National Nuclear Security Administration: Additional Actions Needed to Improve Management of the Nation's Nuclear Programs
GAO-07-36
Published: Jan 19, 2007. Publicly Released: Jan 31, 2007.
Skip to Highlights
Highlights
In response to security and management weaknesses, in 1999 the Congress created the National Nuclear Security Administration (NNSA), a separately organized agency within the Department of Energy (DOE). NNSA is responsible for the nation's nuclear weapons, nonproliferation, and naval reactors programs. Since its creation, NNSA has continued to experience security problems, such as unauthorized access to a NNSA unclassified computer system, and cost and schedule overruns on its major projects, such as the National Ignition Facility. GAO reviewed the extent to which NNSA has taken steps to (1) improve security at its laboratories and plants and (2) improve its management practices and revise its organizational structure. To carry out its work, GAO reviewed legislation; NNSA policies, plans and budgets; and interviewed current and former NNSA and DOE officials.
Although NNSA has begun to build an effective security organization, it still cannot demonstrate that all of its security program objectives are being met at all of its sites. Specifically, the results of internal and independent security oversight assessments have identified weaknesses in physical security at several NNSA sites, including the Nevada Test Site, Sandia National Laboratories and the Y-12 National Security Complex, and weaknesses in cyber security throughout NNSA. The following factors have contributed to this situation: Weak organization of headquarters security. Until recently, NNSA did not have consistent leadership or direction at the headquarters level for its security program. Security staffing shortages at NNSA site offices. Since NNSA became operational, five of its six site offices have not been staffed at the required levels, according to GAO's analysis. Site offices oversee NNSA contractor security operations. Inadequate security staff training. NNSA has not implemented a training program that provides federal security officials with the skills needed to effectively oversee contractor security programs. Incomplete security data. DOE's database for tracking security deficiencies identified by security oversight assessments is incomplete, and, as a result, NNSA lacks a comprehensive understanding of the overall effectiveness of its security program. NNSA has taken several actions to improve its management practices, including developing a planning, programming, budgeting and evaluation process. However, management problems continue, in part, because NNSA and DOE have not fully agreed on how NNSA should function within the department as a separately organized agency. This lack of agreement has resulted in organizational conflicts that have inhibited effective operations. GAO also identified the following areas where additional management improvements are needed: Project management. NNSA has not developed a project management policy, implemented a plan for improving its project management efforts, and fully shared project management lessons learned between its sites. Program management. NNSA has not identified all of its program managers and trained them to a certified level of competency. Financial management. NNSA has not established an independent analysis unit to review program budget proposals, confirm cost estimates, and analyze budget alternatives.
Recommendations
Recommendations for Executive Action
| Agency Affected | Recommendation | Status |
|---|---|---|
| Department of Energy | To ensure that NNSA functions as a separately organized agency, the Secretary of Energy and the Administrator, NNSA, should clearly define NNSA's status as a separately organized agency within the department. |
In his 31 USC Section 720 response to our report, the Deputy Secretary of Energy stated that he did not concur with this recommendation. He stated that elements of the Department and the NNSA had executed memoranda of understanding specifying how certain Department-wide functions would be performed while respecting the statutory insulation of NNSA personnel. He also stated that the Department will consider issuing circumstance-specific guidance where required to correct misperceptions about the effect of the NNSA's act limitations. NNSA's relationship with DOE continues to evolve. NNSA asserted its independence aggressively through July 2012 when an important security incident took place at the Y-12 plant. Since that time, NNSA has been less independent. As of May 2019, the status of NNSA within DOE remains largely dependent on the relationship between the DOE Secretary and NNSA Administrator, despite a number of National Academy studies and other governance panels.
|
| National Nuclear Security Administration | To ensure that NNSA functions as a separately organized agency, the Secretary of Energy and the Administrator, NNSA, should clearly define NNSA's status as a separately organized agency within the department. |
In his 31 USC Section 720 response to our report, the Deputy Secretary of Energy stated that he did not concur with this recommendation. He stated that elements of the Department and the NNSA had executed memoranda of understanding specifying how certain Department-wide functions would be performed while respecting the statutory insulation of NNSA personnel. He also stated that the Department will consider issuing circumstance-specific guidance where required to correct misperceptions about the effect of the NNSA's act limitations. NNSA's relationship with DOE continues to evolve. NNSA asserted its independence aggressively through July 2012 when an important security incident took place at the Y-12 plant. Since that time, NNSA has been less independent. As of May 2019, the status of NNSA within DOE remains largely dependent on the relationship between the DOE Secretary and NNSA Administrator, despite a number of National Academy studies and other governance panels that also recommended NNSA be a separate agency.
