Nuclear Security: Improving Correction of Security Deficiencies at DOE's Weapons Facilities

DOE Order 5634.1B requires contractors to submit a response identifying corrective actions for each finding within 30 days after receiving documents noting the deficiency. DOE has modified this order to more clearly state the requirements for the conduct of root cause analysis, risk assessment, and cost-benefit analysis.

DOE 5634.1B requires contractors to take corrective action and field offices to verify that corrective action has been taken. Training has been provided to the field offices on the safeguards and security management information system. Management control and verification of corrective action have been implemented.

DOE Order 5634.1B requires field offices to verify the completion of corrective actions. With the new computer mainframe system at DOE headquarters, accuracy and timeliness of corrective actions are more susceptible to management control. Training has been conducted to emphasizes this requirement.

Performance testing is recommended to ensure that the vulnerability analysis is still valid. According to DOE Order 5630.16A, any time there are situations that change a site's security status, field offices are required to ensure that corrective actions or commensurate measures are implemented. Also, site safeguards and security plans are required to be reviewed and updated on a regular basis. The provisions of this order are being implemented.

DOE Order 5630.15, "Safeguards and Security Training Program," places standardized training with the Central Training Academy. The Academy staff have completed a professional development program for security disciplines at all levels. They also assist new employees with training on the safeguards and security management information system. By using the security affairs training program, field offices are now assured that their staff are qualified in several security disciplines.