This is the accessible text file for GAO report number GAO-08-694 entitled 'Los Alamos National Laboratory: Long-Term Strategies Needed to Improve Security and Management Oversight' which was released on July 15, 2008. This text file was formatted by the U.S. Government Accountability Office (GAO) to be accessible to users with visual impairments, as part of a longer term project to improve GAO products' accessibility. Every attempt has been made to maintain the structural and data integrity of the original printed product. Accessibility features, such as text descriptions of tables, consecutively numbered footnotes placed at the end of the file, and the text of agency comment letters, are provided but may not exactly duplicate the presentation or format of the printed version. The portable document format (PDF) file is an exact electronic replica of the printed version. We welcome your feedback. Please E-mail your comments regarding the contents or accessibility features of this document to Webmaster@gao.gov. This is a work of the U.S. government and is not subject to copyright protection in the United States. It may be reproduced and distributed in its entirety without further permission from GAO. Because this work may contain copyrighted images or other material, permission from the copyright holder may be necessary if you wish to reproduce this material separately. Report to Congressional Committees: United States Government Accountability Office: GAO: June 2008: Los Alamos National Laboratory: Long-Term Strategies Needed to Improve Security and Management Oversight: GAO-08-694: GAO Highlights: Highlights of GAO-08-694, a report to congressional committees. Why GAO Did This Study: In 2006, a Los Alamos National Laboratory (LANL) contract employee unlawfully removed classified information from the laboratory. This was the latest in a series of high-profile security incidents at LANL spanning almost a decade. LANL conducts research on nuclear weapons and other national security areas for the National Nuclear Security Administration (NNSA). GAO was asked to (1) identify LANL’s major programs and activities and how much they rely on classified resources; (2) identify initiatives LANL is taking to reduce and consolidate its classified resources and physical footprint and the extent to which these initiatives address earlier security concerns; and (3) determine whether its new management approaches will sustain security improvements over the long-term. To carry out its work, GAO analyzed LANL data; reviewed policies, plans, and budgets; and interviewed officials. What GAO Found: With fiscal year 2007 budget authority of about $2.7 billion, LANL conducts work on over 175 programs that can be grouped into three major program categories—Nuclear Weapons Science, Threat Reduction Science and Support, and Fundamental Science and Energy—and two support program categories—Environmental Programs and Safeguards and Security. Respectively, LANL’s major programs serve to ensure the safety, performance, and reliability of the U.S. nuclear deterrent; support nonproliferation and counterproliferation efforts; and address energy security and other emerging national security challenges. LANL’s Nuclear Weapons Science programs are the primary users of the facilities housing classified resources. For example, the Nuclear Weapons Science programs are the primary users of 14 facilities that store special nuclear material while LANL’s other major programs are the primary users of only 7 such facilities. LANL has over two dozen initiatives under way that are principally aimed at reducing, consolidating, and better protecting classified resources, as well as reducing the physical footprint of the laboratory by closing unneeded facilities. While many of these initiatives address security concerns identified through past external evaluations—such as efforts to consolidate storage of classified documents and media into fewer secure facilities and to destroy unneeded classified nuclear weapon parts—significant security problems at LANL have received insufficient attention. Specifically, LANL has not implemented complete security solutions to address either classified parts storage in unapproved storage containers or weaknesses in its process for ensuring that actions taken to correct security deficiencies are completed. LANL intends to use three management approaches to sustain the security improvements it has been able to achieve to this point over the long- term: (1) undertake management actions required of LANL under the Compliance Order issued by the Secretary of Energy as a result of the 2006 security incident, (2) develop a Contractor Assurance System to measure and improve LANL’s performance and management, and (3) implement annual performance evaluation plans NNSA uses to measure LANL’s performance and determine a contract award fee. These approaches contain weaknesses that raise doubts about their ability to sustain security improvements over the long-term. Specifically, the actions LANL has proposed to take to meet the terms of the Compliance Order are only short-term—with completion planned for December 2008. Further, according to LANL officials, the Contractor Assurance System is not fully deployed and the measures it includes may not be fully effective. Finally, the annual performance evaluation plans do not sufficiently reward improving long-term security program effectiveness. What GAO Recommends: GAO recommends that (1) LANL develop a strategic security plan that focuses on improving security program effectiveness and addresses all identified security weaknesses, and (2) NNSA link implementation of this plan to meaningful financial incentives in future performance evaluation plans. NNSA did not specifically comment on GAO’s recommendations but provided general comments on the report. To view the full product, including the scope and methodology, click on [hyperlink, http://www.gao.gov/cgi-bin/getrpt?GAO-08-694]. For more information, contact Gene Aloise at (202) 512-3841 or aloisee@gao.gov. [End of section] Contents: Letter: Results in Brief: Background: LANL Conducts Over 175 Program Activities That Fall into Three Major and Two Support Program Categories: LANL's Nuclear Weapons Science Programs Rely on Classified Resources to Accomplish Their Missions to a Greater Extent Than Do Other LANL Programs: LANL Is Implementing Over Two Dozen Initiatives Officials Believe Will Reduce Security Risk and Improve Protection of Classified Resources: While LANL's Initiatives Address Many Security Problems Identified in Prior External Evaluations, Other Significant Security Problems Have Received Insufficient Attention: LANL's and NNSA's Management Approaches to Sustain Security Improvements Over the Long-Term Are in the Early Stages of Development or Contain Weaknesses: Conclusions: Recommendations for Executive Action: Agency Comments and Our Evaluation: Appendix I: Objectives, Scope, and Methodology: Appendix II: LANL's NNSA Supported Nuclear Weapons Science Programs: Appendix III: LANL's NNSA Supported Threat Reduction Science and Support Programs: Appendix IV: LANL's Fundamental Science and Energy Programs Supported by DOE: Appendix V: Comments from the National Nuclear Security Administration: Appendix VI: GAO Contact and Staff Acknowledgments: Tables: Table 1: DOE Security Levels and Associated Appropriate Safeguards: Table 2: Security Levels of LANL Facilities, as of December 2007: Table 3: Number of LANL Facilities that House or Store Different Types of Classified Resources, as of December 2007: Table 4: Primary Users of Facilities with Different Types of Classified Resources, as of December 2007: Figures: Figure 1: Map of LANL's Site and Technical Areas: Figure 2: LANL's Chemistry and Metallurgy Research Facility: Figure 3: Security Perimeter Project: Figure 4: LANL's Plutonium Facility 4 at Technical Area-55: Abbreviations: DOE: Department of Energy: FTE: full-time equivalent: LANL: Los Alamos National Laboratory: LANS: Los Alamos National Security LLC: LDRD: Laboratory-Directed Research and Development: MASS: Material Accountability and Safeguards System: NNSA: National Nuclear Security Administration: WMD: weapons of mass destruction: [End of section] United States Government Accountability Office: Washington, DC 20548: June 13, 2008: The Honorable John D. Dingell: Chairman: The Honorable Joe Barton: Ranking Member: Committee on Energy and Commerce: House of Representatives: The Honorable Bart Stupak: Chairman: The Honorable John M. Shimkus: Ranking Member: Subcommittee on Oversight and Investigations: Committee on Energy and Commerce: House of Representatives: Los Alamos National Laboratory (LANL), located in Los Alamos, New Mexico, is one of three national laboratories responsible for designing and developing a safe, secure, and reliable nuclear weapons deterrent. [Footnote 1] In addition to its nuclear weapons work, LANL also serves as a focal point for nonproliferation and threat reduction activities, as well as chemical, biological, and physics research. To carry out its programs, in fiscal year 2007 LANL had total budget authority of about $2.7 billion, with about $1.5 billion devoted to nuclear weapons work. It employs about 13,000 employees[Footnote 2] on a campus that covers approximately 40 square miles and has 2,700 structures. LANL is overseen by the National Nuclear Security Administration (NNSA), a separately organized agency within the Department of Energy (DOE). NNSA is responsible for the management and security of the nation's nuclear weapons, nuclear nonproliferation, and naval reactors programs. To carry out its various missions, LANL employs a variety of classified resources, including, among other things: * Category I special nuclear material, such as plutonium, which it uses to manufacture parts for nuclear weapons and for research and development activities;[Footnote 3] * millions of classified documents; * over 4,300 pieces of classified removable electronic media, such as CDs and removable hard drives, which pose a security risk that requires the maintenance of an accountability system to prevent unauthorized access or removal; * about 60,000 classified parts used in nuclear weapons or for research and development purposes; * 111 vault-type rooms that house or store classified documents and classified removable electronic media, classified parts, and classified computer network infrastructure; and: * five computer networks, one of which handles classified information. DOE requires that LANL maintain different levels of security for its facilities depending on the type and amount of classified resources these facilities store or house. The most basic level of security, known as a Property Protection Area, provides safeguards to protect government property against damage, destruction, and theft. These safeguards include, for example, locks and keys, security guards, and signs prohibiting trespassing. Classified resources may not be stored or housed in these areas. The highest levels of security, known as Exclusion Areas, Protected Areas, and Material Access Areas, provide safeguards to protect quantities of Category I and II special nuclear material. These safeguards include, for example, boundaries defined by fences and sensors that detect intrusion, personnel and vehicle access controls and barriers, armed guards, and alarms. In addition, some facilities, known as Sensitive Compartmented Information Facilities, provide additional controls governing access to classified intelligence information beyond those required by normal management and safeguarding practices. Since 1999, LANL has experienced a number of high-profile security incidents that were subject to congressional hearings. Many of these incidents have focused on LANL's inability to account for and control classified resources, as the following illustrate: * In 1999, a scientist transferred classified information from classified computers onto unmarked disks and removed the disks from authorized work areas. * In 2000, two hard drives containing nuclear weapon design information used by the Nuclear Emergency Search Team were temporarily lost. [Footnote 4] * On several occasions in 2003 and 2004, the laboratory could not account for classified removable electronic media. * In October 2006, it was discovered that a contract employee had transferred classified information to a USB "thumb drive" and removed the thumb drive, as well as other classified documents, from the laboratory. In addition to these well-publicized incidents, security evaluations by DOE's Office of Inspector General, DOE's Office of Independent Oversight, NNSA's Los Alamos Site Office (Site Office), and GAO have identified persistent, systemic security problems at LANL. These problems include weaknesses in controlling and protecting classified resources, inadequate controls over special nuclear material, inadequate self-assessment activities, and weaknesses in the process LANL uses to ensure that it corrects identified security deficiencies. For example, DOE's Office of Independent Oversight and the Site Office recently cited LANL for weaknesses in its control and accountability system for special nuclear material, including unreliable accounting when quantities are moved within a facility. In addition, DOE's Office of Independent Oversight, the NNSA Site Office, and the DOE Inspector General identified problems with LANL's management of classified parts, including inadequate tracking and storage of these parts. In July 2007, the DOE Office of Inspector General found that LANL was still not tracking all of its classified parts and that it lacked fundamental safeguards, such as regularly scheduled inventories and segregation of duties, to ensure full and accurate accountability.[Footnote 5] Finally, in January 2008, we reported that LANL has experienced 57 reported security incidents in recent years involving the compromise or potential compromise of classified information and that 37 of these incidents posed the most serious threat to U.S. national security interests.