National Nuclear Security Administration: Security and Management
Improvements Can Enhance Implementation of the NNSA Act 	 
(31-JAN-07, GAO-07-428T).					 
                                                                 
During the late 1990s, the Department of Energy (DOE) experienced
difficulties with a lack of clear management authority and	 
responsibility that contributed to security problems at the	 
nation's nuclear weapons laboratories and management problems	 
with major projects. In response, Congress created the National  
Nuclear Security Administration (NNSA) as a separately organized 
agency within DOE under Title 32 of the National Defense	 
Authorization Act for Fiscal Year 2000--the NNSA Act. Since its  
creation, NNSA has continued to experience security problems,	 
such as unauthorized access to NNSA computer systems, and cost	 
and schedule overruns on major projects, such as the National	 
Ignition Facility. GAO was asked to review the extent to which	 
NNSA has taken steps to (1) improve security at its laboratories 
and plants and (2) improve its management practices and revise	 
its organizational structure. In January 2007, GAO issued a	 
report--National Nuclear Security Administration: Additional	 
Actions Needed to Improve Management of the Nation's Nuclear	 
Programs, (GAO-07-36)--that addressed these matters. To carry out
its work, GAO reviewed legislation; NNSA policies, plans and	 
budgets; collected and analyzed security performance ratings and 
interviewed current and former DOE and NNSA officials.		 
-------------------------Indexing Terms------------------------- 
REPORTNUM:   GAO-07-428T					        
    ACCNO:   A65428						        
  TITLE:     National Nuclear Security Administration: Security and   
Management Improvements Can Enhance Implementation of the NNSA	 
Act								 
     DATE:   01/31/2007 
  SUBJECT:   Agency evaluation					 
	     Computer security					 
	     Cyber security					 
	     Laboratories					 
	     Nuclear facility security				 
	     Physical security					 
	     Planning programming budgeting			 
	     Program management 				 
	     Risk assessment					 
	     Safeguards 					 

******************************************************************
** This file contains an ASCII representation of the text of a  **
** GAO Product.                                                 **
**                                                              **
** No attempt has been made to display graphic images, although **
** figure captions are reproduced.  Tables are included, but    **
** may not resemble those in the printed version.               **
**                                                              **
** Please see the PDF (Portable Document Format) file, when     **
** available, for a complete electronic file of the printed     **
** document's contents.                                         **
**                                                              **
******************************************************************
GAO-07-428T

   

     * [1]Background
     * [2]Additional Action Needed to Improve NNSA's Security Program
     * [3]DOE and NNSA Have Not Yet Fully Determined How NNSA Should O
     * [4]Several Management Issues Need to be Resolved for NNSA to Be
     * [5]GAO Contacts and Staff Acknowledgements
     * [6]Related GAO Products

          * [7]Order by Mail or Phone

Testimony

Before the Subcommittee on Strategic Forces, Committee on Armed Services,
House of Representatives

United States Government Accountability Office

GAO

For Release on Delivery Expected at 1:00 p.m. EST

Wednesday, January 31, 2007

NATIONAL NUCLEAR SECURITY ADMINISTRATION

Security and Management Improvements Can Enhance Implementation of the
NNSA Act

Statement of Gene Aloise, Director Natural Resources and Environment

GAO-07-428T

Madam Chairman and Members of the Subcommittee:

We are pleased to be here today to discuss our work on the actions the
National Nuclear Security Administration (NNSA)--a separately organized
agency within the Department of Energy (DOE)--has taken to improve the
security and management of the nation's nuclear programs. Specifically, my
remarks are based on the report we are issuing today--National Nuclear
Security Administration: Additional Actions Needed to Improve Management
of the Nation's Nuclear Programs, which was prepared at the request of
this Subcommittee.1

During the late 1990s, DOE experienced management difficulties with its
nuclear weapons programs that contributed to security problems at the
nation's nuclear weapons laboratories and significant cost overruns on
major projects. According to a June 1999 report by the President's Foreign
Intelligence Advisory Board (the Board), DOE's management of the nuclear
weapons laboratories, while representing "science at its best," also
embodied "security at its worst" because of "organizational disarray,
managerial neglect, and ...a culture of arrogance." The Board urged the
Congress to create a new organization that, whether established as an
independent agency or a semi-autonomous entity within DOE, would have a
clear mission, streamlined bureaucracy, and drastically simplified lines
of authority and accountability. Responding to the Board's
recommendations, the Congress created the National Nuclear Security
Administration (NNSA) under Title 32 of the National Defense Authorization
Act for Fiscal Year 2000--the NNSA Act.2

