Corporation/ASSA ABLOY AB. All rights reserved. This document may not be reproduced, disseminated or republished in any form without the prior written permission of HID Global Corporation.

HID Global, HID, the HID Brick logo, the Chain Design and EASYLOBBY are the trademarks or registered trademarks of HID Global Corporation, or its licensors, in the U.S. and other countries. All other trademarks, service marks, and product or service names are trademarks or registered trademarks of their respective owners. PLT-03669 Rev A.0 EXHIBIT A - TECHNICAL APROACH

OVERVIEW EasyLobby® Access Control System Integration

EasyLobby Client

EasyLobby EasyLobby/Access Control Server SVM

EasyLobby DB

EasyLobby Client EasyLobby/Access Control Integration EasyLobby Triggers Administrator

Access Control DB

EasyLobby Client API, Import Service, or Direct Insert EasyLobby Satellite

Access Control Panel

Turnstile Door Elevator

© 2018 HID Global Corporation/ASSA ABLOY AB. All rights reserved. This document may not be reproduced, disseminated or republished in any form without the prior written permission of HID Global Corporation.

HID Global, HID, the HID Brick logo, the Chain Design and EASYLOBBY are the trademarks or registered trademarks of HID Global Corporation, or its licensors, in the U.S. and other countries. All other trademarks, service marks, and product or service names are trademarks or registered trademarks of their respective owners. PLT-03669 Rev A.0 EXHIBIT A - TECHNICAL APROACH

VISITOR MANAGEMENT SOLUTIONS

HID Professional Services™ EasyLobby® Secure Visitor Management

ENSURE SMOOTH DEPLOYMENT AND MAXIMIZE POTENTIAL OF YOUR EASYLOBBY SECURE VISITOR MANAGEMENT SOLUTION

ƒ Successful delivery – HID Professional Services™ provides technical expertise and project management resources to assist in the planning and end-to-end implementation of your solution. Our consultants help you to identify technical complexities and risks up front, ensuring the best integration pathways to a successful on-time, on-budget deployment. ƒ Enhanced customer experience – Receive personalized service from a dedicated HID Professional Services consultant who will work with you to ensure best practice implementation and assist in training your team to effectively manage the EasyLobby® solution. ƒ Increased cost efficiency – HID Professional Services will assist in helping determine requirements for your initial implementation and what can be deployed over time, enabling you to allocate resources and budget efficiently. HID Professional Services™ are sold and delivered through the The HID Professional Services™ team HID Professional Services are backed HID Advantage Partner™ network, is committed to accelerating value and by a CISSP certified team with experience together with other Genuine HID® reducing your business risks through and expertise needed to ensure successful products and solutions. successful implementation of Genuine on-time and on-budget delivery. HID® solutions. HID Professional Dependent on the type, size and Our goal is to deliver complete Services packages for EasyLobby are complexity of your deployment, HID affordably priced and provide high-value solutions that are fully operational Professional Services packages for deployment assistance services that and deployed according to best EasyLobby focus on the core elements ensure customer satisfaction from practices, on-schedule and of your implementation needs. installation through operator training. on-budget. Regardless of the package you choose, The HID Professional Services team will our professional services provide a help you identify and correct issues with consultative edge that can help you your deployment before full implementation. successfully navigate the inherent Our team can walk you through critical difficulties of the deployment phase and components of a successful EasyLobby provide in-depth training for your team. Visitor Management solution deployment, From high-level planning to integration such as: to ground-level training, HID Global’s ƒ Installation review certified consultants can help you reduce ƒ Cross-compatibility checks risk of costly errors and maximize the power of your investment. ƒ Internal database linking ƒ Integration strategies ƒ Working with internal stakeholders

hidglobal.com EXHIBIT A - TECHNICAL APROACH

SPECIFICATIONS

Includes 8 hours of implementation advice, remote installation and configuration assistance with: ƒ EasyLobby database installation and set-up ƒ Up to three EasyLobby SVMs, Administrator and/or Mobile products EasyLobby SVM Deployment ƒ Peripherals ƒ Employee Import Utility ƒ Pre-requisites documentation ƒ Ad-hoc training CISSP is a registered mark of the Includes 8 hours of implementation advice, remote installation International Information Systems and configuration assistance with: Security Certification Consortium in ƒ Installation and configuration assistance for one eAdvance server including customized branding the United States and other countries. EasyLobby eAdvance ƒ SVM configuration assistance for eAdvance users, email notifications, Deployment pre-registration approvals ƒ Troubleshooting ƒ Pre-requisites documentation ƒ Ad-hoc training Includes 8 hours of implementation advice, remote installation and configu- ration assistance with: EasyLobby Physical ƒ PACS integration deployment for one server Access Control System ƒ Troubleshooting (PACS) Integration ƒ Pre-requisites documentation ƒ Ad-hoc training If your EasyLobby deployment project requires customization or more Large Scale comprehensive assistance from HID Professional Services, please contact EasyLobby Deployments your HID Advantage Channel Partner™ for a custom quote. Includes a custom remote training for users and administrators of Easy- Lobby SVM with: ƒ One EasyLobby SVM user training presentation, including related EasyLobby Secure Visitor documentation and video recording for later review and viewing Management (SVM) Training ƒ One EasyLobby SVM administration training presentation, including related documentation and video recording for continuous internal usage.

hidglobal.com

© 2015 HID Global Corporation/ASSA ABLOY AB. All rights reserved. HID, HID Global, the HID Blue Brick logo, the Chain Design and FARGO Swift North America: +1 512 776 9000 ID and FARGO Workbench are trademarks or registered trademarks of HID Global or its licensor(s)/supplier(s) in the US and other countries and may not be used without permission. All other trademarks, service marks, and product or service names are trademarks or registered trademarks of their Toll Free: 1 800 237 7769 respective owners. Europe, Middle East, Africa: +44 1440 714 850 2016-02-17-hid-pro-serv-easylobby-sec-vstr-mgmt-ds-en PLT-02680 Asia Pacific: +852 3160 9800 Latin America: +52 55 5081 1670 An ASSA ABLOY Group brand EXHIBIT A - TECHNICAL APROACH

VISITOR MANAGEMENT SOLUTIONS

EasyLobby® eAdvance™ Visitor Pre-Registration

WEB-BASED APPLICATION ENABLES AUTHORIZED EMPLOYEES FEATURES: OR TENANTS TO PRE-REGISTER VISITORS ONLINE ƒƒ Provides robust, web-based pre-registration by authorized employees and tenants. ƒƒ Support for individual and group ƒ Streamlined visitor check-in process – Simple, customizable web browser form for registrations. pre-registering individuals or groups of visitors by authorized employees ensures a ƒƒ Enables returning visitor lookup for quick quick and easy check in. re-registration. ƒƒ Delivery of email confirmations to ƒ Enhanced facility security – Provides full control over visitor access by granting employees and visitors with visit details access to authorized eAdvance™ users only, and utilizes a rules-based system to including registration number and barcode. ƒƒ Offers online employee list/rights determine if further approvals are required. management. ƒ Unlimited-user license – Any or all employees or tenants can be authorized with one ƒƒ Utilizes rules-based approval levels. server license. ƒƒ Contains user password management. ƒƒ Allows for single sign-on/authentication support. HID Global’s EasyLobby® Secure Visitor through a simple web browser, with ƒƒ Allows employees and tenants to mark their visitors as checked out from their Management (SVM™) software provides no employee training required. workstation. a comprehensive, enterprise-class Once the visitor is preregistered through visitor management solution to meet SYSTEM REQUIREMENTS FOR eAdvance, the receptionist or guard can any organization's needs. EasyLobby eADVANCE CLIENT: simply scan the visitor’s license when SVM offers a full suite of tools, including ƒƒ Windows Server 2008, 2012 or 2016, they arrive (or quickly consult an on- visitor scheduling, registration, and badge Windows 7, Windows 8.1 or Windows 10. screen list of pre-registered visitors), ƒƒ 256 MB RAM, 50 MB disk space. printing to automate and streamline and with one mouse click, the visitor is visitor management processes. SYSTEM REQUIREMENTS FOR EADVANCE checked in and the badge is printed. As part of its Secure Visitor WEB SERVER: In addition to its easy-to-use functionality, ƒƒ Windows server running Windows Server Management™ software portfolio, HID’s eAdvance also has the ability to 2008, 2012 or 2016. EasyLobby eAdvance™ solution enables provide email confirmations to the ƒƒ For smaller installations, Windows 7, authorized employees or tenants to Windows 8.1 or Windows 10. host employee or tenant and visitor. ƒƒ Microsoft IIS 7.5 or higher web server quickly and easily pre-register visitors software. online, before a visitor arrives. Using eAdvance ensures greater data ƒƒ 4 GB RAM, 100 MB disk space. accuracy regarding visitor details and The solution is tightly integrated with provides users a quick and efficient EasyLobby SVM to enable authorized means to manage the visitor registration employees or tenants to pre-register process and greatly reduce the check-in guests via the Internet or intranet hidglobal.com time and potential lobby congestion. North America: +1 512 776 9000 Toll Free: 1 800 237 7769 Europe, Middle East, Africa: +44 1440 714 850 © 2018 HID Global Corporation/ASSA ABLOY AB. All rights reserved. HID, HID Global, the HID Blue Brick logo, the Asia Pacific: +852 3160 9800 Chain Design and EasyLobby are trademarks or registered trademarks of HID Global or its licensor(s)/supplier(s) in the US and other countries and may not be used without permission. All other trademarks, service marks, and Latin America: +52 55 5081 1650 product or service names are trademarks or registered trademarks of their respective owners. 2018-01-30-el-e-advance-visitor-mgmt-software-ds-en PLT-00018

An ASSA ABLOY Group brand

hidglobal.com EXHIBIT A - TECHNICAL APROACH

VISITOR MANAGEMENT SOLUTIONS

EasyLobby® Secure Visitor Management (SVM™) 10

ENTERPRISE-CLASS SOLUTION FOR ALL SYSTEM REQUIREMENTS: YOUR VISITOR MANAGEMENT NEEDS Minimum System Requirements for EasyLobby SVM™, Administrator, Satellite, eAdvance Client: ƒ Scale with ease – Quickly grow from a single workstation to hundreds of connected ƒƒ Pentium® IV processor or higher, 512 MB EasyLobby SVM stations through a shared central database (SQL Server, Oracle or MSDE). RAM, 100 MB disk space ƒƒ Sufficient USB ports for peripherals ƒ Improve security – Account for visitors as well as employees in an emergency situation ƒƒ Windows Server (2008, 2012 or 2016), and meet growing compliance mandates requiring visitor audit trails and reporting. Windows 7, Windows 8.1 or Windows 10 ƒ Enhance the professionalism of an organization – Streamline the visitor check-in process ƒƒ Internet Explorer 9, 10, 11 by electronically scanning an ID and capturing detailed information with easy-to-use Database Server: Microsoft SQL Server 2008, drop down menus to display a heightened sense of awareness and provide a great guest 2012, 2014 or 2016 (full or express version) MSDE, experience. or Oracle 9i or higher ƒ Identify unwanted visitors – Create internal watch lists and use external databases to eAdvance Web Server: Windows Server (2008, screen against unsolicited visitors, such as government-denied parties and sex offenders. 2012, or 2016), Windows 7, Windows 8.1 or Windows 10 running Microsoft IIS 5.0 or higher, 512 MB RAM, 10 MB disk space HID Global’s EasyLobby® Secure Visitor EasyLobby SVM’s versatile self-registration Access Control Integration: Requires the SQL Management (SVM™) software provides mode enables unassisted visitor registration Serve5r or Oracle databases comprehensive, enterprise-class visitor and badging, with options including pre- registration, badge printing, as well as tracking registration enforcement, barcode check-in/ and reporting of visitors, contractors, and check-out functionality, and signature capture. employees. The system also provides tracking Check-in can be further automated with and reporting for assets and packages. the use of biometric fingerprint readers and contactless readers for returning visitors. EasyLobby Secure Visitor Management software is the ideal solution for processing visitors – EasyLobby SVM also allows businesses to manage including scanning an ID, record creation, badge package deliveries, asset loans, and lost and printing, check-in and check-out, and watch list found functionality from a single application. screening. In addition, EasyLobby SVM™ offers With dynamically updated grid views, the multiple, programmable security alerts delivering EasyLobby SVM screen shows the current status critical notifications on-screen or through email. of visitors, packages and assets. Additionally, EasyLobby SVM software is flexible, easy the ability to create reports and run queries to install, learn, and use, and can quickly is available through the use of a broad range scale to a network of hundreds of stations, of pre-defined Crystal Reports, with a wizard all running on a central database. for creating custom reports as needed.

As a highly customizable solution, it enables Application settings and system management businesses to manage visitor requirements and can be performed by using the Administrator workflow to meet unique needs. Organizations software for database administration, real-time can also create their own full-color visitor and monitoring, badge design, and reporting functions. employee badge designs, either by using the integrated custom badge design tool or by choosing from hundreds of built-in templates.

hidglobal.com EXHIBIT A - TECHNICAL APROACH

CUSTOMIZABLE: ƒ EasyLobby SVM supports two types of Visitor Logs: Microsoft® ƒ Create unique fields for visitor, employee, package and asset Access database logs and ODBC (open database connectivity) forms. EasyLobby® SVM™ offers 48 user-defined fields in total: database logs. ODBC database logs include MSDE, MS SQL Server 24 fields for visitor, 12 for employee, six for packages and six for and Oracle databases. assets. INTEGRATION WITH ACCESS CONTROL, HUMAN RESOURCES ƒ Gain complete control over visitor form fields, including renaming AND OTHER SYSTEMS: labels and tabs, setting required fields, managing the display of ƒ Seamless integration with over 50 of the leading access control information on the Visitor Grid, and specifying data captured systems to provide select visitors with customized card access from ID scans. from the EasyLobby SVM interface. ƒ Create and manage your own lists for visit reasons, categories, ƒ Import employee list(s) from any ODBC database or Active clearances and more. Directory, with auto scheduling and updating. DATABASE SUPPORT: ƒ Employ flexible data import and export functions. ƒ EasyLobby SVM stores its information in a database file called a ƒ Supports single sign-on, with hooks for alternative authentication Visitor Log. methods.

PROGRAM OPTIONS

Five pre-configured security levels of users: Novice, Operator, Manager, User Security Levels Site Administrator and Enterprise Administrator, plus the ability to customize additional levels.

