oversight

Nuclear Security: NNSA Needs to Better Manage Its Safeguards and Security Program

Published by the Government Accountability Office on 2003-05-30.

Below is a raw (and likely hideous) rendition of the original report. (PDF)

             United States General Accounting Office

GAO          Report to the Chairman, Subcommittee
             on National Security, Emerging
             Threats, and International Relations,
             Committee on Government Reform,
             House of Representatives
May 2003
             NUCLEAR SECURITY

             NNSA Needs to Better
             Manage Its Safeguards
             and Security Program




GAO-03-471
                                               May 2003


                                               NUCLEAR SECURITY

                                               NNSA Needs to Better Manage Its
Highlights of GAO-03-471, a report to the      Safeguards and Security Program
Chairman, Subcommittee on National
Security, Emerging Threats, and
International Relations, Committee on
Government Reform, House of
Representatives




The attacks of September 11, 2001,             NNSA has not been fully effective in managing its safeguards and security
intensified long-standing concerns             program in four key areas. As a result, NNSA cannot be assured that its
about the adequacy of safeguards               contractors are working to maximum advantage to protect critical facilities
and security at four nuclear                   and material from individuals seeking to inflict damage. The four areas are
weapons production sites and three             as follows:
national laboratories that design
nuclear weapons—most of these
facilities store plutonium and                     •    Defining clear roles and responsibilities. NNSA still has not fully
uranium in a variety of forms.                          defined clear roles and responsibilities for its headquarters and site
These facilities can become targets                     operations.
for such actions as sabotage or
theft. The Department of Energy                    •    Assessing sites’ security activities. Without a stable and effective
(DOE) and the National Nuclear                          management structure and with ongoing confusion about roles and
Security Administration (NNSA)—a                        responsibilities, inconsistencies have emerged among NNSA sites on
separately organized agency within                      how they assess contractors’ security activities. Consequently,
DOE—are responsible for these
                                                        NNSA cannot be assured that all facilities are subject to the
facilities. NNSA plays a crucial
role in managing the contractors                        comprehensive annual assessments that DOE policy requires.
operating many of these facilities
to ensure that security activities                 •    Overseeing contractors’ corrective actions. To compound the
are effective and in line with                          problems in conducting security assessments, NNSA contractors do
departmental policy. GAO                                not consistently conduct required analyses in preparing corrective
reviewed how effectively NNSA                           action plans. As a result, potential opportunities to improve physical
manages its safeguards and                              security at the sites are not maximized because corrective actions
security program, including how it                      are developed without fully considering the problems’ root causes,
oversees contractor security                            risks posed, or cost versus the benefit of taking corrective action.
operations.
                                                   •    Allocating staff. NNSA has shortfalls at its site offices in the total
                                                        number of staff and in expertise, which could make it more difficult
GAO is making four                                      for site offices to effectively oversee security activities.
recommendations to the Secretary
of Energy and the Administrator of
                                               Security Force in Action
NNSA to focus more on certain key
management and oversight issues.
Commenting on the draft report,
NNSA disagreed with GAO’s
conclusion that NNSA was not
ensuring the comprehensive,
annual assessments of contractors’
performance that DOE policy
requires. GAO continues to believe
that NNSA’s current efforts do not
ensure conformance to DOE
policy.
www.gao.gov/cgi-bin/getrpt?GAO-03-471.

To view the full report, including the scope
and methodology, click on the link above.
For more information, contact Robin M.
Nazzaro at (202) 512-3841 or
nazarror@gao.gov.
Contents


Letter                                                                                                   1
              Results in Brief                                                                           4
              Background                                                                                 7
              NNSA’s Lack of Safeguards and Security Direction in Key Areas
                Results in Inconsistent Management of Contractors                                        9
              Conclusions                                                                               16
              Recommendations for Executive Action                                                      16
              Agency Comments and Our Evaluation                                                        17

Appendix I    Comments from the National Nuclear Security
              Administration                                                                            20



Appendix II   GAO Contact and Staff Acknowledgments                                                     23




              Abbreviations

              DOE                                 Department of Energy
              FRAM                                Functions, Responsibilities, and
              Authorities Manual
              NNSA                                National Nuclear Security Administration


              This is a work of the U.S. Government and is not subject to copyright protection in the
              United States. It may be reproduced and distributed in its entirety without further
              permission from GAO. It may contain copyrighted graphics, images or other materials.
              Permission from the copyright holder may be necessary should you wish to reproduce
              copyrighted materials separately from GAO’s product.




              Page i                                                      GAO-03-471 Nuclear Security
United States General Accounting Office
Washington, DC 20548




                                   May 30, 2003

                                   The Honorable Christopher Shays
                                   Chairman, Subcommittee on National Security,
                                    Emerging Threats, and International Relations
                                   Committee on Government Reform
                                   House of Representatives

                                   Dear Mr. Chairman:

                                   Over the past decade, we and others have raised concerns about the
                                   adequacy of security at nuclear weapons facilities within the Department
                                   of Energy (DOE) and the National Nuclear Security Administration
                                   (NNSA)—a separately organized agency within DOE. For example, we
                                   reported in 2002 that DOE had not addressed problems in implementing
                                   security initiatives,1 while an independent study by the Commission on
                                   Science and Security,2 conducted at the request of DOE, found deficiencies
                                   in cyber security. Concerns over security within the nuclear weapons
                                   complex were brought into sharper focus by the September 11, 2001,
                                   terrorist attacks. These attacks highlighted the importance of effective
                                   physical security3 in response to a potentially large and well-organized
                                   threat.