|
| Department of Energy | To ensure that NNSA functions as a separately organized agency, the Secretary of Energy and the Administrator, NNSA, should develop and implement standard operating procedures for conducting business and resolving conflicts between DOE and NNSA sister offices. |
In his 31 USC Section 720 response to our report, the Deputy Secretary of Energy stated that he did not concur with this recommendation. He argued that it would be impossible for DOE to develop the standard operating procedures for resolving disagreements we recommended because the "statutory limitations on the Secretary's delegation authority foreclose administrative establishment of any procedures." DOE further argued resolving any disagreements could only be done by the Secretary or Deputy Secretary, "acting personally." However, since our report was issued, NNSA has tracked departures from DOE policies through the issuance of formal Policy Letters and, to date, the Secretary and Deputy Secretary of Energy, has successfully worked with the NNSA Administrator to resolve disagreements. These two actions are sufficient to close the recommendation, but we will continue to monitor the DOE and NNSA relationship, especially since the Office of Environmental Management is now reporting to the NNSA Administrator in his role as Under Secretary of Energy.
|
| National Nuclear Security Administration | To ensure that NNSA functions as a separately organized agency, the Secretary of Energy and the Administrator, NNSA, should develop and implement standard operating procedures for conducting business and resolving conflicts between DOE and NNSA sister offices. |
In his 31 USC Section 720 response to our report, the Deputy Secretary of Energy stated that he did not concur with this recommendation. He argued that it would be impossible for DOE to develop the standard operating procedures for resolving disagreements we recommended because the "statutory limitations on the Secretary's delegation authority foreclose administrative establishment of any procedures." DOE further argued resolving any disagreements could only be done by the Secretary or Deputy Secretary, "acting personally." However, since our report was issued, NNSA has tracked departures from DOE policies through the issuance of formal Policy Letters and, to date, the Secretary and Deputy Secretary of Energy, has successfully worked with the NNSA Administrator to resolve disagreements. These two actions are sufficient to close the recommendation, but we will continue to monitor the DOE and NNSA relationship, especially since the Office of Environmental Management is now reporting to the NNSA Administrator in his role as Under Secretary of Energy.
|
| National Nuclear Security Administration | To improve security oversight, the Administrator, NNSA, should develop a human capital strategy that includes standards for determining long-term staffing needs. |
In May 2009 DOE revised the S&S Functional Area Qualification Standard, DOE-STD-1171-2009, and in and July of 2009 develop a new S&S General Technical Base Qualification Standard, DOE STD-1123-2009. These standards define the training competencies and will be used as the safeguards and security training program. In addition, in 2010 NNSA's Office of Defense Nuclear Security (DNS) is now conducting an Annual Workforce Analysis and Staffing plan for headquarters federal staff. NNSA field elements now conduct similar review that examine, among other things, projected staffing shortages/surpluses over the next five years. While these actions close this narrowly focused recommendation, we reported in 2011 (GAO-11-188) that NNSA needs broader workforce data to improve enterprise-wide decision making and are currently conducting work on NNSA's broader human capital plans.
|
| National Nuclear Security Administration | To improve security oversight, the Administrator, NNSA, should implement a professional development program for security staff to ensure the completion of training needed to effectively perform oversight responsibilities. |
In May 2009, DOE, with NNSA as the lead agency, revised the safeguards and security Functional Area Qualification Standard, DOE-STD-1171-2009, and in July of 2009 develop a new safeguards and security General Technical Base Qualification Standard, DOE STD-1123-2009. These standards define the training competencies and will be used as the basis for DOE's safeguards and security training program. These actions address GAO's recommendation, but GAO will continue to monitor these efforts the ensure the implementation of these standards is effective.