The NNSA Act established NNSA as a "separately organized agency" within
DOE and made NNSA responsible for the management and security of the
nation's nuclear weapons, nuclear nonproliferation, and naval reactor
programs. The NNSA Act established the position of DOE Under Secretary for
Nuclear Security, who was also designated as the Administrator of NNSA.
The Secretary of Energy and the Deputy Secretary of Energy were allowed to
establish policy for NNSA and to give direction to NNSA through the
Administrator; however, other DOE employees were prohibited from directing
the activities of individual NNSA employees. Finally, the NNSA Act
required that, among other things, NNSA develop a planning, programming,
and budgeting process in order to ensure that the administration operated
under sound financial management principles.

1 [8]GAO-07-36 .

2Pub. L. No. 106-65, 113 Stat. 512, 953 (1999).

Since its inception, however, NNSA has continued to experience both
security and management problems. For example, with respect to security,
in 2003 we found that NNSA had not fully defined the roles and
responsibilities of officials in its security program and that NNSA had
shortfalls in security staff at the site offices that oversee its
contractors. In addition, two NNSA studies commissioned in July 2003 found
ongoing problems with NNSA's security program, including weaknesses in its
security culture, organization, and staffing and training. Finally, DOE's
Office of Inspector General found security problems with NNSA's
contractors, including improprieties in the testing of the officers who
protect NNSA's sites and weaknesses in NNSA's cyber security program. With
respect to the management of major projects, the National Ignition
Facility and the Dual Axis Radiographic Hydrodynamic Test Facility--two
major facilities needed to support NNSA's nuclear weapons
programs--experienced major delays and cost overruns because of problems
with project management and are still not complete.

In this context, you asked us to evaluate the extent to which NNSA has
taken steps to (1) improve security at its laboratories and plants and (2)
improve its management practices and revise its organizational structure.
To carry out our objectives, we reviewed the NNSA Act; and NNSA and DOE
policies, plans and budgets; and interviewed current and former NNSA and
DOE officials. We also used reports on NNSA's security efforts prepared by
GAO, the DOE Inspector General, and outside groups, such as a 2005 report
on security commissioned by NNSA. Finally, we collected and analyzed
security performance ratings developed by DOE's Office of Health, Safety
and Security and NNSA site offices, from fiscal years 1996 through 2005.
We used these performance ratings because there was wide agreement among
NNSA and DOE security officials that these ratings represented the best
available information on the overall performance of NNSA's safeguards and
security program. We conducted the work for our report from March 2005
through January 2007 in accordance with generally accepted government
auditing standards, which included an assessment of data reliability and
internal controls.

In summary:

Producing a well-organized and effective agency out of what was widely
considered a dysfunctional enterprise has been a considerable challenge.
In some areas, NNSA can be viewed as a success. Most notably, through its
internal reorganization efforts, NNSA has addressed some past problems by
better delineating lines of authority and improving communication and has
made important progress in establishing critical management systems,
especially in the development of its Planning, Programming, Budgeting and
Evaluation (PPBE) process. However, important problems remain with respect
to security, the Administration's relationship with DOE, and project,
program and financial management.

Regarding security, NNSA still cannot demonstrate that all of its security
program objectives are being met at all of its sites. Specifically, we
found weaknesses with physical security at several NNSA sites, including
the Nevada Test Site, Sandia National Laboratories, and the Y-12 National
Security Complex, and weaknesses throughout NNSA in the cyber security
area. Four factors have contributed to problems with NNSA's security
program. Specifically, we found

           o a lack of consistent NNSA headquarters leadership and direction
           for security;

           o security personnel staffing shortages at the NNSA site offices
           that oversee NNSA's contractors;

           o inadequate training resources and opportunities for site office
           security staff; and

           o incomplete security data to gauge the effectiveness of NNSA's
           security program.