                                   NNSA relies upon its safeguards and security program to ensure the
                                   physical security of the nation’s nuclear weapons complex. Currently, the
                                   complex has four production sites: the Pantex Plant, Amarillo, Texas; the
                                   Y-12 Plant, Oak Ridge, Tennessee; the Kansas City Plant, Kansas City,
                                   Missouri; and the Savannah River Site, Aiken, South Carolina. In addition
                                   to the production sites, the complex includes the Nevada Test Site and
                                   three national laboratories that design nuclear weapons: Lawrence


                                   1
                                    U.S. General Accounting Office, Nuclear Security: Lessons to Be Learned from
                                   Implementing NNSA’s Security Enhancements, GAO-02-358 (Washington, D.C.: March 29,
                                   2002).
                                   2
                                    Commission on Science and Security, Center for Strategic and International Studies,
                                   Science and Security in the 21st Century: A Report to the Secretary of Energy on the
                                   Department of Energy Laboratories (Washington, D.C.: Apr. 2002).
                                   3
                                    Physical security is the combination of operational and security equipment, personnel,
                                   and procedures used to protect facilities, information, documents, or material against theft,
                                   sabotage, diversion, or other criminal acts.



                                   Page 1                                                        GAO-03-471 Nuclear Security
Livermore National Laboratory, Livermore, California; Los Alamos
National Laboratory, Los Alamos, New Mexico; and the Sandia National
Laboratories, Albuquerque, New Mexico, and Livermore, California. To
implement its safeguards and security program, NNSA relies on site
contractors that are responsible for conducting day-to-day security
activities and adhering to DOE policies as they operate the complex’s
laboratory and production facilities. The contractors’ activities are subject
to DOE-NNSA oversight. NNSA has offices—site offices—co-located with
each site. Many of these sites possess Category I special nuclear material.
Category I material includes plutonium and uranium in the following
forms: (1) assembled nuclear weapons and test devices; (2) products
containing higher concentrations of plutonium or uranium, such as major
nuclear components, and recastable metal; and (3) high-grade materials,
such as carbides, oxides, solutions, and nitrates. The risks this radioactive
material poses vary, but include the potential for sabotage, or theft for
illegal use in a nuclear weapon. Because these materials pose such risks,
NNSA’s management of the safeguards and security program, which
includes overseeing contractor activities, is essential to preventing an
unacceptable, adverse impact on national security.

DOE’s Office of Security develops and promulgates orders and policies
that guide NNSA’s safeguards and security program. NNSA is responsible
for ensuring that its contractors’ security activities are effective and
conform to DOE’s orders and policy requirements. In conducting this
oversight, NNSA generally uses certain key processes intended to identify
specific weaknesses at contractor-operated sites and ensure that
weaknesses are corrected. These processes include, among other things,
(1) annual, comprehensive surveys conducted by subject matter experts
from across the complex and (2) ongoing reviews of one or more aspects
of contractors’ program (surveillance) by NNSA site officials.4

DOE’s Office of Independent Oversight and Performance Assurance also
assesses contractor security activities. In response to NNSA surveys and
assessments conducted by the Office of Independent Oversight and
Performance Assurance, DOE policy requires contractors to prepare
corrective action plans for identified problems and to ensure that these




4
 A surveillance is generally conducted by a single or small number of subject matter
experts, and the documentation from a surveillance or group of surveillance activities may
be used as part of the survey.




Page 2                                                      GAO-03-471 Nuclear Security
actions are based on documented root cause analysis, risk assessment,
and cost-benefit analysis.

You asked us to review physical security at NNSA and DOE facilities that
contain Category I materials. Specifically, as agreed with your office, this
report examines how NNSA manages its safeguards and security program.
This report is the first of two that we will be issuing to you on various
aspects of physical security at NNSA and DOE facilities. Our followup
report will focus on the extent to which physical security has improved;
the effectiveness of the process for establishing safeguards and security
requirements following the September 11, 2001, attacks; and the remaining
vulnerabilities.

To evaluate the overall safeguards and security oversight process, we
reviewed DOE policy and planning documents, including orders,
implementation guidance, and reports. We looked at what the orders and
guides prescribed, particularly DOE Order 470.1, and compared this to
how operations and site offices were following and implementing the
policies to see if there were any deficiencies. To determine how NNSA
organizes and conducts overall safeguards and security oversight, we met
with officials from DOE and NNSA headquarters and NNSA site offices.
The primary offices from which we obtained information were from DOE’s
Office of Security, Office of Independent Oversight and Performance
Assurance, and NNSA’s Office of Defense Nuclear Security and Nuclear
Safeguards and Security Program.5 We also evaluated the NNSA
reorganization with regard to the potential impact on oversight roles and
responsibilities of NNSA headquarters and site offices.

We visited 7 site offices from March 2002 to October 2002, to determine
how federal contractor oversight and the safeguards and security program
is managed. Specifically, we visited Los Alamos National Laboratory and
the Office of Los Alamos Site Operations in New Mexico, Sandia National
Laboratory and the Office of Kirtland Site Operations in New Mexico,
Department of Energy’s Albuquerque Operations Office in New Mexico,
the Office of Transportation Safeguards in New Mexico, Y-12 Plant, and
the Y-12 Site Office in Tennessee, Pantex Plant and the Office of Amarillo




5
 We did not include naval reactors in our review because it is a semiautonomous entity
within NNSA with a unique security structure and program.




Page 3                                                      GAO-03-471 Nuclear Security
                   Site Operations in Texas, the Savannah River Site6 and the Savannah River
                   Site Office in South Carolina, and Lawrence Livermore National
                   Laboratory and the Livermore Site Office in California. At each location
                   we met with both federal and contractor officials and obtained pertinent
                   supporting documentation.

                   To determine how NNSA sites prepare and document corrective action
                   plans and related analyses, we examined 43 closed and open corrective
                   action plans dated from 1999 through 2002 that we selected at random
                   from each of the 6 NNSA sites (as well as the DOE Savannah River Site,
                   which is expected to come under NNSA’s jurisdiction in the future) that
                   contain category I special nuclear materials.7 We reviewed these plans to
                   determine the extent and type of analyses that support the corrective
                   actions in the plans. These plans generally represent the contractors’
                   actions to address high priority findings in contractors’ security and
                   safeguards program. To understand how the corrective action process
                   currently works, we compared the processes in place at each NNSA site
                   we visited during 2002.