|
| National Nuclear Security Administration | To improve security oversight, the Administrator, NNSA, should develop a framework to evaluate results from security reviews and guide security improvements. |
In June 2009, NNSA initiated a formal review of its nuclear security program that sought to create a more cost effective program. NNSA released in August 2010 a Defense Nuclear Security Project Execution Plan for its on-going Zero-Based Security Review (ZBSR). The ZBSR is focusing on improving security management, reforming security policy, and restructuring security governance and oversight. According to agency officials, the ZBSR initiative serve as the basis for security planning for the next decade and will catalog lessons learned from NNSA, DOE, and DoD security reviews. While it is too soon assess the effectiveness of this program, NNSA has included in project execution plan a schedule of activities that extend to CY 2015 that is sufficient to close this recommendation. We will continue to evaluate implementation of NNSA's ZBSR initiative.
|
| National Nuclear Security Administration | To improve security oversight, the Administrator, NNSA, should establish formal mechanisms for sharing and implementing lessons learned across the weapons complex. |
In June 2009, NNSA initiated a formal review of its nuclear security program that sought to better balance effective security with program missions and costs. In its August 2010 Defense Nuclear Security Project Execution Plan for its on-going Zero-Based Security Review (ZBSR), NNSA committed in section 1.8, pp. 11, to collecting and validating lessons learned information. This information includes identification of issues encountered and actions taken to resolve the issue. According to agency officials, practices have and will be identified. In addition, NNSA committed to working closely with the Department of Defense to harmonize security requirements and also gain insights and lessons learned. While it is too soon assess the effectiveness of this program, NNSA's actions, to-date, address GAO's recommendation. We will continue to evaluate implementation of NNSA's program.
|
| National Nuclear Security Administration | To fully implement NNSA's management reforms, the Administrator, NNSA, should institute a series of initiatives to improve project management, program management, and financial management. With respect to project management, NNSA should establish an NNSA-specific project management policy to ensure application of the DOE project management manual. |
In April 2008, the Department of Energy (DOE) prepared a root cause analysis that examined project management challenges across the department, including within the National Nuclear Security Administration (NNSA). The report identified 10 general problems with program management and 8 root causes. In July 2008, DOE issued a corrective action plan that detailed the specific measures it planned to take to improve project management across DOE and NNSA. These actions effectively close this recommendation. Since that time, DOE, and NNSA have been actively working with GAO to implement these plans. We continue to assess the effectiveness implementation.
|
| National Nuclear Security Administration | To fully implement NNSA's management reforms, the Administrator, NNSA, should institute a series of initiatives to improve project management, program management, and financial management. With respect to project management, NNSA should prepare a project management improvement plan. |
In April 2008, the Department of Energy (DOE) prepared a root cause analysis that examined project management challenges across the department, including within the National Nuclear Security Administration (NNSA). In July 2008, DOE issued a corrective action plan that detailed the specific measures it planned to take to improve project management across DOE and NNSA. DOE and NNSA reported progress against these plans in FY 2011.
|
| National Nuclear Security Administration | To fully implement NNSA's management reforms, the Administrator, NNSA, should institute a series of initiatives to improve project management, program management, and financial management. With respect to project management, NNSA should reinstitute annual reporting to the Congress on project management accomplishments. |
In April 2008, the Department of Energy (DOE) prepared a root cause analysis that examined project management challenges across the department, including within the National Nuclear Security Administration (NNSA). The report identified 10 general problems with program management and 8 root causes. In July 2008, DOE issued a corrective action plan that detailed the specific measures it planned to take to improve project management across DOE and NNSA. These actions effectively close this recommendation. Since that time, DOE, and NNSA have been actively working with GAO to implement these plans. Although NNSA has no formal mechanism for reporting its project management accomplishments to the Congress, NNSA has met regularly with senior GAO and OMB officials as well as with relevant congressional staff on the progress it has made improving its contract and project management. Other documents, such as the annual budget submission and the associated Stockpile Stewardship and Management Plan, serve as important Congressional communication tools. These actions, coupled with other improvements in program and project management effectively close this recommendation.
|
| National Nuclear Security Administration | To fully implement NNSA's management reforms, the Administrator, NNSA, should institute a series of initiatives to improve project management, program management, and financial management. With respect to project management, NNSA should include major projects, such as the Stockpile Life Extension refurbishments, in DOE's Project Assessment and Reporting System. |
In February 2011, DOE introduced a new Project Assessment and Reporting System, known as PARS II, which includes all DOE and NNSA capital asset projects as well as other projects across the department, such as stockpile life extension refurbishments. While GAO will continue to evaluate the effectiveness of DOE and NNSA project management, NNSA has addressed our recommendation to create such a system.
