Nuclear Nonproliferation:

Additional Actions Needed to Increase the Security of U.S. Industrial Radiological Sources

GAO-14-293: Published: Jun 6, 2014. Publicly Released: Jun 12, 2014.

Multimedia:

Additional Materials:

Contact:

David C. Trimble
(202) 512-3841
trimbled@gao.gov

 

Office of Public Affairs
(202) 512-4800
youngc1@gao.gov

What GAO Found

GAO found that challenges exist in reducing the security risks faced by licensees using high-risk industrial radiological sources. Specifically, licensees face challenges in (1) securing mobile and stationary sources and (2) protecting against an insider threat. Regarding mobile sources, their portability makes them susceptible to theft or loss, as the size of some of these sources is small enough for them to be easily concealed. The most common mobile source is contained in a device called a radiography camera. GAO identified four incidents from 2006 to 2012 where such cameras that use high-risk sources to test pipeline welds were stolen. These thefts occurred even though the Nuclear Regulatory Commission (NRC) has established increased security controls. Licensees also face challenges in determining which employees are suitable for trustworthiness and reliability (T&R) certification to have unescorted access to high-risk radiological sources. GAO found two cases where employees were granted unescorted access, even though each had extensive criminal histories, and one had been convicted for terroristic threats, which include a range of violent threats. In this case, NRC said that the person was convicted not of a threat against the United States, but of making violent verbal threats against two individuals. It is unclear whether these cases represent isolated incidents or a systemic weakness in the T&R process established by NRC. Without an assessment of the process, NRC may not have reasonable assurance that access decisions made by licensees can prevent threats to high-risk radiological sources, particularly by a determined insider.

Federal agencies responsible for securing radiological sources—including NRC, the National Nuclear Security Administration (NNSA), and the Department of Homeland Security (DHS)—have taken steps to improve the security of industrial radiological sources. For example, NRC is developing a best practices guide that is expected to provide licensees with practical information about how to secure their sources. Also, NNSA is developing new technology that would, if successful, improve tracking of radiological sources while in transit. However, GAO found that although the agencies have been meeting quarterly to discuss, among other things, radiological security, this mechanism did not always help them collaborate and draw on each agency's expertise during research, development, and testing of a new technology for a mobile source tracking device. By not collaborating consistently, the agencies have missed opportunities to leverage resources and expertise in developing this new technology to track radiological sources. This technology could aid in the timely recovery of a lost or stolen radiological source and support the agencies' common mission. As GAO has previously reported, when responsibilities cut across more than one federal agency—as they do for securing industrial radiological sources—it is important for agencies to work collaboratively to deliver results more efficiently and in a way that is consistent with the federal government's multiple demands and limited resources.

Why GAO Did This Study

In 2012, GAO identified security weaknesses at U.S. medical facilities that use high-risk radiological sources, such as cesium-137. This report addresses potential security risks with such sources in the industrial sector. Radioactive material is typically sealed in a metal capsule called a sealed source. In the hands of a terrorist, this radioactive material could be used to construct a “dirty bomb.” NRC is responsible for licensing and regulating the commercial use of radiological sources. NNSA provides voluntary security upgrades to facilities with such sources. GAO was asked to review the security of sources at industrial facilities. This report examines (1) the challenges in reducing security risks posed by industrial radiological sources and (2) the steps federal agencies are taking to improve security of the sources. GAO reviewed relevant laws, regulations, and guidance; interviewed federal agency and state officials; and visited 33 of about 1,400 U.S. industrial facilities selected based on, among other things, geographic location and type of device using the radiological source.

What GAO Recommends

GAO recommends, among other things, that NRC assess the T&R process to determine if it provides reasonable assurance against insider threats. In addition, GAO recommends that NNSA, NRC, and DHS review their collaboration mechanism for opportunities to enhance it, especially in the development of new technologies. NRC generally agreed with GAO's recommendations, and NNSA agreed with the one recommendation directed to it. DHS did not comment on the report.

For more information, contact David C. Trimble at (202) 512-3841 or trimbled@gao.gov.

Recommendations for Executive Action

  1. Status: Closed - Implemented

    Comments: In March 2015, the NRC stated that they agreed with the GAO's recommendation that the views of key stakeholders, such as licensees, should be included in the guidance document, "Physical Security Best Practices for the Protection of Risk Significant Radioactive Material" (i.e., the Best Practices Guide). The Best Practices Guide was published in May 2014, and NRC is assessing the effectiveness of this guidance document during the first one to two years following the implementation of 10 CFR Part 37 to determine if any revisions to this document are needed and will make revisions accordingly using NRC's public participation process.

    Recommendation: To ensure that the security of radiological sources at industrial facilities is reasonably assured, the Chairman of the Nuclear Regulatory Commission should obtain the views of key stakeholders, such as licensees, during the development of the Best Practices Guide to ensure that the guide contains the most relevant and useful information on securing the highest risk radiological sources.

    Agency Affected: Nuclear Regulatory Commission

  2. Status: Closed - Implemented

    Priority recommendation

    Comments: On December 14, 2016, the NRC provided Congress a report detailing its review of the effectiveness of the requirements in 10 CFR Part 37, "Physical Protection of Category 1 and Category 2 Quantities of Radioactive Material." The review considered whether any additional security measures, guidance documents, rulemaking changes, or licensee outreach efforts were appropriate. The NRC concluded that the definition of aggregation in 10 CFR Part 37 is adequate to ensure that the security of radiological sources at well logging facilities is reasonably assured and that, as a result, no changes in the rule were needed.