                   We performed our review from December 2001 through April 2003 in
                   accordance with generally accepted government auditing standards.


                   NNSA has not been fully effective in managing its safeguards and security
Results in Brief   program in four key areas, and therefore, it cannot be assured that its
                   contractors are working to maximum advantage to protect critical
                   facilities and material from individuals seeking to inflict damage. The
                   following four areas are key:

                   •   Defining clear roles and responsibilities. Since its creation in March
                       2000, NNSA’s management structure has been in a state of flux. While
                       in December 2002, NNSA issued what it considers final directives for
                       reorganizing headquarters and site offices, NNSA expects it will take
                       until at least September 2004 to fully implement its new management
                       structure. In particular, NNSA is still defining its site offices’ roles and


                   6
                     Although the Savannah River Site is still an Environmental Management designated site,
                   according to site officials, it will likely become an NNSA site once the accelerated cleanup
                   is complete. Because of its present role as a key DOE nuclear weapons production site, we
                   included it in our review of site offices.
                   7
                    One of the seven sites—Transportation Safeguards——is operated by NNSA, not a
                   contractor.




                   Page 4                                                       GAO-03-471 Nuclear Security
    responsibilities for safeguards and security. Specifically, it is still
    developing the components of a Functions, Responsibilities, and
    Authorities Manual, which will not be completed for several months
    because of the highly detailed planning necessary for determining staff
    functions at the various sites. This manual, which NNSA itself
    recognizes as crucial, is intended to set out roles and responsibilities
    clearly. This still-developing management structure led to confusion
    about the roles and responsibilities of the headquarters and site offices.

•   Assessing sites’ security activities. Without a functional management
    structure and with ongoing confusion about roles and responsibilities,
    inconsistencies have emerged among the NNSA sites on how to
    conduct key aspects of safeguards-and-security assessment activities.
    In particular, three out of the seven NNSA site offices use the
    traditional survey approach, as required by DOE policy, to oversee
    security activities, while four have discontinued surveys and instead
    rely on surveillance activities. The distinction between these two
    activities is important: A survey provides a comprehensive annual
    review, by a team of experts from throughout NNSA, of contractor
    safeguards and security and generally takes about 2 weeks. In contrast,
    surveillance relies on a single or small number of NNSA site officials
    overseeing one or more aspects of a contractor’s safeguards and
    security activities throughout the year. However, officials from DOE’s
    Office of Security—which developed the policy for conducting
    surveys—believe the surveillance model does not comply with the DOE
    order because it does not provide a comprehensive overview.
    Furthermore, officials from DOE’s Office of Independent Oversight and
    Performance Assurance and NNSA headquarters expressed concern
    about the site offices’ ability to conduct surveillance because of
    shortfalls in available expertise. The four site offices have been able to
    operate using only surveillance activities because, during the
    reorganization of the management structure, NNSA has not issued
    guidance on complying with DOE policy for conducting surveys.

•   Overseeing contractors’ corrective actions. NNSA contractors do not
    consistently conduct the analyses DOE policy requires in preparing
    corrective action plans, compounding the problems in ensuring
    physical security. Inconsistency occurs because the NNSA site officials
    do not have implementation guidance from headquarters on how to
    address corrective actions. Of the 43 corrective action plans we
    reviewed for 1999 through 2002, less than half showed that the
    contractor had performed the required root cause analysis.
    Furthermore, less than 25 percent demonstrated that the contractor
    had performed a required risk assessment or cost-benefit analysis. As a



Page 5                                              GAO-03-471 Nuclear Security
    result, potential opportunities to improve physical security at the sites
    are not maximized because corrective actions are developed without
    fully considering the problems’ root causes, risks posed, or cost versus
    benefit of taking corrective action. However, at the 7 sites we visited in
    2002, the site offices and contractors are making some progress to
    establish formal processes for root cause and other analyses.
    Nevertheless, inconsistencies remain regarding the approaches used to
    complete these analyses. For example, some site processes specify that
    root cause analyses will be conducted for all corrective action plans,
    while other sites consider the completion of these analyses optional.
    An NNSA headquarters official stated that the agency expects to issue
    additional guidance for implementing DOE security policies in 2003.

•   Allocating staff. NNSA has shortfalls at its site offices in the total
    number of staff and in areas of expertise, which could make it more
    difficult for the site offices to oversee safeguards and security
    effectively and to ensure that the agency fully knows security
    conditions at its sites. According to officials at 5 of the 7 site offices we
    visited, they have, or expect to have, an average of 2 to 6 vacancies per
    site for overseeing contractors’ safeguards and security; typically, each
    site expects to have 10 to 14 security-related positions within the next 2
    years. The vacancies occur, in part, because staff are reluctant to move
    to locations they view as less desirable and because NNSA has frozen
    hiring in response to budget constraints. Some of these vacancies are
    for specialists in particular subject areas, such as Industrial Security
    Systems—a key specialty needed for conducting physical security
    inspections. The lack of expertise and staff could be further
    complicated for some sites by NNSA’s realignment plan. Under this
    plan, NNSA expects to streamline federal oversight of contractors and
    reduce headquarters and field staff by 20 percent by the end of fiscal
    year 2004. Site officials said that they will fill some vacancies through a
    virtual organization in which experts at other locations will assist with
    certain components of the surveillance activities. However, it will take
    time to work through some of the difficulties associated with making
    the transition to this approach.

We are making recommendations to the Secretary of Energy and the
Administrator of the NNSA that are intended to place additional focus on
key management and oversight dimensions during NNSA’s ongoing
reorganization.