           With respect to NNSA's relationship to DOE, we found that almost 7
           years after its creation, NNSA and DOE still have not fully agreed
           on how NNSA should function within the department as a separately
           organized agency. This lack of agreement has resulted in
           organizational conflicts that have inhibited effective operations.
           In our view, DOE and NNSA need to take a more active approach to
           clearly defining DOE and NNSA's working relationships and
           determining how conflicts will be resolved. While there have been
           continuing calls for removing NNSA from DOE and establishing it as
           a separate agency, we do not believe that such drastic change is
           necessary to produce an organization that can provide effective
           oversight of the nation's nuclear weapons complex.

           Finally, while NNSA has taken several actions to improve its
           management practices, including developing a PPBE process, we also
           identified several areas where management weaknesses remain.
           Specifically, NNSA has not developed a project management policy,
           implemented a plan for improving its project management efforts,
           and fully shared project management lessons learned between its
           sites. In addition, NNSA has not identified all of its program
           managers and trained them to a certified level of competency.
           Finally, NNSA has not established an independent analysis unit to
           (1) review program budget proposals, (2) confirm cost estimates,
           and (3) analyze budget alternatives.

           In order to improve the management of NNSA and its ability to
           oversee the nuclear weapons complex , in our report to you, we
           made a series of recommendations to the Secretary of Energy and
           the Administrator, NNSA to (1) improve NNSA's security oversight
           program; (2) clearly define NNSA's status as a separately
           organized agency within DOE; and (3) improve project and program
           management, and the agency's planning, programming, budgeting, and
           evaluation process. In its comments on our report, NNSA generally
           agreed with the report and its corresponding recommendations. NNSA
           noted that it considers the agency to be a success but
           acknowledged that there was considerable work yet to be
           accomplished.
			  
			  Background

           NNSA operates three national laboratories that design nuclear
           weapons--Lawrence Livermore National Laboratory, California; Los
           Alamos National Laboratory, New Mexico; and the Sandia National
           Laboratories, New Mexico and California; and four nuclear weapons
           production sites--the Pantex Plant, Texas; the Y-12 National
           Security Complex, Tennessee; the Kansas City Plant, Missouri; and
           parts of the Savannah River Site, South Carolina; as well as the
           Nevada Test Site.

           To implement its programs, NNSA received about $9.1 billion for
           fiscal year 2006, including almost $6.4 billion for its nuclear
           weapons activities, about $1.6 billion for its defense nuclear
           nonproliferation programs, and about $782 million for the Naval
           Reactors program. NNSA's appropriation also included about $766
           million to provide security at its sites. NNSA requested over $9.3
           billion for fiscal year 2007, including $6.4 billion for its
           nuclear weapons activities, $1.7 billion for its defense nuclear
           nonproliferation programs, and $795 million for the Naval Reactors
           program. According to NNSA's Future Years Nuclear Security Program
           plan, between fiscal years 2007 and 2011, NNSA is proposing to
           spend almost $48.5 billion on its nuclear weapons, nuclear
           nonproliferation, and naval reactors programs.

           As noted earlier, for several years before NNSA was established,
           external studies found problems with the organization and
           operation of what is now NNSA's principal organization--DOE's
           Office of Defense Programs. These studies cited continuing
           problems in the areas of overall management, organization,
           priority setting, and maintenance of a viable infrastructure and
           workforce. Most influential in the creation of NNSA was the study
           conducted by a Special Investigative Panel of the President's
           Foreign Intelligence Advisory Board. Prepared in response to a
           series of security problems, including public access to classified
           documents at the Los Alamos National Laboratory, the Board found
           that DOE was a dysfunctional bureaucracy incapable of reforming
           itself and that reorganization was clearly warranted to resolve
           security and counterintelligence problems. As noted earlier, the
           Board urged the Congress to create a new organization that,
           whether established as an independent agency or a semi-autonomous
           entity within DOE, should have a clear mission, streamlined
           bureaucracy, and drastically simplified lines of authority and
           accountability. To correct the problems identified by the Board
           and others, in 1999, the Congress created the NNSA.

