Los Alamos National Laboratory
Long-Term Strategies Needed to Improve Security and Management Oversight
Gao ID: GAO-08-694 June 13, 2008
In 2006, a Los Alamos National Laboratory (LANL) contract employee unlawfully removed classified information from the laboratory. This was the latest in a series of high-profile security incidents at LANL spanning almost a decade. LANL conducts research on nuclear weapons and other national security areas for the National Nuclear Security Administration (NNSA). GAO was asked to (1) identify LANL's major programs and activities and how much they rely on classified resources; (2) identify initiatives LANL is taking to reduce and consolidate its classified resources and physical footprint and the extent to which these initiatives address earlier security concerns; and (3) determine whether its new management approaches will sustain security improvements over the long-term. To carry out its work, GAO analyzed LANL data; reviewed policies, plans, and budgets; and interviewed officials.
With fiscal year 2007 budget authority of about $2.7 billion, LANL conducts work on over 175 programs that can be grouped into three major program categories--Nuclear Weapons Science, Threat Reduction Science and Support, and Fundamental Science and Energy--and two support program categories--Environmental Programs and Safeguards and Security. Respectively, LANL's major programs serve to ensure the safety, performance, and reliability of the U.S. nuclear deterrent; support nonproliferation and counterproliferation efforts; and address energy security and other emerging national security challenges. LANL's Nuclear Weapons Science programs are the primary users of the facilities housing classified resources. For example, the Nuclear Weapons Science programs are the primary users of 14 facilities that store special nuclear material while LANL's other major programs are the primary users of only 7 such facilities. LANL has over two dozen initiatives under way that are principally aimed at reducing, consolidating, and better protecting classified resources, as well as reducing the physical footprint of the laboratory by closing unneeded facilities. While many of these initiatives address security concerns identified through past external evaluations--such as efforts to consolidate storage of classified documents and media into fewer secure facilities and to destroy unneeded classified nuclear weapon parts--significant security problems at LANL have received insufficient attention. Specifically, LANL has not implemented complete security solutions to address either classified parts storage in unapproved storage containers or weaknesses in its process for ensuring that actions taken to correct security deficiencies are completed. LANL intends to use three management approaches to sustain the security improvements it has been able to achieve to this point over the long-term: (1) undertake management actions required of LANL under the Compliance Order issued by the Secretary of Energy as a result of the 2006 security incident, (2) develop a Contractor Assurance System to measure and improve LANL's performance and management, and (3) implement annual performance evaluation plans NNSA uses to measure LANL's performance and determine a contract award fee. These approaches contain weaknesses that raise doubts about their ability to sustain security improvements over the long-term. Specifically, the actions LANL has proposed to take to meet the terms of the Compliance Order are only short-term--with completion planned for December 2008. Further, according to LANL officials, the Contractor Assurance System is not fully deployed and the measures it includes may not be fully effective. Finally, the annual performance evaluation plans do not sufficiently reward improving long-term security program effectiveness.
Recommendations
Our recommendations from this work are listed below with a Contact for more information. Status will change from "In process" to "Open," "Closed - implemented," or "Closed - not implemented" based on our follow up work.
Director:
Team:
Phone:
GAO-08-694, Los Alamos National Laboratory: Long-Term Strategies Needed to Improve Security and Management Oversight
This is the accessible text file for GAO report number GAO-08-694
entitled 'Los Alamos National Laboratory: Long-Term Strategies Needed
to Improve Security and Management Oversight' which was released on
July 15, 2008.
This text file was formatted by the U.S. Government Accountability
Office (GAO) to be accessible to users with visual impairments, as part
of a longer term project to improve GAO products' accessibility. Every
attempt has been made to maintain the structural and data integrity of
the original printed product. Accessibility features, such as text
descriptions of tables, consecutively numbered footnotes placed at the
end of the file, and the text of agency comment letters, are provided
but may not exactly duplicate the presentation or format of the printed
version. The portable document format (PDF) file is an exact electronic
replica of the printed version. We welcome your feedback. Please E-mail
your comments regarding the contents or accessibility features of this
document to Webmaster@gao.gov.
This is a work of the U.S. government and is not subject to copyright
protection in the United States. It may be reproduced and distributed
in its entirety without further permission from GAO. Because this work
may contain copyrighted images or other material, permission from the
copyright holder may be necessary if you wish to reproduce this
material separately.
Report to Congressional Committees:
United States Government Accountability Office:
GAO:
June 2008:
Los Alamos National Laboratory:
Long-Term Strategies Needed to Improve Security and Management
Oversight:
GAO-08-694:
GAO Highlights:
Highlights of GAO-08-694, a report to congressional committees.
Why GAO Did This Study:
In 2006, a Los Alamos National Laboratory (LANL) contract employee
unlawfully removed classified information from the laboratory. This was
the latest in a series of high-profile security incidents at LANL
spanning almost a decade. LANL conducts research on nuclear weapons and
other national security areas for the National Nuclear Security
Administration (NNSA). GAO was asked to (1) identify LANL‘s major
programs and activities and how much they rely on classified resources;
(2) identify initiatives LANL is taking to reduce and consolidate its
classified resources and physical footprint and the extent to which
these initiatives address earlier security concerns; and (3) determine
whether its new management approaches will sustain security
improvements over the long-term. To carry out its work, GAO analyzed
LANL data; reviewed policies, plans, and budgets; and interviewed
officials.
What GAO Found:
With fiscal year 2007 budget authority of about $2.7 billion, LANL
conducts work on over 175 programs that can be grouped into three major
program categories”Nuclear Weapons Science, Threat Reduction Science
and Support, and Fundamental Science and Energy”and two support program
categories”Environmental Programs and Safeguards and Security.
Respectively, LANL‘s major programs serve to ensure the safety,
performance, and reliability of the U.S. nuclear deterrent; support
nonproliferation and counterproliferation efforts; and address energy
security and other emerging national security challenges. LANL‘s
Nuclear Weapons Science programs are the primary users of the
facilities housing classified resources. For example, the Nuclear
Weapons Science programs are the primary users of 14 facilities that
store special nuclear material while LANL‘s other major programs are
the primary users of only 7 such facilities.
LANL has over two dozen initiatives under way that are principally
aimed at reducing, consolidating, and better protecting classified
resources, as well as reducing the physical footprint of the laboratory
by closing unneeded facilities. While many of these initiatives address
security concerns identified through past external evaluations”such as
efforts to consolidate storage of classified documents and media into
fewer secure facilities and to destroy unneeded classified nuclear
weapon parts”significant security problems at LANL have received
insufficient attention. Specifically, LANL has not implemented complete
security solutions to address either classified parts storage in
unapproved storage containers or weaknesses in its process for ensuring
that actions taken to correct security deficiencies are completed.
LANL intends to use three management approaches to sustain the security
improvements it has been able to achieve to this point over the long-
term: (1) undertake management actions required of LANL under the
Compliance Order issued by the Secretary of Energy as a result of the
2006 security incident, (2) develop a Contractor Assurance System to
measure and improve LANL‘s performance and management, and (3)
implement annual performance evaluation plans NNSA uses to measure
LANL‘s performance and determine a contract award fee. These approaches
contain weaknesses that raise doubts about their ability to sustain
security improvements over the long-term. Specifically, the actions
LANL has proposed to take to meet the terms of the Compliance Order are
only short-term”with completion planned for December 2008. Further,
according to LANL officials, the Contractor Assurance System is not
fully deployed and the measures it includes may not be fully effective.
Finally, the annual performance evaluation plans do not sufficiently
reward improving long-term security program effectiveness.
What GAO Recommends:
GAO recommends that (1) LANL develop a strategic security plan that
focuses on improving security program effectiveness and addresses all
identified security weaknesses, and (2) NNSA link implementation of
this plan to meaningful financial incentives in future performance
evaluation plans. NNSA did not specifically comment on GAO‘s
recommendations but provided general comments on the report.
To view the full product, including the scope and methodology, click on
[hyperlink, http://www.gao.gov/cgi-bin/getrpt?GAO-08-694]. For more
information, contact Gene Aloise at (202) 512-3841 or aloisee@gao.gov.
[End of section]
Contents:
Letter:
Results in Brief:
Background:
LANL Conducts Over 175 Program Activities That Fall into Three Major
and Two Support Program Categories:
LANL's Nuclear Weapons Science Programs Rely on Classified Resources to
Accomplish Their Missions to a Greater Extent Than Do Other LANL
Programs:
LANL Is Implementing Over Two Dozen Initiatives Officials Believe Will
Reduce Security Risk and Improve Protection of Classified Resources:
While LANL's Initiatives Address Many Security Problems Identified in
Prior External Evaluations, Other Significant Security Problems Have
Received Insufficient Attention:
LANL's and NNSA's Management Approaches to Sustain Security
Improvements Over the Long-Term Are in the Early Stages of Development
or Contain Weaknesses:
Conclusions:
Recommendations for Executive Action:
Agency Comments and Our Evaluation:
Appendix I: Objectives, Scope, and Methodology:
Appendix II: LANL's NNSA Supported Nuclear Weapons Science Programs:
Appendix III: LANL's NNSA Supported Threat Reduction Science and
Support Programs:
Appendix IV: LANL's Fundamental Science and Energy Programs Supported
by DOE:
Appendix V: Comments from the National Nuclear Security Administration:
Appendix VI: GAO Contact and Staff Acknowledgments:
Tables:
Table 1: DOE Security Levels and Associated Appropriate Safeguards:
Table 2: Security Levels of LANL Facilities, as of December 2007:
Table 3: Number of LANL Facilities that House or Store Different Types
of Classified Resources, as of December 2007:
Table 4: Primary Users of Facilities with Different Types of Classified
Resources, as of December 2007:
Figures:
Figure 1: Map of LANL's Site and Technical Areas:
Figure 2: LANL's Chemistry and Metallurgy Research Facility:
Figure 3: Security Perimeter Project:
Figure 4: LANL's Plutonium Facility 4 at Technical Area-55:
Abbreviations:
DOE: Department of Energy:
FTE: full-time equivalent:
LANL: Los Alamos National Laboratory:
LANS: Los Alamos National Security LLC:
LDRD: Laboratory-Directed Research and Development:
MASS: Material Accountability and Safeguards System:
NNSA: National Nuclear Security Administration:
WMD: weapons of mass destruction:
[End of section]
United States Government Accountability Office: Washington, DC 20548:
June 13, 2008:
The Honorable John D. Dingell:
Chairman:
The Honorable Joe Barton:
Ranking Member:
Committee on Energy and Commerce:
House of Representatives:
The Honorable Bart Stupak:
Chairman:
The Honorable John M. Shimkus:
Ranking Member:
Subcommittee on Oversight and Investigations:
Committee on Energy and Commerce:
House of Representatives:
Los Alamos National Laboratory (LANL), located in Los Alamos, New
Mexico, is one of three national laboratories responsible for designing
and developing a safe, secure, and reliable nuclear weapons deterrent.
[Footnote 1] In addition to its nuclear weapons work, LANL also serves
as a focal point for nonproliferation and threat reduction activities,
as well as chemical, biological, and physics research. To carry out its
programs, in fiscal year 2007 LANL had total budget authority of about
$2.7 billion, with about $1.5 billion devoted to nuclear weapons work.
It employs about 13,000 employees[Footnote 2] on a campus that covers
approximately 40 square miles and has 2,700 structures. LANL is
overseen by the National Nuclear Security Administration (NNSA), a
separately organized agency within the Department of Energy (DOE). NNSA
is responsible for the management and security of the nation's nuclear
weapons, nuclear nonproliferation, and naval reactors programs.
To carry out its various missions, LANL employs a variety of classified
resources, including, among other things:
* Category I special nuclear material, such as plutonium, which it uses
to manufacture parts for nuclear weapons and for research and
development activities;[Footnote 3]
* millions of classified documents;
* over 4,300 pieces of classified removable electronic media, such as
CDs and removable hard drives, which pose a security risk that requires
the maintenance of an accountability system to prevent unauthorized
access or removal;
* about 60,000 classified parts used in nuclear weapons or for research
and development purposes;
* 111 vault-type rooms that house or store classified documents and
classified removable electronic media, classified parts, and classified
computer network infrastructure; and:
* five computer networks, one of which handles classified information.
DOE requires that LANL maintain different levels of security for its
facilities depending on the type and amount of classified resources
these facilities store or house. The most basic level of security,
known as a Property Protection Area, provides safeguards to protect
government property against damage, destruction, and theft. These
safeguards include, for example, locks and keys, security guards, and
signs prohibiting trespassing. Classified resources may not be stored
or housed in these areas. The highest levels of security, known as
Exclusion Areas, Protected Areas, and Material Access Areas, provide
safeguards to protect quantities of Category I and II special nuclear
material. These safeguards include, for example, boundaries defined by
fences and sensors that detect intrusion, personnel and vehicle access
controls and barriers, armed guards, and alarms. In addition, some
facilities, known as Sensitive Compartmented Information Facilities,
provide additional controls governing access to classified intelligence
information beyond those required by normal management and safeguarding
practices.
Since 1999, LANL has experienced a number of high-profile security
incidents that were subject to congressional hearings. Many of these
incidents have focused on LANL's inability to account for and control
classified resources, as the following illustrate:
* In 1999, a scientist transferred classified information from
classified computers onto unmarked disks and removed the disks from
authorized work areas.
* In 2000, two hard drives containing nuclear weapon design information
used by the Nuclear Emergency Search Team were temporarily lost.
[Footnote 4]
* On several occasions in 2003 and 2004, the laboratory could not
account for classified removable electronic media.
* In October 2006, it was discovered that a contract employee had
transferred classified information to a USB "thumb drive" and removed
the thumb drive, as well as other classified documents, from the
laboratory.
In addition to these well-publicized incidents, security evaluations by
DOE's Office of Inspector General, DOE's Office of Independent
Oversight, NNSA's Los Alamos Site Office (Site Office), and GAO have
identified persistent, systemic security problems at LANL. These
problems include weaknesses in controlling and protecting classified
resources, inadequate controls over special nuclear material,
inadequate self-assessment activities, and weaknesses in the process
LANL uses to ensure that it corrects identified security deficiencies.
For example, DOE's Office of Independent Oversight and the Site Office
recently cited LANL for weaknesses in its control and accountability
system for special nuclear material, including unreliable accounting
when quantities are moved within a facility. In addition, DOE's Office
of Independent Oversight, the NNSA Site Office, and the DOE Inspector
General identified problems with LANL's management of classified parts,
including inadequate tracking and storage of these parts. In July 2007,
the DOE Office of Inspector General found that LANL was still not
tracking all of its classified parts and that it lacked fundamental
safeguards, such as regularly scheduled inventories and segregation of
duties, to ensure full and accurate accountability.[Footnote 5]
Finally, in January 2008, we reported that LANL has experienced 57
reported security incidents in recent years involving the compromise or
potential compromise of classified information and that 37 of these
incidents posed the most serious threat to U.S. national security
interests.[Footnote 6]
In response to these repeated problems, LANL and NNSA have taken a
variety of actions. For example, in 2004, the laboratory director shut
down operations for up to 10 months to deal, in part, with LANL's
security problems. In November 2005, we reported that the estimated
cost of this shutdown was as much as $370 million and that the shutdown
delayed important national security work.[Footnote 7] In addition, in
2005, after half a century of laboratory management by the University
of California, DOE opened the LANL management and operating contract
for competitive bidding. In December 2005, Los Alamos National Security
LLC (LANS), which is made up of the University of California, Bechtel
National, Washington Group International, and BWX Technologies, was
awarded the management and operating contract for LANL.[Footnote 8]
NNSA measures LANL's performance and determines LANS's management and
operating award fee using annual performance evaluation plans, which
establish NNSA's priorities for LANL and ensure that contract
requirements are met. After taking over management of the laboratory in
June 2006, LANS began a series of initiatives that it believed would
address security in a comprehensive and integrated manner--including
consolidating its classified resources and reducing the scope of its
physical footprint. The new Contractor Assurance System, which LANL is
contractually required to implement, provides the laboratory with a
means of assessing its progress toward meeting performance milestones,
including security performance, and bringing management attention to
areas of concern. In July 2007, in response to the October 2006
security incident, the Secretary of Energy issued a compliance order
directing LANL to implement specific corrective actions to remediate
management deficiencies that contributed to the October 2006 incident,
as well as to address long-standing deficiencies in the laboratory's
classified information programs.
In this context, you asked us to (1) identify LANL's major programs and
activities; (2) determine the extent to which the major programs and
activities rely on classified resources to meet their objectives; (3)
identify the initiatives LANL is taking to consolidate its classified
resources and reduce the scope of its physical footprint; (4) determine
if these initiatives address previously identified security concerns;
and (5) determine whether new management approaches that LANL and NNSA
are implementing under the new contract will sustain security
improvements over the long-term. Separately, we are evaluating cyber
security across the DOE complex, including at LANL, and therefore did
not include an assessment of the effectiveness of LANL's cyber security
program as part of this review.