In commenting on our draft report, NNSA concurred with two of our four
recommendations, disagreed with one, and did not indicate agreement or
disagreement with the fourth. NNSA concurred with our recommendation



Page 6                                                GAO-03-471 Nuclear Security
             to formally establish roles and responsibilities, and it plans to issue a
             formal document in 2003. NNSA also concurred that corrective action
             plans must be prepared in accordance with established standards and
             policy. NNSA disagreed with the conclusion that it was not ensuring the
             comprehensive annual assessments of contractors’ performance that DOE
             policy requires. NNSA believed that its surveillance activities were also
             comprehensive; however, NNSA provided no evidence—such as
             implementation guidance to the sites that are conducting surveillances—
             that would ensure that the sites’ surveillance activities conform to DOE’s
             policies. Finally, regarding our recommendation that NNSA develop and
             implement a plan for effectively allocating staff for safeguards and security
             oversight, NNSA commented that managers have staffing plans and that its
             virtual organization and additional hiring will address sites’ need for
             certain types of skilled personnel. In our view, while reliance on the virtual
             approach may be effective in the short term, the continuing vacancies at
             some sites indicate that NNSA may have difficulty attracting and retaining
             necessary expertise at specific, understaffed locations over the long term.


             Since its creation in 1977, DOE has been responsible for developing,
Background   producing, and maintaining nuclear weapons; preventing the proliferation
             of weapons of mass destruction; designing, building, and maintaining
             naval nuclear propulsion systems; and ensuring the security of the nuclear
             weapons complex. In 2000, however, the Congress created a separately
             organized agency within DOE—the NNSA.8

             NNSA’s Office of Defense Nuclear Security is primarily responsible for
             developing the agency’s security programs, including protecting,
             controlling, and accounting for material and ensuring physical security for
             all facilities in the complex. Historically, NNSA has conducted
             comprehensive annual surveys of contractors’ operations for safeguards
             and security. These surveys, which can draw upon subject matter experts
             throughout the complex,9 generally take about 2 weeks to conduct and
             cover 5 “topical” areas and 32 subtopical areas. The topical areas include



             8
              National Defense Authorization Act for Fiscal Year 2000, Pub. L. No. 106-65, tit. 32 (also
             known as the National Nuclear Security Administration Act).
             9
              The core skill sets needed to address the safeguards and security elements at a facility
             include program management and planning; protective force operations; classified matter
             protection and control; physical security; technical security and security systems; nuclear
             material control and accountability; and safeguards and security program infrastructure.




             Page 7                                                        GAO-03-471 Nuclear Security
program management, protection program operations, information
security, nuclear materials control and accountability, and personnel
security. The survey team assigns ratings of satisfactory, marginal, or
unsatisfactory. Currently, NNSA’s facilities have been rated satisfactory in
most topical areas. All deficiencies (findings) identified during a survey
require the contractors to take corrective action, and both findings and
corrective actions are to be entered in the Safeguards and Security
Information Management System—a DOE-wide, integrated tracking
database for findings of surveys and other safeguards and security
activities.

In addition, NNSA’s Office of Facilities and Operations is expected to
provide policy guidance for safeguards and security. This office is also
expected to be responsible for the Nuclear Safeguards and Security
Program, which oversees the implementation of safeguards and security in
NNSA facilities. The office is expected to integrate and defend the budget
for safeguards and security to ensure that program components can
achieve mission objectives. Through various contract mechanisms, NNSA
provides financial incentives, such as award fees, for contractor
performance. NNSA assesses this performance based on the extent
contractors meet a set of measures, which are generally established in
annual performance plans—so-called performance measures.

DOE’s Office of Independent Oversight and Performance Assurance
supports NNSA in safeguards and security assessments and conducts
independent oversight activities in line with DOE and NNSA policies and
priorities. Among other things, the office is responsible for evaluating the
effectiveness of contractors’ performance in safeguards and security. To
carry out this function, this office periodically assesses both federal and
contractor operations at a site and identifies findings, issues, and
opportunities for improvement. It also performs follow-up reviews to
ensure corrective actions are effective and that weaknesses in safeguards
and security are appropriately addressed.




Page 8                                             GAO-03-471 Nuclear Security
                              NNSA has not been fully effective in managing its safeguards and security
NNSA’s Lack of                program in four key areas, and therefore, it cannot be assured that its
Safeguards and                contractors are working to maximum advantage to protect its sites. First,
                              NNSA has not fully defined safeguards and security roles and
Security Direction in         responsibilities. Second, without an effective management structure, site
Key Areas Results in          offices are uncertain about how to conduct their safeguards and security
                              responsibilities. This uncertainty has resulted in inconsistencies in how
Inconsistent                  site offices comply with DOE orders in assessing contractors. Third, even
Management of                 when assessments are done, NNSA contractors do not consistently
Contractors                   conduct required DOE analyses in preparing corrective action plans.
                              Finally, NNSA’s shortfalls at its site offices in the total number of staff and
                              expertise could make it more difficult for the site offices to oversee
                              safeguards and security effectively.


NNSA Has Not Clearly          Since its creation in March 2000, NNSA’s management structure has been
Defined Roles and             in a state of flux, and NNSA expects it will take at least to September 2004
Responsibilities, Resulting   to implement a new management structure. However, NNSA needs a
                              stable structure to establish clear roles and responsibilities for its
in Confusion at Sites         headquarters and site offices, including safeguards and security oversight.
                              In May 2001, NNSA’s Administrator proposed a management structure for
                              his organization,10 but in December 2001, we reported that a clearly
                              delineated overall management structure still did not exist.11 In February
                              2002, NNSA reported in more detail to Congress on its outline for a new
                              management structure12 to improve NNSA’s effectiveness and efficiency.
                              NNSA expected to implement the new structure later in the year.