[Footnote 6] In response to these repeated problems, LANL and NNSA have taken a variety of actions. For example, in 2004, the laboratory director shut down operations for up to 10 months to deal, in part, with LANL's security problems. In November 2005, we reported that the estimated cost of this shutdown was as much as $370 million and that the shutdown delayed important national security work.[Footnote 7] In addition, in 2005, after half a century of laboratory management by the University of California, DOE opened the LANL management and operating contract for competitive bidding. In December 2005, Los Alamos National Security LLC (LANS), which is made up of the University of California, Bechtel National, Washington Group International, and BWX Technologies, was awarded the management and operating contract for LANL.[Footnote 8] NNSA measures LANL's performance and determines LANS's management and operating award fee using annual performance evaluation plans, which establish NNSA's priorities for LANL and ensure that contract requirements are met. After taking over management of the laboratory in June 2006, LANS began a series of initiatives that it believed would address security in a comprehensive and integrated manner--including consolidating its classified resources and reducing the scope of its physical footprint. The new Contractor Assurance System, which LANL is contractually required to implement, provides the laboratory with a means of assessing its progress toward meeting performance milestones, including security performance, and bringing management attention to areas of concern. In July 2007, in response to the October 2006 security incident, the Secretary of Energy issued a compliance order directing LANL to implement specific corrective actions to remediate management deficiencies that contributed to the October 2006 incident, as well as to address long-standing deficiencies in the laboratory's classified information programs. In this context, you asked us to (1) identify LANL's major programs and activities; (2) determine the extent to which the major programs and activities rely on classified resources to meet their objectives; (3) identify the initiatives LANL is taking to consolidate its classified resources and reduce the scope of its physical footprint; (4) determine if these initiatives address previously identified security concerns; and (5) determine whether new management approaches that LANL and NNSA are implementing under the new contract will sustain security improvements over the long-term. Separately, we are evaluating cyber security across the DOE complex, including at LANL, and therefore did not include an assessment of the effectiveness of LANL's cyber security program as part of this review. To address these objectives, we analyzed documentation on DOE and LANL budgets, programs, and activities; documentation on LANL's classified resources and physical footprint reduction and consolidation plans; NNSA Site Office security surveys and Office of Independent Oversight security assessments from fiscal years 2000 to 2008; the LANS management and operating contract; LANL's Contractor Assurance System; DOE's 2007 Compliance Order; and NNSA's performance evaluation plans for fiscal years 2007 and 2008. We also collected data on LANL's programs in order to group them into categories and to identify the facilities and classified resources associated with these program categories. We performed a reliability assessment of these data and determined that they were sufficiently reliable for the purposes of this report. Further, we conducted three visits to LANL and toured sites proposed for consolidation, as well as vault-type rooms. Finally, we conducted interviews with key security and program officials at LANL, NNSA and its Site Office, DOE, and LANS. More details on our scope and methodology can be found in appendix I. We conducted this performance audit from March 2007 to June 2008 in accordance with generally accepted government auditing standards. Those standards require that we plan and perform the audit to obtain sufficient, appropriate evidence to provide a reasonable basis for our findings and conclusions based on our audit objectives. We believe that the evidence obtained provides a reasonable basis for our findings and conclusions based on our audit objectives. Results in Brief: LANL has over 175 individually budgeted programs, which can be divided into three major program categories--Nuclear Weapons Science, Threat Reduction Science and Support, and Fundamental Science and Energy--and two support programs--Environmental Programs and Safeguards and Security. In addition, LANL leverages its scientific, engineering, and experimental capabilities to perform Laboratory-Directed Research and Development. LANL also performs research activities, known as "work for others," for other federal agencies, including the Departments of Homeland Security and Health and Human Services, as well as the National Aeronautics and Space Administration. More specifically, for fiscal year 2007, we found the following: * Nuclear Weapons Science. NNSA supported 41 programs in this category with about 3,400 full-time equivalent (FTE) employees and a budget of about $1.5 billion. These programs seek to ensure the safety, performance, and reliability of the U.S. nuclear deterrent through weapons physics, engineering research and experimentation, and maintenance of the laboratory's nuclear weapon facilities and infrastructure. * Threat Reduction Science and Support. The 12 NNSA budgeted programs in this category were supported by over 480 FTEs and operated on a budget of about $225 million. Over 40 percent of LANL's Threat Reduction Science and Support resources from NNSA are dedicated to the research and development of technologies for detecting and monitoring nuclear explosions around the world. * Fundamental Science and Energy. The laboratory's 51 programs supported by DOE in this category used over 380 FTEs and had a budget of about $151 million. These programs focus on energy security-- including fossil energy, civilian nuclear energy, alternative energy, and fusion--as well as basic scientific research in fields such as biology, environmental science, and physics. * Environmental Programs. This support program used over 400 FTEs and had a budget of about $186 million, including about $40 million contributed by Nuclear Weapons Science programs, to conduct the cleanup and processing of legacy and newly generated waste at LANL. * Safeguards and Security. This support program employs over 900 FTEs with a budget of about $188 million to provide LANL with physical and cyber security protection. In addition, LANL conducted work on over 1,200 individual projects for other federal agencies and outside entities and an additional 199 self- initiated research and development projects. Work for others accounted for $462.4 million--or about 17 percent--of LANL's total budget resources in fiscal year 2007. For example, 27 Threat Reduction Science and Support programs received several hundred million dollars--more than any of LANL's other programs--to conduct work for others. LANL also provided just under $130 million for Laboratory-Directed Research and Development projects across the laboratory. The funds to support these projects come from contributions made by directly funded programs and, thus, are included in the laboratory's overall budget of $2.7 billion. According to our analysis of the 607 facilities that LANL's major programs share to accomplish their missions, LANL's Nuclear Weapons Science programs rely on facilities that house classified resources to a much greater extent than either the laboratory's Threat Reduction Science and Support or Fundamental Science and Energy programs, as illustrated by the following: * Nuclear Weapons Science uses 322 facilities that require security protections beyond the basic level provided in Property Protection Areas. Thirty-two of these 322 facilities are protected at the highest levels as Exclusion, Protected, and Material Access Areas. Nuclear Weapons Science programs are the primary users of 28 of these 32 highly protected facilities, including LANL's only facility for storing and processing Category I special nuclear material. * Threat Reduction Science and Support uses 105 facilities that require security protections above those provided in Property Protection Areas, 31 of which are protected as Exclusion, Protected, and Material Access Areas. Of these 31, Threat Reduction Science and Support is the primary user of 14, including all of LANL's facilities for Sensitive Compartmented Information. * Fundamental Science and Energy uses 103 facilities that require security protections above those provided in Property Protection Areas, and 15 of these are protected as Exclusion, Protected, and Material Access Areas. However, Fundamental Science and Energy programs are not the primary user of any of these 15 facilities. LANL has over two dozen initiatives under way that are principally aimed at reducing, consolidating, and better protecting classified resources, as well as reducing the physical footprint of the laboratory by closing unneeded facilities. LANL officials believe that these initiatives will reduce the risk of incidents that can result in the loss of control over classified resources. For example, to reduce and consolidate classified resources and its physical footprint, as of March 2008, LANL had (1) reduced from nine to one the number of areas containing Category I special nuclear material; (2) reduced the amount of accountable classified removable electronic media from 87,000 pieces to about 4,300 and made information previously accessible on removable media available through the laboratory's classified computer network; (3) eliminated about 30,000 classified nuclear weapon parts; (4) reduced the number of vault-type rooms from 142 to 111; and (5) reduced the physical footprint of existing facilities by over 500,000 square feet. In concert with these actions, LANL is implementing a series of engineered and administrative controls to better protect and control classified resources. Engineered controls are system-based controls that manage work processes and prevent employees from taking inappropriate action. For example, to prevent new pieces of accountable classified removable electronic media from being created, LANL has removed the functions from classified computers that would enable new pieces of media to be created or copied. Administrative controls are typically policies or procedures that govern the handling of classified resources. For example, LANL has streamlined physical security procedures in order to reduce inconsistencies and make procedures easier to implement across the laboratory. Many of the initiatives LANL is undertaking address laboratory-wide security problems previously identified in external security evaluations. However, we found that significant security problems identified in these evaluations have not been fully addressed. Specifically, while LANL's storage of classified parts in unapproved storage containers and its process for ensuring that actions to correct identified security deficiencies have been cited in external security evaluations for years, complete security solutions in these areas have not yet been implemented. Furthermore, we found that while LANL's initiative to reduce its physical footprint will reduce maintenance costs, it provided only marginal improvement in laboratory security in fiscal year 2007. For example, of the 77 facilities LANL closed in fiscal year 2007, only 2 contained any classified resources. LANL and NNSA officials acknowledged that security problems at facilities were not seriously considered when planning to reduce the footprint in fiscal year 2007. LANL and NNSA are implementing three approaches under the new LANS contract that they believe will sustain security improvements over the long-term. However, each of these approaches is in the early stages of development or contain important weaknesses that may impair their ability to ensure the sustainability of security improvements at the laboratory for the foreseeable future. Specifically, we found the following: * Compliance Order. According to LANL officials, completing the management actions required by the July 2007 Compliance Order--issued by the Secretary of Energy as a result of the October 2006 security incident--would ensure that security improvements are sustained. For example, the Compliance Order requires LANL to submit an integrated corrective action plan to address critical security issues at the laboratory and to conduct quarterly reviews of the status and progress of corrective actions. However, because implementation of the Compliance Order will be completed by December 2008, it does not provide a mechanism to sustain security improvements over the long- term. * Contractor Assurance System. LANL officials told us they will track the implementation of longer-term actions, including those required by the Compliance Order, by developing and implementing the Contractor Assurance System required under the LANS contract. However, we found that the extent to which LANL can rely on the Contractor Assurance System to ensure the long-term sustainability of security improvements is unclear. According to LANL officials and a September 2007 internal assessment, the Contractor Assurance System is not fully deployed, and the measures it includes may not be fully effective. A Site Office official said the Contractor Assurance System may not be completed for 3 to 4 years and, thus, will not be fully implemented by the time actions under the Compliance Order are completed in December 2008. * Performance evaluation plans. According to LANL officials, the laboratory also plans to realize security improvements by meeting the security-related performance incentives in the annual performance evaluation plans NNSA uses to measure performance and determine an award fee. However, we found that the annual performance evaluation plans focus principally on achieving compliance with DOE requirements and do not sufficiently reward security program improvement. In that regard, according to a senior NNSA security official, compliance with current DOE requirements does not assure that LANL's security program is functioning effectively. For example, in fiscal year 2007, LANS failed to earn 65 percent of the potentially available performance award fee associated with leadership in integrating programs because of the occurrence of the October 2006 security incident. In contrast, LANS earned nearly 90 percent of the $2.7 million performance award fee specifically associated with the laboratory's security performance in fiscal year 2007, despite the occurrence of the October 2006 security incident. Furthermore, of the $1.43 million potentially available for LANS's security performance award fee in fiscal year 2008, all but $30,000 is allocated to LANL's achievement of compliance-oriented milestones, such as issuing plans, publishing policies, completing equipment maintenance requirements, and achieving a satisfactory rating on an annual security survey. The NNSA official said these actions may not be valuable unless they improve management or operations. Only $30,000 is provided as an incentive in the fiscal year 2008 Performance Evaluation Plan for the development of a strategic plan for safeguards and security modernization. With respect to this plan, a Site Office official responsible for security oversight of LANL said NNSA has not provided the laboratory with any guidance or criteria about what the plan should include. Furthermore, problems identified in our January 2007 report regarding the NNSA Site Office's capacity to oversee security at LANL have not yet been addressed.