• 24 total for Visitor form, customizable as a check box, drop-down menu, text field or date User Defined Fields • 12 for Employee form • 6 for Assets • 6 for Packages

Fields on the Visitor Log can be set to: Enabled/Disabled: Enabled allows the user to enter information into the field. Disabled prevents the user from entering information by graying out the field. Required/Not Required: Required fields are marked with an asterisk for the Visitor Field visitor to complete before being checked in. Configurations In Grid: Shows or hides a field from the grid view. License: Determines the information that is pulled from the driver’s license and scanned into the visitor log. Business Card: Determines the information that is pulled from the business card and scanned into the visitor log.

Visitor Check-In, Package Check-In, Watch List Alert, Expired Badges, Panic Alert Options Message, Current Visitor, Maximum Visitor, Frequent Visitor, Time-Based

EasyLobby SVM supports the following hardware devices: • Acuant R2/ SnapShell ID Scanner • ScanShell 1000 Passport/ID Scanner • Assure Tec ARH Combo Smart Passport/ID Scanner (Authentication option available) • Assure Tec ID-150 ID Scanner (Authentication option available) Hardware Device Options • Intellicheck IM2000 ID Scanner/Authenticator • M2Sys EasyScan and Palm Biometric Scanners • ID Tech MagStripe Reader • Metrologic 9520 USB Barcode Scanner • RFIdeas PC Prox Reader • Topaz Signature pads

English, Spanish, French, Italian, Portuguese, German for full application Languages Supported Welsh and Danish for Self-Registration only

hidglobal.com

North America: +1 512 776 9000 © 2018 HID Global Corporation/ASSA ABLOY AB. All rights reserved. HID, HID Global, the HID Blue Brick logo, the Chain Design, and EasyLobby are Toll Free: 1 800 237 7769 trademarks or registered trademarks of HID Global or its licensor(s)/supplier(s) in the US and other countries and may not be used without permission. Europe, Middle East, Africa: +44 1440 714 850 All other trademarks, service marks, and product or service names are trademarks or registered trademarks of their respective owners. 2018-01-31-el-secure-visitor-mgmt-10-software-ds-en PLT-03111 Asia Pacific: +852 3160 9800 Latin America: +52 55 5081 1650 An ASSA ABLOY Group brand EXHIBIT A - TECHNICAL APROACH

Frequently Asked Questions

EasyLobby Watchlist FAQ (Internal Only)

1. Watchlists

1.1 Watchlists: General

Q: What is the difference between the internal watchlist and an external watchlist? A: The internal watchlist is created entirely by the customer end user. They can add names of people or companies that they do not want admitted to their buildings, or those people that should be treated as a VIP. Names may be entered manually, or can be pulled from an excel file or database.

The external watchlists (listed in this section) query the visitor details against selected authoritative lists from Government and State agencies. Using external watchlists require an additional purchase for a one year subscription. (See below)

Q: What are the different external watchlist options? A: The different watchlists offered are:  EL-CUST: Service provided by Visual Compliance. Checks against numerous authorities globally.  EL-CUST-BASIC: Service provided by Visual Compliance. Checks against numerous authorities within the US.  EL-SOS-K12: Services provided by Datadiver Technologies. K12 Education focused sex-offender screening. Complete lists of consulted authorities are listed later in this section.

Q: How long is the subscription for a watchlist screening? A: One year; the external screening services (EL-CUST, EL-CUST-Basic, and EL-SOS-K12) all require an annual, per SVM station, subscription.

Q: What happens when someone is on an external watchlist? A: Verification and notification occur at the time of check-in, not during pre-registration. Setting for watchlist screenings can be set in the Program Options (EDIT> PROGRAM OPTIONS>SECURITY>SCREENING).

The first and last name are queried against all the State or Government agencies. If a match, or partial match, is found the end user will be notified of the possible match. The administrator should then verify if the match is accurate and either cancel the visit, or proceed if the match is not the same person. (i.e. - there are many, many people named Mike Smith, so verifying all the data will be important). Customers using external watchlists should have an internal best practice for what to do when an accurate hit is identified.

If a visitor is using self check-in (using the standard or kiosk tool) and their name appears on a watchlist, an alert will be sent to the SVM end user alerting them of the match and prompting them to conform/deny. The visitor will see a pop-up on the screen that can be edited to display any message the customer wants. EXHIBIT A - TECHNICAL APROACH

2

Typically, this is something similar to “Please see receptionist”. Alerts are not sent to hosts during pre- registration.

Q: What information is included when a match is found? A: When a match is found a window will appear with possible matches. Information provided when using the EL-SOS-K12 sex offender screening includes:  Photo  Height  Full Name  Weight  Address  Race  Date of Birth  Gender  Age  Hair Color  Eye Color

Information provided when using EL-CUST includes:  City  Level  State  Full Name  Country  Reference #  Source  Address

There is also a ‘More Info’ button which opens a window with a description and notes.

Q: How often are external watchlists updated? Are they in real time? A: While the visitor name is queried against a live database, the names listed on that database are not updated ‘in real time’. Names are added by each State or Government agency according to their own schedule. The EL-CUST watchlist is updated weekly with any new or removed names, and the EL-SOS-K12 list is updated on a monthly or weekly basis depending upon the state list.

Q: I received an error message after getting a possible match using the EL-CUST screening service. It states, "CheckDeniedParty Error: ActiveX component can't create object (429). Do you wish to proceed with the check in?" What do I do? A: This is a known Windows issue and has been recorded in Saleforce. (https://hidglobal.my.salesforce.com/50180000000rq20?srPos=0&srKp=501). The workaround is to download and run the Soap Toolkit from here: http://www.easylobby.com/downloads/soapsdk.exe

Q: In the settings for the external watchlists I can select the type of search to preform: Exact, Phonic, Fuzzy 1, Fuzzy 2. What are the differences between these types of searches? A: This allows end users to define how specify they want their search to be, based on the security concerns of their location and time allowed for reviewing possible matches. Here are definitions of the different search types within the EL-CUST solution: Exact - An exact search finds the keywords supplied either together or in close proximity to one another. The Exact search screens for the keywords exactly as you’ve entered them. EXHIBIT A - TECHNICAL APROACH

3

Fuzzy - A fuzzy search finds words that are similar, but with misspellings, such as "Saddam Hussein" for "Saddam Hussain". Search fuzziness can be adjusted from 1 to 4, with 1 being a narrow search accounting for few misspellings and typos. Whereas 4 is a very broad search accounting for a wide range of misspellings. Typically we recommend Fuzzy 2 as a happy medium. Fuzzy search does not substitute the first letter of the word, otherwise results could be unlimited.

Phonetic - Phonetic search finds matches that "sound" like the keywords supplied, like "Smythe" in a search for "Smith." Phonetic search uses the Soundex algorithm and will return any results that sound phonetically similar to the keywords that were supplied.

Finally, the minimum amount of information required to perform a screening is either individual name or company name. It is always the name that will generate a result. All other location information is supplementary and serves to elevate the alert level associated with a result. An alert level corresponds directly to the number of search criteria entered, that Visual Compliance matched on. So, results bearing elevated alert levels, indicate a stronger match.

1.2 Watchlists: Consulted Authorities EL-CUST

Q: What’s included in the external watchlist functionality (EL-CUST)? What authorities are consulted? A: EL-CUST watchlist consults the following authority lists (updated 01/2016). Data is generally updated on a weekly basis. Export-related Restricted, Denied, and Blocked Persons Lists, including:  Department of Commerce Denied Persons [BIS]  Department of Commerce Entity List [BIS]  Department of Commerce "Unverified" List [BIS]  Department of State Arms Export Control Act Debarred Parties [DDTC]  Department of State Nonproliferation Orders o Executive Order 13382 o Iran and Syria Nonproliferation Act o Executive Order 12938, as amended o Missile Sanctions Laws o Chemical and Biological Weapons Sanctions Laws o Sanctions for the Transfer of Lethal Military Equipment o Iran, North Korea, and Syria Nonproliferation Act Sanctions (INKSNA)  Department of State Munitions Export Control Orders [DDTC]  Weapons of Mass Destruction Trade Control Designations [OFAC]  Department of State Designated Terrorist Organizations  Department of State Terrorist Exclusion List  U.S. Treasury Department Palestinian Legislative Council List [OFAC]  U.S. Federal Register General Orders

Sanction Programs-related Blocked Persons Lists, including:  U.S. Treasury Department Specially Designated Nationals and Blocked Persons, including Cuba and Merchant Vessels, Iran, Iraq and Merchant Vessels, Sudan Blocked Vessels [OFAC] o Department of Treasury Specially Designated Terrorist Organizations and Individuals o Department of Treasury Specially Designated Narcotic Traffickers and Narcotics Kingpins o Department of Treasury Foreign Narcotics Kingpins EXHIBIT A - TECHNICAL APROACH

4

o List of Foreign Financial Institutions Subject to Part 561  United Nations Consolidated List o U.N. sanctions measures (assets freeze, travel ban, or arms embargo) imposed by the Security Council on individuals and entities under Security Council Resolutions 751 (1992) and 1907 (2009) concerning Somalia and Eritrea, 1267 (1999) and 1989 (2011) concerning Al-Qaida and associated individuals and entities, 1518 (2003), 1521 (2003) concerning Liberia, 1533 (2004) concerning The Democratic Republic of the Congo, 1572 (2004) concerning Côte d'Ivoire, 1591 (2005) concerning The Sudan, 1718 (2006), 1737 (2006), 1970 (2011) concerning Libya, 1988 (2011), and 2048 (2012) concerning Guinea-Bissau.

General Services Administration, including:  U.S. General Services Administration List of Parties Excluded from Federal Procurement Programs [SAM/EPLS]  U.S. General Services Administration List of Parties Excluded from Federal Nonprocurement Programs [SAM/EPLS]  U.S. General Services Administration List of Parties Excluded from Federal Reciprocal Programs [SAM/EPLS]

Law Enforcement-related Wanted Persons Lists, including:  Air Force Office of Special Investigations - Top Ten Fugitives o Focuses on four priorities: to exploit counterintelligence activities for force protection, to resolve violent crime impacting the Air Force, to combat threats to Air Force information systems and technologies, and to defeat and deter acquisition fraud.  Bureau of Alcohol, Tobacco, Firearms and Explosives Most Wanted o Enforces U.S. federal laws and regulations relating to alcohol, tobacco products, firearms, explosives, and arson.  FBI Ten Most Wanted Fugitives o Investigative functions fall into the categories of applicant matters, civil rights, counterterrorism, foreign counterintelligence, organized crime/drugs, violent crimes and major offenders, and financial crime.  FBI Most Wanted Terrorists o Lists alleged terrorists that have been indicted by sitting Federal Grand Juries in various jurisdictions in the United States for the crimes reflected on their wanted posters.  FBI Wanted Fugitives  FBI Crime Alert  FBI Seeking Information  Food and Drug Administration – Clinical Investigators  Food and Drug Administration – Disqualified and Restricted  Food and Drug Administration – Debarment List o Individuals that have had various restrictions placed against them by the Food and Drug Administration (FDA) for scientific misconduct.  Department of Homeland Security Investigations Most Wanted o Terrorism, Drug Smuggling, Money Laundering, Human Trafficking/Smuggling, Import/Export Violations, Child Pornography/Exploitation, Document and Benefit Fraud, Gang-related Crimes, Intellectual Property Rights Violations, Worksite Enforcement.  Naval Criminal Investigative Service - Wanted Fugitives o Conducts felony criminal investigations and counterintelligence for the Department of the Navy, and managing Navy security programs. EXHIBIT A - TECHNICAL APROACH

5

 U.S. Immigration and Customs Enforcement and Removal Operations Most Wanted o ICE ERO prioritizes the apprehension, arrest and removal of convicted criminals, those who pose a threat to national security, fugitives, and recent border entrants.  U.S. Drug Enforcement Administration - Major International Fugitives o Enforces controlled substances laws and regulations of the United States and brings to the criminal and civil justice system of the United States those entities and individuals involved in the growing, manufacture, or distribution of controlled substances appearing in or destined for illicit traffic in the United States.  U.S. Marshals Service - Top 15 Most Wanted  U.S. Marshals Service - Major Fugitive Cases o Involved in most every federal law enforcement initiative. U.S. Marshals major cases and top 15 most wanted consist of individuals with a history of violent crimes who may be considered armed and dangerous.  Office of Research Integrity Administrative Actions o The names of individuals that have had administrative actions imposed against them by the Office of Research Integrity (ORI), maintained by the Public Health Service (PHS). The Assistant Secretary for Health (ASH) makes the final PHS decision on findings of research misconduct and the imposition of administration actions after reviewing the recommendations made by ORI.  U.S. Postal Inspection Service - Most Wanted o Important areas of jurisdictions include: assaults, bombs, controlled substances, electronic crimes, mail fraud, and money laundering.  U.S. Secret Service - Most Wanted o The United States Secret Service is mandated to carry out two missions: protection and criminal investigations. In criminal investigation, the Secret Service is responsible for the enforcement of laws relating to counterfeiting of obligations and securities of the United States, investigation of financial crimes including, but not limited to access device fraud, financial institution fraud, identity theft, computer fraud, telecommunications fraud, and computer based attacks on our nation's financial, banking, and telecommunications infrastructure.

Politically Exposed Persons and Office of Inspector General, including:  Chiefs of State and Cabinet Members of Foreign Governments [Central Intelligence Agency]  Office of Inspector General List of Individuals/Entities Excluded from Federal Health and Medicare Programs

International Terrorist, Blocked Person, Wanted, and Entity Lists, including:  European Union Consolidated List  Interpol Recently Wanted o Lists persons that are wanted by national jurisdictions.  Japan Foreign End-Users of Concern  Kingdom of Saudi Arabia Wanted Militants  Canada Public Safety and Emergency Preparedness Listed Entities  Australia Foreign Affairs Consolidated List  HM Treasury Consolidated List [England]  Canadian Border Services Agency Wanted List o Violations of human or international rights under the Crimes Against Humanity and War Crimes Act or under international law. EXHIBIT A - TECHNICAL APROACH

6

 RCMP Wanted Fugitives o Enforces laws made by, or under, the authority of the Parliament of Canada.  World Bank Listing of Ineligible Firms o Lists names of firms and individuals that are ineligible to be awarded a World Bank-financed contract for the periods indicated because they were found to have violated the fraud and corruption provisions of the Procurement Guidelines or the Consultants Guidelines.  OSFI Consolidated List - Entities  OSFI Consolidated List - Individuals o Office of the Superintendent of Financial Institutions (OSFI) issues names subject to the regulations establishing a list of entities made under the Canada Criminal Code or the United Nations suppression of terrorism regulations. OSFI is the sole regulator of banks, and the primary regulator of insurance companies, trust companies, loan companies and pension plans in Canada.  OSFI Warning List o Issues entity names that may be of concern to the business community and the public.