To address these objectives, we analyzed documentation on DOE and LANL
budgets, programs, and activities; documentation on LANL's classified
resources and physical footprint reduction and consolidation plans;
NNSA Site Office security surveys and Office of Independent Oversight
security assessments from fiscal years 2000 to 2008; the LANS
management and operating contract; LANL's Contractor Assurance System;
DOE's 2007 Compliance Order; and NNSA's performance evaluation plans
for fiscal years 2007 and 2008. We also collected data on LANL's
programs in order to group them into categories and to identify the
facilities and classified resources associated with these program
categories. We performed a reliability assessment of these data and
determined that they were sufficiently reliable for the purposes of
this report. Further, we conducted three visits to LANL and toured
sites proposed for consolidation, as well as vault-type rooms. Finally,
we conducted interviews with key security and program officials at
LANL, NNSA and its Site Office, DOE, and LANS. More details on our
scope and methodology can be found in appendix I.
We conducted this performance audit from March 2007 to June 2008 in
accordance with generally accepted government auditing standards. Those
standards require that we plan and perform the audit to obtain
sufficient, appropriate evidence to provide a reasonable basis for our
findings and conclusions based on our audit objectives. We believe that
the evidence obtained provides a reasonable basis for our findings and
conclusions based on our audit objectives.
Results in Brief:
LANL has over 175 individually budgeted programs, which can be divided
into three major program categories--Nuclear Weapons Science, Threat
Reduction Science and Support, and Fundamental Science and Energy--and
two support programs--Environmental Programs and Safeguards and
Security. In addition, LANL leverages its scientific, engineering, and
experimental capabilities to perform Laboratory-Directed Research and
Development. LANL also performs research activities, known as "work for
others," for other federal agencies, including the Departments of
Homeland Security and Health and Human Services, as well as the
National Aeronautics and Space Administration. More specifically, for
fiscal year 2007, we found the following:
* Nuclear Weapons Science. NNSA supported 41 programs in this category
with about 3,400 full-time equivalent (FTE) employees and a budget of
about $1.5 billion. These programs seek to ensure the safety,
performance, and reliability of the U.S. nuclear deterrent through
weapons physics, engineering research and experimentation, and
maintenance of the laboratory's nuclear weapon facilities and
infrastructure.
* Threat Reduction Science and Support. The 12 NNSA budgeted programs
in this category were supported by over 480 FTEs and operated on a
budget of about $225 million. Over 40 percent of LANL's Threat
Reduction Science and Support resources from NNSA are dedicated to the
research and development of technologies for detecting and monitoring
nuclear explosions around the world.
* Fundamental Science and Energy. The laboratory's 51 programs
supported by DOE in this category used over 380 FTEs and had a budget
of about $151 million. These programs focus on energy security--
including fossil energy, civilian nuclear energy, alternative energy,
and fusion--as well as basic scientific research in fields such as
biology, environmental science, and physics.
* Environmental Programs. This support program used over 400 FTEs and
had a budget of about $186 million, including about $40 million
contributed by Nuclear Weapons Science programs, to conduct the cleanup
and processing of legacy and newly generated waste at LANL.
* Safeguards and Security. This support program employs over 900 FTEs
with a budget of about $188 million to provide LANL with physical and
cyber security protection.
In addition, LANL conducted work on over 1,200 individual projects for
other federal agencies and outside entities and an additional 199 self-
initiated research and development projects. Work for others accounted
for $462.4 million--or about 17 percent--of LANL's total budget
resources in fiscal year 2007. For example, 27 Threat Reduction Science
and Support programs received several hundred million dollars--more
than any of LANL's other programs--to conduct work for others. LANL
also provided just under $130 million for Laboratory-Directed Research
and Development projects across the laboratory. The funds to support
these projects come from contributions made by directly funded programs
and, thus, are included in the laboratory's overall budget of $2.7
billion.
According to our analysis of the 607 facilities that LANL's major
programs share to accomplish their missions, LANL's Nuclear Weapons
Science programs rely on facilities that house classified resources to
a much greater extent than either the laboratory's Threat Reduction
Science and Support or Fundamental Science and Energy programs, as
illustrated by the following:
* Nuclear Weapons Science uses 322 facilities that require security
protections beyond the basic level provided in Property Protection
Areas. Thirty-two of these 322 facilities are protected at the highest
levels as Exclusion, Protected, and Material Access Areas. Nuclear
Weapons Science programs are the primary users of 28 of these 32 highly
protected facilities, including LANL's only facility for storing and
processing Category I special nuclear material.
* Threat Reduction Science and Support uses 105 facilities that require
security protections above those provided in Property Protection Areas,
31 of which are protected as Exclusion, Protected, and Material Access
Areas. Of these 31, Threat Reduction Science and Support is the primary
user of 14, including all of LANL's facilities for Sensitive
Compartmented Information.
* Fundamental Science and Energy uses 103 facilities that require
security protections above those provided in Property Protection Areas,
and 15 of these are protected as Exclusion, Protected, and Material
Access Areas. However, Fundamental Science and Energy programs are not
the primary user of any of these 15 facilities.
LANL has over two dozen initiatives under way that are principally
aimed at reducing, consolidating, and better protecting classified
resources, as well as reducing the physical footprint of the laboratory
by closing unneeded facilities. LANL officials believe that these
initiatives will reduce the risk of incidents that can result in the
loss of control over classified resources. For example, to reduce and
consolidate classified resources and its physical footprint, as of
March 2008, LANL had (1) reduced from nine to one the number of areas
containing Category I special nuclear material; (2) reduced the amount
of accountable classified removable electronic media from 87,000 pieces
to about 4,300 and made information previously accessible on removable
media available through the laboratory's classified computer network;
(3) eliminated about 30,000 classified nuclear weapon parts; (4)
reduced the number of vault-type rooms from 142 to 111; and (5) reduced
the physical footprint of existing facilities by over 500,000 square
feet.
In concert with these actions, LANL is implementing a series of
engineered and administrative controls to better protect and control
classified resources. Engineered controls are system-based controls
that manage work processes and prevent employees from taking
inappropriate action. For example, to prevent new pieces of accountable
classified removable electronic media from being created, LANL has
removed the functions from classified computers that would enable new
pieces of media to be created or copied. Administrative controls are
typically policies or procedures that govern the handling of classified
resources. For example, LANL has streamlined physical security
procedures in order to reduce inconsistencies and make procedures
easier to implement across the laboratory.
Many of the initiatives LANL is undertaking address laboratory-wide
security problems previously identified in external security
evaluations. However, we found that significant security problems
identified in these evaluations have not been fully addressed.
Specifically, while LANL's storage of classified parts in unapproved
storage containers and its process for ensuring that actions to correct
identified security deficiencies have been cited in external security
evaluations for years, complete security solutions in these areas have
not yet been implemented. Furthermore, we found that while LANL's
initiative to reduce its physical footprint will reduce maintenance
costs, it provided only marginal improvement in laboratory security in
fiscal year 2007. For example, of the 77 facilities LANL closed in
fiscal year 2007, only 2 contained any classified resources. LANL and
NNSA officials acknowledged that security problems at facilities were
not seriously considered when planning to reduce the footprint in
fiscal year 2007.
LANL and NNSA are implementing three approaches under the new LANS
contract that they believe will sustain security improvements over the
long-term. However, each of these approaches is in the early stages of
development or contain important weaknesses that may impair their
ability to ensure the sustainability of security improvements at the
laboratory for the foreseeable future. Specifically, we found the
following:
* Compliance Order. According to LANL officials, completing the
management actions required by the July 2007 Compliance Order--issued
by the Secretary of Energy as a result of the October 2006 security
incident--would ensure that security improvements are sustained. For
example, the Compliance Order requires LANL to submit an integrated
corrective action plan to address critical security issues at the
laboratory and to conduct quarterly reviews of the status and progress
of corrective actions. However, because implementation of the
Compliance Order will be completed by December 2008, it does not
provide a mechanism to sustain security improvements over the long-
term.
* Contractor Assurance System. LANL officials told us they will track
the implementation of longer-term actions, including those required by
the Compliance Order, by developing and implementing the Contractor
Assurance System required under the LANS contract. However, we found
that the extent to which LANL can rely on the Contractor Assurance
System to ensure the long-term sustainability of security improvements
is unclear. According to LANL officials and a September 2007 internal
assessment, the Contractor Assurance System is not fully deployed, and
the measures it includes may not be fully effective. A Site Office
official said the Contractor Assurance System may not be completed for
3 to 4 years and, thus, will not be fully implemented by the time
actions under the Compliance Order are completed in December 2008.
* Performance evaluation plans. According to LANL officials, the
laboratory also plans to realize security improvements by meeting the
security-related performance incentives in the annual performance
evaluation plans NNSA uses to measure performance and determine an
award fee. However, we found that the annual performance evaluation
plans focus principally on achieving compliance with DOE requirements
and do not sufficiently reward security program improvement. In that
regard, according to a senior NNSA security official, compliance with
current DOE requirements does not assure that LANL's security program
is functioning effectively. For example, in fiscal year 2007, LANS
failed to earn 65 percent of the potentially available performance
award fee associated with leadership in integrating programs because of
the occurrence of the October 2006 security incident. In contrast, LANS
earned nearly 90 percent of the $2.7 million performance award fee
specifically associated with the laboratory's security performance in
fiscal year 2007, despite the occurrence of the October 2006 security
incident. Furthermore, of the $1.43 million potentially available for
LANS's security performance award fee in fiscal year 2008, all but
$30,000 is allocated to LANL's achievement of compliance-oriented
milestones, such as issuing plans, publishing policies, completing
equipment maintenance requirements, and achieving a satisfactory rating
on an annual security survey. The NNSA official said these actions may
not be valuable unless they improve management or operations. Only
$30,000 is provided as an incentive in the fiscal year 2008 Performance
Evaluation Plan for the development of a strategic plan for safeguards
and security modernization. With respect to this plan, a Site Office
official responsible for security oversight of LANL said NNSA has not
provided the laboratory with any guidance or criteria about what the
plan should include.
Furthermore, problems identified in our January 2007 report regarding
the NNSA Site Office's capacity to oversee security at LANL have not
yet been addressed.[Footnote 9] Specifically, we found that NNSA's Los
Alamos Site Office continues to suffer from a shortage of security
personnel and lacks funding for needed security training.
To improve security at LANL, we recommend that the Secretary of Energy
and the Administrator of NNSA require LANL to develop a comprehensive
strategic plan for laboratory security that addresses all previously
identified security weaknesses and focuses on improving the
effectiveness of LANL's security program. To ensure the implementation
of this plan and, thus, sustained improvement of LANL's security
program, we recommend that the Administrator of NNSA tie implementation
of the comprehensive strategic plan for laboratory security to
meaningful financial incentives in future performance evaluation plans.
In addition, to enhance security initiatives already under way at LANL,
we recommend that future laboratory plans for footprint reduction
include specific criteria for evaluating facilities' security risks
when making initial selections of facilities for footprint reduction.
We provided NNSA with a copy of this report for review and comment.
NNSA did not specifically comment on our recommendations. However, NNSA
stated that while there is still much to be accomplished, NNSA believes
that progress has been made in addressing reductions in classified
parts, classified documents, vaults, and vault-type rooms, as well as
with the implementation of engineered controls. While we acknowledge
LANL's progress in our report, NNSA noted that several security
problems at LANL addressed in the report--specifically, nonstandard
storage of classified parts and the maturation of contractor assurance
systems--are issues for the broader nuclear weapons complex as well.
Overall, we continue to believe that the key issue is that NNSA and
LANL cannot ensure that initiatives such as these will be sustained, or
that changing security vulnerabilities will be identified and
proactively addressed, without implementing our recommendations for a
long-term strategic framework for security that effectively assesses
contractor performance. NNSA's comments on our draft report are
included in appendix V. NNSA also provided technical comments from
LANL, which we have incorporated into this report as appropriate.
Background:
LANL is organized in a matrix that allows programs to draw on
scientific, engineering, and experimental capabilities from throughout
the laboratory. Programs are funded and managed out of LANL's 15
directorates, such as Weapons Physics or Chemistry, Life and Earth
Sciences, but LANL's scientists and engineers work in 64 technical
divisions that are discipline specific. These technical divisions, such
as Applied Physics or Biology, accomplish the work of the laboratory
and support its operations. Program managers in the directorates fund
work in the technical divisions in order to meet milestones determined
with NNSA or other work sponsors. To this end, employees in the
technical divisions may support multiple programs with their work and
may be called on to provide specific expertise to different programs.
LANL's facilities are managed by its directorates and provide specific
capabilities, such as high-performance computers, LANL employees use
for their work, as well as general office and meeting space.
When LANL was originally sited and constructed during the Manhattan
Project, according to laboratory officials, its infrastructure was
intentionally spread out as a safety and security precaution. What was
once a benefit now makes LANL's management and operation complex.
Spread across 40 square miles and including 155 miles of roads, 130
miles of electrical transmission lines, 90 miles of gas transmission
lines, and 9.4 million square feet of facility space, LANL employs
12,000 to 14,000 people every day.[Footnote 10]
LANL's approximately 2,700 structures are grouped together across the
laboratory into 49 major technical areas that include major scientific
and experimental facilities, environmental cleanup areas, and waste
management locations (see fig. 1). However spread out the technical
areas, LANL only considers less than 400 acres of its site to be highly
suited for development because of the difficulty of developing the
site's steep slopes and because of the need to maintain safety and
security buffers around specific work activities. The most heavily
developed area of the laboratory is Technical Area-3, LANL's core
scientific and administrative area, which accounts for half of the
laboratory's employees and total floor space.
Figure 1: Map of LANL's Site and Technical Areas:
[See PDF for image]
This figure is a map of LANL's site and technical areas. The following
are specifically noted on the map:
* Bandelier National Monument;
* Bandelier National Monument (TSANKAMI);
* Department of Energy area;
* Los Alamos (town site);
* Technical areas.
Source: Photo courtesy LANL.
[End of figure]
While individual scientific and engineering directorates within LANL
are responsible for managing and securing its facilities, multiple
programs across these organizations share facilities to accomplish
their objectives. For example, LANL's Chemistry and Metallurgy Research
facility is managed by LANL's Chemistry, Life and Earth Sciences
directorate. The facility, however, is occupied by over 500 employees
to support a number of programs across LANL that require its analytical
chemistry and materials property testing capabilities (see fig. 2).
These programs include manufacturing nuclear weapon pits,[Footnote 11]
experimenting with nuclear fuels for civilian energy production, and
producing nuclear heat sources for National Aeronautics and Space
Administration missions.
Figure 2: LANL's Chemistry and Metallurgy Research Facility:
[See PDF for image]
Photograph of LANL's chemistry and metallurgy research facility.
Source: Photo courtesy LANL.
[End of figure]
LANL's shared facilities are protected at different levels depending on
the type and amount of classified resources they house or store. DOE
Manual 470.4-2, Physical Protection, defines these different levels and
the types of safeguards that must be in place to ensure that classified
resources are adequately protected.[Footnote 12] Table 1 summarizes
these security levels and appropriate safeguards from lowest to highest
level of security.
Table 1: DOE Security Levels and Associated Appropriate Safeguards:
Security level: Property Protection Area;
Types of classified resources that can be housed or stored: None;
Appropriate safeguards: Locks and keys, access control systems, signs
prohibiting trespassing, and guards.
Security level: Limited Area;
Types of classified resources that can be housed or stored: Category
III special nuclear material, classified documents, media, and parts
stored in approved containers or vaults or vault-type rooms within the
area;
Appropriate safeguards: Physical barriers designating the area, means
to detect unauthorized entry, and escorts for authorized visitors.
Security level: Exclusion Area;
Types of classified resources that can be housed or stored: Category
III special nuclear material, classified documents, media, and parts
stored in approved containers or vaults or vault-type rooms within the
area;
Appropriate safeguards: An additional security area within a Limited
Area designated by physical barriers, means to detect unauthorized
entry, and requiring escorts for all visitors who do not hold DOE
security clearances and have a need to know.
Security level: Protected Area;
Types of classified resources that can be housed or stored: Category II
special nuclear material, classified documents, media, and parts stored
in approved containers or vaults or vault-type rooms within the area;
Appropriate safeguards: An additional security area within an Exclusion
Area designated by perimeter intrusion detection systems, vehicle
barriers, perimeter alarm monitoring, entry and exit inspections, and
identity and access validation by armed guards or by an automated
system.
Security level: Material Access Area;
Types of classified resources that can be housed or stored: Category I
special nuclear material, classified documents, media, and parts stored
in approved containers or vaults or vault-type rooms within the area;
Appropriate safeguards: An additional security area within a Protected
Area designated by barriers that provide sufficient delay time to
impede, control, or deter unauthorized access.