[Footnote 9] Specifically, we found that NNSA's Los Alamos Site Office continues to suffer from a shortage of security personnel and lacks funding for needed security training. To improve security at LANL, we recommend that the Secretary of Energy and the Administrator of NNSA require LANL to develop a comprehensive strategic plan for laboratory security that addresses all previously identified security weaknesses and focuses on improving the effectiveness of LANL's security program. To ensure the implementation of this plan and, thus, sustained improvement of LANL's security program, we recommend that the Administrator of NNSA tie implementation of the comprehensive strategic plan for laboratory security to meaningful financial incentives in future performance evaluation plans. In addition, to enhance security initiatives already under way at LANL, we recommend that future laboratory plans for footprint reduction include specific criteria for evaluating facilities' security risks when making initial selections of facilities for footprint reduction. We provided NNSA with a copy of this report for review and comment. NNSA did not specifically comment on our recommendations. However, NNSA stated that while there is still much to be accomplished, NNSA believes that progress has been made in addressing reductions in classified parts, classified documents, vaults, and vault-type rooms, as well as with the implementation of engineered controls. While we acknowledge LANL's progress in our report, NNSA noted that several security problems at LANL addressed in the report--specifically, nonstandard storage of classified parts and the maturation of contractor assurance systems--are issues for the broader nuclear weapons complex as well. Overall, we continue to believe that the key issue is that NNSA and LANL cannot ensure that initiatives such as these will be sustained, or that changing security vulnerabilities will be identified and proactively addressed, without implementing our recommendations for a long-term strategic framework for security that effectively assesses contractor performance. NNSA's comments on our draft report are included in appendix V. NNSA also provided technical comments from LANL, which we have incorporated into this report as appropriate. Background: LANL is organized in a matrix that allows programs to draw on scientific, engineering, and experimental capabilities from throughout the laboratory. Programs are funded and managed out of LANL's 15 directorates, such as Weapons Physics or Chemistry, Life and Earth Sciences, but LANL's scientists and engineers work in 64 technical divisions that are discipline specific. These technical divisions, such as Applied Physics or Biology, accomplish the work of the laboratory and support its operations. Program managers in the directorates fund work in the technical divisions in order to meet milestones determined with NNSA or other work sponsors. To this end, employees in the technical divisions may support multiple programs with their work and may be called on to provide specific expertise to different programs. LANL's facilities are managed by its directorates and provide specific capabilities, such as high-performance computers, LANL employees use for their work, as well as general office and meeting space. When LANL was originally sited and constructed during the Manhattan Project, according to laboratory officials, its infrastructure was intentionally spread out as a safety and security precaution. What was once a benefit now makes LANL's management and operation complex. Spread across 40 square miles and including 155 miles of roads, 130 miles of electrical transmission lines, 90 miles of gas transmission lines, and 9.4 million square feet of facility space, LANL employs 12,000 to 14,000 people every day.[Footnote 10] LANL's approximately 2,700 structures are grouped together across the laboratory into 49 major technical areas that include major scientific and experimental facilities, environmental cleanup areas, and waste management locations (see fig. 1). However spread out the technical areas, LANL only considers less than 400 acres of its site to be highly suited for development because of the difficulty of developing the site's steep slopes and because of the need to maintain safety and security buffers around specific work activities. The most heavily developed area of the laboratory is Technical Area-3, LANL's core scientific and administrative area, which accounts for half of the laboratory's employees and total floor space. Figure 1: Map of LANL's Site and Technical Areas: [See PDF for image] This figure is a map of LANL's site and technical areas. The following are specifically noted on the map: * Bandelier National Monument; * Bandelier National Monument (TSANKAMI); * Department of Energy area; * Los Alamos (town site); * Technical areas. Source: Photo courtesy LANL. [End of figure] While individual scientific and engineering directorates within LANL are responsible for managing and securing its facilities, multiple programs across these organizations share facilities to accomplish their objectives. For example, LANL's Chemistry and Metallurgy Research facility is managed by LANL's Chemistry, Life and Earth Sciences directorate. The facility, however, is occupied by over 500 employees to support a number of programs across LANL that require its analytical chemistry and materials property testing capabilities (see fig. 2). These programs include manufacturing nuclear weapon pits,[Footnote 11] experimenting with nuclear fuels for civilian energy production, and producing nuclear heat sources for National Aeronautics and Space Administration missions. Figure 2: LANL's Chemistry and Metallurgy Research Facility: [See PDF for image] Photograph of LANL's chemistry and metallurgy research facility. Source: Photo courtesy LANL. [End of figure] LANL's shared facilities are protected at different levels depending on the type and amount of classified resources they house or store. DOE Manual 470.4-2, Physical Protection, defines these different levels and the types of safeguards that must be in place to ensure that classified resources are adequately protected.[Footnote 12] Table 1 summarizes these security levels and appropriate safeguards from lowest to highest level of security. Table 1: DOE Security Levels and Associated Appropriate Safeguards: Security level: Property Protection Area; Types of classified resources that can be housed or stored: None; Appropriate safeguards: Locks and keys, access control systems, signs prohibiting trespassing, and guards. Security level: Limited Area; Types of classified resources that can be housed or stored: Category III special nuclear material, classified documents, media, and parts stored in approved containers or vaults or vault-type rooms within the area; Appropriate safeguards: Physical barriers designating the area, means to detect unauthorized entry, and escorts for authorized visitors. Security level: Exclusion Area; Types of classified resources that can be housed or stored: Category III special nuclear material, classified documents, media, and parts stored in approved containers or vaults or vault-type rooms within the area; Appropriate safeguards: An additional security area within a Limited Area designated by physical barriers, means to detect unauthorized entry, and requiring escorts for all visitors who do not hold DOE security clearances and have a need to know. Security level: Protected Area; Types of classified resources that can be housed or stored: Category II special nuclear material, classified documents, media, and parts stored in approved containers or vaults or vault-type rooms within the area; Appropriate safeguards: An additional security area within an Exclusion Area designated by perimeter intrusion detection systems, vehicle barriers, perimeter alarm monitoring, entry and exit inspections, and identity and access validation by armed guards or by an automated system. Security level: Material Access Area; Types of classified resources that can be housed or stored: Category I special nuclear material, classified documents, media, and parts stored in approved containers or vaults or vault-type rooms within the area; Appropriate safeguards: An additional security area within a Protected Area designated by barriers that provide sufficient delay time to impede, control, or deter unauthorized access. Source: DOE. [End of table] To determine the overall effectiveness of LANL's implementation of DOE security requirements and the laboratory's security performance, two DOE organizations periodically conduct independent reviews. DOE's Office of Independent Oversight conducts assessments, typically every 18 months. These assessments identify the weaknesses of LANL's security program and produce findings that laboratory officials must take action to correct. NNSA's Los Alamos Site Office is also required to conduct surveys annually. These surveys are based on observations of performance, including compliance with DOE and NNSA security directives. While the two types of reviews differently categorize the topics and subtopics they cover, the reviews overlap substantially. They both address security program management, protective forces, physical security, classified information protection, control and accountability of nuclear materials, personnel security, and cyber security. Furthermore, they both use a color-coding system to rate each area of review as either Green (satisfactory or effective), Yellow (marginal or needs improvement), or Red (unsatisfactory or significant weakness).[Footnote 13] The results of these reviews affect LANS's ability to earn its performance-based award fee for successful management and operation of LANL. Under the contract between LANS and NNSA for the management and operation of LANL, NNSA is to establish the work to be accomplished by LANL, set requirements to be met, and provide performance direction for what NNSA wants in each of its programs. NNSA does this by annually issuing a performance evaluation plan that documents the process and associated performance objectives, performance incentives, award term incentives, and associated measures and targets for evaluating LANS's performance. In the performance evaluation plans for fiscal years 2007 and 2008, performance objectives and award fee incentives were specifically provided for security performance. LANL's contract requires the development of a Contractor Assurance System to increase accountability and improve management and performance. The Contractor Assurance System, according to the LANL official responsible for its implementation, is an integrated performance-based management system that is designed to include independent assessment and that is available as a tool for federal oversight. Notwithstanding the development of the Contractor Assurance System, under the contract with LANS, NNSA preserves its right to conduct direct oversight, particularly in the area of security. The Secretary of Energy has authority under 10 C.F.R. § 824.4(b) of DOE's Procedural Rules for the Assessment of Civil Penalties for Classified Information Security Violations to issue compliance orders that direct management and operating contractors to take specific corrective actions to remediate deficiencies that contributed to security violations regarding classified information. On July 12, 2007, the Secretary of Energy issued a compliance order to LANS as a result of the security incident uncovered in October 2006 when a subcontractor employee removed classified information from LANL without authorization. Analysis of the incident identified numerous breakdowns in LANL's classified information protection program and concluded that these breakdowns were caused, in part, by poor security practices. The Compliance Order directs LANS to take comprehensive steps to ensure that it identifies and addresses critical classified information and cyber security deficiencies at LANL. These steps must be completed by December 2008. Violation of the Compliance Order would subject LANS to civil penalties of up to $100,000 per violation per day until compliance is reached. LANL Conducts Over 175 Program Activities That Fall into Three Major and Two Support Program Categories: LANL has three major program categories--Nuclear Weapons Science, Threat Reduction Science and Support, and Fundamental Science and Energy. Nuclear Weapons Science programs ensure the safety, performance, and reliability of the U.S. nuclear deterrent. Threat Reduction Science and Support programs support nonproliferation and counterproliferation efforts. Fundamental Science and Energy programs address other national security concerns, particularly energy security, and provide basic scientific capabilities that support laboratory missions. LANL has two support program categories--Environmental Programs and Safeguards and Security. Environmental Programs address the remediation and disposition of waste at LANL. Safeguards and Security programs provide LANL with physical and cyber security protection. In addition to activities across these program categories that are supported by DOE and NNSA, LANL conducts millions of dollars in work for other federal agencies on specific research projects. Nuclear Weapons Science Programs Ensure the Safety, Performance, and Reliability of the U.S. Nuclear Deterrent: LANL's primary mission is to ensure the safety, performance, and reliability of nuclear weapons in the nation's stockpile without performing underground nuclear weapon tests. It is responsible for the design, evaluation, annual assessment, and certification of the United States' W76 and W88 submarine launched ballistic missile warheads, the W78 intercontinental ballistic missile warhead, and the B61 nuclear bomb and works in cooperation with NNSA's other nuclear weapons design laboratories and production plants.