|
| National Nuclear Security Administration | To fully implement NNSA's management reforms, the Administrator, NNSA, should institute a series of initiatives to improve project management, program management, and financial management. With respect to project management, NNSA should complete a comprehensive database of all projects' reports on management lessons learned to improve project management throughout NNSA. |
As part of DOE's and NNSA's overall efforts to improve their contract and project management, in 2008 DOE conducted a root cause analysis and prepared a corrective action plan that details the specific steps the department planned to take to improve project and project management. Since that time, DOE officials have been tracking the department's and NNSA's accomplishment of those steps and have reported, as recently as February 2011, on the progress DOE and NNSA have made. This action, coupled with other DOE and NNSA actions, such as the development of a new Project Assessment and Reporting System, known as PARS II, effectively address this recommendation.
|
| National Nuclear Security Administration | To fully implement NNSA's management reforms, the Administrator, NNSA, should institute a series of initiatives to improve project management, program management, and financial management. With respect to project management, NNSA should develop benchmark data on individual contractors' project management performance to assist managers in improving contractor performance. |
In February 2011, DOE introduced a new Project Assessment and Reporting System, known as PARS II, which includes all DOE and NNSA capital asset projects as well as other projects across the department, such as stockpile life extension refurbishments. The PARS II system includes a field (EMP22)that names prime contractors. This will enable NNSA to compile benchmark data on prime contractors performance. While GAO will evaluate the effectiveness of DOE and NNSA project management, including the use of the PARS II system, DOE and NNSA now have an improved ability to benchmark the project management of its contractors.
|
| National Nuclear Security Administration | To fully implement NNSA's management reforms, the Administrator, NNSA, should institute a series of initiatives to improve project management, program management, and financial management. With respect to project management, NNSA should require that contractors' project managers receive project manager training and attain project manager certification. |
As part of its efforts to improve contract and project management, DOE and NNSA reported in February 2011 that they developed a Project Management Career Development Program which was based upon best practices used by other federal agencies to standardize training and to ensure NNSA project managers have the appropriate level of training required to manage their projects. We will monitor the the implementation of this program.
|
| National Nuclear Security Administration | To fully implement NNSA's management reforms, the Administrator, NNSA, should institute a series of initiatives to improve project management, program management, and financial management. With respect to program management, NNSA should prepare periodic reports that show the status of its program management improvement efforts to determine how much progress is being made. |
NNSA has met regularly with senior GAO and OMB officials as well as with congressional staff on the progress it has made improving its contract and project management. In addition, in February 2011, DOE issued a closure report on its July 2008 corrective action plan that detailed the progress the department and NNSA have made accomplishing the measures included in the corrective action plan. These actions, taken collectively, and which DOE and NNSA plan to continue into the future, effectively implement this recommendation.
|
| National Nuclear Security Administration | To fully implement NNSA's management reforms, the Administrator, NNSA, should institute a series of initiatives to improve project management, program management, and financial management. With respect to program management, NNSA should complete a best practices guide for program management. |
DOE issued a new program and project management policy (DOE Order 413.3B) in November 2010 that includes both required and suggested program management procedures that are based on best practices. This order also applies to NNSA program management. This action implements our recommendation but we will continue to carefully monitor its implementation in follow-on work.
|
| National Nuclear Security Administration | To fully implement NNSA's management reforms, the Administrator, NNSA, should institute a series of initiatives to improve project management, program management, and financial management. With respect to program management, NNSA should identify, train, and certify all program managers in accordance with NNSA's program management policy. |
As part of its efforts to improve contract and project management, DOE and NNSA reported in February 2011 that they developed a Project Management Career Development Program which was based upon best practices used by other federal agencies to standardize training and to ensure NNSA project managers have the appropriate level of training required to manage their projects. This implements this objective; GAO will continue to evaluate the implementation of these actions.