Source: DOE.
[End of table]
To determine the overall effectiveness of LANL's implementation of DOE
security requirements and the laboratory's security performance, two
DOE organizations periodically conduct independent reviews. DOE's
Office of Independent Oversight conducts assessments, typically every
18 months. These assessments identify the weaknesses of LANL's security
program and produce findings that laboratory officials must take action
to correct. NNSA's Los Alamos Site Office is also required to conduct
surveys annually. These surveys are based on observations of
performance, including compliance with DOE and NNSA security
directives. While the two types of reviews differently categorize the
topics and subtopics they cover, the reviews overlap substantially.
They both address security program management, protective forces,
physical security, classified information protection, control and
accountability of nuclear materials, personnel security, and cyber
security. Furthermore, they both use a color-coding system to rate each
area of review as either Green (satisfactory or effective), Yellow
(marginal or needs improvement), or Red (unsatisfactory or significant
weakness).[Footnote 13] The results of these reviews affect LANS's
ability to earn its performance-based award fee for successful
management and operation of LANL.
Under the contract between LANS and NNSA for the management and
operation of LANL, NNSA is to establish the work to be accomplished by
LANL, set requirements to be met, and provide performance direction for
what NNSA wants in each of its programs. NNSA does this by annually
issuing a performance evaluation plan that documents the process and
associated performance objectives, performance incentives, award term
incentives, and associated measures and targets for evaluating LANS's
performance. In the performance evaluation plans for fiscal years 2007
and 2008, performance objectives and award fee incentives were
specifically provided for security performance. LANL's contract
requires the development of a Contractor Assurance System to increase
accountability and improve management and performance. The Contractor
Assurance System, according to the LANL official responsible for its
implementation, is an integrated performance-based management system
that is designed to include independent assessment and that is
available as a tool for federal oversight. Notwithstanding the
development of the Contractor Assurance System, under the contract with
LANS, NNSA preserves its right to conduct direct oversight,
particularly in the area of security.
The Secretary of Energy has authority under 10 C.F.R. § 824.4(b) of
DOE's Procedural Rules for the Assessment of Civil Penalties for
Classified Information Security Violations to issue compliance orders
that direct management and operating contractors to take specific
corrective actions to remediate deficiencies that contributed to
security violations regarding classified information. On July 12, 2007,
the Secretary of Energy issued a compliance order to LANS as a result
of the security incident uncovered in October 2006 when a subcontractor
employee removed classified information from LANL without
authorization. Analysis of the incident identified numerous breakdowns
in LANL's classified information protection program and concluded that
these breakdowns were caused, in part, by poor security practices. The
Compliance Order directs LANS to take comprehensive steps to ensure
that it identifies and addresses critical classified information and
cyber security deficiencies at LANL. These steps must be completed by
December 2008. Violation of the Compliance Order would subject LANS to
civil penalties of up to $100,000 per violation per day until
compliance is reached.
LANL Conducts Over 175 Program Activities That Fall into Three Major
and Two Support Program Categories:
LANL has three major program categories--Nuclear Weapons Science,
Threat Reduction Science and Support, and Fundamental Science and
Energy. Nuclear Weapons Science programs ensure the safety,
performance, and reliability of the U.S. nuclear deterrent. Threat
Reduction Science and Support programs support nonproliferation and
counterproliferation efforts. Fundamental Science and Energy programs
address other national security concerns, particularly energy security,
and provide basic scientific capabilities that support laboratory
missions. LANL has two support program categories--Environmental
Programs and Safeguards and Security. Environmental Programs address
the remediation and disposition of waste at LANL. Safeguards and
Security programs provide LANL with physical and cyber security
protection. In addition to activities across these program categories
that are supported by DOE and NNSA, LANL conducts millions of dollars
in work for other federal agencies on specific research projects.
Nuclear Weapons Science Programs Ensure the Safety, Performance, and
Reliability of the U.S. Nuclear Deterrent:
LANL's primary mission is to ensure the safety, performance, and
reliability of nuclear weapons in the nation's stockpile without
performing underground nuclear weapon tests. It is responsible for the
design, evaluation, annual assessment, and certification of the United
States' W76 and W88 submarine launched ballistic missile warheads, the
W78 intercontinental ballistic missile warhead, and the B61 nuclear
bomb and works in cooperation with NNSA's other nuclear weapons design
laboratories and production plants.[Footnote 14] Because the United
States stopped conducting underground nuclear weapon tests in 1992,
LANL weapons scientists and engineers are involved in hundreds of
research projects in programs aimed at developing strong physics
modeling and predictive capabilities that provide information about
nuclear weapons' performance. Of particular focus since 2001 has been
the development of a common methodology, known as "Quantification of
Margins and Uncertainties," for quantifying critical design and
engineering factors during the operation of a nuclear weapon and the
margin for these factors above which the weapons could fail to perform
as designed.[Footnote 15] Furthermore, LANL is involved in two ongoing
life extension programs, for the W76 and B61, which are efforts to
refurbish aging weapons and extend their lifetimes for 20 to 30 years.
[Footnote 16] In addition, LANL builds, operates, and maintains the
infrastructure necessary to carry out its nuclear weapons mission and
to support other laboratory missions.
In fiscal year 2007, LANL conducted work on 41 Nuclear Weapons Science
programs supported by about 3,400 FTEs and with a budget from NNSA of
about $1.5 billion, which represented over half of LANL's total budget
and approximately 87 percent of the funds received from NNSA for all of
LANL's major program categories. Appendix II provides additional detail
on LANL's Nuclear Weapons Science programs. Out of the $1.5 billion
total budget for LANL's Nuclear Weapons Science programs, nearly $560
million--or 37 percent--was budgeted for the operation of the
facilities that support these programs, as well as new line item
construction projects. In addition, the following five other programs
together represent another 45 percent of LANL's Nuclear Weapons Science
budget:
* Pit Manufacturing and Certification. Since 2001 LANL has been working
to reconstitute the nation's capability to manufacture and certify
pits, which was lost when DOE's Rocky Flats Plant near Denver,
Colorado, closed in 1989. This program re-establishes an immediate
capability to manufacture pits in support of the nuclear weapons
stockpile, plans for long-term pit manufacturing capability, and
manufactures specific quantities of W88 pits.[Footnote 17] In fiscal
year 2007--the year LANL delivered the first war reserve W88 pits for
the nation's stockpile--the budget for Pit Manufacturing and
Certification was $226.9 million, and the program was supported by 599
FTEs.
* Advanced Simulation and Computing. To compensate in part for the loss
of underground nuclear testing as a means for gathering data on nuclear
weapon performance, a program of advanced simulation and computing--
hardware, software, and code--was implemented to provide predictive
computer models, supported by above ground experimental data and
archived data from past underground nuclear tests, that simulate
nuclear weapon performance. In fiscal year 2007, the budget for
Advanced Simulation and Computing was $202.5 million, and the program
was supported by 446 FTEs.
* Stockpile Services. This program supports research, development, and
production work that is applicable to multiple nuclear weapon systems
rather than a specific weapon system. For example, scientists may
conduct basic research on critical factors of nuclear weapon operations
in this program or run tests on components shared by nuclear weapon
systems. In fiscal year 2007, the budget for Stockpile Services was
$140.7 million, and the program was supported by 361 FTEs.
* Stockpile Systems. For each weapon type for which LANL is
responsible, this program supports routine maintenance; periodic
repair; replacement of components; and surveillance testing to assure
the weapon type's continued safety, security, and reliability. In
fiscal year 2007, the budget for Stockpile Systems was $67.4 million,
and the program was supported by 162 FTEs.
* Life Extension Program. This program extends the lifetimes of
warheads or the components of these warheads to ensure that they
continue to perform as designed. LANL is currently focused on programs
to extend the lifetimes of the B61 and W76 weapon types by 20 and 30
years, respectively. In fiscal year 2007, the budget for LANL's life
extension programs was $44.1 million, and the programs were supported
by 120 FTEs.
LANL's directorate for Weapons Programs is responsible for the conduct
of these programs and carries them out primarily through three
associate directorates--Weapons Physics, Weapons Engineering, and
Stockpile Manufacturing and Support--as well as an office of Weapons
Infrastructure. These organizations draw upon scientific, engineering,
and experimental capabilities from throughout the laboratory to answer
specific points of inquiry and to solve problems related to the nuclear
weapons stockpile. For example, the Weapons Physics associate
directorate has identified 10 key capabilities that it believes are
necessary to ensure that it can execute its weapons program work, many
of which also aid scientific work outside of Nuclear Weapons Science
programs. These capabilities, which reside in technical organizations
outside of the Weapons Program Directorate, include expertise in high-
performance computing, dynamic model validation, and radiochemistry.
This matrixed approach, according to LANL officials, allows LANL's
technical staff to work among peers in their respective fields and to
apply their expertise to Nuclear Weapons Science programs as the need
arises.
Threat Reduction Science and Support Programs Support Nonproliferation
and Counterproliferation Efforts:
In addition to helping ensure the safety and reliability of the U.S.
nuclear deterrent, LANL applies science and technology to reduce the
global threat of weapons of mass destruction (WMD), the proliferation
of WMD, and terrorism. LANL pursues this mission through programs in
three areas. First, the laboratory's nuclear nonproliferation programs,
primarily funded by NNSA, focus on ways to address nuclear and
radiological threats domestically and internationally. Second, LANL
scientists familiar with WMD support the work of the Intelligence
Community. Third, LANL conducts research programs supported by federal
agencies, such as the Departments of Defense and Homeland Security,
that provide foundational science and technology solutions to defeat
chemical, radiological, biological, and nuclear WMD. Programs in these
latter two areas are conducted as work for other federal agencies and
are discussed in more detail in a subsequent section of this report.
In fiscal year 2007, NNSA supported 12 Threat Reduction Science and
Support nuclear nonproliferation programs at LANL that relied on over
480 FTEs and had a budget of about $225 million. Of these 12 programs,
9 were budgeted at over $1 million each in fiscal year 2007. Appendix
III provides additional detail on these Threat Reduction Science and
Support programs. Over 60 percent of the budget NNSA provided to
support Threat Reduction Science and Support programs was for two
programs:
* Nonproliferation and Verification Research and Development. This
program conducts scientific research and development and provides
monitoring, sensing, and measurement technologies to observe the earth
from space-based satellites and produces and updates data for ground-
based systems in order to detect banned nuclear explosions. In
particular, LANL produces electromagnetic pulse and radiation sensors
that are integrated into U.S. Air Force satellites and develops
algorithms used to process remote sensing data. In fiscal year 2007,
the budget for Nonproliferation and Verification Research and
Development was $95.5 million, and the program was supported by 254
FTEs.
* U.S. Surplus Fissile Materials Disposition. NNSA funds efforts to
dispose of the country's surplus plutonium and highly enriched uranium.
LANL supports plutonium disposition efforts by developing the
processing technologies that will be used in a facility currently
planned for construction at the Savannah River Site in South Carolina.
This facility will disassemble surplus nuclear weapon pits and convert
the plutonium in them into a powder form that can later be fabricated
into a fuel useable in commercial nuclear reactors. In fiscal year
2007, LANL's budget for this plutonium disposition work was $43
million, and the work was supported by 117 FTEs.
LANL's Directorate for Threat Reduction is responsible for conducting
the laboratory's Threat Reduction Science and Support programs. Those
programs primarily supported by NNSA are carried out through the
directorate's Nuclear Nonproliferation program office. This office
employs scientific, engineering, and experimental capabilities from
throughout the laboratory to accomplish program missions. According to
LANL officials, these capabilities, such as nuclear device design and
radiochemistry, were initially developed to support Nuclear Weapons
Science missions but are now being leveraged to support Threat
Reduction Science and Support missions. In turn, these officials told
us results from Threat Reduction Science and Support programs provide
feedback to Nuclear Weapons Science programs. For example, information
on techniques to disarm nuclear weapons that are learned in threat
reduction work can be used to improve the safety and security of the
U.S. nuclear weapons stockpile.
Fundamental Science and Energy Programs Address Energy Security and
Other Emerging National Security Challenges and Support Basic
Scientific Research:
As a national security science laboratory, LANL's mission also includes
the development and application of science and technology to solve
emerging national security challenges beyond those presented by WMD.
LANL's Fundamental Science and Energy programs are managed by the
laboratory's Science, Technology and Engineering Directorate, and funds
to support these programs come from multiple offices within DOE, as
well as other federal agencies. In fiscal year 2007, DOE supported 40
programs focusing on energy security--specifically, fossil energy,
civilian nuclear energy, alternative energy, and fusion. In addition,
DOE supported basic scientific work in such areas as advanced
computing, biology, environmental science, nuclear physics, and
materials science, as well as Laboratory-Directed Research and
Development projects. In total, DOE provided $151 million for
Fundamental Science and Energy programs that supported over 380 FTEs.
Appendix IV describes, in detail, LANL's DOE supported Fundamental
Science and Energy programs. Work for other federal agencies and
Laboratory-Directed Research and Development projects in Fundamental
Science and Energy are discussed in a subsequent section of this
report.
LANL officials told us the laboratory's Fundamental Science and Energy
programs, in conjunction with its Nuclear Weapons Science and Threat
Reduction Science and Support programs, provide an integrated approach
to national security science because these programs leverage one
another's scientific, engineering, and experimental capabilities. For
example, according to a senior LANL Science, Technology and Engineering
official, LANL's Nuclear Weapons Science researchers developed
expertise in underground work, such as tunnel boring, to facilitate
underground nuclear testing, and this expertise has been translated for
use in fossil energy activities. Specifically, the scientists and
engineers responsible for the nuclear weapon test readiness program
work out of the Fundamental Science and Energy organization. Similarly,
capabilities in high-performance computing and simulation utilized by
Nuclear Weapons Science programs have been applied to many other
national security and Fundamental Science and Energy applications.
Furthermore, a senior LANL Nuclear Weapons Science official told us
that 7 of the 10 key capabilities identified for Weapons Physics work,
such as high-performance computing, computational math and physics, and
weapons material properties and characterization, are managed out of
the same directorate responsible for LANL's Fundamental Science and
Energy programs. More than one-quarter of LANL's career employees work
in more than one of LANL's major program areas, and laboratory
officials told us a substantial number of employees develop the
critical skills needed for the Nuclear Weapons Science and Threat
Reduction Science and Support programs by first working in Fundamental
Science and Energy programs.
Environmental Programs Address Remediation of Waste at LANL:
LANL's Environmental Programs support the laboratory's scientific work
by addressing legacy contamination, legacy waste disposition, and new
waste at the site produced as a function of programmatic work. This
waste is categorized as either legacy--generated before 1998--or newly
generated. DOE's Office of Environmental Management provides funding
for activities to remediate legacy contaminated sites and to dispose of
legacy waste, and NNSA provides funding for activities to dispose of
newly generated waste. LANL charges program organizations for
disposition of newly generated waste, providing an additional stream of
funds to support Environmental Programs. In fiscal year 2007, DOE's
Office of Environmental Management supported LANL's legacy remediation
and waste activities with a budget of over $146 million that supported
about 325 FTEs. Costs and FTEs associated with processing newly
generated waste and managing and operating the facilities that process
them are paid for by the Nuclear Weapons Science facilities and
operations programs discussed above. This work generally amounts to $40
million per year, and 87 FTEs support newly generated waste-processing
activities.
LANL's legacy contamination remediation activities focus on remediation
of contaminated sites and decontamination and decommissioning of
contaminated structures. LANL must complete its work on contaminated
sites by 2015 to comply with a Consent Order from the state of New
Mexico's Environment Department to remediate soil and groundwater
contamination.[Footnote 18] According to the LANL official responsible
for this work, as of May 2007, LANL had cleaned up 1,434 of the 2,194
contaminated sites; however, the remaining sites are more difficult to
address. This LANL official estimated that between 2007 and 2015,
remediation of all of the sites will cost approximately $900 million.
LANL's newly generated waste activities focus on liquid and solid waste
processing and disposal. Radioactive liquid waste at LANL is processed
at the laboratory's Radioactive Liquid Waste Treatment facility, a
building that is 45 years old. Upgrades to the treatment facility are
currently under way, and the upgraded facility is expected to be
operational by 2010. Solid waste--typically comprising discarded rags,
tools, equipment, soils, and other solid materials contaminated by man-
made radioactive materials--are processed at LANL's Technical Area-54
Area G Disposal Site. Engineering and design work has begun on a
replacement facility for processing solid waste, and the facility is
expected to be operational in 2014.