[Footnote 14] Because the United States stopped conducting underground nuclear weapon tests in 1992, LANL weapons scientists and engineers are involved in hundreds of research projects in programs aimed at developing strong physics modeling and predictive capabilities that provide information about nuclear weapons' performance. Of particular focus since 2001 has been the development of a common methodology, known as "Quantification of Margins and Uncertainties," for quantifying critical design and engineering factors during the operation of a nuclear weapon and the margin for these factors above which the weapons could fail to perform as designed.[Footnote 15] Furthermore, LANL is involved in two ongoing life extension programs, for the W76 and B61, which are efforts to refurbish aging weapons and extend their lifetimes for 20 to 30 years. [Footnote 16] In addition, LANL builds, operates, and maintains the infrastructure necessary to carry out its nuclear weapons mission and to support other laboratory missions. In fiscal year 2007, LANL conducted work on 41 Nuclear Weapons Science programs supported by about 3,400 FTEs and with a budget from NNSA of about $1.5 billion, which represented over half of LANL's total budget and approximately 87 percent of the funds received from NNSA for all of LANL's major program categories. Appendix II provides additional detail on LANL's Nuclear Weapons Science programs. Out of the $1.5 billion total budget for LANL's Nuclear Weapons Science programs, nearly $560 million--or 37 percent--was budgeted for the operation of the facilities that support these programs, as well as new line item construction projects. In addition, the following five other programs together represent another 45 percent of LANL's Nuclear Weapons Science budget: * Pit Manufacturing and Certification. Since 2001 LANL has been working to reconstitute the nation's capability to manufacture and certify pits, which was lost when DOE's Rocky Flats Plant near Denver, Colorado, closed in 1989. This program re-establishes an immediate capability to manufacture pits in support of the nuclear weapons stockpile, plans for long-term pit manufacturing capability, and manufactures specific quantities of W88 pits.[Footnote 17] In fiscal year 2007--the year LANL delivered the first war reserve W88 pits for the nation's stockpile--the budget for Pit Manufacturing and Certification was $226.9 million, and the program was supported by 599 FTEs. * Advanced Simulation and Computing. To compensate in part for the loss of underground nuclear testing as a means for gathering data on nuclear weapon performance, a program of advanced simulation and computing-- hardware, software, and code--was implemented to provide predictive computer models, supported by above ground experimental data and archived data from past underground nuclear tests, that simulate nuclear weapon performance. In fiscal year 2007, the budget for Advanced Simulation and Computing was $202.5 million, and the program was supported by 446 FTEs. * Stockpile Services. This program supports research, development, and production work that is applicable to multiple nuclear weapon systems rather than a specific weapon system. For example, scientists may conduct basic research on critical factors of nuclear weapon operations in this program or run tests on components shared by nuclear weapon systems. In fiscal year 2007, the budget for Stockpile Services was $140.7 million, and the program was supported by 361 FTEs. * Stockpile Systems. For each weapon type for which LANL is responsible, this program supports routine maintenance; periodic repair; replacement of components; and surveillance testing to assure the weapon type's continued safety, security, and reliability. In fiscal year 2007, the budget for Stockpile Systems was $67.4 million, and the program was supported by 162 FTEs. * Life Extension Program. This program extends the lifetimes of warheads or the components of these warheads to ensure that they continue to perform as designed. LANL is currently focused on programs to extend the lifetimes of the B61 and W76 weapon types by 20 and 30 years, respectively. In fiscal year 2007, the budget for LANL's life extension programs was $44.1 million, and the programs were supported by 120 FTEs. LANL's directorate for Weapons Programs is responsible for the conduct of these programs and carries them out primarily through three associate directorates--Weapons Physics, Weapons Engineering, and Stockpile Manufacturing and Support--as well as an office of Weapons Infrastructure. These organizations draw upon scientific, engineering, and experimental capabilities from throughout the laboratory to answer specific points of inquiry and to solve problems related to the nuclear weapons stockpile. For example, the Weapons Physics associate directorate has identified 10 key capabilities that it believes are necessary to ensure that it can execute its weapons program work, many of which also aid scientific work outside of Nuclear Weapons Science programs. These capabilities, which reside in technical organizations outside of the Weapons Program Directorate, include expertise in high- performance computing, dynamic model validation, and radiochemistry. This matrixed approach, according to LANL officials, allows LANL's technical staff to work among peers in their respective fields and to apply their expertise to Nuclear Weapons Science programs as the need arises. Threat Reduction Science and Support Programs Support Nonproliferation and Counterproliferation Efforts: In addition to helping ensure the safety and reliability of the U.S. nuclear deterrent, LANL applies science and technology to reduce the global threat of weapons of mass destruction (WMD), the proliferation of WMD, and terrorism. LANL pursues this mission through programs in three areas. First, the laboratory's nuclear nonproliferation programs, primarily funded by NNSA, focus on ways to address nuclear and radiological threats domestically and internationally. Second, LANL scientists familiar with WMD support the work of the Intelligence Community. Third, LANL conducts research programs supported by federal agencies, such as the Departments of Defense and Homeland Security, that provide foundational science and technology solutions to defeat chemical, radiological, biological, and nuclear WMD. Programs in these latter two areas are conducted as work for other federal agencies and are discussed in more detail in a subsequent section of this report. In fiscal year 2007, NNSA supported 12 Threat Reduction Science and Support nuclear nonproliferation programs at LANL that relied on over 480 FTEs and had a budget of about $225 million. Of these 12 programs, 9 were budgeted at over $1 million each in fiscal year 2007. Appendix III provides additional detail on these Threat Reduction Science and Support programs. Over 60 percent of the budget NNSA provided to support Threat Reduction Science and Support programs was for two programs: * Nonproliferation and Verification Research and Development. This program conducts scientific research and development and provides monitoring, sensing, and measurement technologies to observe the earth from space-based satellites and produces and updates data for ground- based systems in order to detect banned nuclear explosions. In particular, LANL produces electromagnetic pulse and radiation sensors that are integrated into U.S. Air Force satellites and develops algorithms used to process remote sensing data. In fiscal year 2007, the budget for Nonproliferation and Verification Research and Development was $95.5 million, and the program was supported by 254 FTEs. * U.S. Surplus Fissile Materials Disposition. NNSA funds efforts to dispose of the country's surplus plutonium and highly enriched uranium. LANL supports plutonium disposition efforts by developing the processing technologies that will be used in a facility currently planned for construction at the Savannah River Site in South Carolina. This facility will disassemble surplus nuclear weapon pits and convert the plutonium in them into a powder form that can later be fabricated into a fuel useable in commercial nuclear reactors. In fiscal year 2007, LANL's budget for this plutonium disposition work was $43 million, and the work was supported by 117 FTEs. LANL's Directorate for Threat Reduction is responsible for conducting the laboratory's Threat Reduction Science and Support programs. Those programs primarily supported by NNSA are carried out through the directorate's Nuclear Nonproliferation program office. This office employs scientific, engineering, and experimental capabilities from throughout the laboratory to accomplish program missions. According to LANL officials, these capabilities, such as nuclear device design and radiochemistry, were initially developed to support Nuclear Weapons Science missions but are now being leveraged to support Threat Reduction Science and Support missions. In turn, these officials told us results from Threat Reduction Science and Support programs provide feedback to Nuclear Weapons Science programs. For example, information on techniques to disarm nuclear weapons that are learned in threat reduction work can be used to improve the safety and security of the U.S. nuclear weapons stockpile. Fundamental Science and Energy Programs Address Energy Security and Other Emerging National Security Challenges and Support Basic Scientific Research: As a national security science laboratory, LANL's mission also includes the development and application of science and technology to solve emerging national security challenges beyond those presented by WMD. LANL's Fundamental Science and Energy programs are managed by the laboratory's Science, Technology and Engineering Directorate, and funds to support these programs come from multiple offices within DOE, as well as other federal agencies. In fiscal year 2007, DOE supported 40 programs focusing on energy security--specifically, fossil energy, civilian nuclear energy, alternative energy, and fusion. In addition, DOE supported basic scientific work in such areas as advanced computing, biology, environmental science, nuclear physics, and materials science, as well as Laboratory-Directed Research and Development projects. In total, DOE provided $151 million for Fundamental Science and Energy programs that supported over 380 FTEs. Appendix IV describes, in detail, LANL's DOE supported Fundamental Science and Energy programs. Work for other federal agencies and Laboratory-Directed Research and Development projects in Fundamental Science and Energy are discussed in a subsequent section of this report. LANL officials told us the laboratory's Fundamental Science and Energy programs, in conjunction with its Nuclear Weapons Science and Threat Reduction Science and Support programs, provide an integrated approach to national security science because these programs leverage one another's scientific, engineering, and experimental capabilities. For example, according to a senior LANL Science, Technology and Engineering official, LANL's Nuclear Weapons Science researchers developed expertise in underground work, such as tunnel boring, to facilitate underground nuclear testing, and this expertise has been translated for use in fossil energy activities. Specifically, the scientists and engineers responsible for the nuclear weapon test readiness program work out of the Fundamental Science and Energy organization. Similarly, capabilities in high-performance computing and simulation utilized by Nuclear Weapons Science programs have been applied to many other national security and Fundamental Science and Energy applications. Furthermore, a senior LANL Nuclear Weapons Science official told us that 7 of the 10 key capabilities identified for Weapons Physics work, such as high-performance computing, computational math and physics, and weapons material properties and characterization, are managed out of the same directorate responsible for LANL's Fundamental Science and Energy programs. More than one-quarter of LANL's career employees work in more than one of LANL's major program areas, and laboratory officials told us a substantial number of employees develop the critical skills needed for the Nuclear Weapons Science and Threat Reduction Science and Support programs by first working in Fundamental Science and Energy programs. Environmental Programs Address Remediation of Waste at LANL: LANL's Environmental Programs support the laboratory's scientific work by addressing legacy contamination, legacy waste disposition, and new waste at the site produced as a function of programmatic work. This waste is categorized as either legacy--generated before 1998--or newly generated. DOE's Office of Environmental Management provides funding for activities to remediate legacy contaminated sites and to dispose of legacy waste, and NNSA provides funding for activities to dispose of newly generated waste. LANL charges program organizations for disposition of newly generated waste, providing an additional stream of funds to support Environmental Programs. In fiscal year 2007, DOE's Office of Environmental Management supported LANL's legacy remediation and waste activities with a budget of over $146 million that supported about 325 FTEs. Costs and FTEs associated with processing newly generated waste and managing and operating the facilities that process them are paid for by the Nuclear Weapons Science facilities and operations programs discussed above. This work generally amounts to $40 million per year, and 87 FTEs support newly generated waste-processing activities. LANL's legacy contamination remediation activities focus on remediation of contaminated sites and decontamination and decommissioning of contaminated structures. LANL must complete its work on contaminated sites by 2015 to comply with a Consent Order from the state of New Mexico's Environment Department to remediate soil and groundwater contamination.