Sanctions and Embargoes: Visual Compliance contains a comprehensive list of sanction and embargo information, including but not limited to: • OFFICE OF FOREIGN ASSETS CONTROL (OFAC) SANCTIONS • EAR PART 746, EMBARGOES — Comprehensive controls • EAR PART 746, EMBARGOES — Sanctions on selected categories of items to specific destinations. • EAR PART 736, GENERAL PROHIBITION THREE - Foreign-produced direct product re-exports • EAR PART 736, GENERAL PROHIBITION EIGHT - In transit shipments and items to be unladen from vessels or aircraft • EAR PART 736, GENERAL ORDER NO. 2 • EAR SUPPLEMENT NO. 1 TO PART 740, TERRORIST SUPPORTING COUNTRIES (Country Group E:1) • EAR PART 744.21, RESTRICTIONS ON CERTAIN 'MILITARY END USES' IN THE PEOPLE'S REPUBLIC OF CHINA OR FOR A 'MILITARY END USE' OR 'MILITARY END USER' IN RUSSIA OR VENEZUELA • SUPPLEMENT NO. 3 TO PART 744, COUNTRIES NOT SUBJECT TO CERTAIN NUCLEAR END-USE RESTRICTIONS IN §744.2(a) • UNITED NATIONS SANCTIONS AND EMBARGOES • DEPARTMENT OF STATE ARMS EMBARGOES (ITAR 126.1 PROHIBITED EXPORT DESTINATIONS) • DEPARTMENT OF STATE EXPORT RESTRICTIONS ON TECHNOLOGIES AND SERVICES REGULATED UNDER THE USML • DEPARTMENT OF STATE NONPROLIFERATION SANCTIONS • U.S. DEPARTMENT OF STATE, STATE SPONSORS OF TERRORISM • U.S. DEPARTMENT OF STATE, COUNTRIES NOT COOPERATING FULLY WITH UNITED STATES ANTITERRORISM EFFORTS • COUNTRIES WHICH REQUIRE OR MAY REQUIRE PARTICIPATION IN, OR COOPERATION WITH, AN INTERNATIONAL BOYCOTT (WITHIN THE MEANING OF SECTION 999(B)(3) OF THE INTERNAL REVENUE CODE OF 1986) • CANADA ECONOMIC SANCTIONS • EUROPEAN UNION ARMS EMBARGOES

EXHIBIT A - TECHNICAL APROACH

7

1.3 Watchlists: Consulted Authorities EL-SOS-K12

Q: What’s included in the external sex offender screening functionality (EL-SOS-K12)? What authorities are consulted? A: EL-SOS-K12 sex offender screening is a compilation of all US based sex offender registries. This service is provided by Datadiver Technologies. Data is generally updated on a weekly or monthly basis.

Alaska Alaska Sex Offender Registry: Weekly

Alabama Alabama Sex Offender Registry: Weekly Alabama Sex Offender Registry II: Weekly The Poarch Band of Creek Indians Sex Offender Registry: Monthly

Arkansas Arkansas Sex Offender Registry: Weekly Arkansas Sex Offender Registry II: Not Updating

Arizona Ak-Chin Indian Community Sex Offender Registry: Monthly Arizona Sex Offender Registry: Weekly Fort McDowell Yavapai Nation Sex Offender Registry: Monthly Gila River Indian Community Sex Offender Registry Monthly Pascua Yaqui Indian Tribe Sex Offender Registry: Monthly Salt River Pima-Maricopa Indian Community Sex Offender Registry: Monthly Tohono O'odham Nation Sex Offender Registry: Monthly Tonto Apache Tribe Sex Offender Registry: Monthly White Mountain Apache Tribe Sex Offender Registry: Monthly Yavapai-Prescott Indian Tribal Police Department Sex Offender Registry: Monthly

California California Sex Offender Registry: Weekly Washoe Tribe of Nevada and California Sex Offender Registry: Monthly

Colorado Colorado Sex Offender Registry: Weekly Colorado Sex Offender Southern Ute Indian Tribe: Not Updating

Connecticut Connecticut Sex Offender Registry: Weekly

District of Columbia District of Columbia Sex Offender Registry: Weekly

Delaware Delaware Sex Offender Registry: Weekly EXHIBIT A - TECHNICAL APROACH

8

Florida Florida Sex Offender Registry: Weekly Florida Sex Offender Registry – FLDE: Bi-Weekly Miccosukee Tribe of Indians of Florida Sex Offender Registry: Monthly

Georgia Georgia Sex Offender Registry: Weekly

Guam Guam Sex Offender Registry: Weekly

Hawaii Hawaii Sex Offender Registry: Weekly

Iowa Iowa Sex Offender Registry: Weekly

Idaho Idaho Sex Offender Registry: Weekly Shoshone-Bannock Tribes Sex Offender Registry: Monthly

Illinois Illinois Sex Offender Registry: Weekly Illinois Sex Offender Registry 2: Bi-Weekly

Indiana Indiana Sex Offender Registry: Weekly

Kansas Kansas Sex Offender Registry: Weekly Kansas Sex Offender Registry 2: Bi-Weekly Kickapoo Tribe in Kansas Sex Offender Registry: Monthly Prairie Band Potawatomi Nation Sex Offender Registry: Monthly Sac and Fox Nation of Missouri in Kansas and Nebraska Sex Offender Registry: Monthly

Kentucky Kentucky Sex Offender Registry: Weekly

Louisiana Chitimacha Tribe of Louisiana Sex Offender Registry: Monthly Louisiana Sex Offender Registry: Weekly

Massachusetts Massachusetts Sex Offender Registry: Weekly

Maryland Maryland Sex Offender Registry: Weekly

EXHIBIT A - TECHNICAL APROACH

9

Maine Maine Sex Offender Registry: Weekly

Michigan Grand Traverse Band of Ottawa and Chippewa Indians: Not Updating Keweenaw Bay Indian Community Sex Offender Registry: Monthly Michigan Sex Offender Ottawa Chippewa Indian Tribe: Weekly Michigan Sex Offender Registry Weekly Nottawaseppi Huron Band of the Potawatomi Sex Offender Registry: Monthly

Minnesota Bois Forte Band of Chippewa Sex Offender Registry: Monthly Minnesota Sex Offender Registry: Weekly Red Lake Nation Sex Offender Registry: Monthly

Missouri Missouri Sex Offender Registry: Weekly Missouri State Highway Patrol Sex Offender Registry: Bi-Weekly

Mississippi Mississippi Band of Choctaw Indians Sex Offender Registry: Monthly Mississippi Sex Offender Registry: Not Updating

Montana Fort Belknap Indian Community Sex Offender Registry: Monthly Fort Peck Tribes Sex Offender Registry: Monthly Montana Sex Offender Registry: Weekly

North Carolina Eastern Band of Cherokee Indians Sex Offender Registry: Monthly North Carolina Sex Offender Registry: Weekly

North Dakota North Dakota Sex Offender Registry: Weekly North Dakota Sex Offender Registry 2: Monthly Spirit Lake Nation Sex Offender Registry: Monthly Turtle Mountain Band of Chippewa Indians Sex Offender Registry: Monthly

Nebraska Nebraska Sex Offender Registry: Weekly Omaha Tribe of Nebraska Sex Offender Registry: Monthly

New Hampshire New Hampshire Sex Offender Registry: Weekly

New Jersey New Jersey Sex Offender Registry: Weekly

EXHIBIT A - TECHNICAL APROACH

10

New Mexico New Mexico Sex Offender Registry: Weekly Pueblo of Isleta Sex Offender Registry: Monthly Santa Clara Pueblo Sex Offender Registry: Monthly

Nevada Las Vegas Nevada Sex Offender Registry: Weekly Nevada Sex Offender Registry: Weekly Pyramid Lake Paiute Tribe of Nevada Sex Offender Registry: Monthly Summit Lake Paiute Tribe Sex Offender Registry: Monthly Washoe Tribe of Nevada and California Sex Offender Registry: Monthly

New York New York Sex Offender Registry: Weekly Oneida Indian Nation Sex Offender Registry: Monthly Saint Regis Mohawk Tribe Sex Offender Registry: Monthly

Ohio Ohio Sex Offender Registry: Weekly

Oklahoma Absentee Shawnee Tribe of Oklahoma: Not Updating Cherokee Nation: Not Updating Chickasaw Nation: Not Updating Comanche Nation: Not Updating Iowa Tribe of Oklahoma Sex Offender Registry: Monthly Kaw Nation Sex Offender Registry: Monthly Kickapoo Tribe of Oklahoma: Not Updating Miami Nation of Oklahoma Sex Offender Registry: Monthly OK Sex Offender Kickapoo Indian Tribe: Weekly Oklahoma Sex Offender Chickasaw Indian Tribe: Weekly Oklahoma Sex Offender Kickapoo Indian Tribe: Weekly Oklahoma Sex Offender Registry: Weekly Osage Nation Sex Offender Registry: Monthly Seminole Nation of Oklahoma Sex Offender Registry: Monthly United Keetoowah Band of Cherokee Indians Sex Offender Registry: Monthly Wyandotte Nation Sex Offender Registry: Monthly

Oregon Confederated Tribes of the Warm Springs Reservation Sex Offender Registry: Monthly Oregon Sex Offender Registry: Weekly Oregon Sex Offender Registry: Not Updating Oregon Sex Offender Umatilla Indian Tribe: Weekly

Pennsylvania Pennsylvania Sex Offender Registry: Weekly

Puerto Rico Puerto Rico Sex Offender Registry: Weekly EXHIBIT A - TECHNICAL APROACH

11

Rhode Island Rhode Island Sex Offender Registry: Weekly

South Carolina South Carolina Sex Offender Registry: Weekly South Carolina York County Sex Offender Registry: Weekly

South Dakota Rosebud Sioux Tribe Sex Offender Registry: Monthly Sisseton Wahpeton Oyate Sex Offender Registry: Monthly South Dakota Sex Offender Registry: Weekly

Tennessee Tennessee Sex Offender Registry: Weekly

Texas Texas Sex Offender Registry: Weekly

Utah Utah Sex Offender Registry: Weekly

Virginia Virginia Sex Offender Registry: Weekly

Virgin Islands US Virgin Islands Sex Offender Registry: Bi-Weekly

Vermont Vermont Sex Offender Registry: Weekly

Washington Confederated Tribes of the Colville Reservation Sex Offender Registry: Monthly Nooksack Indian Tribe Sex Offender Registry: Monthly Shoalwater Bay Indian Tribe Sex Offender Registry: Monthly Upper Skagit Indian Tribe Sex Offender Registry: Monthly Washington Sex Offender Registry: Weekly Washington Sex Offender Registry Skagit County: Not Updating Washington Sex Offender Yakama Indian Tribe: Weekly Washington State Police Sex Offender and Kidnapping Registry: Quarterly Yakama Tribe: Not Updating

Wisconsin Wisconsin Sex Offender Registry: Weekly Wisconsin Sex Offender Registry Menominee Indian Tribe: Weekly

West Virginia West Virginia Sex Offender Registry: Weekly

EXHIBIT A - TECHNICAL APROACH

12

Wyoming Wyoming Sex Offender Registry: Weekly

Terrorist/Patriot Australia Sex Offender Registry: Not Updating Northern Mariana Island Sex Offender Registry: Tri-Annually

Q: What is the difference between the watchlist options, EL-CUST and EL-CUST-BASIC? A: The EL-CUST-BASIC watchlist does not include international checks and is limited to only North America.

Q: Are sex offender registries included in EL-CUST and EL-CUST-BASIC? A: No; sex offender registries are excluded from the standard watchlist queries. The exception would be sex offender names that appear on other queried lists (FBI Top Ten, etc.).

hidglobal.com

© 2011 HID Global. All rights reserved. HID and the HID logo are trademarks or registered trademarks of HID Global in the U.S. and/or other countries. All other trademarks, service marks, and product or service names are trademarks or registered trademarks of their respective owners. EXHIBIT A - TECHNICAL APROACH

Knight Project Methodology

 Texas based and focused physical security system integrator founded in 1983.  Over 70 full-time employees throughout Texas with Regional offices in Austin, , .  Management Team has managed businesses worth $300 million, with 42 offices and factories and single projects worth $55 million.  Licensed and Insured o Licensed by Texas DPS Private Security Bureau B-03566 o Licensed by Texas Fire Marshall ACR-2825  Projects completed range from $1,000 to $12,500,000  Provide the security systems for the State of Texas Capitol Complex, Crime Labs and other key facilities, converted database with pictures for approx. 20,000 user records.  Knight Structured Design Build Service Process  Contracts with GSA, Texas DIR and TXMAS  SecurePlan™ Service Level Agreement includes a same day guarantee  Core Values: Honor, Integrity, Service

EXHIBIT A - TECHNICAL APROACH

Vision Statement

Knight Security Systems will be the sought after electronic safety and security firm, recognized by our clients and technology partners as their preferred solutions provider in our chosen markets. Knight Security Systems thrives on cultivating an enviable working environment where our people can grow and develop their talents.

Mission Statement

Knight Security Systems’ mission is to assist clients to improve and protect their operational success through a long term relationship with a focus on: - Client specific proven safety and security solutions, - Innovative and proactive service offerings, - Advanced technologies, - Skilled employees

All guided by core values of Honor, Integrity and Service!

EXHIBIT A - TECHNICAL APROACH

Program Management

Knight Security Systems (KSS) proposed management approach to the Performance Work Statement (PWS) is based on success managing similar contracts for our clients in the public sector. We embrace project management best practices as defined by the Project Management Institute (PMI®) and anchored in our consistent application of ISO 9001:2000 processes.