LANL's Safeguards and Security Program Provides Physical and Cyber
Security Protection:
LANL's Safeguards and Security program aims to provide the laboratory
with protection measures that are consistent with the threats and risks
detailed in the laboratory's Site Safeguards and Security Plan. This
plan, which NNSA reviews annually, details levels of protection that
must be provided in different areas of the laboratory to ensure secure
programmatic operations and covers such topics as protective forces,
site perimeter security, accountability and control over special
nuclear material, protection of hard copy and electronic classified
information, alarms, intrusion detection systems, identification
badges, and security clearances. In fiscal year 2007, $140 million and
over 900 FTEs supported Safeguards and Security operations.
In addition, construction projects provide new and upgraded security
protection at key areas. Specifically, an additional $48 million was
budgeted to support two construction projects in fiscal year 2007. The
first is the second phase of the Nuclear Materials Safeguards and
Security Upgrade project, which focuses on providing upgraded perimeter
protection for the facility at LANL where pits are manufactured. The
second project focuses on creating a more secure entry point for
vehicle traffic at LANL by establishing access control stations and
altering traffic patterns on public roads (see fig. 3).
Figure 3: Security Perimeter Project:
[See PDF for image]
Photograph of security checkpoint.
Source: Photo courtesy LANL.
[End of figure]
While LANL employs security professionals, the technical divisions, in
practice, have been responsible for securing their own classified
resources by operating their own vault-type rooms, classified computer
networks, and classified work areas. These divisions also operated
accountability systems for maintaining control over classified
resources. Professional security staff advise technical divisions on
security requirements and check on whether established practices are
appropriately implemented and managed. More recently, security
professionals have been deployed to technical divisions to assist
directly with security operations, and according to LANL officials,
classified resource protection has been centralized to a greater extent
through such actions as consolidating storage of all accountable
classified documents into one location.
LANL's Programs Include Millions of Dollars in Work for Other Federal
Agencies and Laboratory-Directed Research and Development Projects:
Work for Others:
According to LANL, the laboratory's budget for work for others projects
in fiscal year 2007 was $462.4 million--or about 17 percent of the
laboratory's total budgetary resources--and these projects relied on
nearly 800 FTEs. NNSA's Site Office reported that LANL scientists and
engineers conducted work on over 1,200 individual projects for other
federal agencies and outside entities in fiscal year 2007. Of these
1,200 projects, only 93 had fiscal year 2007 budgets of $1 million or
more, and the budgets for these 93 projects totaled about $270 million,
or 58 percent of all projects' budgets in fiscal year 2007. Nearly 60
percent of the $270 million available for these 93 projects came from
the following two sources:
* Defense related intelligence agencies sponsored 26 of the 93
projects. These projects are described by LANL as "International
Technology" projects.
* The Department of Homeland Security sponsored an additional 24 of the
93 projects. The largest of these projects supports the National
Infrastructure Simulation and Analysis Center. The National
Infrastructure Simulation and Analysis Center applies LANL's expertise
in computer-based modeling and simulation for national response to
national security events, such as a nuclear or radiological device
explosion or an outbreak of infectious disease. Other projects focus on
research and development related to defeating chemical and biological
weapons, detecting the movement of radioactive materials, and providing
threat assessment capabilities.
Work for others activities are concentrated in LANL's Threat Reduction
Science and Support and Fundamental Science and Energy programs. In
particular, 27 Threat Reduction Science and Support programs received
several hundred million dollars in fiscal year 2007. Twenty Fundamental
Science and Energy programs received about $162 million to conduct work
for others activities in fiscal year 2007. Of this total, 41 percent
came from other DOE entities, such as other national laboratories; 19
percent from the Department of Health and Human Services; 13 percent
from the National Aeronautics and Space Administration; and 10 percent
from universities and institutions.
Laboratory-Directed Research and Development:
In addition to programs supported by NNSA, DOE, and other federal and
nonfederal work sponsors, LANL supports a program of Laboratory-
Directed Research and Development (LDRD) that focuses on forefront
areas of science and technology that are relevant to NNSA and DOE
missions but are not directly funded by specific NNSA or DOE programs.
LDRD projects are largely self-initiated and are funded indirectly by
LANL through contributions made by directly funded programs. To this
end, funds allocated for use on LDRD projects are not a budgeted
expense, but do contribute to the cost of LANL's work. DOE guidance
requires that the maximum funding level for LDRD projects not exceed 8
percent of a laboratory's total operating and capital equipment budget.
In fiscal year 2007, LANL provided just under $130 million to conduct
work on 199 LDRD projects involving approximately 470 FTEs. These
projects ranged in scope from research on predictive climate modeling,
to nanotechnology in semiconductors, to medical technologies, to
plutonium sciences. DOE guidance requires that LDRD projects normally
conclude within 36 months of inception.[Footnote 19]
LANL's Nuclear Weapons Science Programs Rely on Classified Resources to
Accomplish Their Missions to a Greater Extent Than Do Other LANL
Programs:
To carry out its programs, LANL's major and support programs operate in
a wide variety of shared facilities, ranging from office buildings, to
laboratories, to manufacturing facilities for nuclear weapon pits and
high explosives. In this regard, LANL officials identified 633 such
facilities, which are protected at different security levels. Of these
633 facilities, 607 are used by LANL's major programs. Table 2 provides
information on the different levels of security at which LANL's major
and support program facilities are protected.
Table 2: Security Levels of LANL Facilities, as of December 2007:
Security level: Material Access Area;
Number of facilities: 1.
Security level: Protected Area;
Number of facilities: 9.
Security level: Exclusion Area;
Number of facilities: 33.
Security level: Exclusion Area/Limited Area[A];
Number of facilities: 2.
Security level: Limited Area;
Number of facilities: 320.
Security level: Limited Area/Property Protection Area[A];
Number of facilities: 7.
Security level: Property Protection Area;
Number of facilities: 243.
Security level: Other[B];
Number of facilities: 18.
Security level: Total;
Number of facilities: 633.
Source: GAO analysis of LANL data.
[A] Portions of some facilities are protected at higher security levels
than other portions of the same facility.
[B] Other facilities are not protected at a specific security level
because they are scheduled for demolition or for transfer to a
different owner.
[End of table]
Facilities with appropriate levels of security house or store a variety
of classified resources, ranging from special nuclear material to
classified documents. At least 365 facilities are protected in their
entirety at the Limited Area level or above, which is sufficient to
allow them to store classified documents or perform classified
activities. In contrast, Category I special nuclear material will be
found in a facility that has all of the protections provided by
Limited, Exclusion, Protected, and Material Access Areas. Table 3
provides information on the different types of classified resources
housed or stored in these facilities.
Table 3: Number of LANL Facilities that House or Store Different Types
of Classified Resources, as of December 2007:
Classified resource: Category I special nuclear material;
Number of facilities storing classified resource: 1.
Classified resource: Category III special nuclear material;
Number of facilities storing classified resource: 3.
Classified resource: Category III/IV special nuclear material;
Number of facilities storing classified resource: 3.
Classified resource: Category IV special nuclear material;
Number of facilities storing classified resource: 22.
Classified resource: Classified, or "red," computer network access;
Number of facilities storing classified resource: 94.
Classified resource: Classified parts storage;
Number of facilities storing classified resource: 66.
Classified resource: Vault-type rooms;
Number of facilities storing classified resource: 60.
Source: GAO analysis of LANL data.
Notes: Facilities cannot be totaled because a single facility may
contain multiple types of classified resources.
In addition to these types of classified resources, a few facilities at
LANL also contain one or more Sensitive Compartmented Information
Facilities. In addition, facilities at LANL store classified documents
that are of a low enough classification level that they are not subject
to tracking with an accountability system. LANL estimates that these
documents number around 9 million.
[End of table]
LANL's Nuclear Weapons Science programs rely on facilities that house
classified resources to a much greater extent than do the laboratory's
Threat Reduction Science and Support or Fundamental Science and Energy
programs. In contrast, LANL's Environmental and Safeguards and Security
support programs rely on facilities that house classified resources to
a minor extent. Specifically, Nuclear Weapons Science programs use 322
facilities that require security protections for classified resources.
Thirty-two of these 322 facilities are protected at the highest levels
as Exclusion, Protected, and Material Access Areas. Nuclear Weapons
Science programs are the primary users--meaning they use more space in
a facility than any of the other major or support programs at LANL--of
28 of these 32 facilities, including LANL's single Category I special
nuclear material facility, known as Plutonium Facility 4 at Technical
Area-55. Threat Reduction Science and Support programs use 105
facilities that require security protections for classified resources,
31 of which are protected as Exclusion, Protected, and Material Access
Areas. Of these 31, Threat Reduction Science and Support is the primary
user of 14, including all of LANL's facilities for Sensitive
Compartmented Information. Finally, Fundamental Science and Energy uses
103 facilities that require security protections for classified
resources. While 15 of these are protected as Exclusion, Protected, and
Material Access Areas, Fundamental Science and Energy is not the
primary user of any of these 15 facilities.
Finally, LANL's Nuclear Weapons Science programs are the primary users
of facilities storing or housing different types of classified
resources to a greater extent than are LANL's Threat Reduction Science
and Support or Fundamental Science and Energy programs. Table 4
provides information on the primary-user facilities that house or store
classified resources, as well as vault-type rooms.
Table 4: Primary Users of Facilities with Different Types of Classified
Resources, as of December 2007:
Classified resource type: Category I special nuclear material;
Nuclear Weapons Science programs: 1;
Threat Reduction Science and Support programs: 0;
Fundamental Science and Energy programs: 0.
Classified resource type: Category III special nuclear material;
Nuclear Weapons Science programs: 3;
Threat Reduction Science and Support programs: 0;
Fundamental Science and Energy programs: 0.
Classified resource type: Category III/IV special nuclear material;
Nuclear Weapons Science programs: 0;
Threat Reduction Science and Support programs: 3;
Fundamental Science and Energy programs: 0.
Classified resource type: Category IV special nuclear material;
Nuclear Weapons Science programs: 10;
Threat Reduction Science and Support programs: 1;
Fundamental Science and Energy programs: 3.
Classified resource type: Classified "red" computer network access;
Nuclear Weapons Science programs: 75;
Threat Reduction Science and Support programs: 5;
Fundamental Science and Energy programs: 3.
Classified resource type: Classified parts storage;
Nuclear Weapons Science programs: 58;
Threat Reduction Science and Support programs: 5;
Fundamental Science and Energy programs: 0.
Classified resource type: Vault-type rooms;
Nuclear Weapons Science programs: 38;
Threat Reduction Science and Support programs: 8;
Fundamental Science and Energy programs: 2.
Source: GAO analysis of LANL data.
Notes: Facilities cannot be totaled because a single facility may
contain multiple types of classified resources.
LANL's Threat Reduction Science and Support programs are also the
primary users of all of the laboratory's facilities that contain
Sensitive Compartmented Information Facilities.
Where there was no clear primary user of a classified resource (i.e.,
programs used the facility housing the resource to the same extent)
those data are excluded.
[End of table]
LANL Is Implementing Over Two Dozen Initiatives Officials Believe Will
Reduce Security Risk and Improve Protection of Classified Resources:
LANL has initiatives under way that are principally aimed at reducing,
consolidating, and better protecting classified resources, as well as
reducing the physical footprint of the laboratory by closing unneeded
facilities. LANL officials believe that these initiatives will reduce
the risk of incidents that can result in the loss of control over
classified resources. In concert with these actions, LANL is
implementing a series of engineered and administrative controls to
better protect and control classified resources.
LANL Is Reducing and Consolidating Classified Resources and Its
Physical Footprint:
According to NNSA security officials, the size and geographic dispersal
of LANL's facilities creates challenges for classified operations at
the laboratory because classified resources must be shared among
programs that use remote facilities. This condition increases the
number of instances in which laboratory employees move and hand off
classified resources--a situation that has created accountability
problems. To address this problem, LANL is reducing classified holdings
at the laboratory; consolidating storage of and access to these
resources in fewer facilities that are more centrally located and
controlled; and where possible, eliminating hard copies and classified
removable electronic media by transferring the information to LANL's
classified "red" computer network. Simultaneously, LANL is reducing the
overall size of its physical footprint by eliminating facilities that
are in poor or failing condition or are excess to mission needs.
Classified Resources Reduction and Consolidation:
LANL is undertaking a number of initiatives that security officials
believe will improve LANL's security posture and, thereby, risk to the
laboratory's operations. These initiatives are being managed in the
short-term by a Security Improvements Task Force, a multidisciplinary
team chartered in January 2007 to improve physical security operations.
The Task Force targeted six types of classified resources for immediate
consolidation and reduction: (1) accountable classified removable
electronic media; (2) classified removable electronic media that do not
need to be tracked with an accountability system; (3) classified parts;
(4) accountable classified documents; (5) classified documents that do
not need to be tracked with an accountability system; and (6) vaults
and vault-type rooms. With respect to each type of resource, LANL
developed a baseline inventory of resources, identified resources that
could be destroyed, or, in the case of vaults and vault-type rooms,
emptied and consolidated remaining resources into fewer facilities. As
of March 2008, the latest date for which data is available, LANL had
significantly reduced and consolidated each of these resources, as
described:
* Accountable classified removable electronic media. LANL reduced the
number of pieces of accountable classified removable electronic media
actively in use from a high of 87,000 pieces in 2003 to about 4,300
pieces.
* Classified removable electronic media. LANL instituted a "spring
cleaning" project in May 2007 that contributed to the destruction of
610 pieces of classified removable electronic media. According to a
senior LANL security official, LANL completed an assessment of its
classified removable electronic media holdings in February 2008 and
estimates there are approximately 6,500 pieces of nonaccountable
classified removable electronic media at the laboratory. Security
officials said unneeded media will be destroyed during a second spring
cleaning effort in May 2008.
* Classified parts. LANL has allocated nearly $1.7 million for a
project to inventory tens of thousands of classified nuclear weapon
parts, destroy those that are no longer useful, and centrally manage
those that remain. Through a laboratorywide effort, nearly 30,000
classified parts were identified and destroyed between February 2007
and March 2008 by either melting the parts, grinding them into shapes
that are no longer classified, or by blowing them up. According to LANL
officials, additional destruction of classified parts is under way.
* Accountable classified documents. LANL completed consolidation of all
accountable documents into a single storage library in November 2007.
While accountable classified documents are created and destroyed on an
ongoing basis, as of March 2008, LANL was managing just over 6,000
accountable classified documents.
* Classified documents. According to a senior LANL security official,
the laboratory completed an assessment of nonaccountable classified
documents in February 2008 and estimates there are approximately 9
million classified documents at the laboratory. From April 2007 through
February 2008, LANL destroyed over 1.6 million pages of classified
documents, and another destruction effort is planned for May 2008.
* Vaults and vault-type rooms. LANL has reduced the number of vault-
type rooms at the laboratory from 142 to 111 and plans to further
reduce the number to 106. One LANL security official said he thought
the laboratory could ultimately reduce the number of vault-type rooms
to 100. Of the remaining vaults and vault-type rooms, LANL officials
told us all have been comprehensively inspected and any security
deficiencies remedied. During fiscal year 2007, LANL built a prototype
"super vault-type room," a model for future vault-type room operations,
that consolidates classified resources in a highly secure, access-
controlled environment staffed by security professionals. According to
LANL officials, the super vault-type room has allowed LANL to
consolidate 65 percent of its accountable classified removable
electronic media holdings in one location. In addition to classified
resource storage, the super vault-type room offers classified mailing,
scanning, faxing, and printing services, thereby reducing the number of
locations, equipment, and people handling classified resources in other
parts of the laboratory.
In addition, LANL is taking steps to reduce the number of special
nuclear material storage facilities that must be protected at the site.
In 2000, there were 19 such nuclear facilities at LANL, and by 2006,
this number had decreased to 11. LANL plans to further reduce the
number of nuclear facilities at the site to five by 2016. The number of
facilities that store Category I special nuclear material has already
been reduced from nine to one. This remaining Category I facility--
LANL's Plutonium Facility 4 at Technical Area-55 (see fig. 4)--contains
the nation's only plutonium research, development, and manufacturing
facility and the laboratory's only Material Access Area. It is
protected with a combination of safeguards that include fences,
controlled access points, electronic sensors and surveillance, and
armed guards.
Figure 4: LANL's Plutonium Facility 4 at Technical Area-55:
[See PDF for image]
Aerial photograph of LANL's Plutonium Facility 4 at Technical Area-55.
Source: Photo courtesy of LANL.
[End of figure]
Physical Footprint Consolidation and Reduction:
According to the LANL Director, the laboratory has embarked on a
multiyear transformation effort to reduce its facility footprint and
better manage its infrastructure investments. Many facilities at LANL
were built in the early 1950s and are beginning to show signs of
structural or systems failure. Other structures at LANL, such as
trailers, are temporary and do not provide quality office or laboratory
space. Furthermore, the geographic separation of LANL's facilities
makes effective collaboration difficult, according to LANL program
managers. LANL officials told us that reducing the laboratory's
physical footprint will save facility operation costs and reduce
deferred maintenance costs, which LANL estimated at $321.5 million in
fiscal year 2007. Officials said it will also enhance scientific
collaboration and improve safety and security.