           For the last several years, we have monitored NNSA's actions to
           implement the NNSA Act for this Subcommittee and the Special
           Oversight Panel on Department of Energy Reorganization, House
           Armed Services Committee. For example, in April 2001, we testified
           that NNSA's efforts to establish a new organization looked
           promising. However, we highlighted the need for NNSA to clearly
           define the roles and responsibilities of headquarters and field
           staff and to establish clear lines of authority between NNSA and
           its contractors, among other things. In May 2001, NNSA announced
           plans to reorganize its headquarters operations. In December 2001,
           however, we found that NNSA's plans for the headquarters
           reorganization did not contain a clear definition of the roles and
           responsibilities of the headquarters organizational units.

           In addition to reorganizing its headquarters, in February 2002,
           NNSA proposed reorganizing its entire operation to solve
           important, long-standing issues. In February 2002, we testified
           that, with the proposed new organizational structure, resolution
           of NNSA's long-standing organizational issues appeared to be
           within its grasp. However, we noted that NNSA's lack of a
           long-term strategic approach to ensuring a well-managed workforce
           precluded it from identifying its current and future human capital
           needs, including the size of the workforce; its deployment across
           the organization; and the knowledge, skills, and capabilities
           needed to fulfill its mission. In December 2002, the Administrator
           of NNSA implemented the proposed reorganization.

           Our May 2003 report on the management of NNSA's security program
           identified similar concerns about NNSA's security organization and
           management. Specifically, we found that NNSA (1) had not fully
           defined clear roles and responsibilities for its headquarters and
           site security operations and (2) had shortfalls at its site
           offices in the total number of staff and in expertise, which could
           make it more difficult for the site offices to effectively oversee
           security activities. We therefore concluded that NNSA could not be
           assured that its contractors were working to maximum advantage to
           protect critical facilities and material from individuals seeking
           to inflict damage.

           Finally, in June 2004, we found that NNSA's reorganization had
           addressed some past problems by better delineating lines of
           authority and improving communication. However, we also found that
           NNSA's reorganization had not ensured that the agency had
           sufficient staff with the right skills in the right places because
           it had downsized its federal workforce by about 17 percent without
           first determining the critical skills and capabilities needed to
           meet its mission and program goals.
			  
			  Additional Action Needed to Improve NNSA�s Security Program

           Although NNSA has begun to build an effective headquarters
           security organization, it still cannot demonstrate that all of its
           security program objectives are being met at all of its sites.
           Specifically, we found that the results of internal and
           independent security oversight assessments have identified
           weaknesses in physical security at several NNSA sites, including
           the Nevada Test Site, the Sandia National Laboratories, and the
           Y-12 National Security Complex; and weaknesses in cyber security
           throughout NNSA. The following factors have contributed to this
           situation:

           o Lack of consistent leadership and direction for its security
           activities. For several years, the NNSA headquarters security
           organization experienced turnover in the position of Chief of the
           Office of Defense Nuclear Security. Specifically, four individuals
           have occupied the position since NNSA's creation, often in an
           acting capacity. In addition, these chiefs have reported to
           different levels within the organization. The current Chief is a
           permanent appointee, reporting directly to the NNSA administrator,
           and he has taken a number of steps to develop an effective
           headquarters security organization.

           o Security personnel staffing shortages at site offices. Having
           sufficient staff to oversee the security programs of its
           contractors continues to be a problem. For example, since NNSA
           became operational, key site offices, such as the Los Alamos Site
           Office, have experienced staffing shortfalls. As a result, sites
           are limited in their ability to effectively oversee contractors'
           security activities.

           o Lack of adequate training resources and opportunities for site
           office security staff. NNSA has not implemented a training program
           that provides NNSA federal security officials with the skills
           needed to effectively oversee contractor security programs. In
           addition, NNSA site offices often do not have all the resources
           needed to meet training needs. For example, according to site
           office officials, the Los Alamos Site Office did not receive
           training funds for fiscal year 2006 and the Nevada Site Office
           received a minimal training budget for its security staff.

           o Lack of data to gauge program effectiveness. NNSA does not have
           complete data for tracking security deficiencies identified by
           security oversight reviews and, as a result, does not have
           information regarding the overall effectiveness of its safeguards
           and security program. NNSA officials told us that while they
           believe security across the weapons complex has improved, NNSA
           does not have sufficient data to support this assertion. In
           addition, NNSA has not implemented a formal process for sharing
           best practices or lessons learned to guide security improvements.
           While best practices and lessons learned have been communicated
           informally, a formal process could help ensure that previously
           identified security deficiencies, such as the retrieval of badges
           from terminated employees at one NNSA site, are reviewed and
           corrected as necessary at other NNSA field locations.
			  
