National Nuclear Security Administration: Security and Management Improvements Can Enhance Implementation of the NNSA Act (31-JAN-07, GAO-07-428T). During the late 1990s, the Department of Energy (DOE) experienced difficulties with a lack of clear management authority and responsibility that contributed to security problems at the nation's nuclear weapons laboratories and management problems with major projects. In response, Congress created the National Nuclear Security Administration (NNSA) as a separately organized agency within DOE under Title 32 of the National Defense Authorization Act for Fiscal Year 2000--the NNSA Act. Since its creation, NNSA has continued to experience security problems, such as unauthorized access to NNSA computer systems, and cost and schedule overruns on major projects, such as the National Ignition Facility. GAO was asked to review the extent to which NNSA has taken steps to (1) improve security at its laboratories and plants and (2) improve its management practices and revise its organizational structure. In January 2007, GAO issued a report--National Nuclear Security Administration: Additional Actions Needed to Improve Management of the Nation's Nuclear Programs, (GAO-07-36)--that addressed these matters. To carry out its work, GAO reviewed legislation; NNSA policies, plans and budgets; collected and analyzed security performance ratings and interviewed current and former DOE and NNSA officials. -------------------------Indexing Terms------------------------- REPORTNUM: GAO-07-428T ACCNO: A65428 TITLE: National Nuclear Security Administration: Security and Management Improvements Can Enhance Implementation of the NNSA Act DATE: 01/31/2007 SUBJECT: Agency evaluation Computer security Cyber security Laboratories Nuclear facility security Physical security Planning programming budgeting Program management Risk assessment Safeguards ****************************************************************** ** This file contains an ASCII representation of the text of a ** ** GAO Product. ** ** ** ** No attempt has been made to display graphic images, although ** ** figure captions are reproduced. Tables are included, but ** ** may not resemble those in the printed version. ** ** ** ** Please see the PDF (Portable Document Format) file, when ** ** available, for a complete electronic file of the printed ** ** document's contents. ** ** ** ****************************************************************** GAO-07-428T * [1]Background * [2]Additional Action Needed to Improve NNSA's Security Program * [3]DOE and NNSA Have Not Yet Fully Determined How NNSA Should O * [4]Several Management Issues Need to be Resolved for NNSA to Be * [5]GAO Contacts and Staff Acknowledgements * [6]Related GAO Products * [7]Order by Mail or Phone Testimony Before the Subcommittee on Strategic Forces, Committee on Armed Services, House of Representatives United States Government Accountability Office GAO For Release on Delivery Expected at 1:00 p.m. EST Wednesday, January 31, 2007 NATIONAL NUCLEAR SECURITY ADMINISTRATION Security and Management Improvements Can Enhance Implementation of the NNSA Act Statement of Gene Aloise, Director Natural Resources and Environment GAO-07-428T Madam Chairman and Members of the Subcommittee: We are pleased to be here today to discuss our work on the actions the National Nuclear Security Administration (NNSA)--a separately organized agency within the Department of Energy (DOE)--has taken to improve the security and management of the nation's nuclear programs. Specifically, my remarks are based on the report we are issuing today--National Nuclear Security Administration: Additional Actions Needed to Improve Management of the Nation's Nuclear Programs, which was prepared at the request of this Subcommittee.1 During the late 1990s, DOE experienced management difficulties with its nuclear weapons programs that contributed to security problems at the nation's nuclear weapons laboratories and significant cost overruns on major projects. According to a June 1999 report by the President's Foreign Intelligence Advisory Board (the Board), DOE's management of the nuclear weapons laboratories, while representing "science at its best," also embodied "security at its worst" because of "organizational disarray, managerial neglect, and ...a culture of arrogance." The Board urged the Congress to create a new organization that, whether established as an independent agency or a semi-autonomous entity within DOE, would have a clear mission, streamlined bureaucracy, and drastically simplified lines of authority and accountability. Responding to the Board's recommendations, the Congress created the National Nuclear Security Administration (NNSA) under Title 32 of the National Defense Authorization Act for Fiscal Year 2000--the NNSA Act.2 The NNSA Act established NNSA as a "separately organized agency" within DOE and made NNSA responsible for the management and security of the nation's nuclear weapons, nuclear nonproliferation, and naval reactor programs. The NNSA Act established the position of DOE Under Secretary for Nuclear Security, who was also designated as the Administrator of NNSA. The Secretary of Energy and the Deputy Secretary of Energy were allowed to establish policy for NNSA and to give direction to NNSA through the Administrator; however, other DOE employees were prohibited from directing the activities of individual NNSA employees. Finally, the NNSA Act required that, among other things, NNSA develop a planning, programming, and budgeting process in order to ensure that the administration operated under sound financial management principles. 