|
| National Nuclear Security Administration | To fully implement NNSA's management reforms, the Administrator, NNSA, should institute a series of initiatives to improve project management, program management, and financial management. With respect to financial management, NNSA should complete all NNSA planning, programming, budgeting, and evaluation process policy guidance. |
NNSA provided documentation that all four policies that were in draft status at the time of our report have been finalized. In addition, a policy on Management and Operating (M&O) Contractor Employment Reporting has been developed and is being used.
|
| National Nuclear Security Administration | To fully implement NNSA's management reforms, the Administrator, NNSA, should institute a series of initiatives to improve project management, program management, and financial management. With respect to financial management, NNSA should establish an independent budget analysis unit. |
According to NNSA's Office of Planning Programming Budgeting and Evaluation, in 2009, the Office of Integration and Assessment was established within the Office of Management in Budget to provide analyses of corporate business processes and programmatic resource requirements necessary for strategic decision-making [attached is a briefing on the purpose and activities that were proposed to performed by this office]. The Director and staff established the Requirements and Resources Assessment (RRA) process. The RRA process was piloted during the FY 2011-2015 NNSA Programming process in the spring of 2009, and was continued for the FY 2012-2016 NNSA Programming process in the spring of FY 2010. In October 2010, the Associate Administrator for Management and Budget decided to directly integrated into the formal Planning, Programming, Budgeting and Evaluation (PPBE) process. While NNSA has taken actions that close this recommendation, NNSA has recently undergone a large reorganization, and the Office of Field Financial Management has been realigned from the Service Center in Albuquerque to the Director of Planning, Programming, Budgeting and Evaluation in headquarters. NNSA is currently examining where the independent analysis functions best fit based on where the requisite skills and expertise reside, and how best to approach it in a way that supports (and sustains) the new Strategic Plan and the Administrator?s goals. GAO has recently started an engagement that will look at NNSA's PPBE and process.
|
| National Nuclear Security Administration | To fully implement NNSA's management reforms, the Administrator, NNSA, should institute a series of initiatives to improve project management, program management, and financial management. With respect to financial management, NNSA should develop criteria for compiling a NNSA-wide priorities list to assist NNSA in supporting its budget request. |
The Administrator's/Principal Deputy Administrator's priorities are communicated to NNSA Program Offices through the "Programming Instructions" document which is part of the PPBE process. This information is used by the Program Offices as a guide to develop the prioritization of activities reflected in their respective Integrated Priority Lists (IPL). This information is also used by NNSA Leadership as a decision-making tool for making tradeoffs across the enterprise and for developing an NNSA-wide IPL when required by the Department. These actions are responsive to our recommendation and are sufficient to close it as implemented.
|
| National Nuclear Security Administration | To fully implement NNSA's management reforms, the Administrator, NNSA, should institute a series of initiatives to improve project management, program management, and financial management. With respect to financial management, NNSA should update the schedule of those NNSA programs requiring budget validation to insure that recent program initiatives like the Reliable Replacement Warhead are included. |
NNSA provided us with a copy of their budget validation process (used for the FY 11-15 FYNSP)and examples of several recent program initiatives that had undergone validation (tritium operations, enhanced surveillance). NNSA PPBE's office also pointed out that it used GAO and DOE-IG reviews to augment its own validation process. Though we have not evaluated the effectiveness nor the results of NNSA's budget validation process, NNSA has created and is using the process, and this is sufficient to close the recommendation as implemented.
|
| National Nuclear Security Administration | To fully implement NNSA's management reforms, the Administrator, NNSA, should institute a series of initiatives to improve project management, program management, and financial management. With respect to financial management, NNSA should establish a DOE-compliant budget validation process. |
NNSA utilizes a formal budget formulation validation process documented in NNSA Policy Letter BOP -001.311. According to NNSA, the agency reviews approximately 20 percent of its programs every year and 100 percent of programs every 5 years. NNSA takes several things into consideration when determining what programs are to be validated each year including the amount of funding, Administrator direction, program manager's request, and/or significant external interest/high program visibility. NNSA's practices conform with DOE guidance and meet the spirit of our recommendation. We will continue th evaluate the effectiveness of NNSA's implementation.
|
Full Report
Office of Public Affairs
Topics
Computer securityFinancial managementInteragency relationsLaboratoriesNuclear facility securityNuclear proliferationNuclear weaponsPhysical securityPlanning programming budgetingProgram managementSafeguardsSurveysPolicies and proceduresCybersecurity