			  DOE and NNSA Have Not Yet Fully Determined How NNSA Should Operate
			  as a Separately Organized Agency within DOE

           While NNSA has focused considerable attention on reorganizing its
           internal operations, it and DOE have continued to struggle with
           establishing how NNSA should operate as a separately organized
           agency within the department. Several factors have contributed to
           this situation. First, DOE and NNSA did not have a useful model to
           follow for establishing a separately organized agency in DOE. The
           Board's June 1999 report suggested several federal agencies, such
           as the National Oceanic and Atmospheric Administration in the
           Department of Commerce, which could be used as a model for NNSA.
           However, we found that none of the officials from these agencies
           considered their agency to be separately organized or believed
           that their agency's operational methods were transferable to NNSA.
           Second, DOE's January 2000 implementation plan, which was required
           by the NNSA Act, did not define how NNSA would operate as a
           separately organized agency within DOE. Instead reflecting the
           opposition of the then DOE senior leadership to the creation of
           NNSA, the implementation plan "dual-hatted" virtually every
           significant statutory position in NNSA with DOE officials,
           including the Director of NNSA's Office of Defense Nuclear
           Counterintelligence and General Counsel. As we testified in April
           2001, this practice caused considerable concern about NNSA's
           ability to function with the independence envisioned in the NNSA
           Act. Dual-hatting was subsequently forbidden by an amendment to
           the NNSA Act.3

           As a result, although some NNSA programs have set up procedures
           for interacting with DOE, other programs have not, resulting in
           organizational conflict. For example, DOE made a commitment to
           issuing NNSA-specific acquisition procedures in its January 2000
           implementation plan for NNSA, but it has not done so. According to
           DOE Office of General Counsel officials, the department
           subsequently determined that NNSA-specific procedures were
           inconsistent with the Federal Acquisition Regulation, the NNSA
           Act, and the January 2000 implementation plan. According to both
           DOE and NNSA officials, since 2004 the department has blocked
           NNSA's efforts to issue its own acquisition regulations. As a
           result, according to NNSA officials, NNSA has had to issue a
           series of deviations to the DOE acquisition regulations to carry
           out NNSA acquisition policies in areas such as negotiating a more
           effective contract fee arrangement and awarding additional years
           to a contract's term.

           Even where formal procedures have been developed, interpersonal
           disagreements have hindered effective cooperation. Most notable in
           this regard has been the longstanding conflict between NNSA and
           DOE counterintelligence offices. Specifically, as our report
           documents, NNSA and DOE counterintelligence officials have
           disagreed over (1) the scope and direction of the
           counterintelligence program, (2) their ability to jointly direct
           staff in the headquarters counterintelligence program offices, (3)
           the allocation of counterintelligence resources, (4)
           counterintelligence policymaking and (5) their roles and
           responsibilities in handling specific counterintelligence
           matters--in particular with regard to the department's handling of
           the well-publicized mid-2005 intrusion into an unclassified NNSA
           computer system and removal of the names and social security
           numbers of 1,502 individuals working for NNSA. Subsequently, the
           Congress amended the NNSA Act to consolidate the
           counterintelligence programs of DOE and NNSA under the Department
           of Energy.
			  
3Pub. L. 106-398, S 3157, 114 Stat. 1654, 1654A-468 (2000) (codified as
amended at 50 U.S.C. S 2410).			  

           In this environment, concerns about NNSA's organizational status
           have persisted. Most notably, a January 2006 report by the Defense
           Science Board called for the removal of NNSA from DOE and the
           creation of a new, independent National Nuclear Weapons Agency.
           However, former senior DOE and NNSA officials with whom we spoke
           generally did not favor removing NNSA from DOE.
			  