1 [8]GAO-07-36 . 2Pub. L. No. 106-65, 113 Stat. 512, 953 (1999). Since its inception, however, NNSA has continued to experience both security and management problems. For example, with respect to security, in 2003 we found that NNSA had not fully defined the roles and responsibilities of officials in its security program and that NNSA had shortfalls in security staff at the site offices that oversee its contractors. In addition, two NNSA studies commissioned in July 2003 found ongoing problems with NNSA's security program, including weaknesses in its security culture, organization, and staffing and training. Finally, DOE's Office of Inspector General found security problems with NNSA's contractors, including improprieties in the testing of the officers who protect NNSA's sites and weaknesses in NNSA's cyber security program. With respect to the management of major projects, the National Ignition Facility and the Dual Axis Radiographic Hydrodynamic Test Facility--two major facilities needed to support NNSA's nuclear weapons programs--experienced major delays and cost overruns because of problems with project management and are still not complete. In this context, you asked us to evaluate the extent to which NNSA has taken steps to (1) improve security at its laboratories and plants and (2) improve its management practices and revise its organizational structure. To carry out our objectives, we reviewed the NNSA Act; and NNSA and DOE policies, plans and budgets; and interviewed current and former NNSA and DOE officials. We also used reports on NNSA's security efforts prepared by GAO, the DOE Inspector General, and outside groups, such as a 2005 report on security commissioned by NNSA. Finally, we collected and analyzed security performance ratings developed by DOE's Office of Health, Safety and Security and NNSA site offices, from fiscal years 1996 through 2005. We used these performance ratings because there was wide agreement among NNSA and DOE security officials that these ratings represented the best available information on the overall performance of NNSA's safeguards and security program. We conducted the work for our report from March 2005 through January 2007 in accordance with generally accepted government auditing standards, which included an assessment of data reliability and internal controls. In summary: Producing a well-organized and effective agency out of what was widely considered a dysfunctional enterprise has been a considerable challenge. In some areas, NNSA can be viewed as a success. Most notably, through its internal reorganization efforts, NNSA has addressed some past problems by better delineating lines of authority and improving communication and has made important progress in establishing critical management systems, especially in the development of its Planning, Programming, Budgeting and Evaluation (PPBE) process. However, important problems remain with respect to security, the Administration's relationship with DOE, and project, program and financial management. Regarding security, NNSA still cannot demonstrate that all of its security program objectives are being met at all of its sites. Specifically, we found weaknesses with physical security at several NNSA sites, including the Nevada Test Site, Sandia National Laboratories, and the Y-12 National Security Complex, and weaknesses throughout NNSA in the cyber security area. Four factors have contributed to problems with NNSA's security program. Specifically, we found o a lack of consistent NNSA headquarters leadership and direction for security; o security personnel staffing shortages at the NNSA site offices that oversee NNSA's contractors; o inadequate training resources and opportunities for site office security staff; and o incomplete security data to gauge the effectiveness of NNSA's security program. With respect to NNSA's relationship to DOE, we found that almost 7 years after its creation, NNSA and DOE still have not fully agreed on how NNSA should function within the department as a separately organized agency. This lack of agreement has resulted in organizational conflicts that have inhibited effective operations. In our view, DOE and NNSA need to take a more active approach to clearly defining DOE and NNSA's working relationships and determining how conflicts will be resolved. While there have been continuing calls for removing NNSA from DOE and establishing it as a separate agency, we do not believe that such drastic change is necessary to produce an organization that can provide effective oversight of the nation's nuclear weapons complex. Finally, while NNSA has taken several actions to improve its management practices, including developing a PPBE process, we also identified several areas where management weaknesses remain. Specifically, NNSA has not developed a project management policy, implemented a plan for improving its project management efforts, and fully shared project management lessons learned between its sites. In addition, NNSA has not identified all of its program managers and trained them to a certified level of competency. Finally, NNSA