Nuclear Security:

Weak Internal Controls Hamper Oversight of DOE's Security Program

RCED-92-146: Published: Jun 29, 1992. Publicly Released: Jul 31, 1992.

Additional Materials:

Contact:

Victor S. Rezendes
(202) 512-6082
contact@gao.gov

 

Office of Public Affairs
(202) 512-4800
youngc1@gao.gov

Pursuant to a congressional request, GAO reviewed the Department of Energy's (DOE) practice of granting exceptions to its nuclear safeguards and security orders, focusing on: (1) the number of exceptions that DOE has approved; (2) whether DOE follows its procedures for reviewing and approving exceptions; and (3) the type of internal control system DOE uses for monitoring individual exceptions.

GAO found that: (1) DOE does not know how many exceptions it has approved because it has decentralized its handling of exception requests and does not have sufficient information to determine how many exceptions it has approved; (2) DOE used a contractor to attempt to identify DOE headquarters-approved exceptions and determined that it had approved 242 of 312 exception requests, but DOE did not validate or verify that count; (3) it could not determine whether DOE followed established procedures for reviewing and approving exceptions because of incomplete or unavailable records; (4) there is no database for monitoring and following up on individual exceptions; (5) DOE is unable to evaluate field offices' compliance with safeguards and security orders; and (6) DOE plans for an automated tracking system do not include an assessment of DOE information needs.

Recommendations for Executive Action

  1. Status: Closed - Implemented

    Comments: Office of Safeguards and Security has completed December 31, 1992 development of formalized documentation and record-keeping control process for its exceptions. Field offices have validated exceptions within a database and a new computerized system went into operation in July 1992.

    Recommendation: To correct the identified internal control deficiencies, the Secretary of Energy should direct the Office of Safeguards and Security to institute effective documentation and recordkeeping controls for exceptions, in line with the GAO "Standards for Internal Controls in the Federal Government."

    Agency Affected: Department of Energy

  2. Status: Closed - Implemented

    Comments: The Office of Security Affairs (SA) has hired an information resources management official to coordinate its information resources management requirements with other DOE offices. This official will ensure that SA interests are incorporated into the departmentwide information resources management structure within the Office of Administration and Management.

    Recommendation: The Secretary of Energy should direct the Office of Safeguards and Security to incorporate a strategic assessment of departmentwide information needs for exceptions information into the broader security information resource management planning process currently under way.

    Agency Affected: Department of Energy

 

Explore the full database of GAO's Open Recommendations »

Sep 14, 2016

Sep 8, 2016

Aug 11, 2016

Aug 9, 2016

Aug 4, 2016

Jul 15, 2016

Jul 14, 2016

Jun 20, 2016

Mar 3, 2016

Looking for more? Browse all our products here