			  Several Management Issues Need to be Resolved for NNSA to Become
			  Fully Effective

           In addition to identifying the underlying issue of NNSA's
           relationship to DOE, we identified the following four other
           management areas where additional NNSA actions could strengthen
           its ability to manage the nuclear weapons complex if it took
           further action.

           o Human capital. NNSA has made progress in developing a human
           capital strategy. However, DOE and NNSA have not conducted a
           systematic, detailed analysis of how many staff NNSA needs in
           relation to DOE. As a result, we identified areas where potential
           staff imbalances have affected NNSA's ability to operate
           separately from DOE. For example, NNSA's Office of General Counsel
           has 35 attorneys, including the General Counsel, to provide NNSA
           legal analysis, while the rest of DOE has 277 attorneys. According
           to NNSA's General Counsel, his office would need 15 to 20
           additional attorneys to fully handle NNSA's legal workload with
           minimal assistance from DOE. Currently, NNSA relies on DOE's
           Office of General Counsel to perform a significant portion of its
           legal work.

           o Project management. While both DOE and NNSA have initiated
           efforts to improve project management, NNSA reported in November
           2006 that about 16 percent of NNSA projects were at risk of
           breaching their cost baseline, schedule baseline or both. We
           identified seven areas for improvement that would foster a
           stronger culture for effective project management. For example,
           DOE's Project Assessment and Reporting System--a Web-based system
           for keeping DOE senior managers apprised of the performance of
           projects costing more than $5 million--does not include four major
           NNSA projects, estimated to cost over $100 million each.
           Consequently, these projects do not receive the senior management
           oversight that can be provided through that system.

           o Program management. NNSA program managers are responsible for
           completing a set of activities by employing a working knowledge of
           such diverse areas as contracting, budgeting, and engineering.
           Recognizing the important role of program managers, NNSA has taken
           several actions, such as developing a program management policy.
           However, NNSA has yet to identify all of its program managers or
           train them to a certified level of competency. Indeed, DOE's most
           recent performance and accountability report for fiscal year 2006
           showed that NNSA fully met only about 52 percent of its program
           goals while the rest of DOE achieved about a 79-percent success
           rate.

           o Financial management. NNSA has made significant progress in
           implementing its PPBE process over the last 4 years, as mandated
           by the NNSA Act. However, several areas of improvement still have
           not been fully addressed. For example, NNSA has issued policy
           letters on PPBE, but some of these letters are still in draft form
           because, in part, NNSA is waiting to obtain DOE's views on certain
           matters. In addition, NNSA's PPBE mechanism for centralized
           resource allocation relies on collegial decision making among
           senior NNSA managers, with the Administrator resolving disputes
           and deciding on the final resource allocation. However, the
           Administrator does not have an independent group to review program
           proposals, confirm cost estimates, and analyze alternatives.
           According to a 2003 DOE Inspector General report, most senior
           managers believe that such an analytical group would be of value.
           While NNSA has taken some action in this direction, it is not
           clear when such a group will be established.

           As discussed earlier, while there have been continuing calls for
           removing NNSA from DOE and establishing it a separate agency, we
           do not believe that such drastic change is necessary to produce an
           organization that can provide effective oversight of the nation's
           nuclear weapons complex. Rather, we believe NNSA can provide
           comprehensive oversight of the operation and security of the
           nation's nuclear weapons programs by addressing a variety of
           lingering, often unrelated, but important management issues. These
           issues include providing sufficient, qualified staff to conduct
           program and operational oversight, especially in the security
           area, and developing and implementing improvements needed to
           support effective project, program, and financial management.

           Madam Chairman, this concludes my prepared statement. I would be
           happy to respond to any questions that you or Members of the
           Subcommittee may have.
			  
			  GAO Contacts and Staff Acknowledgements

           For further information on this testimony, please contact me at
           (202) 512-3841 or [email protected] . Contact points for our
           Offices of Congressional Relations and Public Affairs may be found
           on the last page of this statement. James Noel, Assistant
           Director; Robert Baney; Preston Heard and Jonathan Ban made key
           contributions to this testimony.
			  
			  Related GAO Products

           Department of Energy: Views on DOE's Plan to Establish the
           National Nuclear Security Administration, [10]GAO/T-RCED-00-113
           (Washington, D.C.: March 2, 2000).