has not established an independent analysis unit to (1) review program budget proposals, (2) confirm cost estimates, and (3) analyze budget alternatives. In order to improve the management of NNSA and its ability to oversee the nuclear weapons complex , in our report to you, we made a series of recommendations to the Secretary of Energy and the Administrator, NNSA to (1) improve NNSA's security oversight program; (2) clearly define NNSA's status as a separately organized agency within DOE; and (3) improve project and program management, and the agency's planning, programming, budgeting, and evaluation process. In its comments on our report, NNSA generally agreed with the report and its corresponding recommendations. NNSA noted that it considers the agency to be a success but acknowledged that there was considerable work yet to be accomplished. Background NNSA operates three national laboratories that design nuclear weapons--Lawrence Livermore National Laboratory, California; Los Alamos National Laboratory, New Mexico; and the Sandia National Laboratories, New Mexico and California; and four nuclear weapons production sites--the Pantex Plant, Texas; the Y-12 National Security Complex, Tennessee; the Kansas City Plant, Missouri; and parts of the Savannah River Site, South Carolina; as well as the Nevada Test Site. To implement its programs, NNSA received about $9.1 billion for fiscal year 2006, including almost $6.4 billion for its nuclear weapons activities, about $1.6 billion for its defense nuclear nonproliferation programs, and about $782 million for the Naval Reactors program. NNSA's appropriation also included about $766 million to provide security at its sites. NNSA requested over $9.3 billion for fiscal year 2007, including $6.4 billion for its nuclear weapons activities, $1.7 billion for its defense nuclear nonproliferation programs, and $795 million for the Naval Reactors program. According to NNSA's Future Years Nuclear Security Program plan, between fiscal years 2007 and 2011, NNSA is proposing to spend almost $48.5 billion on its nuclear weapons, nuclear nonproliferation, and naval reactors programs. As noted earlier, for several years before NNSA was established, external studies found problems with the organization and operation of what is now NNSA's principal organization--DOE's Office of Defense Programs. These studies cited continuing problems in the areas of overall management, organization, priority setting, and maintenance of a viable infrastructure and workforce. Most influential in the creation of NNSA was the study conducted by a Special Investigative Panel of the President's Foreign Intelligence Advisory Board. Prepared in response to a series of security problems, including public access to classified documents at the Los Alamos National Laboratory, the Board found that DOE was a dysfunctional bureaucracy incapable of reforming itself and that reorganization was clearly warranted to resolve security and counterintelligence problems. As noted earlier, the Board urged the Congress to create a new organization that, whether established as an independent agency or a semi-autonomous entity within DOE, should have a clear mission, streamlined bureaucracy, and drastically simplified lines of authority and accountability. To correct the problems identified by the Board and others, in 1999, the Congress created the NNSA. For the last several years, we have monitored NNSA's actions to implement the NNSA Act for this Subcommittee and the Special Oversight Panel on Department of Energy Reorganization, House Armed Services Committee. For example, in April 2001, we testified that NNSA's efforts to establish a new organization looked promising. However, we highlighted the need for NNSA to clearly define the roles and responsibilities of headquarters and field staff and to establish clear lines of authority between NNSA and its contractors, among other things. In May 2001, NNSA announced plans to reorganize its headquarters operations. In December 2001, however, we found that NNSA's plans for the headquarters reorganization did not contain a clear definition of the roles and responsibilities of the headquarters organizational units. In addition to reorganizing its headquarters, in February 2002, NNSA proposed reorganizing its entire operation to solve important, long-standing issues. In February 2002, we testified that, with the proposed new organizational structure, resolution of NNSA's long-standing organizational issues appeared to be within its grasp. However, we noted that NNSA's lack of a long-term strategic approach to ensuring a well-managed workforce precluded it from identifying its current and future human capital needs, including the size of the workforce; its deployment across the organization; and the knowledge, skills, and capabilities needed to fulfill its mission. In December 2002, the Administrator of NNSA implemented the proposed reorganization. Our May 2003 report on the management of NNSA's security program identified similar concerns about NNSA's security organization and management. Specifically, we found that NNSA (1) had not fully defined clear roles and responsibilities for its headquarters and site security operations and (2) had shortfalls at its site offices in the total number of staff and in expertise, which could make it more difficult for the site offices