[Footnote 18] According to the LANL official responsible for this work, as of May 2007, LANL had cleaned up 1,434 of the 2,194 contaminated sites; however, the remaining sites are more difficult to address. This LANL official estimated that between 2007 and 2015, remediation of all of the sites will cost approximately $900 million. LANL's newly generated waste activities focus on liquid and solid waste processing and disposal. Radioactive liquid waste at LANL is processed at the laboratory's Radioactive Liquid Waste Treatment facility, a building that is 45 years old. Upgrades to the treatment facility are currently under way, and the upgraded facility is expected to be operational by 2010. Solid waste--typically comprising discarded rags, tools, equipment, soils, and other solid materials contaminated by man- made radioactive materials--are processed at LANL's Technical Area-54 Area G Disposal Site. Engineering and design work has begun on a replacement facility for processing solid waste, and the facility is expected to be operational in 2014. LANL's Safeguards and Security Program Provides Physical and Cyber Security Protection: LANL's Safeguards and Security program aims to provide the laboratory with protection measures that are consistent with the threats and risks detailed in the laboratory's Site Safeguards and Security Plan. This plan, which NNSA reviews annually, details levels of protection that must be provided in different areas of the laboratory to ensure secure programmatic operations and covers such topics as protective forces, site perimeter security, accountability and control over special nuclear material, protection of hard copy and electronic classified information, alarms, intrusion detection systems, identification badges, and security clearances. In fiscal year 2007, $140 million and over 900 FTEs supported Safeguards and Security operations. In addition, construction projects provide new and upgraded security protection at key areas. Specifically, an additional $48 million was budgeted to support two construction projects in fiscal year 2007. The first is the second phase of the Nuclear Materials Safeguards and Security Upgrade project, which focuses on providing upgraded perimeter protection for the facility at LANL where pits are manufactured. The second project focuses on creating a more secure entry point for vehicle traffic at LANL by establishing access control stations and altering traffic patterns on public roads (see fig. 3). Figure 3: Security Perimeter Project: [See PDF for image] Photograph of security checkpoint. Source: Photo courtesy LANL. [End of figure] While LANL employs security professionals, the technical divisions, in practice, have been responsible for securing their own classified resources by operating their own vault-type rooms, classified computer networks, and classified work areas. These divisions also operated accountability systems for maintaining control over classified resources. Professional security staff advise technical divisions on security requirements and check on whether established practices are appropriately implemented and managed. More recently, security professionals have been deployed to technical divisions to assist directly with security operations, and according to LANL officials, classified resource protection has been centralized to a greater extent through such actions as consolidating storage of all accountable classified documents into one location. LANL's Programs Include Millions of Dollars in Work for Other Federal Agencies and Laboratory-Directed Research and Development Projects: Work for Others: According to LANL, the laboratory's budget for work for others projects in fiscal year 2007 was $462.4 million--or about 17 percent of the laboratory's total budgetary resources--and these projects relied on nearly 800 FTEs. NNSA's Site Office reported that LANL scientists and engineers conducted work on over 1,200 individual projects for other federal agencies and outside entities in fiscal year 2007. Of these 1,200 projects, only 93 had fiscal year 2007 budgets of $1 million or more, and the budgets for these 93 projects totaled about $270 million, or 58 percent of all projects' budgets in fiscal year 2007. Nearly 60 percent of the $270 million available for these 93 projects came from the following two sources: * Defense related intelligence agencies sponsored 26 of the 93 projects. These projects are described by LANL as "International Technology" projects. * The Department of Homeland Security sponsored an additional 24 of the 93 projects. The largest of these projects supports the National Infrastructure Simulation and Analysis Center. The National Infrastructure Simulation and Analysis Center applies LANL's expertise in computer-based modeling and simulation for national response to national security events, such as a nuclear or radiological device explosion or an outbreak of infectious disease. Other projects focus on research and development related to defeating chemical and biological weapons, detecting the movement of radioactive materials, and providing threat assessment capabilities. Work for others activities are concentrated in LANL's Threat Reduction Science and Support and Fundamental Science and Energy programs. In particular, 27 Threat Reduction Science and Support programs received several hundred million dollars in fiscal year 2007. Twenty Fundamental Science and Energy programs received about $162 million to conduct work for others activities in fiscal year 2007. Of this total, 41 percent came from other DOE entities, such as other national laboratories; 19 percent from the Department of Health and Human Services; 13 percent from the National Aeronautics and Space Administration; and 10 percent from universities and institutions. Laboratory-Directed Research and Development: In addition to programs supported by NNSA, DOE, and other federal and nonfederal work sponsors, LANL supports a program of Laboratory- Directed Research and Development (LDRD) that focuses on forefront areas of science and technology that are relevant to NNSA and DOE missions but are not directly funded by specific NNSA or DOE programs. LDRD projects are largely self-initiated and are funded indirectly by LANL through contributions made by directly funded programs. To this end, funds allocated for use on LDRD projects are not a budgeted expense, but do contribute to the cost of LANL's work. DOE guidance requires that the maximum funding level for LDRD projects not exceed 8 percent of a laboratory's total operating and capital equipment budget. In fiscal year 2007, LANL provided just under $130 million to conduct work on 199 LDRD projects involving approximately 470 FTEs. These projects ranged in scope from research on predictive climate modeling, to nanotechnology in semiconductors, to medical technologies, to plutonium sciences. DOE guidance requires that LDRD projects normally conclude within 36 months of inception.[Footnote 19] LANL's Nuclear Weapons Science Programs Rely on Classified Resources to Accomplish Their Missions to a Greater Extent Than Do Other LANL Programs: To carry out its programs, LANL's major and support programs operate in a wide variety of shared facilities, ranging from office buildings, to laboratories, to manufacturing facilities for nuclear weapon pits and high explosives. In this regard, LANL officials identified 633 such facilities, which are protected at different security levels. Of these 633 facilities, 607 are used by LANL's major programs. Table 2 provides information on the different levels of security at which LANL's major and support program facilities are protected. Table 2: Security Levels of LANL Facilities, as of December 2007: Security level: Material Access Area; Number of facilities: 1. Security level: Protected Area; Number of facilities: 9. Security level: Exclusion Area; Number of facilities: 33. Security level: Exclusion Area/Limited Area[A]; Number of facilities: 2. Security level: Limited Area; Number of facilities: 320. Security level: Limited Area/Property Protection Area[A]; Number of facilities: 7. Security level: Property Protection Area; Number of facilities: 243. Security level: Other[B]; Number of facilities: 18. Security level: Total; Number of facilities: 633. Source: GAO analysis of LANL data. [A] Portions of some facilities are protected at higher security levels than other portions of the same facility. [B] Other facilities are not protected at a specific security level because they are scheduled for demolition or for transfer to a different owner. [End of table] Facilities with appropriate levels of security house or store a variety of classified resources, ranging from special nuclear material to classified documents. At least 365 facilities are protected in their entirety at the Limited Area level or above, which is sufficient to allow them to store classified documents or perform classified activities. In contrast, Category I special nuclear material will be found in a facility that has all of the protections provided by Limited, Exclusion, Protected, and Material Access Areas. Table 3 provides information on the different types of classified resources housed or stored in these facilities. Table 3: Number of LANL Facilities that House or Store Different Types of Classified Resources, as of December 2007: Classified resource: Category I special nuclear material; Number of facilities storing classified resource: 1. Classified resource: Category III special nuclear material; Number of facilities storing classified resource: 3. Classified resource: Category III/IV special nuclear material; Number of facilities storing classified resource: 3. Classified resource: Category IV special nuclear material; Number of facilities storing classified resource: 22. Classified resource: Classified, or "red," computer network access; Number of facilities storing classified resource: 94. Classified resource: Classified parts storage; Number of facilities storing classified resource: 66. Classified resource: Vault-type rooms; Number of facilities storing classified resource: 60. Source: GAO analysis of LANL data. Notes: Facilities cannot be totaled because a single facility may contain multiple types of classified resources. In addition to these types of classified resources, a few facilities at LANL also contain one or more Sensitive Compartmented Information Facilities. In addition, facilities at LANL store classified documents that are of a low enough classification level that they are not subject to tracking with an accountability system. LANL estimates that these documents number around 9 million. [End of table] LANL's Nuclear Weapons Science programs rely on facilities that house classified resources to a much greater extent than do the laboratory's Threat Reduction Science and Support or Fundamental Science and Energy programs. In contrast, LANL's Environmental and Safeguards and Security support programs rely on facilities that house classified resources to a minor extent. Specifically, Nuclear Weapons Science programs use 322 facilities that require security protections for classified resources. Thirty-two of these 322 facilities are protected at the highest levels as Exclusion, Protected, and Material Access Areas. Nuclear Weapons Science programs are the primary users--meaning they use more space in a facility than any of the other major or support programs at LANL--of 28 of these 32 facilities, including LANL's single Category I special nuclear material facility, known as Plutonium Facility 4 at Technical Area-55. Threat Reduction Science and Support programs use 105 facilities that require security protections for classified resources, 31 of which are protected as Exclusion, Protected, and Material Access Areas. Of these 31, Threat Reduction Science and Support is the primary user of 14, including all of LANL's facilities for Sensitive Compartmented Information. Finally, Fundamental Science and Energy uses 103 facilities that require security protections for classified resources. While 15 of these are protected as Exclusion, Protected, and Material Access Areas, Fundamental Science and Energy is not the primary user of any of these 15 facilities. Finally, LANL's Nuclear Weapons Science programs are the primary users of facilities storing or housing different types of classified resources to a greater extent than are LANL's Threat Reduction Science and Support or Fundamental Science and Energy programs. Table 4 