We incorporate five essential elements in our program management approach: • A highly qualified, experienced Project Manager (PM) with prerequisite certification and the authority and ability to plan for, monitor, and control program resources supported by a streamlined organization specifically tailored for direct accountability, and responsive support • Innovative and proven structured processes based on implementing large-scale Video Management Systems (VMS) and Access Control Systems (ACS) for public sector clients • VMS and ACS Industry Certification and experience of KSS personnel assigned to the project • Full corporate-level sponsorship and commitment • Lessons learned from implementing over 6000 Electronic Security Systems

Our KSS Program Management Organization (PMO) is streamlined for responsiveness and supported by a full complement of corporate resources. Key elements include: • On Site Project Manager with relevant experience in managing the implementation and operation of large-scale, secure VMS • Lead Engineer certified with the proposed technical solution, associated components and equipment and relevant engineering experience with implementing enterprise-wide VMS • Senior executive involvement to ensure frequent, in-depth program oversight through timely In-Process Reviews (IPRs) • Cost, schedule, and deliverable controls to ensure on-time, within budget, responsive support • Task monitoring, financial tracking, and reporting using a Web-enabled reporting tool • Integrated Process/Project Team (IPT) approach with clear lines of communication that will ensure accountability across the KSS team and subcontract structure • Monitoring and reporting on performance metrics aligned with the Work Breakdown Structure (WBS) to measure performance for the entire “service delivery chain” • Subcontract management that will ensure measurement and accountability of work and proportional sharing of performance award • Risk and Issue Management process to track, escalate, and resolve any issues that may require the involvement of the TJJD Project Manager and KSS executive staff.

EXHIBIT A - TECHNICAL APROACH

Project Management

Our Project Manager (PM) will be the Single Point of Contact (SPOC) for the Agency – Wide Access Control Installation program. He/she will have direct reporting relationship to the General Manager and will have the authority to represent KSS to the TJJD management personnel. The PM will be responsible for the daily management of the contract, and will serve as the primary interface with TJJD, KSS employees and subcontractor personnel. The PM will review all contract and work order document submittals, including, but not limited to:

• Execution of the Work Breakdown structure (WBS) and attendant task assignments • Weekly status reports • Program status reviews • Other contract specific reports, deliverables and invoices • Safety and quality assessments • Subcontractor performance

A major component of our management philosophy is the relationship of the on-site program support office and KSS corporate headquarters. The PM will have the support of headquarters for finance, contracts, HR, recruiting, and security.

EXHIBIT A - TECHNICAL APROACH

Qualifications to Manage the Project

As a proven, trusted public sector contractor, Knight Security Systems is the leading provider of Electronic Security Services (ESS) to the State of Texas. Since 2010, Knight has collaborated with State officials to implement a multifaceted, critical infrastructure program to meet a variety of State ESS needs. In this regard, Knight has applied sound risk management, collaboration, information sharing, innovation, effective PMI-based program management, and a highly skilled workforce. Knight, in conjunction with its technology partners, has been recognized by the State for delivering innovative and cost-effective ESS solutions.

Our ESS services are multi-dimensional and include: Video Management Systems (VMS); Intrusion Detection Systems (IDS); Access Control Systems (ACS); Command and Control Systems; Force Protection measures – all backed by a team of certified engineers to deliver best-in-class ESS solutions. Knight has instituted a number of innovative processes and solutions to ensure each ESS project operates in a low-risk environment governed by Service Level Agreements (SLAs) and our customer’s performance-based standards.

Knight was founded in 1983 and has over 6,000 systems installed in the United States. We are focused in Texas and have full service offices in Austin, Dallas/Ft. Worth, and Houston with satellite offices in Lubbock and Corpus Christi. In support of our GSA Schedule for government clients, Knight Security Systems has the required resources to provide ESS installation in both CONUS and OCONUS. Our solutions are typically turn-key, networked solutions utilizing the latest IP technology. Projects range in size from a single reader or camera to thousands of readers and cameras on multiple campus environments. Our certified staff is comprised of professional engineers, technical professionals and IT network security specialists.

EXHIBIT A - TECHNICAL APROACH

Project Management Plan

Our standard Program Management Plan (PMP) will be specifically tailored for the Customer’s Installation program and will include processes used to manage and control daily operations and manage non- routine tasks. This plan will provide procedures for the PM to initiate, manage, track, and report on contract work activities. Elements in the PMP include:

• Introduction: program overview and objectives • Program Organization: team structure, team members, roles and responsibilities, controls, external documents • Client Communications: requirements, deliverables, change control, issue management, unit and system test and acceptance criteria by the TJJD • Program Planning: assumptions, risks, WBS, resources • Procedures: approach, task management and controls, cost management, and project closeout • Reviews and Metrics: TJJD, KSS, and subcontractor reports and reviews • Quality Control Plan and Cost Monitoring: includes thorough and accurate reporting on cost and schedule status reporting (and supporting metrics) - essential to identifying potential problems and taking appropriate corrective action early in the project lifecycle.

EXHIBIT A - TECHNICAL APROACH

Quality Control Plan (QCP)

This plan provides guidance for the entire program; defines the methods used for inspection, verification, validation, evaluation, and corrective action; and describes the various quality control practices and relates them to the project lifecycle including testing and product delivery. The QCP describes reports that will be provided; describes the approach for tracking and reporting any noncompliance issues; identifies procedures and tools used for monitoring and measuring quality/performance metrics; and identifies program metrics and measurements.

KSS makes extensive use of metrics to quantify the effectiveness of our approach and practices, and we use a variety of tools to automate the collection, analysis, and reporting of our performance. In accordance with AF requirements, KSS will:

• Perform in accordance with the appropriate QCP per the WBS • Preview project activities to verify compliance with performance metrics • Audit designated project work products to verify compliance • Document and handle deviations identified in project activities and project work products according to a documented procedure • Continuously perform accurate tracking of cost elements and risk analysis to prevent problems and avoid surprises • Conduct periodic reviews of its activities and findings with the Customer

KSS will follow the performance measurements established in the PWS and will fully comply with the established monitoring and Access Control actions required by the Customer. Our QCP is overarching and includes the following techniques to meet contract performance objectives:

• Master Schedule – Collection and review of all project requirements, milestones, deliverables, schedules, and plans. • Metrics—Identification, measurement, collection and reporting of key metrics • Review processes – Use of appropriate review processes to assure quality objectives are met on all project activities • Risk Management – Risk management is integrated into all activities • Issue Management – Develop and maintain database of issues to record and track project throughout life cycle. Conduct weekly/ monthly In-Progress Reviews (IPRs). • Document Control – A controlled system for technical and user documentation. • Status Reporting – Reporting of key metrics, activities, and any non-compliance issues to TJJD and KSS corporate leadership. Documented in weekly/ monthly management reports.

EXHIBIT A - TECHNICAL APROACH

Communications Plan

An important component of the PMP is the Communications Plan. It establishes the framework for timely, accurate, and beneficial communication between KSS and TJJD representatives. It ensures that all parties are fully apprised on assignments, requirements, changes, deliverables, and performance. This plan is part of our ISO- based quality program and represents a baseline framework for coordination and communications.

Risk Management

Effective risk management is a critical component of a Customer’s Installation program. Our strong corporate commitment to risk management will enforce a proactive, comprehensive and disciplined approach throughout contract performance. As a standard operating procedure (SOP), our executives, up to the CEO level, review all weekly/monthly technical, management, and cost status reports; solicit and review feedback directly from our customers and partners, so that appropriate risk mitigation actions can be implemented. KSS’s comprehensive approach to risk identification will include active participation by all KSS personnel. Upon contract award, KSS will work closely with the TJJD to establish formal procedures for reporting and mitigating risks. Risk identification will then be a continuous process, requiring ongoing vigilance by all personnel.

Specialized Experience, Certification and Technical Competence

On average, Knight’s technicians spend over 80 hours per year in manufacturer and industry certification training. Knight Security Systems offers products from the manufacturers at the leading edge of security solution technology and personnel hold physical security and IT industry credentials including: Physical Security Professional (PSP), Cisco Certified Network/Design Associate (CCNA / CCDA), Microsoft Silver Partner and SQL DBA.

EXHIBIT A - TECHNICAL APROACH

Background Screening

Tools used for All Knight Security Employees:

Third party background screening administrator: First Advantage – formerly LexisNexis – organizes the following components:

1. Background screening components: Credit Report, Drug Screening, Felony including Misdemeanor, Motor Vehicle Report & Statewide Criminal

2. DPS/PSB Background screening components: As a vendor for the TX Department of Public Safety, Knight Security System employees are also screened through the DPS database which checks records against the Nationwide Criminal database & FBI Criminal Database. 3. Drug Screenings: Occupational urine drug screen collection

Certifications & Licenses maintained by Knight Security: Knight Security Systems verifies the validity of all employee occupational licenses, maintains the licensee’s original registration & any registration renewals and provides the opportunity for continuing education courses for all employee

EXHIBIT A - TECHNICAL APROACH EXHIBIT A - TECHNICAL APROACH

Project: Sample Pro

Essential activities conducted in the course of project by the client and KSS

Project Administration Tasks TJJD Knight Secur General project management & administration x System design & engineering x Host initial site orientation and kick‐off meeting x Develop master project schedule x Provide drawings x Provide existing equipment schedules x Provide locations for materials staging x Provide 120VAC electrical power as required for project x Provide UPS systems x

Network Infrastructure TJJD Knight Secur Network Infrastructure ‐ Define and assign IP addresses, gateways, subnets and VLANs x Network Infrastructure ‐ provide, install and configure network elements x Network Infrastructure ‐ provide, install, terminate & test network backbone cabling x

Visitor Registration and Management Information System TJJD Knight Secur Provide server x Intallation of visitor mangement software on server x Installation of SQL software x Provide workstations x Intallation of visitor mangement software on workstations x Program and test system x Install scanner, printer, and camera x

Access Control Project Responsibilties TJJD Knight Secur Access Control ‐ provide and install cabling x Access Control ‐ terminate, label and test cabling x Access Control ‐ provide and install electrified door hardware x Access Control ‐ provide and install DPS, REX and Reader x Access Control ‐ provide and install power supplies for electrified door hardware x Access Control ‐ provide/discover cable path/conduit for electrifed door hardware and sensors x Access Control ‐ wire/trim out electrified door hardware & power supplies x Access Control ‐ fire alarm integration and coordination with AHJ (if applicable) x Access Control ‐ Provide and Install door controller hardware x Access Control ‐ Define access levels, card holder profiles and privileges, and users x Access Control ‐ Provide, install and initial set‐up of system server (if applicable) x Access Control ‐ System Configuration x Access Control ‐ Provide user workstations x Access Control ‐ Configure client on user workstations (qty: )x EXHIBIT A - TECHNICAL APROACH

SecurePlan™ Administration Policy January 1, 2017 SecurePlan™ Knight Security Systems SecurePlan™ service level agreement is a comprehensive and extensive client support program intended to assure that clients receive priority service and that client systems are well maintained in order to meet or exceed a system’s expected useful life. SecurePlan™ includes Knight Security System’s patented SecurePlanHealth™ system health monitoring program, routine preventative maintenance, priority response and support, system software upgrades, loaner equipment and discounted labor rates.

This document outlines the policies that guide the administration of Knight Security Systems SecurePlan™ services on a day to day basis. Knight Security Systems regularly reviews and revises this policy to improve our service to our premier clients and better define the parameters of these services. Therefore, this document can change without notice. The current policy is always available to SecurePlan™ clients upon request and/or posted online. Scope of Coverage A SecurePlan™ agreement signed by both parties is required to commence any level of SecurePlan™ coverage. SecurePlan™ covers the standard and typical operation of the system and equipment identified on the “Covered Equipment List” or similar schedule included in the signed agreement between Knight Security Systems and our client. Manufacturers of all system equipment must be supported by Knight Security Systems. If no such list was provided by Knight, or a question arises related to a particular item, the equipment covered is limited to that equipment installed by Knight Security Systems within 90 days immediately prior to the date on the agreement.

System additions or expansion are subject to additional charges in order to qualify for coverage under an existing SecurePlan™ agreement. Any additional system components must be added to the covered equipment list in order to receive the benefits of SecurePlan™.

SecurePlan™ service may be initiated on existing systems, whether or not installed by Knight Security Systems. Knight Security Systems will perform an overall system inspection prior to initiating coverage on an existing system. Any identified deficiencies will be communicated to the client and excluded from coverage until such time as deficiencies are determined to be resolved. Coverage Term The term of coverage for SecurePlan™ shall be identified in the signed agreement between Knight Security Systems and the client. Typically, the terms of this arrangement will for a three

This document and all attachments are solely for the use of client personnel. No part of it may be circulated, quoted, or reproduced for distribution outside the client organization without prior written approval from Knight Security Systems LLC. Security License B-03566 Fire Contractor License ACR-2825 EXHIBIT A - TECHNICAL APROACH

or five year period with annual invoicing in advance. Clients may request monthly or quarterly invoicing options, subject to approval and acceptance by Knight Security Systems. At the conclusion of the specified term and any subsequent renewal term, SecurePlan coverage shall automatically renew for a period of one year. Pricing may be adjusted for the renewed term at the discretion of Knight Security Systems.

Coverage Limitations Any equipment, software or other system elements that no longer meet minimum specifications by the system manufacturer, have been designated as “end of life”, or have been discontinued by the manufacturer will not be eligible for all the benefits of SecurePlan™ until upgraded to a configuration supported by the manufacturer. In the event a manufacturer ceases operations or discontinues support of a particular product line and offers no recommended migration path, Knight Security Systems will work with the client to identify an appropriate support plan and recommended course of action. In such cases, Knight Security Systems will use best efforts to support the on-going operation of the system. SecurePlan™ does not cover the cost of system or equipment upgrades required as a result of manufacturer declared end of life or failure of an existing system to meet the current minimum specifications required to support the application of a new software or firmware release SecurePlan™ covers a defect in the equipment arising from an installation performed by Knight Security Systems. SecurePlan™ does not cover repairs that arise due to an accident, act of God, vandalism, terrorism, misuse or abuse of the system, client’s failure to properly use the system, system service or programming changes made by anyone other than Knight Security Systems personnel or authorized service provider. SecurePlan24™ is a premium version SecurePlan™ program providing 24x7x365 coverage. This service level requires SecurePlanHealth™ system health monitoring which may alert Knight Security Systems of system issues and facilitate a proactive response. Except with respect to the response times, SecurePlan24™ includes all of the benefits and limitations of SecurePlan™ as described in this policy.