to effectively oversee security activities. We therefore concluded that NNSA could not be assured that its contractors were working to maximum advantage to protect critical facilities and material from individuals seeking to inflict damage. Finally, in June 2004, we found that NNSA's reorganization had addressed some past problems by better delineating lines of authority and improving communication. However, we also found that NNSA's reorganization had not ensured that the agency had sufficient staff with the right skills in the right places because it had downsized its federal workforce by about 17 percent without first determining the critical skills and capabilities needed to meet its mission and program goals. Additional Action Needed to Improve NNSA�s Security Program Although NNSA has begun to build an effective headquarters security organization, it still cannot demonstrate that all of its security program objectives are being met at all of its sites. Specifically, we found that the results of internal and independent security oversight assessments have identified weaknesses in physical security at several NNSA sites, including the Nevada Test Site, the Sandia National Laboratories, and the Y-12 National Security Complex; and weaknesses in cyber security throughout NNSA. The following factors have contributed to this situation: o Lack of consistent leadership and direction for its security activities. For several years, the NNSA headquarters security organization experienced turnover in the position of Chief of the Office of Defense Nuclear Security. Specifically, four individuals have occupied the position since NNSA's creation, often in an acting capacity. In addition, these chiefs have reported to different levels within the organization. The current Chief is a permanent appointee, reporting directly to the NNSA administrator, and he has taken a number of steps to develop an effective headquarters security organization. o Security personnel staffing shortages at site offices. Having sufficient staff to oversee the security programs of its contractors continues to be a problem. For example, since NNSA became operational, key site offices, such as the Los Alamos Site Office, have experienced staffing shortfalls. As a result, sites are limited in their ability to effectively oversee contractors' security activities. o Lack of adequate training resources and opportunities for site office security staff. NNSA has not implemented a training program that provides NNSA federal security officials with the skills needed to effectively oversee contractor security programs. In addition, NNSA site offices often do not have all the resources needed to meet training needs. For example, according to site office officials, the Los Alamos Site Office did not receive training funds for fiscal year 2006 and the Nevada Site Office received a minimal training budget for its security staff. o Lack of data to gauge program effectiveness. NNSA does not have complete data for tracking security deficiencies identified by security oversight reviews and, as a result, does not have information regarding the overall effectiveness of its safeguards and security program. NNSA officials told us that while they believe security across the weapons complex has improved, NNSA does not have sufficient data to support this assertion. In addition, NNSA has not implemented a formal process for sharing best practices or lessons learned to guide security improvements. While best practices and lessons learned have been communicated informally, a formal process could help ensure that previously identified security deficiencies, such as the retrieval of badges from terminated employees at one NNSA site, are reviewed and corrected as necessary at other NNSA field locations. DOE and NNSA Have Not Yet Fully Determined How NNSA Should Operate as a Separately Organized Agency within DOE While NNSA has focused considerable attention on reorganizing its internal operations, it and DOE have continued to struggle with establishing how NNSA should operate as a separately organized agency within the department. Several factors have contributed to this situation. First, DOE and NNSA did not have a useful model to follow for establishing a separately organized agency in DOE. The Board's June 1999 report suggested several federal agencies, such as the National Oceanic and Atmospheric Administration in the Department of Commerce, which could be used as a model for NNSA. However, we found that none of the officials from these agencies considered their agency to be separately organized or believed that their agency's operational methods were transferable to NNSA. Second, DOE's January 2000 implementation plan, which was required by the NNSA Act, did not define how NNSA would operate as a separately organized agency within DOE. Instead reflecting the opposition of the then DOE senior leadership to the creation of NNSA, the implementation plan "dual-hatted" virtually every significant statutory position in NNSA with DOE officials, including the Director of NNSA's Office of Defense Nuclear Counterintelligence and General Counsel. As we testified in April 2001, this practice caused considerable concern about NNSA's ability to function with the independence envisioned in the NNSA Act. Dual-hatting was subsequently forbidden by an amendment to the NNSA Act.3 