provides information on the primary-user facilities that house or store classified resources, as well as vault-type rooms. Table 4: Primary Users of Facilities with Different Types of Classified Resources, as of December 2007: Classified resource type: Category I special nuclear material; Nuclear Weapons Science programs: 1; Threat Reduction Science and Support programs: 0; Fundamental Science and Energy programs: 0. Classified resource type: Category III special nuclear material; Nuclear Weapons Science programs: 3; Threat Reduction Science and Support programs: 0; Fundamental Science and Energy programs: 0. Classified resource type: Category III/IV special nuclear material; Nuclear Weapons Science programs: 0; Threat Reduction Science and Support programs: 3; Fundamental Science and Energy programs: 0. Classified resource type: Category IV special nuclear material; Nuclear Weapons Science programs: 10; Threat Reduction Science and Support programs: 1; Fundamental Science and Energy programs: 3. Classified resource type: Classified "red" computer network access; Nuclear Weapons Science programs: 75; Threat Reduction Science and Support programs: 5; Fundamental Science and Energy programs: 3. Classified resource type: Classified parts storage; Nuclear Weapons Science programs: 58; Threat Reduction Science and Support programs: 5; Fundamental Science and Energy programs: 0. Classified resource type: Vault-type rooms; Nuclear Weapons Science programs: 38; Threat Reduction Science and Support programs: 8; Fundamental Science and Energy programs: 2. Source: GAO analysis of LANL data. Notes: Facilities cannot be totaled because a single facility may contain multiple types of classified resources. LANL's Threat Reduction Science and Support programs are also the primary users of all of the laboratory's facilities that contain Sensitive Compartmented Information Facilities. Where there was no clear primary user of a classified resource (i.e., programs used the facility housing the resource to the same extent) those data are excluded. [End of table] LANL Is Implementing Over Two Dozen Initiatives Officials Believe Will Reduce Security Risk and Improve Protection of Classified Resources: LANL has initiatives under way that are principally aimed at reducing, consolidating, and better protecting classified resources, as well as reducing the physical footprint of the laboratory by closing unneeded facilities. LANL officials believe that these initiatives will reduce the risk of incidents that can result in the loss of control over classified resources. In concert with these actions, LANL is implementing a series of engineered and administrative controls to better protect and control classified resources. LANL Is Reducing and Consolidating Classified Resources and Its Physical Footprint: According to NNSA security officials, the size and geographic dispersal of LANL's facilities creates challenges for classified operations at the laboratory because classified resources must be shared among programs that use remote facilities. This condition increases the number of instances in which laboratory employees move and hand off classified resources--a situation that has created accountability problems. To address this problem, LANL is reducing classified holdings at the laboratory; consolidating storage of and access to these resources in fewer facilities that are more centrally located and controlled; and where possible, eliminating hard copies and classified removable electronic media by transferring the information to LANL's classified "red" computer network. Simultaneously, LANL is reducing the overall size of its physical footprint by eliminating facilities that are in poor or failing condition or are excess to mission needs. Classified Resources Reduction and Consolidation: LANL is undertaking a number of initiatives that security officials believe will improve LANL's security posture and, thereby, risk to the laboratory's operations. These initiatives are being managed in the short-term by a Security Improvements Task Force, a multidisciplinary team chartered in January 2007 to improve physical security operations. The Task Force targeted six types of classified resources for immediate consolidation and reduction: (1) accountable classified removable electronic media; (2) classified removable electronic media that do not need to be tracked with an accountability system; (3) classified parts; (4) accountable classified documents; (5) classified documents that do not need to be tracked with an accountability system; and (6) vaults and vault-type rooms. With respect to each type of resource, LANL developed a baseline inventory of resources, identified resources that could be destroyed, or, in the case of vaults and vault-type rooms, emptied and consolidated remaining resources into fewer facilities. As of March 2008, the latest date for which data is available, LANL had significantly reduced and consolidated each of these resources, as described: * Accountable classified removable electronic media. LANL reduced the number of pieces of accountable classified removable electronic media actively in use from a high of 87,000 pieces in 2003 to about 4,300 pieces. * Classified removable electronic media. LANL instituted a "spring cleaning" project in May 2007 that contributed to the destruction of 610 pieces of classified removable electronic media. According to a senior LANL security official, LANL completed an assessment of its classified removable electronic media holdings in February 2008 and estimates there are approximately 6,500 pieces of nonaccountable classified removable electronic media at the laboratory. Security officials said unneeded media will be destroyed during a second spring cleaning effort in May 2008. * Classified parts. LANL has allocated nearly $1.7 million for a project to inventory tens of thousands of classified nuclear weapon parts, destroy those that are no longer useful, and centrally manage those that remain. Through a laboratorywide effort, nearly 30,000 classified parts were identified and destroyed between February 2007 and March 2008 by either melting the parts, grinding them into shapes that are no longer classified, or by blowing them up. According to LANL officials, additional destruction of classified parts is under way. * Accountable classified documents. LANL completed consolidation of all accountable documents into a single storage library in November 2007. While accountable classified documents are created and destroyed on an ongoing basis, as of March 2008, LANL was managing just over 6,000 accountable classified documents. * Classified documents. According to a senior LANL security official, the laboratory completed an assessment of nonaccountable classified documents in February 2008 and estimates there are approximately 9 million classified documents at the laboratory. From April 2007 through February 2008, LANL destroyed over 1.6 million pages of classified documents, and another destruction effort is planned for May 2008. * Vaults and vault-type rooms. LANL has reduced the number of vault- type rooms at the laboratory from 142 to 111 and plans to further reduce the number to 106. One LANL security official said he thought the laboratory could ultimately reduce the number of vault-type rooms to 100. Of the remaining vaults and vault-type rooms, LANL officials told us all have been comprehensively inspected and any security deficiencies remedied. During fiscal year 2007, LANL built a prototype "super vault-type room," a model for future vault-type room operations, that consolidates classified resources in a highly secure, access- controlled environment staffed by security professionals. According to LANL officials, the super vault-type room has allowed LANL to consolidate 65 percent of its accountable classified removable electronic media holdings in one location. In addition to classified resource storage, the super vault-type room offers classified mailing, scanning, faxing, and printing services, thereby reducing the number of locations, equipment, and people handling classified resources in other parts of the laboratory. In addition, LANL is taking steps to reduce the number of special nuclear material storage facilities that must be protected at the site. In 2000, there were 19 such nuclear facilities at LANL, and by 2006, this number had decreased to 11. LANL plans to further reduce the number of nuclear facilities at the site to five by 2016. The number of facilities that store Category I special nuclear material has already been reduced from nine to one. This remaining Category I facility-- LANL's Plutonium Facility 4 at Technical Area-55 (see fig. 4)--contains the nation's only plutonium research, development, and manufacturing facility and the laboratory's only Material Access Area. It is protected with a combination of safeguards that include fences, controlled access points, electronic sensors and surveillance, and armed guards. Figure 4: LANL's Plutonium Facility 4 at Technical Area-55: [See PDF for image] Aerial photograph of LANL's Plutonium Facility 4 at Technical Area-55. Source: Photo courtesy of LANL. [End of figure] Physical Footprint Consolidation and Reduction: According to the LANL Director, the laboratory has embarked on a multiyear transformation effort to reduce its facility footprint and better manage its infrastructure investments. Many facilities at LANL were built in the early 1950s and are beginning to show signs of structural or systems failure. Other structures at LANL, such as trailers, are temporary and do not provide quality office or laboratory space. Furthermore, the geographic separation of LANL's facilities makes effective collaboration difficult, according to LANL program managers. LANL officials told us that reducing the laboratory's physical footprint will save facility operation costs and reduce deferred maintenance costs, which LANL estimated at $321.5 million in fiscal year 2007. Officials said it will also enhance scientific collaboration and improve safety and security. LANL's goal in fiscal year 2007 was to reduce its existing facility footprint by 400,000 square feet and to reduce it by a further 1.6 million square feet in fiscal year 2008.[Footnote 20] To determine which facilities would be reduced, several of LANL's directorates prepared footprint reduction plans targeting facilities that (1) have significant deferred maintenance costs, (2) are in poor or failing condition, (3) are expensive to maintain because they were not designed or built for energy efficiency, and (4) are considered excess to current and anticipated mission needs. In fiscal year 2007, LANL exceeded its footprint reduction goal by reducing existing facility square footage by just over 500,000 square feet. Seventy-seven facilities were reduced to contribute to this total. According to LANL and NNSA officials, the criteria used to determine whether a facility is considered to be reduced vary. Generally, a facility is considered reduced when it is closed, the utilities have been disconnected, and it is no longer occupied by laboratory employees. However, in at least one instance, LANL considered a portion of a facility to be reduced, while another portion remained occupied and building utilities were still connected. A reduced facility may still require environmental remediation and will eventually require disposition, either through demolition, transfer, or sale. LANL Is Introducing Engineered and Administrative Controls to Protect Classified Resources: LANL is also introducing engineered and administrative controls to improve the physical security of its remaining classified resources and to reduce the security risks associated with their use. According to LANL, implementing these controls can help reduce errors in handling classified resources and, therefore, reduce risk. The super vault-type room is a solution engineered to address the risk of mishandling accountable classified resources by putting responsibility for these classified resources in the hands of security professionals. A senior LANL security official told us that the laboratory relies on these controls to influence and change laboratory employees' behavior. For example, a LANL official said increased mandatory and additional random searches of employees leaving vault-type rooms--an engineered control- -should help raise employees' awareness of unauthorized removal of classified documents or media from vault-type rooms. Furthermore, simplifying security orders--an administrative control--should help LANL employees understand and implement their security obligations. Examples of engineered controls, beyond the initiatives to reduce and consolidate the seven types of classified resources discussed above, include: * improving security perimeters around the laboratory and around specific facilities; * adding to and reinforcing existing vehicle access control points; * expanding a random drug testing program to include all new and existing LANL employees and subcontractors; * increasing random searches performed by protective forces on individuals in secure areas to ensure they are not leaving with classified resources; * expanding the classified "red" computer network to a greater number of facilities, further enabling the reduction of accountable and nonaccountable classified electronic media; * significantly reducing laboratory computers' ability to create new accountable and nonaccountable classified removable electronic media; * initiating a pilot program to attach radio frequency identification tags to cellular phones and two-way paging devices that set off an alarm when these devices are brought into restricted areas; and: * upgrading security alarm systems. Examples of administrative controls include: * issuing manuals to formalize facility operations, maintenance, engineering, training, and safety requirements across LANL; * updating and simplifying physical security orders to ensure requirements are easily understood and can be implemented; * reinforcing the applicability of security requirements to subcontractors through a meeting and a new appendix to subcontractors' contracts; * enhancing procedures for escorting individuals into vault-type rooms; * eliminating the practice of allowing cleared individuals to hold the door for other cleared individuals entering restricted facilities, known as "piggybacking," by requiring that all individuals entering restricted facilities swipe their badges; * implementing Human Performance Assessments of security incidents that identify how a lack of engineered or administrative controls, which can be corrected, contribute to human errors; and: * reissuing work control policies emphasizing Integrated Safeguards and Security Management, a system intended to provide each LANL employee with a framework for performing work securely and fulfilling individual security responsibilities. While LANL's Initiatives Address Many Security Problems Identified in Prior External Evaluations, Other Significant Security Problems Have Received Insufficient Attention: Many of the initiatives LANL is undertaking address security findings identified in external evaluations, particularly those conducted by DOE's Office of Independent Oversight and NNSA's Site Office. Some of these initiatives are being implemented in response to DOE's 2007 Compliance Order, which resulted from the October 2006 security incident. Despite these efforts, however, significant security problems have not been fully addressed. Furthermore, in fiscal year 2007 LANL's initiative to reduce the physical footprint of its site reduced maintenance costs more than it addressed facility security. Many of LANL's Initiatives Address Security Problems Identified by DOE's Office of Independent Oversight and NNSA's Site Office between Fiscal Years 2000 and 2008: Between fiscal years 2000 and 2008, DOE's Office of Independent Oversight issued four complete assessments of security at LANL. [Footnote 21] Over the same period, NNSA's Los Alamos Site Office conducted seven surveys of laboratory security.