LANL's goal in fiscal year 2007 was to reduce its existing facility
footprint by 400,000 square feet and to reduce it by a further 1.6
million square feet in fiscal year 2008.[Footnote 20] To determine
which facilities would be reduced, several of LANL's directorates
prepared footprint reduction plans targeting facilities that (1) have
significant deferred maintenance costs, (2) are in poor or failing
condition, (3) are expensive to maintain because they were not designed
or built for energy efficiency, and (4) are considered excess to
current and anticipated mission needs. In fiscal year 2007, LANL
exceeded its footprint reduction goal by reducing existing facility
square footage by just over 500,000 square feet. Seventy-seven
facilities were reduced to contribute to this total.
According to LANL and NNSA officials, the criteria used to determine
whether a facility is considered to be reduced vary. Generally, a
facility is considered reduced when it is closed, the utilities have
been disconnected, and it is no longer occupied by laboratory
employees. However, in at least one instance, LANL considered a portion
of a facility to be reduced, while another portion remained occupied
and building utilities were still connected. A reduced facility may
still require environmental remediation and will eventually require
disposition, either through demolition, transfer, or sale.
LANL Is Introducing Engineered and Administrative Controls to Protect
Classified Resources:
LANL is also introducing engineered and administrative controls to
improve the physical security of its remaining classified resources and
to reduce the security risks associated with their use. According to
LANL, implementing these controls can help reduce errors in handling
classified resources and, therefore, reduce risk. The super vault-type
room is a solution engineered to address the risk of mishandling
accountable classified resources by putting responsibility for these
classified resources in the hands of security professionals. A senior
LANL security official told us that the laboratory relies on these
controls to influence and change laboratory employees' behavior. For
example, a LANL official said increased mandatory and additional random
searches of employees leaving vault-type rooms--an engineered control-
-should help raise employees' awareness of unauthorized removal of
classified documents or media from vault-type rooms. Furthermore,
simplifying security orders--an administrative control--should help
LANL employees understand and implement their security obligations.
Examples of engineered controls, beyond the initiatives to reduce and
consolidate the seven types of classified resources discussed above,
include:
* improving security perimeters around the laboratory and around
specific facilities;
* adding to and reinforcing existing vehicle access control points;
* expanding a random drug testing program to include all new and
existing LANL employees and subcontractors;
* increasing random searches performed by protective forces on
individuals in secure areas to ensure they are not leaving with
classified resources;
* expanding the classified "red" computer network to a greater number
of facilities, further enabling the reduction of accountable and
nonaccountable classified electronic media;
* significantly reducing laboratory computers' ability to create new
accountable and nonaccountable classified removable electronic media;
* initiating a pilot program to attach radio frequency identification
tags to cellular phones and two-way paging devices that set off an
alarm when these devices are brought into restricted areas; and:
* upgrading security alarm systems.
Examples of administrative controls include:
* issuing manuals to formalize facility operations, maintenance,
engineering, training, and safety requirements across LANL;
* updating and simplifying physical security orders to ensure
requirements are easily understood and can be implemented;
* reinforcing the applicability of security requirements to
subcontractors through a meeting and a new appendix to subcontractors'
contracts;
* enhancing procedures for escorting individuals into vault-type rooms;
* eliminating the practice of allowing cleared individuals to hold the
door for other cleared individuals entering restricted facilities,
known as "piggybacking," by requiring that all individuals entering
restricted facilities swipe their badges;
* implementing Human Performance Assessments of security incidents that
identify how a lack of engineered or administrative controls, which can
be corrected, contribute to human errors; and:
* reissuing work control policies emphasizing Integrated Safeguards and
Security Management, a system intended to provide each LANL employee
with a framework for performing work securely and fulfilling individual
security responsibilities.
While LANL's Initiatives Address Many Security Problems Identified in
Prior External Evaluations, Other Significant Security Problems Have
Received Insufficient Attention:
Many of the initiatives LANL is undertaking address security findings
identified in external evaluations, particularly those conducted by
DOE's Office of Independent Oversight and NNSA's Site Office. Some of
these initiatives are being implemented in response to DOE's 2007
Compliance Order, which resulted from the October 2006 security
incident. Despite these efforts, however, significant security problems
have not been fully addressed. Furthermore, in fiscal year 2007 LANL's
initiative to reduce the physical footprint of its site reduced
maintenance costs more than it addressed facility security.
Many of LANL's Initiatives Address Security Problems Identified by
DOE's Office of Independent Oversight and NNSA's Site Office between
Fiscal Years 2000 and 2008:
Between fiscal years 2000 and 2008, DOE's Office of Independent
Oversight issued four complete assessments of security at LANL.
[Footnote 21] Over the same period, NNSA's Los Alamos Site Office
conducted seven surveys of laboratory security.[Footnote 22] These
assessments and surveys identified a variety of security problems at
LANL, many of which are being addressed through initiatives LANL is
currently implementing. Some examples follow:
* Inadequate accounting for classified documents. Issues with the
adequacy of LANL's accounting for classified documents were raised by
the Site Office in fiscal years 2005 and 2006 and by DOE's Office of
Independent Oversight in fiscal year 2007. These issues related to the
inconsistent handling of classified documents by document custodians in
LANL's divisions and to the timeliness of updates to LANL's classified
document and media accountability policies to ensure that they
reflected DOE's policies. Several of LANL's ongoing security
initiatives and engineered and administrative controls are intended to
address these concerns by centrally storing and handling accountable
classified documents in vaults, vault-type rooms, and the super vault-
type room staffed by security professionals and by implementing an
automated system to update classification guidance.
* Inadequate accounting for classified nuclear weapon parts. Findings
about the adequacy of LANL's accounting for classified parts were
raised by the Site Office in fiscal year 2001 and by DOE's Office of
Independent Oversight in fiscal years 2003, 2007, and 2008. These
findings related to improper marking of classified parts with their
appropriate classification level and storage of classified parts in
containers and facilities that are considered nonstandard, or out of
compliance with DOE rules governing classified resource storage. These
rules include requirements for building alarms, frequency of security
guard patrols, and facility vulnerability assessments. Furthermore, the
DOE Inspector General reviewed LANL's management of classified parts in
2007 and had additional findings about the inventory systems used to
maintain accountability over classified parts.[Footnote 23] While LANL
has not resolved issues related to nonstandard storage (see discussion
in a subsequent section of this report), LANL officials told us that by
destroying nearly 30,000 classified parts at the laboratory, they have
established a goal to reduce the number of nonstandard storage
facilities from 24 to 0 by the end of August 2008. LANL is also
developing a new, centrally controlled inventory system for tracking
classified parts and has created administrative procedures and guidance
for the system's use.
* Inconsistent efforts to reduce classified holdings. A finding about
the consistency of LANL's efforts to reduce classified holdings was
raised by the Site Office in fiscal year 2001. The Site Office noted
that despite the existence of LANL procedures for regularly reviewing
classified inventories to reduce them to the minimum necessary, routine
review and reduction of classified inventories was not occurring. While
other surveys and assessments did not discuss this finding, LANL's
current initiatives to reduce accountable and nonaccountable documents
and classified removable electronic media, which began in 2003, have
significantly reduced holdings, and future classified holdings
reduction targets are being developed.
Through engineered controls, LANL is also attempting to limit the
ability and the need to create new classified removable electronic
media and to make the information previously stored on removable media
available through the laboratory's classified computer network.
Specifically, to prevent the creation of new media, LANL is removing
functions on classified computers that would allow media to be created
or copied and is deploying new classified computing systems that do not
contain the capability to create removable electronic media. In
addition, LANL has undertaken an effort to upload the information
stored on classified removable electronic media to the laboratory's
classified computer network before the media are either destroyed or
permanently archived. LANL officials said this will reduce the risk
that media could be mishandled, thus improving the laboratory's
physical security. However, LANL officials also acknowledged that
transferring information from classified media to a classified network
represents a shift from physical security risk to cyber security risk.
A senior LANL official told us this risk is minimized by ensuring that
LANL's classified network is appropriately protected and access to the
network is properly controlled.[Footnote 24]
* Insufficient security at vault-type rooms. Findings about the
sufficiency of security at LANL's vault-type rooms were raised by the
Site Office in fiscal year 2005 and by DOE's Office of Independent
Oversight in fiscal years 2007 and 2008. These findings concerned the
adequacy of security patrols, sensor detection, and unauthorized
access. LANL has addressed concerns about vault-type room security
through comprehensive physical assessments of all vault-type rooms, and
a laboratory security official told us that all identified deficiencies
have been remedied. Furthermore, the official told us that in the
future LANL intends to recertify vault-type rooms every 2 years,
instead of every 3 years. Finally, LANL has reduced the number of vault-
type rooms in operation at the laboratory--facilitating more frequent
security patrols--and has increased mandatory and random searches of
individuals exiting vault-type rooms.
LANL is also implementing security initiatives in response to the
October 2006 security incident. Specifically, DOE's July 2007
Compliance Order, which resulted from this incident, required LANL to
submit an integrated corrective action plan to address critical
security issues at the laboratory, including many of those identified
by the Site Office and Office of Independent Oversight since 1999.
According to LANL's analysis of past information and cyber security
findings, the root causes of 76 percent of these findings were related
to inadequate policies, procedures, or management controls.
Correspondingly, many of the administrative controls LANL is now
implementing and that it included in its integrated corrective action
plan address these policy, procedural, and management problems,
including:
* reissuing policies and guidance for improving implementation of
Integrated Safeguards and Security Management, which LANL officials
told us will help individual employees ensure they execute their
security responsibilities as part of their regular work;
* providing Human Performance Assessments as a component of security
incident reports to help managers identify challenges in their work
environments that can be improved to reduce the likelihood and severity
of security errors made by employees;
* revising policies for escorting visitors into vault-type rooms to
ensure visitors' access to classified resources is properly limited;
and:
* improving communication of security requirements to subcontractors by
adding an additional exhibit to their contracts.
Not All Security Problems Are Being Fully Addressed:
While many of the initiatives and engineered and administrative
controls LANL is implementing address past security concerns, some
significant security problems identified by DOE's Office of Independent
Oversight and NNSA's Site Office have not been fully addressed.
Specifically, LANL's storage of classified parts in unapproved storage
containers and its process for ensuring that actions taken to correct
security deficiencies are completed have been cited repeatedly in past
external evaluations, but LANL has not implemented complete security
solutions in these areas. In addition, LANL's actions to address other
long-standing security concerns, such as the laboratory's process for
conducting self-assessments of its security performance and its system
for accounting for special nuclear material, have been planned but have
not, as yet, been fully implemented. More specific examples include the
following:
* Classified nuclear weapon parts storage. LANL uses General Services
Administration-approved security containers for standard storage of
classified resources. Classified resources that cannot be readily
stored in approved containers--for example, because of their size--are
stored in vaults, vault-type rooms, or nonstandard storage facilities.
According to LANL officials, there are 24 nonstandard storage areas at
the laboratory. Requests for nonstandard storage are made through a
process approved by NNSA's Site Office. LANL management reviews all
nonstandard storage requests, and requests are approved by LANL's
Physical Security group. The approval process requires LANL to conduct
risk assessments for these nonstandard storage areas.
While the Site Office has never independently raised concerns about the
adequacy of nonstandard storage areas in its surveys, the Office of
Independent Oversight has consistently called attention to this issue.
Specifically, in fiscal years 2003, 2007, and 2008, the Office of
Independent Oversight noted problems with the safeguards LANL said were
in place to protect nonstandard storage areas and questioned the risk
assessment methodology LANL has used to determine appropriate
protections. In 2007, the Chief of DOE's Office of Health, Safety and
Security, which oversees independent assessments, testified that LANL
is overly dependent on nonstandard storage for the protection of many
of its classified nuclear weapon parts and that the overall impact of
deficiencies in nonstandard storage arrangements on the protection of
these parts is substantial. LANL officials told us their goal is to
eliminate all 24 nonstandard storage areas at the laboratory by August
2008 and, in the interim, continue to apply for waivers to rules
governing standardized storage through the Site Office's approval
process. However, LANL's plans for eliminating specific nonstandard
storage areas show the elimination of one area planned for the second
quarter of fiscal year 2009--as much as seven months later than LANL's
August 2008 goal--and four others that will remain nonstandard storage
areas. Furthermore, a recent status report on nonstandard storage area
elimination activities showed that nearly all activities were at risk
of schedule delay.
* Process for ensuring that corrective actions are completed. When
evaluations result in findings of security deficiencies, LANL must
prepare a corrective action plan that charts a path forward for
resolving the finding. To resolve a deficiency and complete its
corrective action plan, DOE requires LANL to conduct a root-cause
analysis, risk assessment, and cost-benefit analysis to ensure that the
corrective action implemented truly resolves the deficiency identified.
In fiscal year 2007, the Office of Independent Oversight questioned the
completeness of corrective action plans--some of which did not include
the required risk assessments--leading to concerns about whether
actions taken to address security deficiencies would in fact prevent
recurrence. This concern is similar to our 2003 finding that corrective
action plans are often inconsistent with DOE requirements.[Footnote 25]
The fiscal year 2008 Office of Independent Oversight assessment noted
that weaknesses in corrective action plans' causal analyses remain.
Specifically, the Office of Independent Oversight found that some
corrective action plans' root-cause analyses were insufficient to
properly identify security deficiencies. According to LANL officials,
in fiscal year 2008, LANL revised its self-assessment program to ensure
that root-cause analyses are included in all corrective action plans
and that these plans are sufficient.
In fiscal year 2007 the Site Office and the Office of Independent
Oversight raised concerns about the timeliness of LANL's submission of
corrective action plans and the length of time it takes to close
corrective action plans by resolving findings. The fiscal year 2007
Performance Evaluation Plan that NNSA developed to establish priorities
for the laboratory provided LANS with financial incentives totaling
over $1 million to complete LANL's corrective actions on schedule.
While the Site Office noted significant improvement in the timeliness
and closure of corrective action plans in its fiscal year 2007 survey,
LANL did not meet the fiscal year 2007 performance milestone. NNSA's
fiscal year 2008 Performance Evaluation Plan provides LANS with a
$100,000 financial incentive to improve the timeliness of corrective
action plan development and up to an additional $357,000 to close
corrective action plans quickly and on time.
* Inadequate self-assessment. Concerns about the adequacy of LANL's
assessments of its own security performance were raised by the Site
Office in fiscal years 2003, 2005, 2006, and 2007 and by DOE's Office
of Independent Oversight in fiscal year 2008. These concerns related to
the comprehensiveness of LANL's self-assessments, the extent to which
self-assessments included discussion of all internal findings, and the
extent to which these findings were analyzed and addressed through
corrective actions. NNSA provided LANS with a nearly $600,000 financial
incentive under the fiscal year 2007 Performance Evaluation Plan to
improve LANL's self-assessment program. According to NNSA's evaluation
of LANL's fiscal year 2007 performance, LANL did not meet NNSA's goal
but did make progress toward it by significantly improving self-
assessment. The Office of Independent Oversight's fiscal year 2008
assessment also noted improvements but recommended further areas for
attention. These recommendations included ensuring that self-
assessments address all aspects of each assessment topic, such as
classified information protection and physical security. LANL officials
said training on conducting self-assessments is currently being
developed.
* Control and accountability system for special nuclear material. DOE
requires that LANL maintain a system for tracking special nuclear
material inventories, documenting nuclear material transactions,
issuing periodic reports, and detecting potential material losses.
According to LANL and Site Office security officials, the system LANL
uses, known as the Material Accountability and Safeguards System
(MASS), is over 20 years old and was developed with a now outdated
computer language. While LANL has not reported any incidents involving
the loss or diversion of special nuclear material in recent years, the
Site Office and Office of Independent Oversight raised concerns in
fiscal years 2002, 2003, 2005, 2006, and 2007 related to LANL's system.
Such concerns included the absence of controls in MASS to detect
internal transfers of nuclear materials that could result in safeguards
category limits being exceeded in time to prevent the transfer.
According to a senior LANL official, a project to upgrade the system
was approved to proceed in January 2008 and is scheduled to be
completed by February 2010 at a cost of $3 million.