As a result, although some NNSA programs have set up procedures for interacting with DOE, other programs have not, resulting in organizational conflict. For example, DOE made a commitment to issuing NNSA-specific acquisition procedures in its January 2000 implementation plan for NNSA, but it has not done so. According to DOE Office of General Counsel officials, the department subsequently determined that NNSA-specific procedures were inconsistent with the Federal Acquisition Regulation, the NNSA Act, and the January 2000 implementation plan. According to both DOE and NNSA officials, since 2004 the department has blocked NNSA's efforts to issue its own acquisition regulations. As a result, according to NNSA officials, NNSA has had to issue a series of deviations to the DOE acquisition regulations to carry out NNSA acquisition policies in areas such as negotiating a more effective contract fee arrangement and awarding additional years to a contract's term. Even where formal procedures have been developed, interpersonal disagreements have hindered effective cooperation. Most notable in this regard has been the longstanding conflict between NNSA and DOE counterintelligence offices. Specifically, as our report documents, NNSA and DOE counterintelligence officials have disagreed over (1) the scope and direction of the counterintelligence program, (2) their ability to jointly direct staff in the headquarters counterintelligence program offices, (3) the allocation of counterintelligence resources, (4) counterintelligence policymaking and (5) their roles and responsibilities in handling specific counterintelligence matters--in particular with regard to the department's handling of the well-publicized mid-2005 intrusion into an unclassified NNSA computer system and removal of the names and social security numbers of 1,502 individuals working for NNSA. Subsequently, the Congress amended the NNSA Act to consolidate the counterintelligence programs of DOE and NNSA under the Department of Energy. 3Pub. L. 106-398, S 3157, 114 Stat. 1654, 1654A-468 (2000) (codified as amended at 50 U.S.C. S 2410). In this environment, concerns about NNSA's organizational status have persisted. Most notably, a January 2006 report by the Defense Science Board called for the removal of NNSA from DOE and the creation of a new, independent National Nuclear Weapons Agency. However, former senior DOE and NNSA officials with whom we spoke generally did not favor removing NNSA from DOE. Several Management Issues Need to be Resolved for NNSA to Become Fully Effective In addition to identifying the underlying issue of NNSA's relationship to DOE, we identified the following four other management areas where additional NNSA actions could strengthen its ability to manage the nuclear weapons complex if it took further action. o Human capital. NNSA has made progress in developing a human capital strategy. However, DOE and NNSA have not conducted a systematic, detailed analysis of how many staff NNSA needs in relation to DOE. As a result, we identified areas where potential staff imbalances have affected NNSA's ability to operate separately from DOE. For example, NNSA's Office of General Counsel has 35 attorneys, including the General Counsel, to provide NNSA legal analysis, while the rest of DOE has 277 attorneys. According to NNSA's General Counsel, his office would need 15 to 20 additional attorneys to fully handle NNSA's legal workload with minimal assistance from DOE. Currently, NNSA relies on DOE's Office of General Counsel to perform a significant portion of its legal work. o Project management. While both DOE and NNSA have initiated efforts to improve project management, NNSA reported in November 2006 that about 16 percent of NNSA projects were at risk of breaching their cost baseline, schedule baseline or both. We identified seven areas for improvement that would foster a stronger culture for effective project management. For example, DOE's Project Assessment and Reporting System--a Web-based system for keeping DOE senior managers apprised of the performance of projects costing more than $5 million--does not include four major NNSA projects, estimated to cost over $100 million each. Consequently, these projects do not receive the senior management oversight that can be provided through that system. o Program management. NNSA program managers are responsible for completing a set of activities by employing a working knowledge of such diverse areas as contracting, budgeting, and engineering. Recognizing the important role of program managers, NNSA has taken several actions, such as developing a program management policy. However, NNSA has yet to identify all of its program managers or train them to a certified level of competency. Indeed, DOE's most recent performance and accountability report for fiscal year 2006 showed that NNSA fully met only about 52 percent of its program goals while the rest of DOE achieved about a 79-percent success rate. o Financial management. NNSA has made significant progress in implementing its PPBE process over the last 4 years, as mandated by the NNSA Act. However, several areas of improvement still have not been fully addressed. For example, NNSA has issued policy letters on PPBE, but some of these letters are still in draft form because, in part, NNSA is waiting to obtain DOE's views on certain matters. In