[Footnote 22] These assessments and surveys identified a variety of security problems at LANL, many of which are being addressed through initiatives LANL is currently implementing. Some examples follow: * Inadequate accounting for classified documents. Issues with the adequacy of LANL's accounting for classified documents were raised by the Site Office in fiscal years 2005 and 2006 and by DOE's Office of Independent Oversight in fiscal year 2007. These issues related to the inconsistent handling of classified documents by document custodians in LANL's divisions and to the timeliness of updates to LANL's classified document and media accountability policies to ensure that they reflected DOE's policies. Several of LANL's ongoing security initiatives and engineered and administrative controls are intended to address these concerns by centrally storing and handling accountable classified documents in vaults, vault-type rooms, and the super vault- type room staffed by security professionals and by implementing an automated system to update classification guidance. * Inadequate accounting for classified nuclear weapon parts. Findings about the adequacy of LANL's accounting for classified parts were raised by the Site Office in fiscal year 2001 and by DOE's Office of Independent Oversight in fiscal years 2003, 2007, and 2008. These findings related to improper marking of classified parts with their appropriate classification level and storage of classified parts in containers and facilities that are considered nonstandard, or out of compliance with DOE rules governing classified resource storage. These rules include requirements for building alarms, frequency of security guard patrols, and facility vulnerability assessments. Furthermore, the DOE Inspector General reviewed LANL's management of classified parts in 2007 and had additional findings about the inventory systems used to maintain accountability over classified parts.[Footnote 23] While LANL has not resolved issues related to nonstandard storage (see discussion in a subsequent section of this report), LANL officials told us that by destroying nearly 30,000 classified parts at the laboratory, they have established a goal to reduce the number of nonstandard storage facilities from 24 to 0 by the end of August 2008. LANL is also developing a new, centrally controlled inventory system for tracking classified parts and has created administrative procedures and guidance for the system's use. * Inconsistent efforts to reduce classified holdings. A finding about the consistency of LANL's efforts to reduce classified holdings was raised by the Site Office in fiscal year 2001. The Site Office noted that despite the existence of LANL procedures for regularly reviewing classified inventories to reduce them to the minimum necessary, routine review and reduction of classified inventories was not occurring. While other surveys and assessments did not discuss this finding, LANL's current initiatives to reduce accountable and nonaccountable documents and classified removable electronic media, which began in 2003, have significantly reduced holdings, and future classified holdings reduction targets are being developed. Through engineered controls, LANL is also attempting to limit the ability and the need to create new classified removable electronic media and to make the information previously stored on removable media available through the laboratory's classified computer network. Specifically, to prevent the creation of new media, LANL is removing functions on classified computers that would allow media to be created or copied and is deploying new classified computing systems that do not contain the capability to create removable electronic media. In addition, LANL has undertaken an effort to upload the information stored on classified removable electronic media to the laboratory's classified computer network before the media are either destroyed or permanently archived. LANL officials said this will reduce the risk that media could be mishandled, thus improving the laboratory's physical security. However, LANL officials also acknowledged that transferring information from classified media to a classified network represents a shift from physical security risk to cyber security risk. A senior LANL official told us this risk is minimized by ensuring that LANL's classified network is appropriately protected and access to the network is properly controlled.[Footnote 24] * Insufficient security at vault-type rooms. Findings about the sufficiency of security at LANL's vault-type rooms were raised by the Site Office in fiscal year 2005 and by DOE's Office of Independent Oversight in fiscal years 2007 and 2008. These findings concerned the adequacy of security patrols, sensor detection, and unauthorized access. LANL has addressed concerns about vault-type room security through comprehensive physical assessments of all vault-type rooms, and a laboratory security official told us that all identified deficiencies have been remedied. Furthermore, the official told us that in the future LANL intends to recertify vault-type rooms every 2 years, instead of every 3 years. Finally, LANL has reduced the number of vault- type rooms in operation at the laboratory--facilitating more frequent security patrols--and has increased mandatory and random searches of individuals exiting vault-type rooms. LANL is also implementing security initiatives in response to the October 2006 security incident. Specifically, DOE's July 2007 Compliance Order, which resulted from this incident, required LANL to submit an integrated corrective action plan to address critical security issues at the laboratory, including many of those identified by the Site Office and Office of Independent Oversight since 1999. According to LANL's analysis of past information and cyber security findings, the root causes of 76 percent of these findings were related to inadequate policies, procedures, or management controls. Correspondingly, many of the administrative controls LANL is now implementing and that it included in its integrated corrective action plan address these policy, procedural, and management problems, including: * reissuing policies and guidance for improving implementation of Integrated Safeguards and Security Management, which LANL officials told us will help individual employees ensure they execute their security responsibilities as part of their regular work; * providing Human Performance Assessments as a component of security incident reports to help managers identify challenges in their work environments that can be improved to reduce the likelihood and severity of security errors made by employees; * revising policies for escorting visitors into vault-type rooms to ensure visitors' access to classified resources is properly limited; and: * improving communication of security requirements to subcontractors by adding an additional exhibit to their contracts. Not All Security Problems Are Being Fully Addressed: While many of the initiatives and engineered and administrative controls LANL is implementing address past security concerns, some significant security problems identified by DOE's Office of Independent Oversight and NNSA's Site Office have not been fully addressed. Specifically, LANL's storage of classified parts in unapproved storage containers and its process for ensuring that actions taken to correct security deficiencies are completed have been cited repeatedly in past external evaluations, but LANL has not implemented complete security solutions in these areas. In addition, LANL's actions to address other long-standing security concerns, such as the laboratory's process for conducting self-assessments of its security performance and its system for accounting for special nuclear material, have been planned but have not, as yet, been fully implemented. More specific examples include the following: * Classified nuclear weapon parts storage. LANL uses General Services Administration-approved security containers for standard storage of classified resources. Classified resources that cannot be readily stored in approved containers--for example, because of their size--are stored in vaults, vault-type rooms, or nonstandard storage facilities. According to LANL officials, there are 24 nonstandard storage areas at the laboratory. Requests for nonstandard storage are made through a process approved by NNSA's Site Office. LANL management reviews all nonstandard storage requests, and requests are approved by LANL's Physical Security group. The approval process requires LANL to conduct risk assessments for these nonstandard storage areas. While the Site Office has never independently raised concerns about the adequacy of nonstandard storage areas in its surveys, the Office of Independent Oversight has consistently called attention to this issue. Specifically, in fiscal years 2003, 2007, and 2008, the Office of Independent Oversight noted problems with the safeguards LANL said were in place to protect nonstandard storage areas and questioned the risk assessment methodology LANL has used to determine appropriate protections. In 2007, the Chief of DOE's Office of Health, Safety and Security, which oversees independent assessments, testified that LANL is overly dependent on nonstandard storage for the protection of many of its classified nuclear weapon parts and that the overall impact of deficiencies in nonstandard storage arrangements on the protection of these parts is substantial. LANL officials told us their goal is to eliminate all 24 nonstandard storage areas at the laboratory by August 2008 and, in the interim, continue to apply for waivers to rules governing standardized storage through the Site Office's approval process. However, LANL's plans for eliminating specific nonstandard storage areas show the elimination of one area planned for the second quarter of fiscal year 2009--as much as seven months later than LANL's August 2008 goal--and four others that will remain nonstandard storage areas. Furthermore, a recent status report on nonstandard storage area elimination activities showed that nearly all activities were at risk of schedule delay. * Process for ensuring that corrective actions are completed. When evaluations result in findings of security deficiencies, LANL must prepare a corrective action plan that charts a path forward for resolving the finding. To resolve a deficiency and complete its corrective action plan, DOE requires LANL to conduct a root-cause analysis, risk assessment, and cost-benefit analysis to ensure that the corrective action implemented truly resolves the deficiency identified. In fiscal year 2007, the Office of Independent Oversight questioned the completeness of corrective action plans--some of which did not include the required risk assessments--leading to concerns about whether actions taken to address security deficiencies would in fact prevent recurrence. This concern is similar to our 2003 finding that corrective action plans are often inconsistent with DOE requirements.