LANL's Footprint Reduction Initiative Reduced Maintenance Costs More
Than It Addressed Facility Security:
LANL's initiative to reduce the physical footprint of its facilities
focuses on eliminating facilities that are in poor and failing
condition, thus reducing the laboratory's deferred maintenance burden,
which according to a LANL estimate, totaled over $320 million in fiscal
year 2007. Additionally, the initiative focuses on facilities that have
no enduring mission need, thus avoiding future operations costs. While
the footprint reduction plans put together by LANL's Weapons Physics
and Weapons Engineering directorates both state that security
improvements would result from facility reduction, LANL officials
responsible for setting priorities for reducing facilities told us that
the facilities' security problems were not seriously considered when
planning for footprint reduction. In that regard, we found that of the
77 facilities LANL counted toward meeting its footprint reduction goal
of 400,000 square feet in fiscal year 2007, only 2 facilities contained
any classified resources. Specifically, these two facilities included
(1) a large, Limited Area administrative facility that contained six
vault-type rooms, stored classified parts, and provided access to
LANL's classified network; and (2) a Limited Area facility used for
high explosives work and that provided access to LANL's classified
network. Closing vault-type rooms and eliminating classified network
access points has the potential to improve security at LANL by reducing
or consolidating the number of classified resources that require
security protection. In the case of the administrative building
described above, the facility was replaced by a newly constructed
administrative building that has 11 vault-type rooms--5 more than the
original administrative building contained. However, in commenting on
our report, LANL officials said that the new administrative building
incorporates more modern safety and security standards than the
original administrative building. To this end, the security benefits
derived from LANL's fiscal year 2007 footprint reduction efforts are
unclear.
In commenting on our report, LANL officials noted that Security and
Safeguards Requirement Integration Teams participate in footprint
reduction projects to ensure that facilities--and the classified
information they house or store--remain secure during the closure
process. While subsequent documentation provided by the leader of
LANL's physical security organization does show that Security and
Safeguards Requirement Integration Teams assist with facility reduction
efforts in this manner, it does not show that these teams evaluate
facility security weaknesses as criteria for identifying which
facilities at LANL should be closed.
LANL's and NNSA's Management Approaches to Sustain Security
Improvements Over the Long-Term Are in the Early Stages of Development
or Contain Weaknesses:
DOE, NNSA, and even LANL officials have found that LANL has
consistently failed to sustain past security initiatives. For example,
in DOE's 2007 Compliance Order, the Secretary of Energy wrote that
although some corrective steps were taken by the previous LANL
contractor in response to security incidents, the October 2006 incident
demonstrated that problems continued. Similarly, NNSA's Office of
Defense Nuclear Security noted in 2007 that after each security
incident at LANL, the laboratory has responded by changing policies and
procedures and investing in new equipment and systems. The result,
according to the Office of Defense Nuclear Security, had been a steady
improvement in security through mitigation of immediate problems;
however, the inability to halt what NNSA has characterized as a string
of incidents involving the failure to account for classified
information demonstrated that LANL had not identified and addressed the
root causes of security incidents. In its own analysis of the October
2006 security incident, LANL determined that the incident's root cause
was inconsistent and ineffective implementation of Integrated
Safeguards and Security Management principles in its classified work,
despite the fact that a DOE policy governing implementation of
Integrated Safeguards and Security Management throughout the DOE
complex had been in place since at least 2001.
In acknowledging the problem of sustaining security improvements, LANL
officials described three management approaches they intend to use to
ensure that security improvements currently being implemented are
sustained over the long-term: (1) DOE's July 2007 Compliance Order, (2)
LANL's Contractor Assurance System, and (3) NNSA's annual performance
evaluation plans. However, each management approach cited by LANL
officials either contains weaknesses that will affect LANL's ability to
fully ensure security initiatives are sustained or is in an early stage
of development. Furthermore, our January 2007 findings regarding the
NNSA Site Office's capacity to oversee security at LANL have not yet
been addressed.[Footnote 26]
DOE's July 2007 Compliance Order Is Not Designed to Be a Tool for
Management Change:
LANL officials told us that completing the efforts required by DOE's
July 2007 Compliance Order would ensure that security improvements are
sustained. However, the Compliance Order is not designed to provide
LANL with a management tool for sustaining long-term security
initiatives or for future security improvement. Rather, it serves as a
mechanism for DOE to enforce financial penalties against LANS should
LANL fail to implement the required actions that address past security
problems. Specifically, the actions required by the Compliance Order
must be completed by December 2008. If they are not completed, LANS is
subject to civil penalties of up to $100,000 per violation per day.
In September 2007 LANL submitted an integrated corrective action plan
to DOE in partial fulfillment of Compliance Order requirements. This
plan outlined the 27 actions LANL intends to take to address seven
critical security issues identified as having contributed to the
October 2006 security incident and to meet the requirements of the
Compliance Order. Of these seven critical security issues, five pertain
to the physical security of classified information and resources.
[Footnote 27] These five issues include the following:
* LANL has not consistently or effectively implemented the principles
and functions of Integrated Safeguards and Security Management in the
management of classified work;
* LANL's classified information security training is not fully
effective;
* LANL has not provided effective leadership and management in
protecting classified information;
* LANL's assurance system has not effectively resolved classified
information protection issues; and:
* LANL has not, in some cases, effectively sustained corrective
actions.
The majority of the actions LANL outlined in its plan to address these
issues are discrete, rather than representing long-term efforts aimed
at improving LANL's overall security performance. They include, for
example, documenting that managers have met with employees to
communicate and reinforce expectations with regard to integrating the
principles of Integrated Safeguards and Security Management into daily
work activities; implementing personnel actions with respect to the
October 2006 security incident, such as placing formal reprimands in
employees' personnel files and putting employees on unpaid leave; and
revising the laboratory's policy on escorting visitors into vault-type
rooms. While actions of this type should contribute to security
improvements in the short-term, discrete actions such as these do not
ensure that security initiatives will be sustained over time. Moreover,
while the Compliance Order provides a mechanism to assess financial
penalties if LANL fails to implement the actions included in its
integrated corrective action plan, the mechanism will no longer be
available once actions are concluded in December 2008.
LANL's Contractor Assurance System Is Not Fully Developed or Deployed:
LANL officials told us they expect to use the laboratory's new
Contractor Assurance System to ensure that security improvements are
sustained over time once actions under the Compliance Order are
complete in December 2008. However, we found that the extent to which
LANL will be able to rely on the Contractor Assurance System to ensure
long-term sustainability of security improvements after December 2008
is unclear for two reasons. First, LANL officials told us that the
system will not be fully developed or implemented by the time LANL
completes its Compliance Order efforts in December 2008. Second, an
internal assessment of the Contractor Assurance System found that (1)
there is a lack of evidence that the system is being effectively
deployed across the laboratory and (2) the measures included in the
system may not be meaningful.
LANL is designing the Contractor Assurance System to measure and track
performance from the top down. Top-level measures, such as meeting
program milestones set by NNSA or on-time delivery of products, are in
place. Lower-level measures, such as measures of the work processes
used to meet milestones and deliverables, are still in development.
LANL officials responsible for designing the Contractor Assurance
System told us that these lower-level measures are critical to the
success of the system because they will provide the data that indicate
where work processes are breaking down before milestones or
deliverables are delayed. Officials also said that trend analysis from
data associated with lower-level measures would indicate areas where
security concerns are developing. During fiscal year 2008, LANL
officials said they plan to focus on developing lower-level measures,
but they will not complete these measures by December 2008. A senior
official in NNSA's Site Office told us it could be another 3 to 4 years
before the Contractor Assurance System is fully implemented.
In its first internal assessment of the Contractor Assurance System
completed in September 2007, LANL found that while the system was
operational and met the requirements of the contract between NNSA and
LANS, it contained significant weaknesses. For example, while upper-
level management uses the system, there are gaps in its use across
LANL's technical divisions and facilities. According to the assessment,
these gaps could make the system ineffective. In addition, a LANL
official told us that while managers are required to attend training on
using the system, many do not yet recognize its usefulness. Moreover,
the assessment found that because lower-level process measures have not
yet been implemented, it may be difficult to use the system for its
stated purpose--to improve management and performance. For example, the
assessment found that the Contractor Assurance System cannot yet
measure key management and performance indicators, such as budget
performance, fiscal accountability, and customer satisfaction or
dissatisfaction with LANL products and services. In this regard, a LANL
official told us that the Contractor Assurance System is not yet mature
enough for laboratory officials to understand the best ways to use it
and that LANL managers are still identifying which processes they need
to measure in order to gather relevant performance data. In commenting
on our report, LANL officials agreed with our assessment of the
Contractor Assurance System and noted that efforts to improve its
maturity are ongoing.
NNSA's Performance Evaluation Plans Principally Focus on Achieving
Compliance with DOE Requirements and Do Not Sufficiently Reward LANL's
Security Program for Improved Security Performance:
LANL officials told us the laboratory also plans to realize sustained
security improvements by meeting the security-related performance
incentives in the annual performance evaluation plans NNSA uses to
measure performance and determine an award fee. The fiscal year 2007
and fiscal year 2008 performance evaluation plans contain both
objective and subjective measures of security performance that are tied
to financial incentives. Objective measures of security performance use
specific and discrete criteria that are not judgmental, such as
achieving a particular score on a security evaluation, while subjective
measures of security performance use broad criteria that are
judgmental, such as effectiveness of security planning. According to
NNSA's Site Office, the two sets of measures complement each other and
allow NNSA to withhold incentive fees when its expectations for
effective management and leadership are not met. Site Office officials
told us it is possible LANL could achieve success in all of the
objective security measures but fail to earn award fees on the basis of
its performance assessed with subjective measures.
We found that the objective measures included in the performance
evaluation plans reward LANL for complying with existing DOE security
requirements but do not sufficiently reward LANL for improving its
security performance. Of the $51.3 million potentially available for
LANS's total performance-based incentive fee in fiscal year 2008, only
$1.43 million is associated with objective measures of security
performance. Of this total, $1.4 million is an incentive for compliance
with DOE security requirements, and only $30,000 is allocated to
forward-looking and laboratorywide security improvement. According to a
senior NNSA security official, compliance with DOE requirements does
not assure that LANL's security program is functioning effectively, and
actions to achieve compliance may not be valuable unless the actions
also address management or operational needs. Specifically, in fiscal
year 2008, we found the following objective provisions:
* $800,000 to achieve the milestones LANL sets in an annual security
operating plan, which aligns LANL's security activities with its
budget. The fiscal year 2008 annual security operating plan provides a
roadmap for LANL security program compliance with DOE requirements and
includes milestones such as submitting the Site Safeguards and Security
Plan, conducting security training, publishing security policy,
completing quarterly equipment maintenance requirements, and conducting
inventories of special nuclear material.
* $200,000 to achieve an overall satisfactory rating on the Site
Office's annual security survey.
* $400,000 to achieve 90 percent of the milestones associated with the
ongoing Phase 2 Nuclear Materials Safeguards and Security Upgrade
construction project.
* $30,000 to develop a forward-looking Safeguards and Security
Modernization Plan, which according to a senior Site Office official,
is in progress. This official said the Site Office expects LANL to
deliver a plan that can begin to be implemented in fiscal year 2009, if
the budget allows. However, the official also said the Site Office has
not provided any criteria or guidance to LANL about what the plan
should include.
The objective measures for security performance established under the
fiscal year 2007 Performance Evaluation Plan were similar to those
established in fiscal year 2008. Specifically, for fiscal year 2007, we
found the following incentive provisions:
* about $1.2 million to achieve the milestones in the fiscal year 2007
annual security operating plan, which were as compliance-oriented as
they are in the fiscal year 2008 annual security operating plan;
* about $670,000 to ensure that inventories of special nuclear material
accurately detected any gain or loss of material, excluding legacy
material;
* about $560,000 if DOE validated that LANL's Safeguards and Security
program was rated "effective" on five of seven ratings contained in the
Office of Independent Oversight assessment and was rated overall
"satisfactory" in the Site Office survey; and:
* about $270,000 to achieve all of the milestones included in the
fiscal year 2007 annual operating plan for cyber security.[Footnote 28]
Financial incentives associated with objective measures of security
performance totaled nearly $2.7 million in fiscal year 2007. The entire
$2.7 million encouraged LANL to comply with existing DOE requirements
for effective security operations. LANL earned $2.4 million of the $2.7
million potentially available, despite the occurrence of the October
2006 security incident.
NNSA increased the potential performance award fee associated with
subjective measures for laboratory performance in fiscal year 2007 as a
result of the October 2006 security incident and also included
subjective measures in the fiscal year 2008 Performance Evaluation
Plan. These measures evaluate LANS's leadership in integrating
programs, including security, across the laboratory and achieving
exemplary overall laboratory performance. We found that these measures
are neither compliance-based nor forward-looking, but rather focus on
overall quality of performance. In fiscal year 2007, LANL received its
lowest performance rating in this category, earning only 35 percent of
the over $10 million potentially available. LANL's low performance
rating directly reflected the occurrence of the October 2006 security
incident. In fiscal year 2008, the award fee potentially available for
successful achievement of subjective measures is $10.3 million,
approximately $125,000 more than in fiscal year 2007. One of the 20
criteria NNSA will consider in determining the fiscal year 2008 award
fee in this area is specific to overall performance, timeliness, and
effectiveness of security commitments. A senior Site Office official
told us that security performance will also be considered when NNSA
evaluates overall laboratory leadership and management. However,
according to Site Office officials, NNSA has not yet determined how it
will weigh security against other criteria, such as Weapons or Threat
Reduction program performance, when determining how much of the award
fee LANS will earn for achieving subjective performance measures.
Prior Findings on the NNSA Site Office's Capacity to Oversee Security
at LANL Have Not Yet Been Addressed:
While it is important for LANL to continue to improve the performance
of its security programs through the use of the management tools
previously discussed, the Site Office must still directly oversee
LANL's security program. Specifically, the Site Office is required to
conduct a comprehensive annual survey of LANL's Safeguards and Security
performance to assure DOE that the site is appropriately protected.
These surveys must be validated through, among other things, document
reviews, performance testing, direct observation, and interviews. To
conduct these surveys, as well as routine oversight, the Site Office
must be appropriately staffed with trained professionals.
In our January 2007 report on the effectiveness of NNSA's management of
its security programs, we found that NNSA's site offices--including the
Los Alamos Site Office--suffered from shortages of security personnel,
lacked adequate training resources and opportunities for site office
security staff, and lacked data to determine the overall effectiveness
of its Safeguards and Security program.[Footnote 29] We reported that
these factors contributed to weakness in NNSA's oversight of security
at its laboratories and production facilities. During the course of
this review, senior Los Alamos Site Office officials confirmed that
these problems persist. For example, they said NNSA has not developed a
strategy for determining long-term staffing needs at the Site Office.
As of October 2007, the Site Office employed 13 security staff--enough
for one person to oversee each of the topical areas the Site Office had
to evaluate. This staffing level, officials said, was sufficient to
cover only 15 percent of LANL's facilities. More recently, a senior
security official at the Site Office said security staffing levels have
decreased since October 2007. Furthermore, while NNSA had identified
the need to train and certify Site Office security personnel in nuclear
material control and accountability, vulnerability assessment, and
personnel security, no specific funding for this training has been made
available according to Site Office officials. According to the Los
Alamos Site Office's Site Manager, the Site Office must employ
expertise sufficient to determine, through effective oversight
activities, whether LANL is implementing the policies and plans that it
puts forward.
Conclusions:
Accomplishing the mission of conducting world-class scientific work at
Los Alamos National Laboratory requires the laboratory to maintain a
security program that effectively addresses current security risks,
anticipates future security risks, and ensures that initiatives to
address both current and future risks are sustained over the long-term.
While LANL has focused its attention on fixing current security risks
in reaction to recent incidents and has implemented initiatives that
address a number of previously identified security concerns, LANL has
not developed the long-term strategic framework necessary to ensure
that these fixes are sustained over time. In addition, some important
security problems identified in external evaluations have not been
fully addressed. Moreover, our review pointed out the potential for
cyber security risks to increase as a result of actions to improve
physical security. Consequently, while LANL security officials have
indicated their desire to prevent future security incidents, we believe
that only a long-term, integrated strategy can help ensure that they
will succeed.
Continuously implementing security improvement initiatives over the
long-term and proactively addressing new security risks also requires
an effective process for assessing contractor performance on security
activities. We believe the relative immaturity of and weaknesses in the
management approaches LANL and NNSA intend to use to ensure that
security improvements are sustained may limit their effectiveness and
result in a failure to sustain security improvement initiatives.
Specifically, DOE's Compliance Order requires LANL to take immediate
actions to improve security deficiencies, but the Compliance Order does
not serve as a tool for ensuring these actions are sustained. In
addition, we have doubts that LANL's Contractor Assurance System can
sustain security improvement initiatives until it is sufficiently
mature, which may take several years. Therefore, we believe performance
evaluation plans hold the most promise for ensuring that security
initiatives are sustained over the long-term. When the LANL management
and operating contract was competed in 2005, laboratory security was a
key consideration. NNSA stated that it intended to put a contract in
place, along with an annual performance evaluation plan, that would
communicate its priorities and provide incentives to accomplish those
priorities. However, despite NNSA's persistent statements about the
importance of security, we believe that the performance evaluation
plans that NNSA has issued under the new LANS contract do not provide
meaningful financial incentives for strategic security improvements or
communicate to LANL that security is a top federal priority. Rather
than reward LANL for principally complying with current DOE security
requirements, in our view, financial incentives in performance
evaluation plans should be focused on the long-term improvement of
security program effectiveness to a greater extent. We believe that
LANL needs to develop a strategic plan for laboratory security that is
comprehensive, contains solutions to address all previously identified
security findings, takes an integrated view of physical and cyber
security, provides opportunities for periodic updates to ensure
additional security risks are identified and addressed, and is tied to
meaningful performance incentive fees.