                              Since then, NNSA headquarters and field officials have been defining
                              safeguards and security roles and responsibilities. In December 2002,
                              NNSA fundamentally changed the management structure for safeguards
                              and security. It abolished operations offices, which had been responsible
                              for conducting the annual, comprehensive surveys as well as other



                              10
                                National Nuclear Security Administration, Report to Congress on the Plan for
                              Organizing the National Nuclear Security Administration (Washington, D.C.: May 3,
                              2001).
                              11
                                U.S. General Accounting Office, NNSA Management: Progress in the Implementation of
                              Title 32, GAO-02-93R (Washington, D.C.: Dec. 12, 2001).
                              12
                                National Nuclear Security Administration, Report to Congress on the Organization and
                              Operations of the National Nuclear Security Administration (Washington, D.C.: Feb. 25,
                              2002).




                              Page 9                                                    GAO-03-471 Nuclear Security
                             safeguards and security activities. It divided these operations offices’
                             responsibilities among the site offices and a service center, formerly the
                             Albuquerque operations office; headquarters will oversee the performance
                             of the site offices. The restructuring brings day-to-day federal oversight of
                             laboratories and plants closer to the site offices. However, these changes
                             do not complete the management structure. NNSA plans to further
                             streamline its oversight of contractors by reducing site activities. Among
                             other things, NNSA plans to focus more on ensuring that contractors’
                             management systems are valid. Furthermore, NNSA plans to review its
                             policies and practices and decide which site office oversight activities can
                             be reduced or eliminated in order for the site offices to work more
                             efficiently. It has not yet identified which specific activities will be
                             modified. At the time of our review, headquarters could not provide details
                             on how it intends to monitor the NNSA site offices’ performance with
                             respect to safeguards and security or address deficiencies.

                             In creating this new management structure, NNSA has not yet developed a
                             Functions, Responsibilities, and Authorities Manual (FRAM), an
                             organizational tool used by managers at federal agencies, including DOE,
                             for defining roles and responsibilities. This manual is to address the
                             functions, responsibilities, and authorities of all elements within NNSA.
                             NNSA headquarters security officials agree that this guidance is crucial
                             and stated that they are currently developing the components of a FRAM,
                             which should be finalized in 2003. NNSA told us that completing the FRAM
                             takes significant time because of the highly detailed planning necessary for
                             determining staff functions at the various sites.

                             According to NNSA site office officials, as they wait for formal guidance
                             from headquarters on conducting security oversight, each office is
                             carrying out oversight activities as it deems appropriate. In addition, these
                             officials told us that they have not received formal notification about the
                             change in their safeguards and security oversight responsibilities, such as
                             responsibilities for the survey program. Officials at several site offices
                             expressed frustration with this lack of direction.


NNSA’s Security              NNSA site offices are not consistent in how they assess contractor
Assessment Processes         safeguards and security activities, and they may not be conducting these
Differ among Sites and Are   assessments in accordance with DOE policy. The lack of consistency and
                             the failure to implement DOE policy occurs in part because the site offices
Inconsistent with DOE        have had to assume new oversight responsibilities without, among other
Requirements                 things, clear guidance from headquarters on how to carry out these
                             responsibilities. As a result, three offices of the seven NNSA site offices we


                             Page 10                                            GAO-03-471 Nuclear Security
visited continue to use the traditional survey approach to oversee security
activities (Oak Ridge, Savannah River, and NNSA’s Office of
Transportation Safeguards), while the remaining four have adopted or are
adopting a surveillance model—-Amarillo, Kirtland, Livermore, and Los
Alamos. The distinction between these two activities is important: A
survey provides a comprehensive annual review, by a team of experts, of
contractor safeguards and security and generally takes about 2 weeks;
formerly, the operations offices generally conducted surveys, assisted by
experts from throughout the complex, as necessary. In contrast,
surveillance relies on a single or small number of NNSA site officials
overseeing one or more aspects of a contractor’s safeguards and security
activities throughout the year, and the documentation from a surveillance
or a group of surveillance activities may be used as part of the survey.

By relying on surveillance, NNSA may have less assurance that it fully
knows the condition of security at its sites and therefore potentially
cannot act to correct deficiencies undisclosed by this limited review.
Surveillance allows subject matter experts at the sites to evaluate areas of
contractor safeguards and security performance more often than the
traditional survey process and therefore potentially identify deficiencies
faster. However, according to DOE officials, reliance on surveillance is not
consistent with DOE orders calling for a comprehensive survey of a
contractor’s safeguards and security performance. This survey provides a
unified assessment of all security-related topical areas.13 Officials from
DOE’s Office of Security—which developed the policy for conducting
surveys—believe the surveillance model does not comply with DOE order
survey requirements because it is not comprehensive. Officials from DOE’s
Office of Independent Oversight and Performance Assurance expressed
concern about the site offices’ ability to conduct surveillance because of
shortfalls in available expertise. Furthermore, the director of NNSA’s
Office of Defense Nuclear Security acknowledged that although some
NNSA site offices, such as the Los Alamos site office, are using the
surveillance model, this site and others lacked the necessary personnel to
conduct surveillance.

According to officials from DOE’s Office of Independent Oversight and
Performance Assurance and one site office, surveillance is not compatible
with the current Safeguards and Security Information Management



13
  The frequency of survey schedules can be modified if the site being surveyed meets
certain criteria.




Page 11                                                     GAO-03-471 Nuclear Security
                             System, a DOE information database system used to track findings and
                             associated corrective actions, and therefore could pose problems for sites
                             in entering information. On the other hand, NNSA officials at site offices
                             and headquarters argue that using the surveillance model for oversight will
                             produce an annual end of the year survey report and should have the same
                             end result as an annual survey. However, NNSA could have difficulty
                             ensuring consistent and comprehensive assessments because of the
                             difficulties posed by using the surveillance model without appropriate
                             NNSA-wide implementation guidance, site office staffing shortfalls, and
                             database compatibility problems.