Priority dispatch with GUARANTEED same day response SecurePlan™ clients receive PRIORITY DISPATCH RESPONSE. If a service request is received by Knight Security Systems from a client with a current SecurePlan™ agreement in effect, and in accordance with the service call procedures provided by Knight Security Systems before 12pm CST/CDT of a normal business day, Knight Security Systems will initiate a response to address the reported issue before 5pm of that business day. Should the request for service be received after noon, Knight Security Systems will respond no later than 5pm of the next business day. Failure by Knight Security Systems to respond within these parameters shall

This document and all attachments are solely for the use of client personnel. No part of it may be circulated, quoted, or reproduced for distribution outside the client organization without prior written approval from Knight Security Systems LLC. Security License B-03566 Fire Contractor License ACR-2825 EXHIBIT A - TECHNICAL APROACH

result in a credit to the client’s account or direct refund equivalent to one month of SecurePlan™ service. To qualify for the response guarantee credit, the client’s financial account must be current at the time of the service request. SecurePlan™ limits the Client to one claim of a service response guarantee credit per calendar month. For clients with multiple location SecurePlan™ agreements, this credit shall be limited to the location of the service request only. Following receipt of a service request, Knight Security Systems’ personnel will evaluate the reported issue and make a determination regarding the best course of action to remedy the issue. In some cases, Knight Security Systems’ service response will consist of remote troubleshooting, diagnosis and resolution of the issue. In such cases Knight Security Systems, having responded in accordance with the above prescribed timeframes, will have rendered service in accordance with this policy. Alternatively, Knight Security Systems may dispatch a service technician to the site to investigate and resolve the issue in accordance to the response policy above. Priority Dispatch does not guarantee that a particular system issue will be entirely resolved on the same day. Priority Dispatch guarantee shall not apply to service requests not covered by SecurePlan™, regardless of when the determination of non-coverage is made.

Labor and travel cost covered during normal business hours Services under the SecurePlan™ agreement shall be performed during Knight Security Systems’ normal business hours which are generally, Mon-Fri, 8:00am to 5:00pm, except on major national holidays. Labor charges, including travel time, for service work qualifying under the SecurePlan™ agreement is provided at no charge. Additional charges for labor and travel will apply for service responses made by Knight Security Systems that do not qualify under the SecurePlan™ agreement (See Coverage Limitations above). Evening and/or weekend service requested by the client may incur additional charges unless covered by SecurePlan24™. Normal business hours response (whether on site or remotely delivered service) may require that the Knight Security Systems technician work past 5pm to resolve a client issue, this event does not constitute evening service rates. Knight Security Systems will strive to resolve the system issue at each service event; however, we may require additional service time on site. If Knight determines an additional trip will be required, this service call will be scheduled for the next business day, or at the client’s convenience.

10% discount on billable service labor Knight Security Systems may perform work on a system or components covered by SecurePlan™ where the work or repairs are not covered by SecurePlan as described above. In such cases, Knight Security Systems will perform work on a “time and materials” basis and apply a 10% discount off then current retail service rates for the work performed, as well as any

This document and all attachments are solely for the use of client personnel. No part of it may be circulated, quoted, or reproduced for distribution outside the client organization without prior written approval from Knight Security Systems LLC. Security License B-03566 Fire Contractor License ACR-2825 EXHIBIT A - TECHNICAL APROACH

applicable travel charge. This discount cannot be combined with any other discount or special pricing.

Device repair or replacement As long as the SecurePlan™ agreement is in effect (which may be long after the manufacturer warranty expires), Knight will repair or replace any defective part of the system without charge to purchaser, including parts that fail due to normal wear and tear on the system. Knight may use new or used parts of the same quality. Knight may keep all replaced components. Degradation of system performance due to typical component aging will not qualify for replacement under SecurePlan™. Service labor and materials provided by Knight Security Systems on components which are not specifically included in the Covered Equipment List (see Scope of Coverage section), but are associated with the coverage system, qualify for the 10% SecurePlan™ discount.

Security system software upgrades and license fees The SecurePlan™ agreement includes security system software maintenance coverage over the term of the agreement. While software maintenance plans and coverage may vary slightly among manufacturers, generally this will provide for all software patches and new major software releases. Unless required to remedy a system issue covered by SecurePlan™, Knight Security Systems will apply eligible software patches and upgrades during the next scheduled system inspection and functional test. Knight Security Systems, at its discretion, may refrain from implementing software upgrades or patches for which the client may be eligible if Knight Security Systems anticipates that the upgrade would jeopardize system stability or performance. In some cases, upgrading system software may require an upgrade to underlying system hardware or computers accessing the system. SecurePlan™ does not cover the upgrade of hardware or operating systems which may be required to support available software upgrades. (see Coverage Limitations above).

Free loaner equipment In some cases, system components may need to be sent to the manufacture to be repaired – even if covered by the manufacturer warranty. Such repairs may take several weeks and incur shipping charges. In cases where failed SecurePlan™ covered system components must be repaired or replaced, Knight Security Systems will substitute a component of similar quality and function within three business days of the service request until such time as the permanent

This document and all attachments are solely for the use of client personnel. No part of it may be circulated, quoted, or reproduced for distribution outside the client organization without prior written approval from Knight Security Systems LLC. Security License B-03566 Fire Contractor License ACR-2825 EXHIBIT A - TECHNICAL APROACH

component is available. Provided the loaner replacement component is of equal or higher quality, Knight Security Systems may, at its discretion, elect to leave the replacement loaner unit as a permanent replacement part of the system and the component shall be covered under the SecurePlan™ as original equipment. Knight Security Systems covers all shipping costs related to a component repair. In the event that Knight Security Systems provides loaner equipment to replace equipment which failed due an event not covered under SecurePlan™, the loaner equipment will be provided to the client for up to 30 days at no cost. During this 30 day period, the customer must purchase replacement component from Knight Security Systems. Knight Security Systems retains the right to remove the loaner equipment after the 30 days period, and SecurePlan™ coverage for this component shall be suspended until permanent repairs are made.

Scheduled functional and inspection testing Based upon the terms of the SecurePlan™ agreement, Knight Security Systems will schedule annual, quarterly or monthly visits to your site for a technician to test overall functionality and operation of the system as well as conduct a physical inspection of all components. If repairs are required and qualify under SecurePlan™, Knight Security Systems will provide repairs to the system and the equipment. If component damage or deficiencies are discovered that are not covered by SecurePlan™ Knight Security Systems technician will note the deficiency and advise the Client of an estimated cost to perform a repair. Further, if software patches or upgrades are available for the system, these updates will be applied during the scheduled functional test. In accordance with the agreed upon inspection frequency, Knight Security Systems will attempt schedule the functional and inspection testing with the client via e-mail at least two weeks in advance of the intended inspection. Failure by the client to respond to a scheduling request within two weeks of receipt of a third such attempt shall relieve Knight Security Systems of any obligation under SecurePlan™ to perform a system test or inspection, or related activities.

This document and all attachments are solely for the use of client personnel. No part of it may be circulated, quoted, or reproduced for distribution outside the client organization without prior written approval from Knight Security Systems LLC. Security License B-03566 Fire Contractor License ACR-2825 EXHIBIT A - TECHNICAL APROACH

SecurePlan24™: Escalated Service Level Knight Security Systems’ SecurePlan24™expands the coverage of SecurePlan™ agreement to include added benefits such as a 4-hour response time 24 hours a day 7 days a week. System manufacturer must be supported by Knight Security Systems and the client must allow remote network access to Knight Security Systems’ personnel to accommodate SecurePlanHealth™ as well as remote response capabilities.

4-hour priority dispatch and GUARANTEED same day response SecurePlan24™clients receive 4 HOUR PRIORITY DISPATCH SERVICE. If a service request is received by Knight Security Systems from a client with a current SecurePlan24™agreement in effect, and in accordance with the service call procedures provided by Knight Security Systems, a response to address the reported issue will be initiated within 4 hours. Failure by Knight Security Systems to respond within these parameters shall result in a credit to the client’s account equivalent of one month of SecurePlan24™service. To qualify for the response guarantee credit, the client’s financial account must be current at the time of the service request. SecurePlan™ clients are eligible for one claim of a service response guarantee credit per calendar month. For clients with multi-location SecurePlan24™agreements, this credit shall be limited to the location of the service request only. Knight Security Systems’ personnel will evaluate the reported issue and make a determination regarding the best course of action to remedy the issue. In some cases Knight Security Systems’ service response will consist of remote troubleshooting, diagnosis and resolution of the issue. In such cases, Knight Security Systems, having responded in accordance with the above prescribed timeframes, will have rendered service in accordance with this policy. Alternatively, Knight Security Systems may dispatch a service technician to the site to investigate and resolve the issue in accordance to the response policy above. Priority Dispatch does not guarantee that a particular system issue will be entirely resolved within on the same day. The Priority Dispatch guarantee shall not apply to service requests not covered by SecurePlan24™, regardless of when the determination of non-coverage is made.

Labor and travel cost included 24/7 Services under the SecurePlan24™ agreement shall be performed by Knight Security Systems 24 hours a day. Labor costs, including travel time, for service work that qualify under this SecurePlan™ agreement, are provided at no charge. Additional charges for labor and travel will apply for service responses made the Knight Security Systems that do not qualify under the SecurePlan24™ coverage. Knight Security Systems will strive to resolve the system issue at each service event; however, we may require additional service time on site. If Knight

This document and all attachments are solely for the use of client personnel. No part of it may be circulated, quoted, or reproduced for distribution outside the client organization without prior written approval from Knight Security Systems LLC. Security License B-03566 Fire Contractor License ACR-2825 EXHIBIT A - TECHNICAL APROACH

determines an additional trip will be required, this service call will be scheduled for the next business day, or at the client’s convenience.

SecurePlanHealth™: System Health Monitoring SecurePlanHealth™ is based upon KnightSentry, a technology developed and patented by Knight Security Systems which remotely and securely monitors the operational health of electronic security systems and components. SecurePlanHealth™ is also included with all SecurePlan™ and SecurePlan24™ covered systems installed after January 1, 2016. Clients must sign a SecurePlanHealth™ monitoring consent form authorizing Knight Security Systems to receive system health alerts from the covered system. Monitoring shall not commence until such authorization has been provided. The types of system health monitoring alerts will vary with each system or manufacturer. These alerts may include predictive hard drive failure, power outages, network outages, or component failure. The alerts are intended to allow Knight Security Systems personnel to proactively identify and remotely respond to system issues, often before the issue is detected by the client. Knight Security Systems does NOT review or monitor video or security related alarms arising from normal system operations except for purposes of resolving system issues. When Knight Security Systems’ personnel receive a system generated alert, Knight Security Systems may initiate a service order and a response as deemed appropriate including the initiation of remote diagnostic activity prior to notification of the client. Alerts received after hours, including alerts received from client systems covered by SecurePlan24™, will be reviewed and responded to the next regular business day unless the client reports an issue in accordance with the service call procedures provided by Knight Security Systems requiring after hours service or support.

SecurePlanHealth™ requires a network connection from the monitored system in order to connect with the Knight Security Systems system health monitoring platform. This service also requires that a proprietary Knight Security Systems owned monitoring device be installed on the client site for the purpose of monitoring system elements and initiating alerts. Knight Security Systems will establish a secure network connection between the client location and the Knight Security Systems Client Support Center. Unless specifically indicated in the SecurePlan™ agreement, the client must provide and maintain this connection as well as an appropriate and compatible network firewall and/or router. Any communication devices installed by Knight Security Systems for monitoring, such as KnightSentry or other such devices, remain solely the property of Knight Security Systems and must be returned upon termination of the contract or completion of any introductory period.

This document and all attachments are solely for the use of client personnel. No part of it may be circulated, quoted, or reproduced for distribution outside the client organization without prior written approval from Knight Security Systems LLC. Security License B-03566 Fire Contractor License ACR-2825 EXHIBIT A - TECHNICAL APROACH

IN SECURITY, THERE ARE NO SECOND CHANCES.

WE CREATE CUSTOM SOLUTIONS TAILORED TO YOUR SECURITY NEEDS.

Security experts since 1983 WE SPECIALIZE IN :

With over 4,000 systems across Texas, Oklahoma, Access Control Louisiana and more, we have empowered our customers by reducing their internal and external Video Surveillance loss, legal liability, employee liability, increasing & Monitoring productivity, safety compliance, customer satisfaction and bottom line profits. Intrusion Detection Systems Regardless of your company or facility size, our staff of professional engineers, technical Fire Detection professionals, and IT network security specialists will help design the most effective security Managed Cloud Systems solution for you.

PROUD TO BE PART OF

Want to know how SecurePlan can work for you? 1-800-642-1632 Contact us today to learn more KnightSecurity.com Security License B-03566 | Fire License ACR-1750889 EXHIBIT A - TECHNICAL APROACH

NEVER BE WITHOUT SECURITY AGAIN When it comes to guaranteed same-day response, loaner equipment, plus software and hardware warranty extensions, SecurePlan™ has you covered.