addition, NNSA's PPBE mechanism for centralized resource allocation relies on collegial decision making among senior NNSA managers, with the Administrator resolving disputes and deciding on the final resource allocation. However, the Administrator does not have an independent group to review program proposals, confirm cost estimates, and analyze alternatives. According to a 2003 DOE Inspector General report, most senior managers believe that such an analytical group would be of value. While NNSA has taken some action in this direction, it is not clear when such a group will be established. As discussed earlier, while there have been continuing calls for removing NNSA from DOE and establishing it a separate agency, we do not believe that such drastic change is necessary to produce an organization that can provide effective oversight of the nation's nuclear weapons complex. Rather, we believe NNSA can provide comprehensive oversight of the operation and security of the nation's nuclear weapons programs by addressing a variety of lingering, often unrelated, but important management issues. These issues include providing sufficient, qualified staff to conduct program and operational oversight, especially in the security area, and developing and implementing improvements needed to support effective project, program, and financial management. Madam Chairman, this concludes my prepared statement. I would be happy to respond to any questions that you or Members of the Subcommittee may have. GAO Contacts and Staff Acknowledgements For further information on this testimony, please contact me at (202) 512-3841 or [email protected] . Contact points for our Offices of Congressional Relations and Public Affairs may be found on the last page of this statement. James Noel, Assistant Director; Robert Baney; Preston Heard and Jonathan Ban made key contributions to this testimony. Related GAO Products Department of Energy: Views on DOE's Plan to Establish the National Nuclear Security Administration, [10]GAO/T-RCED-00-113 (Washington, D.C.: March 2, 2000). Department of Energy: Views on the Progress of the National Nuclear Security Administration in Implementing Title 32, [11]GAO-01-602T (Washington, D.C.: Apr. 4, 2001). NNSA Management: Progress in the Implementation of Title 32, [12]GAO-02-93R (Washington, D.C.: Dec.12, 2001). Department of Energy: NNSA Restructuring and Progress in Implementing Title 32, [13]GAO-02-451T (Washington, D.C.: Feb. 26, 2002). GAO, Nuclear Security: NNSA Needs to Better Manage Its Safeguards and Security Program, [14]GAO-03-471 (Washington, D.C.: May 30, 2003). National Nuclear Security Administration: Key Management Structure and Workforce Planning Issues Remain As NNSA Conducts Downsizing, [15]GAO-04-545 (Washington, D.C.: June 25, 2004). GAO�s Mission The Government Accountability Office, the audit, evaluation and investigative arm of Congress, exists to support Congress in meeting its constitutional responsibilities and to help improve the performance and accountability of the federal government for the American people. GAO examines the use of public funds; evaluates federal programs and policies; and provides analyses, recommendations, and other assistance to help Congress make informed oversight, policy, and funding decisions. GAO's commitment to good government is reflected in its core values of accountability, integrity, and reliability. Obtaining Copies of GAO Reports and Testimony The fastest and easiest way to obtain copies of GAO documents at no cost is through GAO's Web site ( www.gao.gov ). Each weekday, GAO posts newly released reports, testimony, and correspondence on its Web site. To have GAO e-mail you a list of newly posted products every afternoon, go to www.gao.gov and select "Subscribe to Updates." Order by Mail or Phone The first copy of each printed report is free. Additional copies are $2 each. A check or money order should be made out to the Superintendent of Documents. GAO also accepts VISA and Mastercard. Orders for 100 or more copies mailed to a single address are discounted 25 percent. Orders should be sent to: U.S. Government Accountability Office 441 G Street NW, Room LM Washington, D.C. 20548 To order by Phone: Voice: (202) 512-6000 TDD: (202) 512-2537 Fax: (202) 512-6061 To Report Fraud, Waste, and Abuse in Federal Programs Contact: Web site: www.gao.gov/fraudnet/fraudnet.htm E-mail: [email protected] Automated answering system: (800) 424-5454 or (202) 512-7470 Congressional Relations Gloria Jarmon, Managing Director, [email protected] (202) 512-4400 U.S. Government Accountability Office, 441 G Street NW, Room 7125 Washington, D.C. 20548 Public Affairs Paul Anderson, Managing Director, [email protected] (202) 512-4800 U.S. Government Accountability Office, 441 G Street NW, Room 7149 Washington, D.C. 20548 (360795) This is a work of the U.S. government and is not subject to copyright protection in the United States. It may be reproduced and distributed in its entirety without further permission from GAO. However, because this work may contain copyrighted images or other material, permission from the copyright holder may be necessary if you wish to reproduce this material separately. www.gao.gov/cgi-bin/getrpt?GAO-07-428T . To view the full product, including the scope and methodology, click on the link above. For more information, contact Gene Aloise at (202) 