NNSA’s Corrective Action     Contractors have not consistently prepared effective, formal root cause
Practices Are Inconsistent   analyses in developing corrective action plans for identified deficiencies,
with DOE Requirements        as DOE policy requires.14 An effective, formal, root cause analysis can
                             enhance the development of corrective actions, as we observed while
                             reviewing some plans. However, less than half of the 43 corrective action
                             plans we reviewed, dated between 1999 and 2002, showed that the
                             contractor had performed the required root cause analysis. Furthermore,
                             in a few cases corrective action plans were based on root cause analyses
                             that were poorly prepared, resulting in confusion and contradictions. For
                             example, NNSA had identified a deficiency at one site of potential entry
                             into a critical facility. The contractor did not fully develop a root cause for
                             this problem but merely rebutted the finding’s validity. Nevertheless, the
                             contractor took a corrective action in response to this deficiency—
                             spending about $150,000. However, because the root cause analysis was
                             not fully developed, we could not determine how, or if, the contractor’s
                             corrective actions would correct the deficiency. Furthermore, the
                             contractor’s staff preparing the analysis did not have formal training in
                             how to conduct root cause analyses. NNSA site officials agreed that the
                             root cause analysis was performed incorrectly and that their oversight
                             review of the analysis had not detected this problem.

                             Despite the problems some contractors have had in preparing root cause
                             analyses, corrective action processes in 2002 at all 7 sites showed that
                             some sites are making progress. For example, in late 2000, the Office of
                             Transportation Safeguards, which is responsible for securely transporting
                             critical NNSA items and material, had begun to correct significant
                             weaknesses in its process for preparing and tracking corrective actions.


                             14
                                  DOE Order 470.1 Safeguards and Security Program; Sept. 28, 1995.




                             Page 12                                                      GAO-03-471 Nuclear Security
According to an official responsible for corrective actions at the office, the
new process has already resulted in documented improvements to the
quality and completeness of its corrective action plans. For example, the
new process for root cause analyses identified additional reasons for a
recurring NNSA finding on problems in how three federal agent facilities
in NNSA’s Office of Transportation Safeguards inspected the vehicles used
to transport critical materials across the nation. These inspections are
crucial in preventing individuals from attaching explosives or other foreign
devices to the vehicles in potential attempts at sabotage or theft. The new
process enabled NNSA to identify specific actions to ensure consistent
interpretation and implementation of vehicle inspection procedures
among the three facilities. Because the finding has not been repeated since
July 2000, it appears that the additional corrective actions proved
effective. Another site, Sandia National Laboratories, has developed a
process for root cause analysis that other sites may find useful. Sandia
uses a designated root cause analyst to systematically lead teams of
subject matter experts at the laboratory through the steps for determining
root cause. With this expert in root cause analyses, Sandia helps ensure
that these analyses are consistent and effective.

Other analyses and assessments that are critical to planning corrective
actions are also not consistently prepared at NNSA sites. In particular, less
than 25 percent of the corrective action plans we reviewed showed
documentation of other analyses required by the DOE order for corrective
action, such as risk assessment or cost-benefit analysis. Without this
documentation, we found it difficult to determine what process, if any, the
sites had used to determine the risk level of the problem or the cost and
relative benefit of implementing corrective actions.

Consistency problems are likely to continue without effective NNSA
guidance for corrective actions. For example, at four sites we visited, the
sites either did not require a risk assessment and cost-benefit analyses or
stated that they were optional, depending on the site’s evaluation of the
need for an analysis. However, the remaining three sites we visited
required these analyses for all corrective action plans. This inconsistency
resulted in part from differing interpretations of the DOE order governing
corrective actions. As a result, NNSA cannot be assured that all
contractors are considering the costs of corrective actions in conjunction
with the risk posed or the potential benefits to be gained. NNSA officials at
some sites stated that, without implementation guidance, the intent of the
DOE order requiring these analyses can be interpreted differently from site
to site, which contributes to the inconsistent practices we observed. Since
we provided our draft report to NNSA in April 2003, it has sent a brief


Page 13                                            GAO-03-471 Nuclear Security
guidance letter on corrective action plans to its site offices, clarifying its
analysis and documentation requirements. An NNSA headquarters official
stated that issuance of additional guidance for implementing DOE security
policies is expected in 2003.

And finally, NNSA sites do not consistently measure all performance
aspects of contractors’ preparation of corrective action plans and may
reward contractors simply for closing the finding on schedule. According
to our review of performance measures concerning corrective actions,
four of the six contractor-operated sites we visited had measures that
were primarily based on whether the contractor met the schedule for
completing corrective actions, not on whether and how well the
contractor had performed the analyses.15 The other two sites did not
consider any corrective action performance measures in assessing
contractor performance—not even the schedule. However, DOE guidance
encourages sites to measure qualitative factors, whenever possible, to
minimize the need to rely solely on schedule-driven measures.16 Effective
qualitative performance measures would essentially reflect how well the
contractor completes root cause analyses, risk assessment, and cost-
benefit analyses.

The lack of qualitative performance measures affects the quality of the
correction plan. For example, in fiscal year 1999, DOE’s Office of
Independent Oversight and Performance Assurance criticized a site that
had schedule-driven performance measures for poorly prepared corrective
action plans. Out of the 50 plans reviewed for that site, 27 had inadequate
root cause determinations, and 15 had corrective actions that were
unlikely to fix the deficiency cited. The performance measures in place for
this contractor in fiscal year 1999—and then again in fiscal years 2000 and
2001—did not reflect qualitative aspects of these analyses; instead, they
were primarily focused on schedule-driven outcomes. Some contract
provisions permit the contractor to forfeit some of the award fee based on
other generic performance factors, such as “management failure.”
However, these generic provisions may not be fully effective in motivating
contractors in all aspects of their corrective action performance because




15
  One site, the Office of Transportation Safeguards is federally operated and therefore
performance award fees are not applicable.
16
  U.S. Department of Energy, Guidelines for Performance Measurement, DOE G 120.1-5
(Washington, D.C.: June 30, 1996).




Page 14                                                      GAO-03-471 Nuclear Security
                             these provisions are not explicitly focused on corrective action and are
                             therefore not highly visible.


Difficulties in Allocating   NNSA’s site offices have shortfalls in the total number of staff and in the
Staff Could Hinder           expertise for effectively overseeing contractors, including covering all
Effective Safeguards and     topical areas in the annual surveys. At five of the seven sites we visited,
                             NNSA officials told us that they currently have, or will have, two to six
Security Oversight           vacancies in safeguards and security positions once NNSA fully
                             implements its new management structure; each site believes that it needs
                             from 10 to 14 security-related positions in order to carry out its oversight
                             activities under NNSA’s new organization. In particular, some of the site
                             offices are experiencing difficulty in filling positions because some staff
                             consider the site locations less desirable than others and because NNSA
                             has instituted a hiring freeze. Some of these vacancies are for specialists in
                             particular subject areas, such as industrial security systems—a key
                             specialty needed for conducting physical security inspections. Officials in
                             the Office of Independent Oversight and Performance Assurance
                             concurred that NNSA’s reorganization and the shifting of responsibilities
                             to the site offices has the potential to weaken security oversight.

                             To offset the lack of some subject matter experts at sites, NNSA field
                             officials indicated that they frequently rely on subject matter experts from
                             headquarters or other site offices to cover site offices that do not have
                             expertise locally. With only a limited number of subject matter experts in
                             the complex, the sites have to coordinate oversight carefully. Coordination
                             is particularly complicated at those sites that have switched to a
                             surveillance model since they may have to rely on particular subject
                             expertise that is only available during certain times.

                             NNSA’s new management structure further complicates the problems in
                             staff allocation. NNSA expects to reduce headquarters and field staff by 20
                             percent by the end of fiscal year 2004. In this restructuring, NNSA plans to
                             share staff expertise, creating a “virtual” organization to cover the needs of
                             site offices and other areas within the complex until a final move of
                             personnel can be made. Headquarters officials told us that it may take 1 to
                             2 years to move the appropriate safeguards and security persons to the
                             areas where they are needed. Until then, they expect the virtual
                             organization to meet the complex’s needs. The virtual organization will
                             include subject matter experts whose knowledge will be needed
                             throughout the nuclear weapons complex and not just at their current
                             sites. Some of these experts will work from the service center or be
                             detailed to site offices as needed. With competing demands for the


                             Page 15                                            GAO-03-471 Nuclear Security
                      experts, it is unclear how they will successfully provide assistance to site
                      offices in their surveillance processes. The assistance may be unavailable
                      when needed since components of surveillance are ongoing and may span
                      an entire year.


                      Without effectively managing its safeguards and security program, NNSA
Conclusions           cannot be assured that its contractors are working to maximum advantage
                      to protect its nuclear weapons sites. These sites may have critical
                      materials that could be prime terrorist targets. Several factors contribute
                      to this lack of assurance. NNSA continues to change its management
                      structure, making it difficult to define roles and responsibilities clearly.
                      Without a functional management structure, some site offices and
                      contractors may not be carrying out their security responsibilities, as DOE
                      orders require. In particular, NNSA has not fully assured itself that the four
                      sites that rely on surveillance activities, rather than on the DOE-required
                      surveys, are overseeing contractors’ security activities in the integrated,
                      comprehensive fashion that are called for in the annual surveys. Moreover,
                      when NNSA site offices allow and reward contractors for closing findings
                      without ensuring that the contractors have correctly identified the root
                      cause, assessed risk, and conducted a cost-benefit analysis, NNSA cannot
                      be assured that the security problem identified was adequately addressed.
                      Finally, to provide effective oversight, NNSA needs to develop an
                      approach, beyond its “virtual” organization, that ensures its limited
                      security resources are able to provide oversight, over the long term, where
                      and when it is needed.


                      In order to strengthen the safeguards and security program of the nuclear
Recommendations for   weapons complex, we recommend that the NNSA Administrator and
Executive Action      Secretary of Energy

                      •   formalize the roles and responsibilities of site offices and headquarters
                          for conducting oversight;
                      •   ensure that sites are performing oversight using a survey approach that
                          provides an integrated comprehensive view of security conditions and
                          is consistent with DOE orders;
                      •   ensure that contractors’ corrective action plans are prepared and
                          documented consistently and are based on qualitative root-cause, risk-
                          assessment, and cost-benefit analyses, and that appropriate incentives
                          are used to help motivate contractors toward effectively addressing
                          findings; and




                      Page 16                                            GAO-03-471 Nuclear Security
                     •   develop and implement a plan to ensure that NNSA allocates
                         safeguards and security staff so that it provides effective safeguards
                         and security oversight over the long term.


                     We provided the DOE’s NNSA with a draft of this report for review and
Agency Comments      comment. Overall, NNSA concurred with two of our four
and Our Evaluation   recommendations, disagreed with one, and did not indicate agreement or
                     disagreement with the fourth. In the area of concurrence, NNSA concurred
                     with our recommendation to formally establish roles and responsibilities,
                     and it plans to do so in 2003. NNSA also concurred that corrective action
                     plans must be prepared in accordance with established standards and
                     policy and based on documented root cause analysis, risk assessments,
                     and cost-benefit analysis. Since we provided our draft report to NNSA, it
                     has sent its site offices a guidance letter on corrective action plans that
                     clarifies its analysis and documentation requirements. NNSA now allows
                     required elements to be omitted from corrective action plans, but only if
                     the contractors document the rationale for the exclusion as a formal part
                     of their plan. We believe this guidance letter is a positive step in clarifying
                     some implementation aspects of the DOE requirements, and we encourage
                     continued management attention to this area. NNSA did not comment on
                     the portion of this recommendation concerning the use of appropriate
                     incentives to motivate contractors to address findings effectively.