Knight SecurePlan Standard SecurePlan SecurePlan Security Event Life Cycle Warranty Health 24 When a security event occurs, such as a camera losing network System Health Monitoring* connectivity, an alert is generated by the Sentry appliance Sentry™ System Health according to the parameters set for that specific device, and Monitoring Appliance securely communicated to our Knight Client Support Center. System Health Monitoring Want to know more about our System Health Monitoring and Client notification of detected how it works? See the full event life cycle below. system issues Predictive failure alerts on core components Proactive resolution of detected system issues

Remote Support Cameras Servers Access Control Remote diagnostics and issue remediation On-demand Remote Support Session Customer Help Desk Sentry Coordination of On-site Repair

Onsite Support

Warranty Device Replacement 1yr Out of Warranty Device Repairs/Replacement Guaranteed Same Day Response Free Loaner Equipment Technician Travel Included 1yr Annual System Inspection, Cleaning & Testing Annual System Software Upgrades (including Labor) 3 Technician dispatched for 1 Alert signal sent Discount on Labor for Billable Service Work 10% 10% on-site support if necessary to CSC On-site Customer Training Session 24x7 Service Included 4 Hour Service Response

Administrative Maintenance of System Records

Software License Management 2 Technician performs remote diagnostics and attempts Annual Technical Planning Session remediation

*System Health Monitoring Requires access to Internet for outbound traffic

Want to know how SecurePlan can work for you? 1-800-642-1632 Contact us today to learn more KnightSecurity.com Security License B-03566 | Fire License ACR-1750889

EXHIBIT B-1- Price Per Locations Proposal SecurePlan Materials and Install Totals Per Location

Name Address Austin District Location 11209 Metric Blvd, Austin, TX 78758 13984-1 Easy Lobby $4,836.84 $18,337.70 $23,174.54 Austin District Location 11210 Metric Blvd, Austin, TX 78758 13984-2 Server $6,792.00 $21,756.67 $28,548.67 Evins Regional Juvenile Center 3801 E Monte Cristo Rd, Edinburg, TX 7854113986-2 $4,836.84 $18,514.17 $23,351.01 McLennan County State Juvenile Correctional Facility 116 Burleson Rd, Mart, TX 76664 13989-3 $4,836.84 $18,514.17 $23,351.01 Ron Jackson State Juvenile Correctional Complex 611 FM 3254, Brownwood, TX 76804 13990-2 $4,836.84 $18,514.17 $23,351.01 Gainesville State School 1379 FM 678, Gainsville, TX 76240 13994-2 $4,836.84 $18,514.17 $23,351.01 Giddings State School 2261 James Turman Rd 14002-1 $4,836.84 $18,337.70 $23,174.54 $168,301.79 as of Contract date 8/28/19 Exhibit B-2 Access Control Budgetary Price (if required)

2 Door System ($6,000.00 - $8,000.00) Includes S2 Controller, door hardware, request to exit, door position switch, cable, reader and complete installation.

4 Door System ($10,000.00 - $14,000.00) Includes S2 Controller, door hardware, request to exit, door position switch, cable, reader and complete installation.

8 Door System ($20,000.00 - $28,000.00) Includes S2 Controller, door hardware, request to exit, door position switch, cable, reader and complete installation.

**The budgetary price is dependent on existing door hardware and any electronic devices currently used with an access control system.

Austin, Corpus Christi, Dallas/Fort Worth, Houston, Lubbock, San Antonio 800-642-1632 www.KnightSecurity.com Security License B-03566 Fire Contractor License ACR-1750889 Proven Security Solutions You Can Trust CONTRACT NUMBER CON0001078

EXHIBIT C TJJD’S CERTIFICATIONS AND GENERAL PROVISIONS

IF ANY OF THE TERMS AND CONDITIONS IN THE CERTIFICATIONS AND GENERAL PROVISIONS SECTIONS BELOW, SECTIONS I AND II, RESPECTIVELY, CONFLICT WITH ANY OF THE TERMS AND CONDITIONS OF SERVICE PROVIDER’S CONTRACT WITH DIR, THE TERMS AND CONDITIONS OF SERVICE PROVIDER’S DIR CONTRACT TAKE PRECEDENCE.

I. CERTIFICATIONS

Article 1: Equal Opportunity

Service Provider certifies compliance with all terms, provisions, and requirements of Titles VI and VII, Civil Rights Act of 1964, the Americans with Disabilities Act of 1990, and any other federal, state, local, or other anti-discriminatory act, law, statute, or regulation, along with all amendments and revisions of the acts, laws, statutes, or regulations, in the performance of this contract, and will not discriminate against any child or youth, client, employee, or applicant for employment because of race, creed, religion, age, sex, color, national or ethnic origin, handicap, or any other illegal discriminatory basis or criteria.

Article 2: Unfair Business Practices

Service Provider certifies that neither it nor its officers have been found guilty in a judicial or state administrative agency proceeding of unfair business practices as set out in the Texas Business and Commerce Code and that no officer of Service Provider has served as an officer of another company which has been found guilty in a judicial or state administrative agency proceeding of unfair business practices. If the above certifications are false, the contract is void.

Article 3: Franchise Taxes

Section 1: Service Provider certifies that should Service Provider be subject to payment of Texas franchise taxes, all franchise taxes are current. If such certification is false, the contract may be terminated at the option of TJJD or other administrative error sanctions may be taken. Section 2: If Service Provider is exempt from payment of Texas franchise taxes, Service Provider shall so indicate by attachment to the contract. Section 3: If Service Provider’s payment of Texas franchise taxes becomes delinquent during the term of the contract, Service Provider will notify TJJD within 24 hours. If such delinquency cannot be cured within 24 hours and a copy of the Certification of Account Status proving payment of delinquent taxes cannot be provided to TJJD, the contract may be terminated at the option of TJJD or other administrative error sanctions may be taken under the provisions of the contract.

Article 4: Required Disclosure of Lobbyist Activity and Certificate of Interested Parties

Page 1 of 15

CONTRACT NUMBER CON0001078

Service Provider agrees that if, at any time during the term of the contract, an employee, director, subconsultant, or subcontractor of Service Provider is required to register as a lobbyist under Texas Government Code Chapter 305, Service Provider shall notify TJJD and provide timely copies of all reports filed with the Texas Ethics Commission, as required by Chapter 305.

Additionally, pursuant to House Bill 1295 and Texas Government Code Section 2252.908, Service Provider must submit a Certificate of Interested Parties or disclosure of interested parties on a form prescribed by the Texas Ethics Commission, currently identified as Form 1295. Prior to submission of this signed contract to TJJD, Service Provider must file Form 1295 through the online filing application process on the Texas Ethics Commission website at https://www.ethics.state.tx.us/whatsnew/elf_info_form1295.htm. TJJD will acknowledge Service Provider’s Form 1295 within thirty (30) days of submission.

Article 5: Notification to TJJD of Subconsultants and Subcontractors

Section 1: Service Provider shall notify TJJD of the selection and/or use of all subcontractors or subconsultants regularly used by Service Provider in performing or assessing the performance of Service Provider’s duties under the contract if paid or anticipated to be paid an amount exceeding five thousand dollars ($5,000.00) during the term of the contract. Service Provider may not use subcontractors and subconsultants to perform Service Provider’s duties under the contract without prior written approval of TJJD. Approval will not be unreasonably withheld. Section 2: No contractual relationship will exist between Service Provider’s subconsultants or subcontractors and TJJD. TJJD shall have no responsibility whatsoever for the conduct, actions, or commissions (active or passive) of any subconsultants or subcontractors in the performance of their duties under the contract. Section 3: Service Provider shall be solely responsible for the management of any subconsultants or subcontractors in the performance of their duties under this contract.

Article 6: Compliance with Child Support, Section 231.006, Texas Family Code

Under Section 231.006, Family Code, the vendor or applicant [Service Provider] certifies that the individual or business entity named in this contract, bid, or application is not ineligible to receive the specified grant, loan, or payment and acknowledges that this contract may be terminated and payment may be withheld if this certification is inaccurate. A bid or an application for a contract, grant, or loan paid from state funds must include the name and social security number of the individual or sole proprietor and each partner, shareholder, or owner with an ownership interest of at least 25 percent of the business entity submitting the bid or application.

SERVICE PROVIDER MUST PROVIDE, IN THE SPACE BELOW, THE NAME AND SOCIAL SECURITY NUMBER OF AN INDIVIDUAL OWNER, A SOLE PROPRIETOR, AND ALL PARTNERS, SHAREHOLDERS, OR OWNERS WITH AN OWNERSHIP INTEREST OF AT LEAST TWENTY-FIVE (25) PERCENT OF THE BUSINESS ENTITY ENTERING INTO THE CONTRACT.

Page 2 of 15

CONTRACT NUMBER CON0001078

For business entities with no identifiable owner of twenty-five percent (25%) or more of the entity, indicate with “NONE” on the first line below.

Name: Social Security Number:

FEDERAL PRIVACY ACT NOTICE: This notice is given pursuant to the Federal Privacy Act. Disclosure of your Social Security Number (SSN) is required under Section 231.006(c) and Section 231.302(c)(2) of the Texas Family Code. The SSN will be used to identity persons that may owe child support. The SSN will be kept confidential to the fullest extent allowed under Section 231.302(e), Texas Family Code.

Article 7: Compliance with Section 572.054, Texas Government Code, Former Officer or Employee of TJJD

Service Provider certifies compliance with Texas Government Code Section 572.054. Service Provider has not employed a former officer or employee of TJJD to perform services on Service Provider’s behalf, to secure the contract, or to represent Service Provider in any manner prohibited by Section 572.054. A false certification could result in termination of the contract, withholding of payments, or other administrative error sanctions.

Article 8: Compliance with Section 2252.901, Texas Government Code, Former or Retired Employee of the Agency

Service Provider represents and warrants that none of its employees including, but not limited to, those authorized to provide services under the contract, were former employees of TJJD during the twelve (12) month period immediately prior to the date of execution of the contract.

This requirement applies to employment contracts and professional services and consulting services contracts under Texas Government Code Chapter 2254 with former or retired TJJD employees, as indicated by Texas Government Code Section 2252.901, which reads, “A state agency may not enter into an employment contract, a professional services contract under Chapter 2254, or a consulting services contract under Chapter 2254 with a former or retired employee of the agency before the first anniversary of the last date on which the individual was employed by the agency, if appropriated money will be used to make payments under the contract. This section does not prohibit an agency from entering into a professional services contract with a corporation, firm, or other business entity that employs a former or retired employee of the agency within one year of the employee’s leaving the agency, provided that the former or retired employee does not perform services on projects for the corporation, firm or other business entity that the employee worked on while employed by the agency.”

Page 3 of 15

CONTRACT NUMBER CON0001078

Article 9: Suspension and Debarment

Service Provider certifies that it and its principals are eligible to participate in this transaction and have not been subjected to suspension, debarment, or similar ineligibility determined by any federal, state, or local governmental entity. Entities ineligible for federal procurement are listed at http://www.sam.gov.

Article 10: Excluded Parties/Terrorism

Service Provider certifies that it is not listed in the prohibited vendors list authorized by Executive Order No. 13224, "Blocking Property and Prohibiting Transactions with Persons Who Commit, Threaten to Commit, or Support Terrorism”, published by the United States Department of the Treasury, Office of Foreign Assets Control.

Article 11: Prior Disaster Relief Contract Violation

Under Section 2155.006 and 2261.053, Government Code, the vendor [Service Provider] certifies that the individual or business entity named in this bid or contract is not ineligible to receive the specified contract and acknowledges that this contract may be terminated and payment withheld if this certification is inaccurate.

A state agency may not accept a bid or award a contract, including a contract for which purchasing authority is delegated to a state agency, that includes proposed financial participation by a person who, during the five-year period preceding the date of the bid or award, has been: (1) convicted of violating a federal law in connection with a contract awarded by the federal government for relief, recovery, or reconstruction efforts as a result of Hurricane Rita, as defined by Section 39.459, Utilities Code, Hurricane Katrina, or any other disaster occurring after September 24, 2005; or (2) assessed a penalty in a federal civil or administrative enforcement action in connection with a contract awarded by the federal government for relief, recovery, or reconstruction efforts as a result of Hurricane Rita, as defined by Section 39.459, Utilities Code, Hurricane Katrina, or any other disaster occurring after September 24, 2005.

Article 12: Antitrust

Service Provider represents and warrants that, in accordance with Section 2155.005 of the Texas Government Code, neither Service Provider nor the firm, corporation, partnership, or institution represented by Service Provider, or anyone acting for such a firm, corporation or institution has (1) violated any provision of the Texas Free Enterprise and Antitrust Act of 1983, Chapter 15 of the Texas Business and Commerce Code, or the federal antitrust laws, or (2) communicated directly or indirectly the contents of this contract to any competitor or any other person engaged in the same line of business as Service Provider.

Article 13: Intellectual Property Indemnification

Page 4 of 15

CONTRACT NUMBER CON0001078

SERVICE PROVIDER SHALL DEFEND, INDEMNIFY, AND HOLD HARMLESS TJJD AND THE STATE OF TEXAS FROM AND AGAINST ANY AND ALL CLAIMS, VIOLATIONS, MISAPPROPRIATIONS OR INFRINGEMENT OF ANY PATENT, TRADEMARK, COPYRIGHT, TRADE SECRET OR OTHER INTELLECTUAL PROPERTY RIGHTS AND/OR OTHER INTANGIBLE PROPERTY, PUBLICITY OR PRIVACY RIGHTS, AND/OR IN CONNECTION WITH OR ARISING FROM: (1) THE PERFORMANCE OR ACTIONS OF SERVICE PROVIDER PURSUANT TO THIS CONTRACT; (2) ANY DELIVERABLE, WORK PRODUCT, CONFIGURED SERVICE OR OTHER SERVICE PROVIDED HEREUNDER; AND/OR (3) TJJD’S AND/OR SERVICE PROVIDER’S USE OF OR ACQUISITION OF ANY REQUESTED SERVICES OR OTHER ITEMS PROVIDED TO TJJD BY SERVICE PROVIDER OR OTHERWISE TO WHICH TJJD HAS ACCESS AS A RESULT OF SERVICE PROVIDER’S PERFORMANCE UNDER THE CONTRACT. SERVICE PROVIDER AND TJJD AGREE TO FURNISH TIMELY WRITTEN NOTICE TO EACH OTHER OF ANY SUCH CLAIM. SERVICE PROVIDER SHALL BE LIABLE TO PAY ALL COSTS OF DEFENSE, INCLUDING ATTORNEYS' FEES. THE DEFENSE SHALL BE COORDINATED BY SERVICE PROVIDER WITH THE OFFICE OF T HE TEXAS ATTORNE Y GEN ERAL (OA G) WHEN TEXAS STATE AGENCIES ARE NAMED DEFENDANTS IN ANY LAWSUIT AND SERVICE PROVIDER MAY NOT AGREE TO ANY SETTLEMENT WITHOUT FIRST OBTAINING THE CONCURRENCE FROM OAG. IN ADDITION, SERVICE PROVIDER WILL REIMBURSE TJJD AND THE STATE OF TEXAS FOR ANY CLAIMS, DAMAGES, COSTS, EXPENSES OR OTHER AMOUNTS, INCLUDING, BUT NOT LIMITED TO, ATTORNEYS’ FEES AND COURT COSTS, ARISING FROM ANY SUCH CLAIM. IF TJJD DETERMINES THAT A CONFLICT EXISTS BETWEEN ITS INTERESTS AND THOSE OF SERVICE PROVIDER OR IF TJJD IS REQUIRED BY APPLICABLE LAW TO SELECT SEPARATE COUNSEL, TJJD WILL BE PERMITTED TO SELECT SEPARATE COUNSEL AND SERVICE PROVIDER WILL PAY ALL REASONABLE COSTS OF TJJD’S COUNSEL.