    Recommendation: To ensure that the security of radiological sources at industrial facilities is reasonably assured, the Chairman of the Nuclear Regulatory Commission should reconsider whether the definition of collocation should be revised for well logging facilities that routinely keep radiological sources in a single storage area but secured in separate storage containers.

    Agency Affected: Nuclear Regulatory Commission

  3. Status: Open

    Priority recommendation

    Comments: On December 14, 2016, the NRC provided Congress with a report detailing its review of the effectiveness of the requirements in 10 CFR Part 37 to determine whether any additional security measures, guidance updates, rulemaking changes, or licensee outreach efforts are appropriate. The completion of the 10 CFR Part 37 program review included insights into the effectiveness of the T&R process. Specifically, the review generated recommendations for enhancements in the area of T&R, including, among other things, increased controls for protection of information related to individuals having access to Category 1 and 2 quantities of radioactive materials; improved guidance related to information individuals must disclose when applying for unescorted access; development of sample forms or templates for use in T&R evaluations; and improved coordination efforts with the FBI to share potential terrorist threat information involving individuals seeking approval for new or continued unescorted access to Category 1 and 2 quantities of radioactive materials. However, certain aspects of the NRC staff's assessment of the T&R process remain ongoing. Specifically, on November 25, 2016, the staff closed Temporary Instruction (TI) 2800/042, "Evaluation of Trustworthiness and Reliability Determinations," and is using the information gained from the TI to consider additional enhancements to the T&R process. As part of this continuing effort, the NRC will evaluate the potential use of disqualifying criteria in making T&R determinations and the incorporation of additional insider mitigation program features, such as requiring the self-reporting of legal actions, into the T&R process to which the individual has been subject. The NRC expects this evaluation to be completed in December 2017.

    Recommendation: To ensure that the security of radiological sources at industrial facilities is reasonably assured, the Chairman of the Nuclear Regulatory Commission should conduct an assessment of the T&R process--by which licensees approve employees for unescorted access--to determine if it provides reasonable assurance against insider threats, including (1) determining why criminal history information concerning convictions for terroristic threats was not provided to a licensee during the T&R process to establish if this represents an isolated case or a systemic weakness in the T&R process; and (2) revising, to the extent permitted by law, the T&R process to provide specific guidance to licensees on how to review a employee's background. NRC should also consider whether certain criminal convictions or other indicators should disqualify an employee from T&R or trigger a greater role for NRC.

    Agency Affected: Nuclear Regulatory Commission

  4. Status: Closed - Implemented

    Comments: In March 2015, DHS, NRC, and NNSA issued a joint statement affirming that they reviewed their existing collaboration mechanisms, in response to our recommendation. These efforts included collaboration on efforts regarding radiological materials, nuclear security, and the Global Nuclear Detection Architecture; updating the Nuclear Defense Research and Development Roadmap; and DHS use of details from both NNSA and NRC when working on-site to enhance collaboration between offices.

    Recommendation: To better leverage resources, including expertise, to address vulnerabilities associated with radiological sources while in transit, the Administrator of NNSA, the Chairman of NRC, and the Secretary of DHS should review their existing collaboration mechanism for opportunities to enhance collaboration, especially in the development and implementation of new technologies.

    Agency Affected: Department of Homeland Security

  5. Status: Closed - Implemented

    Comments: In March 2015, DHS, NRC, and NNSA issued a joint statement affirming that they reviewed their existing collaboration mechanisms, in response to our recommendation. These efforts included collaboration on efforts regarding radiological materials, nuclear security, and the Global Nuclear Detection Architecture; updating the Nuclear Defense Research and Development Roadmap; and DHS use of details from both NNSA and NRC when working on-site to enhance collaboration between offices.

    Recommendation: To better leverage resources, including expertise, to address vulnerabilities associated with radiological sources while in transit, the Administrator of NNSA, the Chairman of NRC, and the Secretary of DHS should review their existing collaboration mechanism for opportunities to enhance collaboration, especially in the development and implementation of new technologies.

    Agency Affected: Department of Energy: National Nuclear Security Administration

  6. Status: Closed - Implemented

    Comments: In March 2015, DHS, NRC, and NNSA issued a joint statement affirming that they reviewed their existing collaboration mechanisms, in response to our recommendation. These efforts included collaboration on efforts regarding radiological materials, nuclear security, and the Global Nuclear Detection Architecture; updating the Nuclear Defense Research and Development Roadmap; and DHS use of details from both NNSA and NRC when working on-site to enhance collaboration between offices.

    Recommendation: To better leverage resources, including expertise, to address vulnerabilities associated with radiological sources while in transit, the Administrator of NNSA, the Chairman of NRC, and the Secretary of DHS should review their existing collaboration mechanism for opportunities to enhance collaboration, especially in the development and implementation of new technologies.

    Agency Affected: Nuclear Regulatory Commission

 

Explore the full database of GAO's Open Recommendations »

Nov 14, 2017

Nov 1, 2017

Oct 26, 2017

Sep 8, 2017

Sep 5, 2017

May 26, 2017

May 25, 2017

May 24, 2017

May 17, 2017

May 3, 2017

Looking for more? Browse all our products here