512-3841 or [email protected]. Highlights of [23]GAO-07-428T , a testimony before the Subcommittee on Strategic Forces, Committee on Armed Services, House of Representatives January 31, 2007 NATIONAL NUCLEAR SECURITY ADMINISTRATION Security and Management Improvements Can Enhance Implementation of the NNSA Act During the late 1990s, the Department of Energy (DOE) experienced difficulties with a lack of clear management authority and responsibility that contributed to security problems at the nation's nuclear weapons laboratories and management problems with major projects. In response, Congress created the National Nuclear Security Administration (NNSA) as a separately organized agency within DOE under Title 32 of the National Defense Authorization Act for Fiscal Year 2000--the NNSA Act. Since its creation, NNSA has continued to experience security problems, such as unauthorized access to NNSA computer systems, and cost and schedule overruns on major projects, such as the National Ignition Facility. GAO was asked to review the extent to which NNSA has taken steps to (1) improve security at its laboratories and plants and (2) improve its management practices and revise its organizational structure. In January 2007, GAO issued a report--National Nuclear Security Administration: Additional Actions Needed to Improve Management of the Nation's Nuclear Programs, (GAO-07-36)--that addressed these matters. To carry out its work, GAO reviewed legislation; NNSA policies, plans and budgets; collected and analyzed security performance ratings and interviewed current and former DOE and NNSA officials. While NNSA has better delineated lines of authority and improved communication through a reorganization and has made progress in establishing critical management systems, especially in the development of its Planning, Programming, Budgeting, and Evaluation process, important weaknesses remain with respect to security; the Administration's relationship with DOE; and project, program and financial management. Although NNSA has begun to build an effective headquarters security organization, it still cannot demonstrate that all of its security program objectives are being met at all of its sites. Specifically, GAO identified weaknesses in physical security at several NNSA sites, including the Nevada Test Site, the Sandia National Laboratories, and the Y-12 National Security Complex; and weaknesses in cyber security throughout NNSA. Four factors have contributed to these problems: (1) lack of consistent NNSA headquarters leadership and direction for security; (2) security personnel staffing shortages at NNSA site offices; (3) lack of adequate training resources and opportunities for site office security staff; and (4) incomplete security data to gauge the effectiveness of NNSA's security program. While NNSA has focused considerable attention on reorganizing its internal operations, it and DOE have continued to struggle with agreeing on how NNSA should operate as a separately organized agency within the department. This lack of agreement has resulted in organizational conflicts that have inhibited effective operations. While there have been continuing calls for removing NNSA from DOE and establishing it as a separate agency, GAO does not believe that such drastic change is necessary to provide effective oversight of the nuclear weapons complex. Rather, DOE and NNSA need to clearly define their working relationships and determine how conflicts will be resolved. Finally, GAO identified several other management weaknesses where additional NNSA actions could strengthen its ability to manage the nuclear weapons complex. For example, among other things, NNSA has not (1) implemented a plan for improving its project management efforts; (2) identified all of its program managers and trained them to a certified level of competency; and (3) established an independent analysis unit to review program budget proposals and analyze budget alternatives. In its recent report, GAO made recommendations to the Secretary of Energy and the Administrator of NNSA to (1) improve NNSA's security oversight program; (2) clearly define NNSA's status as a separately organized agency within DOE; and (3) improve project and program management, and the Administration's planning, programming, budgeting, and evaluation process. NNSA generally agreed with the report and its recommendations. NNSA considered the agency a success but acknowledged there was considerable work yet to be accomplished. References Visible links 8. http://www.gao.gov/cgi-bin/getrpt?GAO-07-36 9. file:///home/webmaster/infomgt/d07428t.htm#mailto:[email protected] 10. http://www.gao.gov/cgi-bin/getrpt?GAO/T-RCED-00-113 11. http://www.gao.gov/cgi-bin/getrpt?GAO-01-602T 12. http://www.gao.gov/cgi-bin/getrpt?GAO-02-93R 13. http://www.gao.gov/cgi-bin/getrpt?GAO-02-451T 14. http://www.gao.gov/cgi-bin/getrpt?GAO-03-471 15. http://www.gao.gov/cgi-bin/getrpt?GAO-04-545 16. http://www.gao.gov/ 17. http://www.gao.gov/ 18. http://www.gao.gov/fraudnet/fraudnet.htm 19. file:///home/webmaster/infomgt/d07428t.htm#mailto:[email protected] 20. file:///home/webmaster/infomgt/d07428t.htm#mailto:[email protected] 21. file:///home/webmaster/infomgt/d07428t.htm#mailto:[email protected] 22. http://www.gao.gov/cgi-bin/getrpt?GAO-07-428T 23. http://www.gao.gov/cgi-bin/getrpt?GAO-07-428T *** End of document. ***+