Article 14: Contracting with Executive Head of State Agency

In accordance with Section 669.003 of the Texas Government Code, relating to contracting with the executive head of a state agency, Service Provider certifies that it is not (1) the executive head of TJJD, (2) a person who at any time during the four years before the date of the contract was the executive head of TJJD, or (3) a person who employs a current or former executive head of TJJD. Or Service Provider and TJJD have complied with the requirements of Section 669.003 concerning board approval and notice to the Legislative Budget Board.

Article 15: Abandonment or Default

If Service Provider defaults on the contract, TJJD reserves the right to cancel the contract without notice and either resolicit bids or award the contract to the next best responsive and responsible Service Provider. The defaulting Service Provider will not be considered in the resolicitation and may not be considered in future solicitations for the same type of work, unless the specifications or scope of work are significantly different. The period of suspension will be determined by TJJD based on the seriousness of the default.

Article 16: Certain Bids and Contracts Prohibited

Page 5 of 15

CONTRACT NUMBER CON0001078

Under Texas Government Code, Section 2155.004, TJJD may not accept a bid or award a contract that includes proposed financial participation by a person who received compensation from TJJD to participate in preparing the specifications or request for proposals on which the bid or contract is based. If Service Provider is not eligible, then the contract may be immediately terminated. Under Section 2155.004, Government Code, the vendor [Service Provider] certifies that the individual or business entity named in this bid or contract is not ineligible to receive the specified contract and acknowledges that the contract may be terminated and payment withheld if this certification is inaccurate.

Article 17: Gifts and Gratuity

Pursuant to Section 2155.003 of the Texas Government Code, Service Provider represents and warrants that it has not given, offered to give, nor intends to give at any time hereafter any economic opportunity, future employment, gift, loan, gratuity, special discount, trip, favor, or service to a public servant in connection with the contract.

Article 18: False Statements and Conflict of Interest - by signature hereon, Service Provider certifies that:

All statements and information prepared and submitted in the contract is current, complete, and accurate; Service Provider has disclosed in writing to TJJD all existing or potential conflicts of interest relative to the performance of the contract; and if circumstances change during the course of the contract, Service Provider shall promptly notify TJJD.

Article 19: Access to Information

Information, documentation, and other material in connection with this solicitation or any resulting contract may be subject to public disclosure pursuant to Chapter 552 of the Texas Government Code (the “Public Information Act”). In accordance with Section 2252.907 of the Texas Government Code, Service Provider is required to make any information created or exchanged with the State pursuant to the contract, and not otherwise excepted from disclosure under the Texas Public Information Act, available in a format that is accessible by the public at no additional charge to the State. Such formats include, but are not necessarily limited to, in a non-encrypted electronic format, PDF, and HTML.

Article 20: Verification of Worker Eligibility Clause

Service Provider certifies that for contracts for services, Service Provider shall utilize the U.S. Department of Homeland Security’s E-Verify system (E-Verify) during the term of the contract to determine the eligibility of: 1. all persons employed by Service Provider to perform duties within Texas; and 2. all persons, including subcontractors, assigned by Service Provider to perform work pursuant the contract within the United States of America.

Page 6 of 15

CONTRACT NUMBER CON0001078

Service Provider shall provide, upon written request by TJJD, an electronic or hard copy screenshot of the confirmation that Service Provider is enrolled in E-Verify. Service Provider shall provide, upon written request by TJJD, an electronic or hard copy of the confirmation or non- confirmation screen containing the E-Verify case verification number for attachment to the Form I-9 for each Service Provider employee, subcontractor, and subcontractor employee that meet the criteria above, following any required E-Verify protocols to allow for the provision of such information.

If it is determined that Service Provider has violated the certifications set forth in this Article, then (1) Service Provider shall be in breach of contract, (2) TJJD shall have the option to terminate the contract for cause without prior notice, and (3) in addition to any other rights or remedies available to TJJD under the contract, Service Provider shall be responsible for all costs incurred by TJJD to obtain substitute services to replace the terminated contract.

Article 21: Prohibition on Contracts with Companies Boycotting Israel

Pursuant to Section 2270.002 of the Texas Government Code, Service Provider certifies that either: (i) it meets an exemption criterion under Section 2270.002; or (ii) that it does not, and shall not for the duration of the contract, boycott Israel as the term is defined by 808.001(1) of the Texas Government Code. Article 22: Prohibition on Contracts with Companies Engaged in Business with Iran, Sudan, or Foreign Terrorist Organizations

Section 2252.152 of the Texas Government Code prohibits TJJD from awarding a contract to any person who does business with Iran, Sudan, or a foreign terrorist organization as defined in Section 2252.151 of the Texas Government Code. Service Provider certifies that it is not ineligible to receive the contract.

Article 23: Disaster Recovery Plan

Upon request of TJJD, Service Provider shall provide copies of its most recent business continuity and disaster recovery plans.

Article 24: Cybersecurity Training

If Service Provider, including subcontractor, officer, or employee of Service Provider, has access to a state computer system or database, then Service Provider and any applicable subcontractor, officer, or employee of Service Provider, must complete a cybersecurity training program (Program) certified under Texas Government Code Section 2054.519 as selected by TJJD. The Program must be completed during the term of the contract and during any renewal period thereafter, if applicable.

Page 7 of 15

CONTRACT NUMBER CON0001078

II. GENERAL PROVISIONS

Article 1: Relationship of Parties

Service Provider is acting as an independent contractor and is wholly responsible for the day-to-day operations of its programs and employees. No joint venture, partnership, or agency exists, nor shall be implied by the terms of the contract. No employee of Service Provider shall become an employee of TJJD by virtue of the contract.

Service Provider agrees and acknowledges that during the existence of the contract, Service Provider shall be entirely responsible for the liability and payment of Service Provider’s and Service Provider’s employees’ taxes of whatever kind, arising out of the performance of the contract. Service Provider agrees to comply with all state and federal laws applicable to any such persons, including laws regarding wages, taxes, insurance, and workers’ compensation. TJJD shall not be liable to Service Provider, its employees, agents, or others for the payment of taxes or the provision of unemployment insurance and/or workers’ compensation or any benefit available to a TJJD or other state employee. Further, Service Provider shall indemnify and hold harmless TJJD, state agencies, the State of Texas, and/or their employees, agents, representatives, and/or assignees from any liability, actions, claims, demands, or suits, and all related costs, attorneys’ fees, and expenses relating to tax liability, unemployment insurance, and/or workers’ compensation payments.

Article 2: Indemnity

SERVICE PROVIDER SHALL DEFEND, INDEMNIFY, AND HOLD HARMLESS THE STATE OF TEXAS AND TJJD, AND/OR THEIR OFFICERS, AGENTS, EMPLOYEES, REPRESENTATIVES, CONTRACTORS, ASSIGNEES, AND/OR DESIGNEES FROM ANY AND ALL LIABILITY, ACTIONS, CLAIMS, DEMANDS, OR SUITS, AND ALL RELATED COSTS, ATTORNEY FEES, AND EXPENSES ARISING OUT OF, OR RESULTING FROM ANY ACTS OR OMISSIONS OF SERVICE PROVIDER OR ITS AGENTS, EMPLOYEES, SUBCONTRACTORS, ORDER FULFILLERS, OR SUPPLIERS OF SUBCONTRACTORS IN THE EXECUTION OR PERFORMANCE OF THE CONTRACT AND ANY PURCHASE ORDERS ISSUED UNDER THE CONTRACT. THE DEFENSE SHALL BE COORDINATED BY SERVICE PROVIDER WITH THE OFFICE OF THE TEXAS ATTORNEY GENERAL WHEN TEXAS STATE AGENCIES ARE NAMED DEFENDANTS IN ANY LAWSUIT AND SERVICE PROVIDER MAY NOT AGREE TO ANY SETTLEMENT WITHOUT FIRST OBTAINING THE CONCURRENCE FROM THE OFFICE OF THE TEXAS ATTORNEY GENERAL. SERVICE PROVIDER AND TJJD AGREE TO FURNISH TIMELY WRITTEN NOTICE TO EACH OTHER OF ANY SUCH CLAIM.

Article 3: Proof of Financial Stability and Financial Reporting

If TJJD has credible information that calls into question Service Provider’s ability to meet its financial obligations, TJJD may require Service Provider to provide proof of financial stability. Correspondence from Service Provider’s independent auditor that Service Provider is able to meet its current financial commitments shall suffice as proof of financial stability.

Page 8 of 15

CONTRACT NUMBER CON0001078

Service Provider shall provide an itemized cost breakdown in conjunction with invoices to indicate how TJJD/State of Texas funds are being used to provide services during the contract term.

Article 4: Liability Insurance

Section 1: Service Provider shall maintain liability insurance in the amount of $1,000,000.00 per occurrence with a separate aggregate limit of $2,000,000. Section 2: Service Provider shall provide proof of insurance documents to TJJD Contracts Department, upon request. Section 3: The required insurance coverage, in the above stated amount, must be maintained during the term of the contract and through any subsequent extensions. Failure to maintain the required insurance coverage may result in termination of the contract or administrative error sanctions.

Article 5: Confidentiality and Security

Service Provider agrees that all of its employees, contractors, subcontractors, and associates will maintain the confidentiality of all juvenile records and identifying information.

Service Provider and all of its employees, contractors, subcontractors, and associates performing maintenance, development, and/or system or database administration must complete the requisite fingerprint and background checks before being authorized to perform work under the contract.

Article 6: Administrative Error Sanctions

Section 1: In addition to its authority to terminate the contract under Article 7 below or other provisions of the contract, TJJD, based on information from monitoring or other verifiable sources, may take other actions including, but not limited to: a. Requiring Service Provider to take specific corrective actions in order to remain in compliance with the terms of the contract; and/or b. Recouping payment made to Service Provider; and/or c. Imposing recommendations from audit or investigative findings, and minor or major sanctions; and/or d. Assessing liquidated damages to the extent allowed by Texas law for each instance of non- compliance; and/or e. Suspending, placing into abeyance, or removing any contractual rights including, but not limited to, withholding payment. Section 2: Service Provider shall cooperate fully with TJJD and its authorized representatives in carrying out corrective action plans.

Page 9 of 15

CONTRACT NUMBER CON0001078

Article 7: Termination

Section 1: Service Provider may terminate, for convenience, its obligations under the contract by giving thirty (30) days’ written notice to TJJD. Section 2: TJJD may terminate, for convenience, its obligations under the contract by giving thirty (30) days’ written notice to Service Provider. Section 3: TJJD shall terminate the contract in the event that TJJD is not granted funding to pay for the herein described services or in the event that funding is lost due to either a reduction in the budget or a reallocation of budgeted funds. Section 4: Cause/Default/Breach: If Service Provider fails to provide the goods or services contracted for according to the provisions of the contract or fails to comply with any terms or conditions of the contract, TJJD may, upon written notice of default or breach to Service Provider, immediately terminate all or any part of the contract. Termination is not an exclusive remedy, but exists in addition to any other rights and remedies provided in equity, by law, or under the contract. TJJD may exercise any other right, remedy, or privilege available to it under applicable law or may proceed by appropriate court action to enforce the provisions of the contract. The exercise of any of the foregoing remedies will not constitute a termination of the contract unless TJJD notifies Service Provider in writing prior to the exercise of such remedy. Service Provider shall be liable for all costs and expenses, including court costs, incurred by TJJD with respect to the enforcement of any of the remedies listed herein. Section 5: Termination of the contract shall not release Service Provider from liability or obligation set forth in the contract that is expressly stated to survive termination or by its nature would be intended to be applicable following termination, including, but not limited to, provisions regarding confidentiality, indemnification, transition, records, audit, property rights, dispute resolution, and invoice and fee verifications.

Article 8: Funding Out Clause

The contract is subject to termination or cancellation, without penalty to TJJD, either in whole or in part, subject to the availability of state funds. TJJD is a state agency whose authority and appropriations are subject to actions of the Texas Legislature. If TJJD becomes subject to a legislative change, revocation of statutory authority, or lack of appropriated funds that would render either TJJD’s or Service Provider’s delivery or performance under the contract impossible or unnecessary, the contract will be terminated or cancelled and be deemed null and void. In the event of a termination or cancellation under this Section, TJJD will not be liable to Service Provider for any damages that are caused or associated with such termination or cancellation and TJJD will not be required to give prior notice.

Article 9: Waiver

No waiver by either party of any breach or default of the other under the contract shall operate as a waiver of any future or other breach or default, whether of a like or different character or nature.

Page 10 of 15

CONTRACT NUMBER CON0001078

Article 10: Severability

The provisions of the contract are severable. If any provision of the contract is determined by a court of law or other competent authority to be invalid and contrary to any federal, state, or local law, such invalidity shall not affect the other provisions or applications of the contract, which can be given effect without the invalid provision or application.

Article 11: Contract Term See SECTION I: CONTRACT TERM

Article 12: Contract Amendment and Merger Clause

The contract encompasses the complete and entire agreement of the parties. Neither party has made or relied on any representations, stipulations, or agreements other than those expressly contained in the contract. No other contracts or agreements, oral or written, shall constitute a part of the contract unless such is made in writing, executed by the parties hereto or their successors, and expressly made a part of the contract. The contract may only be amended or supplemented by written amendment, executed by the parties hereto or their successors, and expressly made a part of the contract, except that TJJD reserves the right to make unilateral minor administrative changes to correct typographical errors or change the TJJD contract identification number.

Article 13: Notice of Changes

Section 1: Service Provider shall notify TJJD immediately in writing in advance of any significant change affecting Service Provider, including, but not limited to, change of Service Provider’s name or identity, location of services, ownership or control, operating entity, governing board membership, key personnel, payee identification number, and any other significant changes that may affect the delivery of services under the terms of the contract. Section 2: Service Provider shall not transfer or assign the contract or enter into any subcontract for the services under the contract without prior written approval from TJJD. Section 3: Service Provider shall not relocate the services provided under the contract from the location to be stated in the preamble without prior written approval from TJJD and a certification that the location to which services are to be relocated is in compliance with Chapter 244, Texas Local Government Code, if applicable.

Article 14: Notice

Required mailed notices shall be addressed to the Office of General Counsel, Texas Juvenile Justice Department, P.O. Box 12757, Austin, TX 78711 or 11209 Metric Boulevard, Building H, Suite A, Austin, Texas 78711, and to Service Provider at 4509 Freidrich Lane, Suite 110, Austin, Texas 78744.

Article 15: Governing Law and Venue

Page 11 of 15

CONTRACT NUMBER CON0001078

The contract shall be governed by and construed in accordance with the laws of the State of Texas, without regard to the conflicts of law provisions. The venue of any suit arising under the contract is fixed in any court of competent jurisdiction of Travis County, Texas, unless the specific venue is otherwise identified in a statute which directly names or otherwise identifies its applicability to TJJD.

Article 16: Problem Solving in the Ordinary Course of Business

Section 1: The parties to the contract shall use the procedures contained in this Article for routine problem solving. These procedures may also be used if a party is asserting a claim for breach of contract. Should these procedures not resolve claims for breach of the contract, the procedures contained in Article 17 below shall be followed thereafter. Section 2: Informal Resolution: Service Provider and TJJD staff will communicate regularly and engage in informal problem solving efforts as a routine measure, thus preventing differences from becoming major problems. When routine measures have been exhausted, Service Provider and TJJD staff are encouraged to utilize the following mechanism to resolve problems. Section 3: Formal Resolution: a. Service Provider or TJJD staff who wish to submit problems for resolution may do so in writing, including all relevant information and a recommended resolution (Statement of Problem). b. The Statement of Problem will be submitted to the designated contact, unless the problem specifically involves the designated contact, in which case, it will be submitted to the designated contact’s supervisor. c. Problems are to be addressed within ten (10) working days; a written decision will be sent to the individual or program that submitted it, to the designated contact, and to the designated contact’s supervisor. Section 4: Appeal: Service Provider or TJJD staff desiring to appeal the decision may do so in writing, within ten (10) working days from the date of written decision, by providing all pertinent information relevant to the appeal to the designated contact’s supervisor if the problem was originally addressed by the designated contact, or to the Office of General Counsel if the problem was addressed by the designated contact’s supervisor. When appealed, the problem shall be addressed within fourteen (14) working days, with written responses sent to the individual or program who submitted it, the designated contact, the designated contact’s supervisor, and the Office of General Counsel.

Article 17: Claims for Breach of Contract

The dispute resolution process provided for in Chapter 2260 of the Texas Government Code must be used to attempt to resolve any dispute arising under this contract. If the Service Provider’s claim for breach of contract cannot be resolved informally with TJJD, the claim shall be submitted to the negotiation process provided in Chapter 2260. However, Chapter 2260 does not waive sovereign immunity to suit or liability.

Page 12 of 15

CONTRACT NUMBER CON0001078

To initiate the process, Service Provider shall submit written notice, as required by Chapter 2260, to the individual identified in the contract for receipt of notices. Any informal resolution efforts shall in no way modify the requirements or toll the timing of the formal written notice of a claim for breach of contract required under Section 2260.051 of the Texas Government Code. Compliance by the Service Provider with Chapter 2260 is a condition precedent to the filing of a contested case proceeding under Chapter 2260.

The contested case process provided in Chapter 2260 is the Service Provider’s sole and exclusive process for seeking a remedy for an alleged breach of contract by TJJD, defended by the Office of the Attorney General, if the parties are unable to resolve their disputes as described above. Notwithstanding any other provision of the contract to the contrary, unless otherwise requested or approved in writing by TJJD, the Service Provider shall continue performance and shall not be excused from performance during the period any breach of contract claim or while the dispute is pending. However, the Service Provider may suspend performance during the pendency of such claim or dispute if Service Provider has complied with all provisions of Section 2251.051 of the Texas Government Code (Vendor Remedy for Nonpayment of Contract), and such suspension of performance is expressly applicable and authorized under that law.

Article 18: No Third Party Beneficiaries

The terms of the contract are for the sole benefit of the parties to the contract and will not be construed to confer any rights on any other person.

Article 19: Audit Clause

Pursuant to Section 2262.154 of the Texas Government Code, the state auditor may conduct an audit or investigation of any entity receiving funds from the state directly under any contract or indirectly through a subcontract under the contract. The acceptance of funds by the Service Provider or any other entity or person directly under the contract or indirectly through a subcontract under the contract acts as acceptance of the authority of the state auditor, under the direction of the legislative audit committee, to conduct an audit or investigation in connection with those funds. Under the direction of the legislative audit committee, the Service Provider or other entity that is the subject of an audit or investigation by the state auditor must provide the state auditor with access to any information the state auditor considers relevant to the investigation or audit. Service Provider shall ensure that this paragraph concerning the authority to audit funds received indirectly by subcontractors through the contract and the requirement to cooperate is included in any subcontract it awards.

Service Provider shall maintain and retain supporting fiscal documents adequate to ensure that claims for contract funds are in accordance with TJJD and State of Texas requirements. Service Provider shall maintain all such documents and other records relating to this contract and the State’s property for a period of seven (7) years after the date of submission of the final invoices or until a resolution of all billing questions or contract issues, whichever is later. Service Provider

Page 13 of 15

CONTRACT NUMBER CON0001078

shall make available at reasonable times and upon reasonable notice, and for reasonable periods, all information related to the State’s property, such as work papers, reports, books, data, files, software, records, and other supporting documents pertaining to this contract, for purposes of inspecting, monitoring, auditing, or evaluating by TJJD, the State of Texas, or their authorized representatives. Service Provider shall cooperate with auditors and other authorized TJJD and State of Texas representatives and shall provide them with prompt access to all of such State’s property as requested by TJJD or the State of Texas. Service Provider’s failure to comply with this Article shall constitute a material breach of this contract and shall authorize the TJJD to immediately assess liquidated damages. TJJD may require, at Service Provider’s sole cost and expense, independent audits by a qualified certified public accounting firm of Service Provider’s books and records or the State’s property. The independent auditor shall provide TJJD with a copy of such audit at the same time it is provided to Service Provider. TJJD retains the right to issue a request for proposals for the services of an independent certified public accounting firm under this contract.

The contract may be amended unilaterally by TJJD to comply with any rules and procedures of the state auditor in the implementation and enforcement of Section 2262.154 of the Texas Government Code.

Article 20: Debt Owed to State of Texas

Terms of payment shall be in accordance with Chapter 2251 of the Texas Government Code and in accordance with Section 403 .0551 of the Texas Government Code. Any payments owed to Service Provider under the contract will be applied toward elimination of Service Provider's indebtedness to the state or delinquency in payment of taxes to the state until the indebtedness or delinquency is paid in full. Service Provider agrees that any payments due under the contract will be applied towards any debt Service Provider owes to the State of Texas, including, but not limited to, delinquent taxes, delinquent student loan payments, and unpaid child support payments.

Article 21: Specifications

Service Provider shall provide services in accordance with the specifications contained in the contract. TJJD will determine the answers to all questions that may arise as to the interpretation of the specifications and the quality or acceptability of work performed. TJJD will decide the rate of progress of the work and the acceptable fulfillment of services on the part of Service Provider.

Article 22: Assignment

Without the prior written consent of TJJD, Service Provider may not assign the contract, in whole or in part, or any right or duty required under it.

Article 23: Compliance with Other Laws

Page 14 of 15

CONTRACT NUMBER CON0001078

In the execution of the contract, Service Provider shall comply with all applicable federal, state, and local laws, including laws governing labor, equal employment opportunity, safety, and environmental protection. Service Provider shall make itself familiar with and at all times shall observe and comply with all federal, state, and local laws, ordinances, and regulations which in any manner affect performance under the contract.

Article 24: Signature Authority, Binding Effect, and Sovereign Immunity

Service Provider represents and warrants that the individual signing this contract is authorized to sign this document on behalf of Service Provider and to bind Service Provider under this contract. This contract shall be binding upon and shall inure to the benefit of TJJD and Service Provider and to their representatives, successors, and assigns. The parties expressly agree that no provision of this contract is in any way intended to constitute a waiver by TJJD or the State of Texas of any immunities from suit or from liability that TJJD or the State of Texas may have by operation of law.

Page 15 of 15

EXHIBIT D - DEPLOYMENT SCHEDULE

ID Task Task Name Duration Start Finish Aug 18, '19 Aug 25, '19 Mode W T F S S M T W T F S S M T W T F 0 Texas Juvenile Justice 67 days Fri 8/16/19 Mon Department ‐ Easy Lobby 11/18/19 Project 1 Submit proposal to easy 1 day Fri 8/16/19 Fri 8/16/19 lobby project to TJJD 2 Proposal review 10 days Mon 8/19/19Fri 8/30/19 3 Issue P.O. to Knight Security 1 day Mon 9/2/19 Mon 9/2/19 Systems 4 Kick off meeting 1 day Tue 9/3/19 Tue 9/3/19 5 Coordinate install dates with 3 days Wed 9/4/19 Fri 9/6/19 TJJD locations and stakeholders 6 Order and receive materials 15 days Wed 9/4/19 Tue 9/24/19 7 Austin District ‐ 11209 3 days Wed Fri 9/27/19 Metric Blvd, Austin, TX 9/25/19 8 Evins Regional Juvenile 3 days Mon Wed Center ‐ 3801 E Monte 9/30/19 10/2/19 Cristo Rd, Edinburg, TX 9 Edna Tamayo House ‐ 1438 3 days Thu 10/3/19 Mon N 77th Sunshine Strip, 10/7/19 Harlingen, TX 78550 10 Ayres House ‐ 17259 3 days Tue 10/8/19 Thu Nacogdoches Rd, San 10/10/19 Antonio, TX 78266

Task Inactive Summary External Tasks

Split Manual Task External Milestone

Milestone Duration-only Deadline Project: Texas Juvenile Justice D Date: Fri 8/16/19 Summary Manual Summary Rollup Progress Project Summary Manual Summary Manual Progress

Inactive Task Start-only

Inactive Milestone Finish-only

Page 1 EXHIBIT D - DEPLOYMENT SCHEDULE

ID Task Task Name Duration Start Finish Aug 18, '19 Aug 25, '19 Mode W T F S S M T W T F S S M T W T F 11 McLennan County State 3 days Fri 10/11/19 Tue Juvenile Correctional 10/15/19 Facility ‐ 116 Burleson Rd, Mart, TX 76664 12 Ron Jackson State 3 days Wed Fri 10/18/19 Juvenile Correctional 10/16/19 Complex ‐ 611 FM 3254, Brownwood, TX 76804 13 Brownwood Halfway House 3 days Mon Wed ‐ 910 FM 3254, Brownwood, 10/21/19 10/23/19 TX 76801 14 Schaeffer House ‐ 12451 3 days Thu Mon Garment Road, El Paso, TX 10/24/19 10/28/19 79938 15 Gainesville State School ‐ 3 days Tue Thu 1379 FM 678, Gainesville, TX 10/29/19 10/31/19 76240 16 McFadden Ranch ‐ 3505 N. 3 days Fri 11/1/19 Tue 11/5/19 Haynes Rd, Roanoke, TX 76262 17 Willoughby House ‐ 8100 3 days Wed Fri 11/8/19 W. Elizabeth Ln, Fort Worth, 11/6/19 TX 76116 18 Punch List 4 days Mon 11/11/1Thu 11/14/19 19 Customer Sign Off 1 day Fri 11/15/19 Fri 11/15/19 20 Present Deliverables 1 day Mon Mon Package to Customer 11/18/19 11/18/19

Task Inactive Summary External Tasks

Split Manual Task External Milestone

Milestone Duration-only Deadline Project: Texas Juvenile Justice D Date: Fri 8/16/19 Summary Manual Summary Rollup Progress Project Summary Manual Summary Manual Progress

Inactive Task Start-only

Inactive Milestone Finish-only

Page 2 EXHIBIT D - DEPLOYMENT SCHEDULE

Sep 1, '19 Sep 8, '19 Sep 15, '19 Sep 22, '19 Sep 29, '19 Oct 6, '19 F S S M T W T F S S M T W T F S S M T W T F S S M T W T F S S M T W T F S S M T W

Task Inactive Summary External Tasks

Split Manual Task External Milestone

Milestone Duration-only Deadline Project: Texas Juvenile Justice D Date: Fri 8/16/19 Summary Manual Summary Rollup Progress Project Summary Manual Summary Manual Progress

Inactive Task Start-only

Inactive Milestone Finish-only

Page 3 EXHIBIT D - DEPLOYMENT SCHEDULE

Sep 1, '19 Sep 8, '19 Sep 15, '19 Sep 22, '19 Sep 29, '19 Oct 6, '19 F S S M T W T F S S M T W T F S S M T W T F S S M T W T F S S M T W T F S S M T W

Task Inactive Summary External Tasks

Split Manual Task External Milestone

Milestone Duration-only Deadline Project: Texas Juvenile Justice D Date: Fri 8/16/19 Summary Manual Summary Rollup Progress Project Summary Manual Summary Manual Progress

Inactive Task Start-only

Inactive Milestone Finish-only

Page 4 EXHIBIT D - DEPLOYMENT SCHEDULE

Oct 13, '19 Oct 20, '19 Oct 27, '19 Nov 3, '19 Nov 10, '19 Nov 17, '19 T F S S M T W T F S S M T W T F S S M T W T F S S M T W T F S S M T W T F S S M T W

Task Inactive Summary External Tasks

Split Manual Task External Milestone

Milestone Duration-only Deadline Project: Texas Juvenile Justice D Date: Fri 8/16/19 Summary Manual Summary Rollup Progress Project Summary Manual Summary Manual Progress

Inactive Task Start-only

Inactive Milestone Finish-only

Page 5 EXHIBIT D - DEPLOYMENT SCHEDULE

Oct 13, '19 Oct 20, '19 Oct 27, '19 Nov 3, '19 Nov 10, '19 Nov 17, '19 T F S S M T W T F S S M T W T F S S M T W T F S S M T W T F S S M T W T F S S M T W

Task Inactive Summary External Tasks

Split Manual Task External Milestone

Milestone Duration-only Deadline Project: Texas Juvenile Justice D Date: Fri 8/16/19 Summary Manual Summary Rollup Progress Project Summary Manual Summary Manual Progress

Inactive Task Start-only

Inactive Milestone Finish-only

Page 6