Finally, as LANL plans for further reductions in its facility
footprint, it has an opportunity to assess facilities' security
weaknesses, as well as their deferred maintenance burdens and their
anticipated contributions to future program missions, when it first
determines which facilities should be reduced. In our view, including
an assessment of facilities' security weaknesses in this initial
decision-making process would enhance the security benefits derived
from the effort to reduce the footprint.
Recommendations for Executive Action:
To improve security at Los Alamos National Laboratory, we recommend
that the Secretary of Energy and the Administrator of NNSA require LANL
to develop a comprehensive strategic plan for laboratory security that
(1) addresses all previously identified security weaknesses, (2)
contains specific and objective measures for developing and
implementing solutions that address previously identified security
weaknesses and against which performance can be evaluated, (3) takes an
integrated view of physical and cyber security, (4) focuses on
improving security program effectiveness, and (5) provides for periodic
review and assessment of the strategic plan to ensure LANL identifies
any additional security risks and addresses them.
To ensure sustained improvement of LANL's security program, we
recommend that the Administrator of NNSA provide meaningful financial
incentives in future performance evaluation plans for implementation of
this comprehensive strategic plan for laboratory security.
To enhance security initiatives already under way at LANL, we recommend
that NNSA require that future laboratory plans for footprint reduction
include specific criteria for evaluating facilities' security risks
when making initial selections of facilities for footprint reduction.
Agency Comments and Our Evaluation:
We provided NNSA with a copy of this report for review and comment.
NNSA did not specifically comment on our recommendations. However, NNSA
stated that while there is still much to be accomplished, NNSA believes
that progress has been made in addressing reductions in classified
parts, classified documents, vaults, and vault-type rooms, as well as
with the implementation of engineered controls. While we acknowledge
LANL's progress in our report, NNSA noted that several security
problems at LANL addressed in the report--specifically, nonstandard
storage of classified parts and the maturation of contractor assurance
systems--are issues for the broader nuclear weapons complex as well.
Overall, we continue to believe that the key issue is that NNSA and
LANL cannot ensure that initiatives such as these will be sustained, or
that changing security vulnerabilities will be identified and
proactively addressed, without implementing our recommendations for a
long-term strategic framework for security that effectively assesses
contractor performance. NNSA's comments on our draft report are
included in appendix V. NNSA also provided technical comments from
LANL, which we have incorporated into this report as appropriate.
As agreed with your offices, unless you publicly announce the contents
of this report, we plan no further distribution until 30 days from the
report date. At that time, we will send copies of this report to
interested congressional committees, the Secretary of Energy, and the
Administrator of NNSA. We will also make copies available to others
upon request. In addition, the report will be made available at no
charge on the GAO Web site at [hyperlink, http://www.gao.gov].
If you or your staffs have any questions about this report, please
contact me at (202) 512-3481 or aloisee@gao.gov. Contact points for our
Offices of Congressional Relations and Public Affairs may be found on
the last page of this report. GAO staff who made major contributions to
this report are listed in appendix VI.
Signed by:
Gene Aloise:
Director, Natural Resources and Environment:
[End of section]
Appendix I: Objectives, Scope, and Methodology:
To identify Los Alamos National Laboratory's (LANL) major programs, we
collected Department of Energy (DOE) and LANL budget, program, and
activities documentation. This documentation included data on work LANL
conducts for other federal agencies and nonfederal organizations, as
well as projects LANL undertakes at its own direction. We used this
documentation to identify major program categories and to group LANL's
activities within them. Specifically, we identified three major program
categories--Nuclear Weapons Science, Threat Reduction Science and
Support, and Fundamental Science and Energy; and two key support
programs--Environmental Programs and Safeguards and Security. LANL
officials reviewed and validated our results, and based on feedback
they provided, we made adjustments as needed.
To determine the extent to which LANL's major and support programs rely
on classified resources to meet their objectives, we collected
information on classified resource use on a facility basis. Although we
initially requested data on each program's use of classified resources,
this data was not available because LANL maintains this data on a
facility basis. LANL's facilities are shared in a matrix management
approach by the laboratory's 64 technical divisions to execute
programs. To enhance the accuracy and completeness of the facility-
level information we collected, we developed a data collection
instrument for LANL officials to complete that included specific data
fields and definitions.
To select the facilities for inclusion in this data collection
instrument, we used LANL's real property catalogue, which lists each of
the 1,283 facilities on the laboratory's campus. From this list, we
excluded facilities containing only utility services, such as steam
plants, and facilities with full-time occupancies of fewer than 10
people, unless the facility, based on its use for experiments, could
potentially house or store classified resources. We also allowed like-
facilities, such as individual bunkers used for high explosives
testing, to be grouped together as one facility. Using these
definitions, LANL officials determined that 633 facilities should be
included in our review. We compared the facilities LANL had selected
with the original real property list and agreed the 633 facilities
selected by LANL represented the appropriate facilities for our
analysis.
Using the data collection instrument we had provided, LANL officials
entered information on (1) the security protection level of each of the
633 facilities, as described by DOE Manual 470.4-2, Physical
Protection, which defines different levels of security depending on the
type and amount of classified resources these facilities store or
house; (2) the types of classified resources housed or stored in each
facility; (3) where practical, how many of each type of classified
resource each facility stores or houses; (4) which of the laboratory's
major and support programs rely on the classified resources in each
facility; and (5) how much space each of the laboratory's major and
support programs use in each facility as a percentage of that
facility's gross square footage.
We analyzed the data by aggregating facilities by program and
apportioned classified resource usage according to three categories:
(1) a program is the exclusive user of all of the space in a facility
storing or housing classified resources, (2) a program is the primary
user of space in a facility storing or housing classified resources
because it uses more space than any of the other major or support
programs at LANL, and (3) a program uses some space in a facility
storing or housing classified resources. Because our analysis focused
on facilities used for one of LANL's three major programs, we excluded
facilities only used by laboratory support programs, resulting in final
analysis of 607 of the original 633 facilities.
To evaluate the completeness and accuracy of the information LANL
officials provided, we compared the data with other documentary and
testimonial evidence we collected during the course of our review to
ensure that the data were consistent. For example, we had received
briefings about the reduction of vault-type rooms at LANL, and we
ensured that the total number of vault-type rooms LANL program managers
had discussed with us during these briefings matched the total number
of vault-type rooms identified in the facility data LANL provided. In
addition, we compared the data provided on the security levels of
specific facilities with our physical observations of security
safeguards at these same facilities during site visits to determine
whether the data LANL officials provided were consistent with our
experiences at those facilities. We also conducted logic and electronic
tests of the data and followed up with LANL officials to resolve
discrepancies. We determined that these data were sufficiently reliable
for our purposes.
To identify the initiatives LANL is taking to consolidate its
classified resources and reduce the scope of its physical footprint, we
collected and reviewed data on LANL's plans for consolidating
classified resources and interviewed key LANL, National Nuclear
Security Administration (NNSA), and DOE officials. We also toured LANL
facilities that house and store classified resources, such as vault-
type rooms and the super vault-type room, and visited a facility where
classified nuclear weapon parts are being destroyed. In addition, we
identified the buildings that LANL was proposing to close as part of
its footprint reduction effort and, using the information provided by
LANL officials in response to our data collection instrument,
determined whether closing these buildings could improve LANL's
security posture by eliminating or consolidating the classified
resources that may have been stored or housed in them as a result of
footprint reduction. Finally, we visited sites currently undergoing
closure and sites proposed for consolidation and reduction.
To determine if LANL's security initiatives address previously
identified security concerns, we reviewed security evaluations
conducted by DOE's Office of Independent Oversight and NNSA's Site
Office from fiscal years 2000 to 2008 and identified the security
concerns raised by these evaluations. We then compared LANL's current
initiatives with the results of our review of the security evaluations
to determine if all of the security concerns were being addressed. We
discussed the results of this analysis with DOE, NNSA headquarters,
NNSA Site Office, and LANL contractor officials. In addition, we
reviewed relevant DOE Office of Inspector General reports.
To determine whether the management approach LANL is implementing under
the new LANS contract is sufficient to ensure that LANL's security
improvement initiatives are fully implemented and sustainable, we asked
LANL and NNSA to identify how they intended to sustain security
improvements and ensure the effectiveness of LANL's security. We
reviewed the management approaches they identified, specifically (1)
LANL's actions in response to DOE's July 2007 Compliance Order
resulting from the October 2006 security incident, (2) the security-
related aspects of the new Contractor Assurance System LANL is
implementing, and (3) the incentives being used to improve security at
LANL under the 2007 and 2008 Performance Evaluation Plans. As part of
this review, we determined the extent to which each of these management
approaches could sustain security improvement initiatives over the long-
term and the extent to which these management approaches focused on
either compliance with DOE security requirements or improved
effectiveness of LANL's security program. We discussed these management
approaches with LANL, NNSA headquarters, and NNSA Site Office
officials.
We conducted this performance audit from March 2007 to June 2008 in
accordance with generally accepted government auditing standards. Those
standards require that we plan and perform the audit to obtain
sufficient, appropriate evidence to provide a reasonable basis for our
findings and conclusions based on our audit objectives. We believe that
the evidence obtained provides a reasonable basis for our findings and
conclusions based on our audit objectives.
[End of section]
Appendix II: LANL's NNSA Supported Nuclear Weapons Science Programs:
LANL conducted work on 41 Nuclear Weapons Science programs in fiscal
year 2007, all of which were supported by NNSA. When program objectives
are shared, they have been combined in the table below.
Dollars in millions:
Program: Operation of Facilities;
Description: Supports the operation and maintenance of facilities and
infrastructure that support the accomplishment of Nuclear Weapons
Science programmatic missions;
Fiscal year 2007 budget[A]: $332.9;
Fiscal year 2007 FTEs[B]: 1,021.
Program: Pit Manufacturing and Certification;
Description: Re-establishes an immediate capability to manufacture pits
in support of the nuclear weapons stockpile, plans for long-term pit
manufacturing capability, and manufactures specific quantities of W88
pits;
Fiscal year 2007 budget[A]: $226.9;
Fiscal year 2007 FTEs[B]: 599.
Program: Line Item Construction;
Description: Supports the construction of new facilities and
significant upgrades to existing facilities;
Fiscal year 2007 budget[A]: $226.6;
Fiscal year 2007 FTEs[B]: 73[C].
Program: Advanced Simulation and Computing;
Description: Provides the advanced computing infrastructure--hardware,
software, and code--to simulate nuclear weapon performance;
Fiscal year 2007 budget[A]: $202.5;
Fiscal year 2007 FTEs[B]: 446.
Program: Stockpile Services;
Description: Conducts research, development, and production work that
is applicable to multiple nuclear weapon systems, as opposed to a
specific weapons system (for example, basic research on critical
factors of nuclear weapon operations);
Fiscal year 2007 budget[A]: $140.7;
Fiscal year 2007 FTEs[B]: 361.
Program: Stockpile Systems;
Description: Supports routine maintenance, periodic repair, replacement
of components, and surveillance of the W76, W78, W88, and B61 weapon
types;
Fiscal year 2007 budget[A]: $67.4;
Fiscal year 2007 FTEs[B]: 162.
Program: Facilities and Infrastructure Recapitalization;
Description: Provides worker safety and operational improvements to
facilities, such as heating and electrical system upgrades;
Fiscal year 2007 budget[A]: $52.6;
Fiscal year 2007 FTEs[B]: 73[C].
Program: Life Extension Program;
Description: Extends the lifetime of warheads or components of these
warheads to ensure that they continue to perform as designed--currently
programs focus on the W76 and B61 weapon types;
Fiscal year 2007 budget[A]: $44.1;
Fiscal year 2007 FTEs[B]: 120.
Program: Dynamic Materials Properties;
Description: Develops physics-based data and models of all stockpile
materials that are validated against past nuclear test history and are
incorporated into weapons simulation models to make these models more
realistic;
Fiscal year 2007 budget[A]: $29.9;
Fiscal year 2007 FTEs[B]: 88.
Program: Secondary Assessment Technologies;
Description: Develops tools and capabilities to understand the physics
behind the secondary stage of a nuclear weapon explosion without
underground testing;
Fiscal year 2007 budget[A]: $28.1;
Fiscal year 2007 FTEs[B]: 75.
Program: Enhanced Surveillance;
Description: Provides component and material lifetime assessments to
support weapon refurbishment decisions and develops capabilities to
identify and predict aging-related concerns in the stockpile;
Fiscal year 2007 budget[A]: $22.9;
Fiscal year 2007 FTEs[B]: 61.
Program: Material Recycle and Recovery;
Description: Provides for recycling and recovery of nuclear materials
from fabrication and assembly and dismantlement operations and supports
purification of these materials for safe and environmentally acceptable
storage;
Fiscal year 2007 budget[A]: $21.4;
Fiscal year 2007 FTEs[B]: 47.
Program: Advanced Radiography;
Description: Supports development of technologies and line item
construction for three-dimensional imagery of primary stage implosions
of mock nuclear weapons to improve models and simulations;
Fiscal year 2007 budget[A]: $21.1;
Fiscal year 2007 FTEs[B]: 55.
Program: Primary Assessment Technologies;
Description: Develops tools and capabilities to understand the physics
behind the primary stage of a nuclear weapon explosion without
underground testing;
Fiscal year 2007 budget[A]: $19.1;
Fiscal year 2007 FTEs[B]: 55.
Program: Nuclear Weapons Incident Response;
Description: Assists in operating, maintaining, and exercising DOE's
capability to respond to global radiological accidents and incidents;
Fiscal year 2007 budget[A]: $17.9;
Fiscal year 2007 FTEs[B]: 45.
Program: Inertial Confinement Fusion - Ignition;
Description: Provides data, modeling, and diagnostic instrumentation in
support of high-energy density physics work, including efforts to
achieve fusion ignition;
Fiscal year 2007 budget[A]: $15.3;
Fiscal year 2007 FTEs[B]: 41.
Program: Retired Systems;
Description: Supports dismantlement activities for weapon-types that
have been retired;
Fiscal year 2007 budget[A]: $9.9;
Fiscal year 2007 FTEs[B]: 13.
Program: Advanced Design and Production Technologies;
Description: Designs and produces new technologies for use in
manufacturing activities including weapon detonators and pits;
Fiscal year 2007 budget[A]: $4.7;
Fiscal year 2007 FTEs[B]: 13.
Program: Test Readiness;
Description: Maintains underground nuclear test capabilities that could
be operationalized in a given period of time should the United States
decide to return to underground nuclear testing;
Fiscal year 2007 budget[A]: $3.8;
Fiscal year 2007 FTEs[B]: 10.
Program: Program Readiness;
Description: Provides resources for supporting activities that cut
across Nuclear Weapons Science facilities and programs such as nuclear
criticality safety;
Fiscal year 2007 budget[A]: $3.5;
Fiscal year 2007 FTEs[B]: 8.
Program: Reliable Replacement Warhead;
Description: Identifies designs for a replacement warhead that will
sustain long-term confidence in the safety, security, and reliability
of the nuclear weapons stockpile and can be certified without the use
of underground nuclear testing;
Fiscal year 2007 budget[A]: $3.4;
Fiscal year 2007 FTEs[B]: 6.
Program: Enhanced Surety;
Description: Provides technology options to enhance safety and security
in refurbished weapons;
Fiscal year 2007 budget[A]: $2.3;
Fiscal year 2007 FTEs[B]: 8.
Program: Weapons Systems Engineering Assessment Technology;
Description: Provides data, diagnostics, and capabilities to develop
engineering models that will help assess weapon designs;
Fiscal year 2007 budget[A]: $1.8;
Fiscal year 2007 FTEs[B]: 9.
Program: Nuclear Survivability;
Description: Provides the tools and technologies needed to design and
qualify components to meet requirements for environments with high
levels of radiation, such as space;
Fiscal year 2007 budget[A]: $1.3;
Fiscal year 2007 FTEs[B]: 4.
Program: High Explosives and Weapons Operations;
Description: Ensures the capability to manufacture and assemble high
explosive components of nuclear weapons;
Fiscal year 2007 budget[A]: $1.3;
Fiscal year 2007 FTEs[B]: 1.
Program: Nonnuclear Readiness;
Description: Provides the electrical, electronic, and mechanical
capabilities required to weaponize a nuclear explosive;
Fiscal year 2007 budget[A]: $1.3;
Fiscal year 2007 FTEs[B]: 2.