                     NNSA disagreed with the conclusion that led to our recommendation to
                     conduct oversight using a survey approach, which provides an integrated,
                     comprehensive view of security conditions and is consistent with DOE
                     orders. Specifically, NNSA disagreed with our conclusion that it was not
                     ensuring the comprehensive annual assessments of contractors’
                     performance that DOE policy requires. As we reported, four of the seven
                     site offices no longer conduct comprehensive, integrated surveys to assess
                     security but instead rely on surveillance activities. NNSA believed that
                     these surveillance activities were also comprehensive; however, NNSA
                     provided no evidence—such as implementation guidance to the sites that
                     are conducting surveillances—that would ensure that the sites’
                     surveillance activities conform to DOE’s policies. Without such guidance,
                     NNSA cannot be fully assured that surveillance activities, as presently
                     conducted, provide the comprehensive assessment DOE requires in its
                     surveys. Our recommendation therefore is intended to focus NNSA
                     management attention on ensuring that site offices conduct security
                     assessments that are integrated, comprehensive, and on par with the
                     survey approach previously used and currently described in DOE orders.
                     Furthermore, NNSA asserted, incorrectly, that we found its security


                     Page 17                                             GAO-03-471 Nuclear Security
posture to be at risk. Assessing NNSA’s security posture was not the
objective of this report. Rather, our objective was to assess the way NNSA
manages its overall security program. We have clarified the report, where
appropriate.

Finally, regarding our recommendation that NNSA develop and implement
a plan to ensure that it effectively allocates staff to provide safeguards and
security oversight, NNSA commented that managers have staffing plans
and that its virtual organization and additional hiring will address sites’
need for certain types of skilled personnel. Reliance on the virtual
approach may be effective in the short term. However, the continuing
vacancies at some sites indicate that NNSA may have difficulty attracting
and retaining necessary expertise at specific, understaffed locations over
the long term. NNSA’s comments do not indicate that it fully understands
the need to address this longer-term problem. We have modified our
recommendation to target this specific long-term concern.

We modified our report, where appropriate, to reflect NNSA’s comments
and to clarify some of our conclusions. NNSA’s comments on our draft
report are presented in appendix I.


As arranged with your office, unless you publicly announce its contents
earlier, we plan no further distribution of this report until 30 days after the
date of this letter. At that time, we will send copies of the report to the
Secretary of Energy, the Administrator of NNSA, the Director of the Office
of Management and Budget, and appropriate congressional committees.
We will make copies available to others on request. In addition, the report
will also be available at no charge on the GAO Web site at
http://www.gao.gov.




Page 18                                             GAO-03-471 Nuclear Security
If you or your staff have any questions about this report, please call me at
(202) 512-3841. Major contributors to this report are listed in appendix II.

Sincerely yours,




Robin M. Nazzaro
Director, Natural Resources
 and Environment




Page 19                                            GAO-03-471 Nuclear Security
              Appendix I: Comments from the National
Appendix I: Comments from the National
              Nuclear Security Administration



Nuclear Security Administration




             Page 20                                   GAO-03-471 Nuclear Security
Appendix I: Comments from the National
Nuclear Security Administration




Page 21                                  GAO-03-471 Nuclear Security
Appendix I: Comments from the National
Nuclear Security Administration




Page 22                                  GAO-03-471 Nuclear Security
                  Appendix II: GAO Contact and Staff
Appendix II: GAO Contact and Staff
                  Acknowledgments



Acknowledgments

                  James Noel (202) 512-3591
GAO Contact
                  In addition to the individual named above, Christopher R. Abraham, Jill
Acknowledgments   Berman, Jonathan M. Gill, Andrea R. Miller, Christopher M. Pacheco, and
                  Carol Herrnstadt Shulman made key contributions to this report.




(360159)
                  Page 23                                         GAO-03-471 Nuclear Security
                         The General Accounting Office, the audit, evaluation and investigative arm of
GAO’s Mission            Congress, exists to support Congress in meeting its constitutional responsibilities
                         and to help improve the performance and accountability of the federal
                         government for the American people. GAO examines the use of public funds;
                         evaluates federal programs and policies; and provides analyses,
                         recommendations, and other assistance to help Congress make informed
                         oversight, policy, and funding decisions. GAO’s commitment to good government
                         is reflected in its core values of accountability, integrity, and reliability.


                         The fastest and easiest way to obtain copies of GAO documents at no cost is
Obtaining Copies of      through the Internet. GAO’s Web site (www.gao.gov) contains abstracts and full-
GAO Reports and          text files of current reports and testimony and an expanding archive of older
                         products. The Web site features a search engine to help you locate documents
Testimony                using key words and phrases. You can print these documents in their entirety,
                         including charts and other graphics.
                         Each day, GAO issues a list of newly released reports, testimony, and
                         correspondence. GAO posts this list, known as “Today’s Reports,” on its Web site
                         daily. The list contains links to the full-text document files. To have GAO e-mail
                         this list to you every afternoon, go to www.gao.gov and select “Subscribe to daily
                         E-mail alert for newly released products” under the GAO Reports heading.


Order by Mail or Phone   The first copy of each printed report is free. Additional copies are $2 each. A
                         check or money order should be made out to the Superintendent of Documents.
                         GAO also accepts VISA and Mastercard. Orders for 100 or more copies mailed to a
                         single address are discounted 25 percent. Orders should be sent to:
                         U.S. General Accounting Office
                         441 G Street NW, Room LM
                         Washington, D.C. 20548
                         To order by Phone:     Voice:    (202) 512-6000
                                                TDD:      (202) 512-2537
                                                Fax:      (202) 512-6061


                         Contact:
To Report Fraud,
                         Web site: www.gao.gov/fraudnet/fraudnet.htm
Waste, and Abuse in      E-mail: fraudnet@gao.gov
Federal Programs         Automated answering system: (800) 424-5454 or (202) 512-7470


                         Jeff Nelligan, Managing Director, NelliganJ@gao.gov (202) 512-4800
Public Affairs           U.S. General Accounting Office, 441 G Street NW, Room 7149
                         Washington, D.C. 20548