           Department of Energy: Views on the Progress of the National
           Nuclear Security Administration in Implementing Title 32,
           [11]GAO-01-602T (Washington, D.C.: Apr. 4, 2001).

           NNSA Management: Progress in the Implementation of Title 32,
           [12]GAO-02-93R (Washington, D.C.: Dec.12, 2001).

           Department of Energy: NNSA Restructuring and Progress in
           Implementing Title 32, [13]GAO-02-451T (Washington, D.C.: Feb. 26,
           2002).

           GAO, Nuclear Security: NNSA Needs to Better Manage Its Safeguards
           and Security Program, [14]GAO-03-471 (Washington, D.C.: May 30,
           2003).

           National Nuclear Security Administration: Key Management Structure
           and Workforce Planning Issues Remain As NNSA Conducts Downsizing,
           [15]GAO-04-545 (Washington, D.C.: June 25, 2004).
			  
			  GAO�s Mission

           The Government Accountability Office, the audit, evaluation and
           investigative arm of Congress, exists to support Congress in
           meeting its constitutional responsibilities and to help improve
           the performance and accountability of the federal government for
           the American people. GAO examines the use of public funds;
           evaluates federal programs and policies; and provides analyses,
           recommendations, and other assistance to help Congress make
           informed oversight, policy, and funding decisions. GAO's
           commitment to good government is reflected in its core values of
           accountability, integrity, and reliability.
			  
			  Obtaining Copies of GAO Reports and Testimony

           The fastest and easiest way to obtain copies of GAO documents at
           no cost is through GAO's Web site ( www.gao.gov ). Each
           weekday, GAO posts newly released reports, testimony, and
           correspondence on its Web site. To have GAO e-mail you a list of
           newly posted products every afternoon, go to www.gao.gov and
           select "Subscribe to Updates."
			  
			  Order by Mail or Phone

           The first copy of each printed report is free. Additional copies
           are $2 each. A check or money order should be made out to the
           Superintendent of Documents. GAO also accepts VISA and Mastercard.
           Orders for 100 or more copies mailed to a single address are
           discounted 25 percent. Orders should be sent to:

           U.S. Government Accountability Office 441 G Street NW, Room LM
           Washington, D.C. 20548

           To order by Phone: Voice: (202) 512-6000 TDD: (202) 512-2537 Fax:
           (202) 512-6061
			  
			  To Report Fraud, Waste, and Abuse in Federal Programs

           Contact:

           Web site: www.gao.gov/fraudnet/fraudnet.htm E-mail:
           [email protected] Automated answering system: (800) 424-5454 or
           (202) 512-7470
			  
			  Congressional Relations

           Gloria Jarmon, Managing Director, [email protected] (202)
           512-4400 U.S. Government Accountability Office, 441 G Street NW,
           Room 7125 Washington, D.C. 20548
			  
			  Public Affairs

           Paul Anderson, Managing Director, [email protected] (202)
           512-4800 U.S. Government Accountability Office, 441 G Street NW,
           Room 7149 Washington, D.C. 20548

(360795)

This is a work of the U.S. government and is not subject to copyright
protection in the United States. It may be reproduced and distributed in
its entirety without further permission from GAO. However, because this
work may contain copyrighted images or other material, permission from the
copyright holder may be necessary if you wish to reproduce this material
separately.

www.gao.gov/cgi-bin/getrpt?GAO-07-428T .

To view the full product, including the scope
and methodology, click on the link above.

For more information, contact Gene Aloise at (202) 512-3841 or
[email protected].

Highlights of [23]GAO-07-428T , a testimony before the Subcommittee on
Strategic Forces, Committee on Armed Services, House of Representatives

January 31, 2007

NATIONAL NUCLEAR SECURITY ADMINISTRATION

Security and Management Improvements Can Enhance Implementation of the
NNSA Act

During the late 1990s, the Department of Energy (DOE) experienced
difficulties with a lack of clear management authority and responsibility
that contributed to security problems at the nation's nuclear weapons
laboratories and management problems with major projects. In response,
Congress created the National Nuclear Security Administration (NNSA) as a
separately organized agency within DOE under Title 32 of the National
Defense Authorization Act for Fiscal Year 2000--the NNSA Act. Since its
creation, NNSA has continued to experience security problems, such as
unauthorized access to NNSA computer systems, and cost and schedule
overruns on major projects, such as the National Ignition Facility.