Program: Total;
Fiscal year 2007 budget[A]: $1,502.8;
Fiscal year 2007 FTEs[B]: 3,396.
Source: GAO analysis of LANL and DOE data.
[A] Fiscal year 2007 budget includes new budget authority and
unexpended funds carried over from prior fiscal years.
[B] Full-time equivalent (FTE) employees include direct LANL employees,
as well as subcontractors for security and maintenance.
[C] The figure includes only LANL employees and security and
maintenance subcontractors; it does not include construction
subcontractors.
[End of table]
[End of section]
Appendix III: LANL's NNSA Supported Threat Reduction Science and
Support Programs:
LANL conducted work on 12 Threat Reduction Science and Support programs
in fiscal year 2007 that were supported by NNSA. Of these 12 programs,
9 had budgets in fiscal year 2007 that exceeded $1 million each.
Information about these programs is in the table below.
Dollars in millions:
Program: Nonproliferation and Verification Research and Development;
Description: Provides science, as well as monitoring, sensing, and
measurement technologies, to observe the earth from space-based
satellites and ground-based systems in order to detect banned nuclear
explosions;
Fiscal year 2007 budget[A]: $95.5;
Fiscal year 2007 FTEs[B]: 254.
Program: U.S. Surplus Fissile Materials Disposition;
Description: Provides plutonium processing technologies and operations
in support of efforts to disassemble pits and convert the plutonium in
them into fuel usable in commercial nuclear reactors;
Fiscal year 2007 budget[A]: $43;
Fiscal year 2007 FTEs[B]: 117.
Program: International Nuclear Materials Protection and Cooperation;
Description: Provides expertise in nuclear materials accountability
that supports U.S. efforts to secure nuclear materials in Russia and
other areas of concern, as well as detection of nuclear materials as
they move through global border crossings and seaports;
Fiscal year 2007 budget[A]: $31;
Fiscal year 2007 FTEs[B]: 33[C].
Program: Nonproliferation and International Security;
Description: Provides policy and technical support for U.S.
nonproliferation and arms control treaties that promote WMD reductions,
as well as nuclear weapons programs dismantlement, specifically in
North Korea;
Fiscal year 2007 budget[A]: $26.4;
Fiscal year 2007 FTEs[B]: 52.
Program: Global Threat Reduction Initiative;
Description: Supports efforts to secure, package, and transport
vulnerable or high-risk nuclear materials throughout the world for safe
storage or disposal;
Fiscal year 2007 budget[A]: $16;
Fiscal year 2007 FTEs[B]: 24.
Program: Surplus Plutonium Pit Storage;
Description: Provides safe storage configurations for surplus plutonium
until the plutonium is moved from LANL for disposition;
Fiscal year 2007 budget[A]: $5.2;
Fiscal year 2007 FTEs[B]: 0.
Program: Line Item Construction;
Description: Supports construction of the Pit Disassembly and
Conversion Facility--which will dismantle surplus pits and convert the
plutonium in them into a form that can ultimately be used commercially
for fuel--at the Savannah River Site in South Carolina;
Fiscal year 2007 budget[A]: $2.9;
Fiscal year 2007 FTEs[B]: 2[D].
Program: Russian Transition Initiatives;
Description: Supports efforts to downsize the former Soviet Union's
nuclear weapons complex by helping create business opportunities for
displaced weapons workers;
Fiscal year 2007 budget[A]: $1.9;
Fiscal year 2007 FTEs[B]: 2[C].
Program: Russian Plutonium Disposition;
Description: Provides scientific and technical support in fulfillment
of the U.S. commitment to Russia to help it dispose of surplus weapons-
grade plutonium;
Fiscal year 2007 budget[A]: $1.6;
Fiscal year 2007 FTEs[B]: 0.
Program: Total;
Fiscal year 2007 budget[A]: $223.5;
Fiscal year 2007 FTEs[B]: 484.
Source: GAO analysis of LANL and DOE data.
Note: In addition to these programs for which NNSA provides funds,
other parts of DOE provided an additional $9 million to support
Safeguards and Security for nuclear nonproliferation activities at
LANL.
[A] The fiscal year 2007 budget includes new budget authority and
unexpended funds carried over from prior fiscal years.
[B] FTEs include direct LANL employees, as well as subcontractors for
security and maintenance.
[C] Includes the LANL employees who serve as project managers for
projects implemented overseas.
[D] The figure includes only LANL employees and security and
maintenance subcontractors; it does not include construction
subcontractors.
[End of table]
[End of section]
Appendix IV: LANL's Fundamental Science and Energy Programs Supported
by DOE:
Dollars in millions.
DOE, Office of Science;
Program descriptions: Supports 11 programs at LANL that focus on
materials sciences, chemistry, biological and environmental research,
fusion, theoretical and nuclear physics, nonaccelerator based physics,
and computational and technology research;
Fiscal year 2007 budget[A]: $81.8;
Fiscal year 2007 FTEs[B]: 213.
DOE, Office of Nuclear Energy;
Program descriptions: Supports five programs at LANL that focus on
space and defense nuclear power systems, the nuclear fuel cycle,
nuclear power generation, and the production and distribution of
radioactive isotopes;
Fiscal year 2007 budget[A]: $41.6;
Fiscal year 2007 FTEs[B]: 102.
DOE, Office of Fossil Energy;
Program descriptions: Supports 35 programs at LANL that focus on
research and development in carbon capture and sequestration,
unconventional fuels, fuel utilization, climate, and predicting
engineered natural systems;
Fiscal year 2007 budget[A]: $27.6;
Fiscal year 2007 FTEs[B]: 68.
Total;
Fiscal year 2007 budget[A]: $151.0;
Fiscal year 2007 FTEs[B]: 383.
Source: GAO analysis of LANL and DOE data.
[A] The fiscal year 2007 budget includes new budget authority and
unexpended funds carried over from prior fiscal years.
[B] FTEs include direct LANL employees, as well as subcontractors for
security and maintenance.
[End of table]
[End of section]
Appendix V: Comments from the National Nuclear Security Administration:
Department of Energy:
National Nuclear Security Administration:
Washington, DC 20585:
June 5, 2008:
Mr. Gene Aloise:
Director:
Natural Resources and Environment:
Government Accountability Office:
Washington, DC 20548:
Dear Mr. Aloise:
The National Nuclear Security Administration (NNSA) appreciates the
opportunity to review the Government Accountability Office's (GAO)
draft report, GAO-08-694, "Los Alamos National Laboratory: Long-Term
Strategies Needed to Improve Security and Management Oversight." We
understand that GAO was requested by the House's Committee on Energy
and Commerce and its Subcommittee on Oversight and Investigations to:
(1) identify the Laboratory's major programs and activities and how
much they rely on classified recourses; (2) identify initiatives the
Laboratory is taking to reduce and consolidate classified resources and
physical footprint and the extent to which these initiatives address
earlier security concerns; and, (3) determine whether new management
approaches will sustain security improvements over the long-term.
We appreciate GAO's efforts and the report's depiction of the
Laboratory's programs and world-class status in the areas of science
and engineering. However, the report also addresses perceived
inadequacies in the Laboratory's security program and gives the
impression that the significant problems that remain are, by-and-large,
not being addressed. NNSA does not believe this to be the case.
While there is much to be accomplished, progress has been made in
addressing reductions in classified parts, classified documents and
corresponding reductions in vault and vault type rooms. Equally, there
is significant progress achieved in the implementation of engineered
controls. As you are aware, there have been several Independent
Oversight Site Office reviews which indicate that initiatives
implemented by the Laboratory to correct those noted deficiencies form
the framework for long-term security improvements.
The report discusses to the storage of nonstandard parts, and NNSA
agrees that this particular topic is an area of concern. NNSA is
addressing the issue of storage for nonstandard parts corporately. It
is not just a Los Alamos concern. Also, at a corporate level is the
issue of Contractor Assurance Systems. Contractor Assurance Systems are
evolving and maturing with all of NNSA's contractors, our collective
efforts are to make any of the assurance systems integrated on a site-
wide basis. It is a dynamic process and refinements are made to all of
the systems on an ongoing basis. Finally, the Los Alamos material
management system referenced in the draft report is recognized as
outdated, as stated in the report. The Laboratory, Site Office and
Program element have plans in place to replace the existing system by
2010, baring any unforeseen budget reductions.
NNSA is providing additional technical comments to the report through
separate means and will address the report's recommendations through
the Management Decision process. These comments are designed to correct
factual inaccuracies or misperceptions. Should you have any questions
related to this response, please contact Richard Speidel, Director,
Policy and Internal Controls Management, at 202-586-5009.
Sincerely,
Signed by:
Michael C. Kane:
Associate Administrator for Management and Administration:
[End of section]
Appendix VI GAO Contact and Staff Acknowledgments:
GAO Contact:
Gene Aloise, (202) 512-3841 or aloisee@gao.gov:
Staff Acknowledgments:
In addition to the individual named above, James Noel, Assistant
Director; Nabajyoti Barkakati; Allison Bawden; Omari Norman; Rachael
Schacherer; Rebecca Shea; Carol Herrnstadt Shulman; and Greg Wilshusen
made key contributions to this report.
[End of section]
Footnotes:
[1] The other design and development laboratories are Lawrence
Livermore National Laboratory in Livermore, California, and Sandia
National Laboratories in Albuquerque, New Mexico, and Livermore,
California.
[2] In commenting on our report, LANL officials noted that following
the voluntary separation in January 2008, laboratory employment totaled
around 11,000.
[3] Special nuclear material is considered to be Category I when it is
weapons-grade and occurs in specified forms and quantities. Category
II, III and IV special nuclear material is of lower strategic
significance and quantity than Category I special nuclear material.
[4] The Nuclear Emergency Search Team provides technical capabilities
to respond to potential and actual radiological threats and incidents.
[5] U.S. Department of Energy Office of Inspector General, Office of
Audit Services, The National Nuclear Security Administration's
Management of Classified Weapons Parts, DOE/IG-0772 (Washington, D.C.,
July 2007)
[6] GAO, Los Alamos National Laboratory: Information on Security of
Classified Data, Nuclear Material Controls, Nuclear and Worker Safety,
and Project Management Weaknesses, [hyperlink, http://www.gao.gov/cgi-
bin/getrpt?GAO-08-173R] (Washington, D.C.: Jan. 10, 2008)
[7] GAO, Stand-Down of Los Alamos National Laboratory: Total Costs
Uncertain; Almost All Mission-Critical Programs Were Affected but Have
Recovered, [hyperlink, http://www.gao.gov/cgi-bin/getrpt?GAO-06-83]
(Washington, D.C.: Nov. 18, 2005)
[8] In 2007, BWX Technologies consolidated its operations under the
name The Babcock & Wilcox Company.
[9] GAO, National Nuclear Security Administration: Additional Actions
Needed to Improve Management of the Nation's Nuclear Programs,
[hyperlink, http://www.gao.gov/cgi-bin/getrpt?GAO-07-36] (Washington,
D.C.: Jan. 19, 2007).
[10] According to LANL officials, the number of employees at the
laboratory varies from day to day depending on the number of
subcontractors on site, including, for example, those working on
construction projects.
[11] Modern nuclear weapons have a primary stage, or pit, that is the
initial source of energy and a secondary stage that is driven by the
primary and provides additional explosive energy.
[12] We are defining classified resources to include any classified
matter, material, or facility--such as documents, special nuclear
material, and vault-type rooms--that require physical security
protections.
[13] For more information on how these reviews are administered, see
[hyperlink, http://www.gao.gov/cgi-bin/getrpt?GAO-07-36].
[14] GAO, Nuclear Weapons: Annual Assessment of the Safety,
Performance, and Reliability of the Nation's Stockpile, [hyperlink,
http://www.gao.gov/cgi-bin/getrpt?GAO-07-243R] (Washington, D.C.: Feb.
2, 2007).
[15] GAO, Nuclear Weapons: NNSA Needs to Refine and More Effectively
Manage Its New Approach for Assessing and Certifying Nuclear Weapons,
[hyperlink, http://www.gao.gov/cgi-bin/getrpt?GAO-06-261] (Washington,
D.C.: Feb. 3, 2006).
[16] As part of a separate review, GAO is currently evaluating the
management of NNSA's Life Extension Program and, in particular, the
efforts related to refurbishing LANL's W76 and B61 nuclear weapon
systems.
[17] GAO, Nuclear Weapons: NNSA Needs to Establish a Cost and Schedule
Baseline for Manufacturing a Critical Nuclear Weapon Component,
[hyperlink, http://www.gao.gov/cgi-bin/getrpt?GAO-08-593] (Washington,
D.C.: May 23, 2008).
[18] U.S. Department of Energy Office of Inspector General, Office of
Audit Services, The Department's Progress in Meeting Los Alamos
National Laboratory Consent Order Milestones, DOE/IG-0793 (Washington,
D.C., April 2008).
[19] GAO, Federal Research: Information on DOE's Laboratory-Directed
R&D Program, [hyperlink, http://www.gao.gov/cgi-bin/getrpt?GAO-04-489]
(Washington, D.C.: Apr. 30, 2004).
[20] LANL's footprint reduction plans acknowledge that some new
facilities must also be constructed to replace those reduced. However,
the effect on LANL's total footprint from new square footage that would
be created through construction is not reported in these plans.
[21] These assessments were conducted in fiscal years 2000, 2003, 2007,
and 2008. In fiscal year 2004, the Office of Independent Oversight
conducted three special topic assessments, none of which, according to
an Office of Independent Oversight official, focused specifically on
classified resource protection. In fiscal year 2008, a special
assessment was conducted of LANL to follow-up on findings from the
fiscal year 2007 assessment.
[22] Surveys were conducted every fiscal year between 2000 and 2007,
except for fiscal year 2004 when a survey was not conducted because of
the LANL shutdown.
[23] DOE/IG-0772.
[24] We are currently conducting a separate review of cyber security
across the DOE nuclear weapons complex, including at LANL.
[25] GAO, Nuclear Security: NNSA Needs to Better Manage Its Safeguards
and Security Program, [hyperlink, http://www.gao.gov/cgi-bin/getrpt?GAO-
03-471] (Washington, D.C.: May 30, 2003).
[26] [hyperlink, http://www.gao.gov/cgi-bin/getrpt?GAO-07-36].
[27] The other two critical security issues relate to cyber security at
LANL. As described earlier in this report, we are separately reviewing
cyber security across the DOE complex, including at LANL; thus, cyber
security is not included in this review.
[28] In fiscal year 2008, cyber security performance was measured
separately from physical security, and $1.2 million in potential award
fees were allocated to cyber security.
[29] [hyperlink, http://www.gao.gov/cgi-bin/getrpt?GAO-07-36].
[End of section]
GAO's Mission:
The Government Accountability Office, the audit, evaluation and
investigative arm of Congress, exists to support Congress in meeting
its constitutional responsibilities and to help improve the performance
and accountability of the federal government for the American people.
GAO examines the use of public funds; evaluates federal programs and
policies; and provides analyses, recommendations, and other assistance
to help Congress make informed oversight, policy, and funding
decisions. GAO's commitment to good government is reflected in its core
values of accountability, integrity, and reliability.
Obtaining Copies of GAO Reports and Testimony:
The fastest and easiest way to obtain copies of GAO documents at no
cost is through GAO's Web site [hyperlink, http://www.gao.gov]. Each
weekday, GAO posts newly released reports, testimony, and
correspondence on its Web site. To have GAO e-mail you a list of newly
posted products every afternoon, go to [hyperlink, http://www.gao.gov]
and select "E-mail Updates."
Order by Mail or Phone:
The first copy of each printed report is free. Additional copies are $2
each. A check or money order should be made out to the Superintendent
of Documents. GAO also accepts VISA and Mastercard. Orders for 100 or
more copies mailed to a single address are discounted 25 percent.
Orders should be sent to:
U.S. Government Accountability Office:
441 G Street NW, Room LM:
Washington, D.C. 20548:
To order by Phone:
Voice: (202) 512-6000:
TDD: (202) 512-2537:
Fax: (202) 512-6061:
To Report Fraud, Waste, and Abuse in Federal Programs:
Contact:
Web site: [hyperlink, http://www.gao.gov/fraudnet/fraudnet.htm]:
E-mail: fraudnet@gao.gov:
Automated answering system: (800) 424-5454 or (202) 512-7470:
Congressional Relations:
Ralph Dawn, Managing Director, dawnr@gao.gov:
(202) 512-4400:
U.S. Government Accountability Office:
441 G Street NW, Room 7125:
Washington, D.C. 20548:
Public Affairs:
Chuck Young, Managing Director, youngc1@gao.gov:
(202) 512-4800:
U.S. Government Accountability Office:
441 G Street NW, Room 7149:
Washington, D.C. 20548: