National Nuclear Security Administration

Additional Actions Needed to Improve Management of the Nation's Nuclear Programs Gao ID: GAO-07-36 January 19, 2007

In response to security and management weaknesses, in 1999 the Congress created the National Nuclear Security Administration (NNSA), a separately organized agency within the Department of Energy (DOE). NNSA is responsible for the nation's nuclear weapons, nonproliferation, and naval reactors programs. Since its creation, NNSA has continued to experience security problems, such as unauthorized access to a NNSA unclassified computer system, and cost and schedule overruns on its major projects, such as the National Ignition Facility. GAO reviewed the extent to which NNSA has taken steps to (1) improve security at its laboratories and plants and (2) improve its management practices and revise its organizational structure. To carry out its work, GAO reviewed legislation; NNSA policies, plans and budgets; and interviewed current and former NNSA and DOE officials.

Although NNSA has begun to build an effective security organization, it still cannot demonstrate that all of its security program objectives are being met at all of its sites. Specifically, the results of internal and independent security oversight assessments have identified weaknesses in physical security at several NNSA sites, including the Nevada Test Site, Sandia National Laboratories and the Y-12 National Security Complex, and weaknesses in cyber security throughout NNSA. The following factors have contributed to this situation: Weak organization of headquarters security. Until recently, NNSA did not have consistent leadership or direction at the headquarters level for its security program. Security staffing shortages at NNSA site offices. Since NNSA became operational, five of its six site offices have not been staffed at the required levels, according to GAO's analysis. Site offices oversee NNSA contractor security operations. Inadequate security staff training. NNSA has not implemented a training program that provides federal security officials with the skills needed to effectively oversee contractor security programs. Incomplete security data. DOE's database for tracking security deficiencies identified by security oversight assessments is incomplete, and, as a result, NNSA lacks a comprehensive understanding of the overall effectiveness of its security program. NNSA has taken several actions to improve its management practices, including developing a planning, programming, budgeting and evaluation process. However, management problems continue, in part, because NNSA and DOE have not fully agreed on how NNSA should function within the department as a separately organized agency. This lack of agreement has resulted in organizational conflicts that have inhibited effective operations. GAO also identified the following areas where additional management improvements are needed: Project management. NNSA has not developed a project management policy, implemented a plan for improving its project management efforts, and fully shared project management lessons learned between its sites. Program management. NNSA has not identified all of its program managers and trained them to a certified level of competency. Financial management. NNSA has not established an independent analysis unit to review program budget proposals, confirm cost estimates, and analyze budget alternatives.

Recommendations

Our recommendations from this work are listed below with a Contact for more information. Status will change from "In process" to "Open," "Closed - implemented," or "Closed - not implemented" based on our follow up work.

Director: Team: Phone:


The Justia Government Accountability Office site republishes public reports retrieved from the U.S. GAO These reports should not be considered official, and do not necessarily reflect the views of Justia.