GAO was asked to review the extent to which NNSA has taken steps to (1)
improve security at its laboratories and plants and (2) improve its
management practices and revise its organizational structure. In January
2007, GAO issued a report--National Nuclear Security Administration:
Additional Actions Needed to Improve Management of the Nation's Nuclear
Programs, (GAO-07-36)--that addressed these matters.

To carry out its work, GAO reviewed legislation; NNSA policies, plans and
budgets; collected and analyzed security performance ratings and
interviewed current and former DOE and NNSA officials.

While NNSA has better delineated lines of authority and improved
communication through a reorganization and has made progress in
establishing critical management systems, especially in the development of
its Planning, Programming, Budgeting, and Evaluation process, important
weaknesses remain with respect to security; the Administration's
relationship with DOE; and project, program and financial management.

Although NNSA has begun to build an effective headquarters security
organization, it still cannot demonstrate that all of its security program
objectives are being met at all of its sites. Specifically, GAO identified
weaknesses in physical security at several NNSA sites, including the
Nevada Test Site, the Sandia National Laboratories, and the Y-12 National
Security Complex; and weaknesses in cyber security throughout NNSA. Four
factors have contributed to these problems: (1) lack of consistent NNSA
headquarters leadership and direction for security; (2) security personnel
staffing shortages at NNSA site offices; (3) lack of adequate training
resources and opportunities for site office security staff; and (4)
incomplete security data to gauge the effectiveness of NNSA's security
program.

While NNSA has focused considerable attention on reorganizing its internal
operations, it and DOE have continued to struggle with agreeing on how
NNSA should operate as a separately organized agency within the
department. This lack of agreement has resulted in organizational
conflicts that have inhibited effective operations. While there have been
continuing calls for removing NNSA from DOE and establishing it as a
separate agency, GAO does not believe that such drastic change is
necessary to provide effective oversight of the nuclear weapons complex.
Rather, DOE and NNSA need to clearly define their working relationships
and determine how conflicts will be resolved.

Finally, GAO identified several other management weaknesses where
additional NNSA actions could strengthen its ability to manage the nuclear
weapons complex. For example, among other things, NNSA has not (1)
implemented a plan for improving its project management efforts; (2)
identified all of its program managers and trained them to a certified
level of competency; and (3) established an independent analysis unit to
review program budget proposals and analyze budget alternatives.

In its recent report, GAO made recommendations to the Secretary of Energy
and the Administrator of NNSA to (1) improve NNSA's security oversight
program; (2) clearly define NNSA's status as a separately organized agency
within DOE; and (3) improve project and program management, and the
Administration's planning, programming, budgeting, and evaluation process.
NNSA generally agreed with the report and its recommendations. NNSA
considered the agency a success but acknowledged there was considerable
work yet to be accomplished.

References

Visible links
8. http://www.gao.gov/cgi-bin/getrpt?GAO-07-36
9. file:///home/webmaster/infomgt/d07428t.htm#mailto:[email protected]
  10. http://www.gao.gov/cgi-bin/getrpt?GAO/T-RCED-00-113
  11. http://www.gao.gov/cgi-bin/getrpt?GAO-01-602T
  12. http://www.gao.gov/cgi-bin/getrpt?GAO-02-93R
  13. http://www.gao.gov/cgi-bin/getrpt?GAO-02-451T
  14. http://www.gao.gov/cgi-bin/getrpt?GAO-03-471
  15. http://www.gao.gov/cgi-bin/getrpt?GAO-04-545
  16. http://www.gao.gov/
  17. http://www.gao.gov/
  18. http://www.gao.gov/fraudnet/fraudnet.htm
  19. file:///home/webmaster/infomgt/d07428t.htm#mailto:[email protected]
  20. file:///home/webmaster/infomgt/d07428t.htm#mailto:[email protected]
  21. file:///home/webmaster/infomgt/d07428t.htm#mailto:[email protected]
  22. http://www.gao.gov/cgi-bin/getrpt?GAO-07-428T
  23. http://www.gao.gov/cgi-bin/getrpt?GAO-07-428T
*** End of document. ***+