[Footnote 25] The fiscal year 2008 Office of Independent Oversight assessment noted that weaknesses in corrective action plans' causal analyses remain. Specifically, the Office of Independent Oversight found that some corrective action plans' root-cause analyses were insufficient to properly identify security deficiencies. According to LANL officials, in fiscal year 2008, LANL revised its self-assessment program to ensure that root-cause analyses are included in all corrective action plans and that these plans are sufficient. In fiscal year 2007 the Site Office and the Office of Independent Oversight raised concerns about the timeliness of LANL's submission of corrective action plans and the length of time it takes to close corrective action plans by resolving findings. The fiscal year 2007 Performance Evaluation Plan that NNSA developed to establish priorities for the laboratory provided LANS with financial incentives totaling over $1 million to complete LANL's corrective actions on schedule. While the Site Office noted significant improvement in the timeliness and closure of corrective action plans in its fiscal year 2007 survey, LANL did not meet the fiscal year 2007 performance milestone. NNSA's fiscal year 2008 Performance Evaluation Plan provides LANS with a $100,000 financial incentive to improve the timeliness of corrective action plan development and up to an additional $357,000 to close corrective action plans quickly and on time. * Inadequate self-assessment. Concerns about the adequacy of LANL's assessments of its own security performance were raised by the Site Office in fiscal years 2003, 2005, 2006, and 2007 and by DOE's Office of Independent Oversight in fiscal year 2008. These concerns related to the comprehensiveness of LANL's self-assessments, the extent to which self-assessments included discussion of all internal findings, and the extent to which these findings were analyzed and addressed through corrective actions. NNSA provided LANS with a nearly $600,000 financial incentive under the fiscal year 2007 Performance Evaluation Plan to improve LANL's self-assessment program. According to NNSA's evaluation of LANL's fiscal year 2007 performance, LANL did not meet NNSA's goal but did make progress toward it by significantly improving self- assessment. The Office of Independent Oversight's fiscal year 2008 assessment also noted improvements but recommended further areas for attention. These recommendations included ensuring that self- assessments address all aspects of each assessment topic, such as classified information protection and physical security. LANL officials said training on conducting self-assessments is currently being developed. * Control and accountability system for special nuclear material. DOE requires that LANL maintain a system for tracking special nuclear material inventories, documenting nuclear material transactions, issuing periodic reports, and detecting potential material losses. According to LANL and Site Office security officials, the system LANL uses, known as the Material Accountability and Safeguards System (MASS), is over 20 years old and was developed with a now outdated computer language. While LANL has not reported any incidents involving the loss or diversion of special nuclear material in recent years, the Site Office and Office of Independent Oversight raised concerns in fiscal years 2002, 2003, 2005, 2006, and 2007 related to LANL's system. Such concerns included the absence of controls in MASS to detect internal transfers of nuclear materials that could result in safeguards category limits being exceeded in time to prevent the transfer. According to a senior LANL official, a project to upgrade the system was approved to proceed in January 2008 and is scheduled to be completed by February 2010 at a cost of $3 million. LANL's Footprint Reduction Initiative Reduced Maintenance Costs More Than It Addressed Facility Security: LANL's initiative to reduce the physical footprint of its facilities focuses on eliminating facilities that are in poor and failing condition, thus reducing the laboratory's deferred maintenance burden, which according to a LANL estimate, totaled over $320 million in fiscal year 2007. Additionally, the initiative focuses on facilities that have no enduring mission need, thus avoiding future operations costs. While the footprint reduction plans put together by LANL's Weapons Physics and Weapons Engineering directorates both state that security improvements would result from facility reduction, LANL officials responsible for setting priorities for reducing facilities told us that the facilities' security problems were not seriously considered when planning for footprint reduction. In that regard, we found that of the 77 facilities LANL counted toward meeting its footprint reduction goal of 400,000 square feet in fiscal year 2007, only 2 facilities contained any classified resources. Specifically, these two facilities included (1) a large, Limited Area administrative facility that contained six vault-type rooms, stored classified parts, and provided access to LANL's classified network; and (2) a Limited Area facility used for high explosives work and that provided access to LANL's classified network. Closing vault-type rooms and eliminating classified network access points has the potential to improve security at LANL by reducing or consolidating the number of classified resources that require security protection. In the case of the administrative building described above, the facility was replaced by a newly constructed administrative building that has 11 vault-type rooms--5 more than the original administrative building contained. However, in commenting on our report, LANL officials said that the new administrative building incorporates more modern safety and security standards than the original administrative building. To this end, the security benefits derived from LANL's fiscal year 2007 footprint reduction efforts are unclear. In commenting on our report, LANL officials noted that Security and Safeguards Requirement Integration Teams participate in footprint reduction projects to ensure that facilities--and the classified information they house or store--remain secure during the closure process. While subsequent documentation provided by the leader of LANL's physical security organization does show that Security and Safeguards Requirement Integration Teams assist with facility reduction efforts in this manner, it does not show that these teams evaluate facility security weaknesses as criteria for identifying which facilities at LANL should be closed. LANL's and NNSA's Management Approaches to Sustain Security Improvements Over the Long-Term Are in the Early Stages of Development or Contain Weaknesses: DOE, NNSA, and even LANL officials have found that LANL has consistently failed to sustain past security initiatives. For example, in DOE's 2007 Compliance Order, the Secretary of Energy wrote that although some corrective steps were taken by the previous LANL contractor in response to security incidents, the October 2006 incident demonstrated that problems continued. Similarly, NNSA's Office of Defense Nuclear Security noted in 2007 that after each security incident at LANL, the laboratory has responded by changing policies and procedures and investing in new equipment and systems. The result, according to the Office of Defense Nuclear Security, had been a steady improvement in security through mitigation of immediate problems; however, the inability to halt what NNSA has characterized as a string of incidents involving the failure to account for classified information demonstrated that LANL had not identified and addressed the root causes of security incidents. In its own analysis of the October 2006 security incident, LANL determined that the incident's root cause was inconsistent and ineffective implementation of Integrated Safeguards and Security Management principles in its classified work, despite the fact that a DOE policy governing implementation of Integrated Safeguards and Security Management throughout the DOE complex had been in place since at least 2001. In acknowledging the problem of sustaining security improvements, LANL officials described three management approaches they intend to use to ensure that security improvements currently being implemented are sustained over the long-term: (1) DOE's July 2007 Compliance Order, (2) LANL's Contractor Assurance System, and (3) NNSA's annual performance evaluation plans. However, each management approach cited by LANL officials either contains weaknesses that will affect LANL's ability to fully ensure security initiatives are sustained or is in an early stage of development. Furthermore, our January 2007 findings regarding the NNSA Site Office's capacity to oversee security at LANL have not yet been addressed.[Footnote 26] DOE's July 2007 Compliance Order Is Not Designed to Be a Tool for Management Change: LANL officials told us that completing the efforts required by DOE's July 2007 Compliance Order would ensure that security improvements are sustained. However, the Compliance Order is not designed to provide LANL with a management tool for sustaining long-term security initiatives or for future security improvement. Rather, it serves as a mechanism for DOE to enforce financial penalties against LANS should LANL fail to implement the required actions that address past security problems. Specifically, the actions required by the Compliance Order must be completed by December 2008. If they are not completed, LANS is subject to civil penalties of up to $100,000 per violation per day. In September 2007 LANL submitted an integrated corrective action plan to DOE in partial fulfillment of Compliance Order requirements. This plan outlined the 27 actions LANL intends to take to address seven critical security issues identified as having contributed to the October 2006 security incident and to meet the requirements of the Compliance Order. Of these seven critical security issues, five pertain to the physical security of classified information and resources. [Footnote 27] These five issues include the following: * LANL has not consistently or effectively implemented the principles and functions of Integrated Safeguards and Security Management in the management of classified work; * LANL's classified information security training is not fully effective; * LANL has not provided effective leadership and management in protecting classified information; * LANL's assurance system has not effectively resolved classified information protection issues; and: * LANL has not, in some cases, effectively sustained corrective actions. The majority of the actions LANL outlined in its plan to address these issues are discrete, rather than representing long-term efforts aimed at improving LANL's overall security performance. They include, for example, documenting that managers have met with employees to communicate and reinforce expectations with regard to integrating the principles of Integrated Safeguards and Security Management into daily work activities; implementing personnel actions with respect to the October 2006 security incident, such as placing formal reprimands in employees' personnel files and putting employees on unpaid leave; and revising the laboratory's policy on escorting visitors into vault-type rooms. While actions of this type should contribute to security improvements in the short-term, discrete actions such as these do not ensure that security initiatives will be sustained over time. Moreover, while the Compliance Order provides a mechanism to assess financial penalties if LANL fails to implement the actions included in its integrated corrective action plan, the mechanism will no longer be available once actions are concluded in December 2008. LANL's Contractor Assurance System Is Not Fully Developed or Deployed: LANL officials told us they expect to use the laboratory's new Contractor Assurance System to ensure that security improvements are sustained over time once actions under the Compliance Order are complete in December 2008. However, we found that the extent to which LANL will be able to rely on the Contractor Assurance System to ensure long-term sustainability of security improvements after December 2008 is unclear for two reasons. First, LANL officials told us that the system will not be fully developed or implemented by the time LANL completes its Compliance Order efforts in December 2008. Second, an internal assessment of the Contractor Assurance System found that (1) there is a lack of evidence that the system is being effectively deployed across the laboratory and (2) the measures included in the system may not be meaningful. LANL is designing the Contractor Assurance System to measure and track performance from the top down. Top-level measures, such as meeting program milestones set by NNSA or on-time delivery of products, are in place. Lower-level measures, such as measures of the work processes used to meet milestones and deliverables, are still in development. LANL officials responsible for designing the Contractor Assurance System told us that these lower-level measures are critical to the success of the system because they will provide the data that indicate where work processes are breaking down before milestones or deliverables are delayed. Officials also said that trend analysis from data associated with lower-level measures would indicate areas where security concerns are developing. During fiscal year 2008, LANL officials said they plan to focus on developing lower-level measures, but they will not complete these measures by December 2008. A senior official in NNSA's Site Office told us it could be another 3 to 4 years before the Contractor Assurance System is fully implemented. In its first internal assessment of the Contractor Assurance System completed in September 2007, LANL found that while the system was operational and met the requirements of the contract between NNSA and LANS, it contained significant weaknesses. For example, while upper- level management uses the system, there are gaps in its use across LANL's technical divisions and facilities. According to the assessment, these gaps could make the system ineffective. In addition, a LANL official told us that while managers are required to attend training on using the system, many do not yet recognize its usefulness. Moreover, the assessment found that because lower-level process measures have not yet been implemented, it may be difficult to use the system for its stated purpose--to improve management and performance. For example, the assessment found that the Contractor Assurance System cannot yet measure key management and performance indicators, such as budget performance, fiscal accountability, and customer satisfaction or dissatisfaction with LANL products and services. In this regard, a LANL official told us that the Contractor Assurance System is not yet mature enough for laboratory officials to understand the best ways to use it and that LANL managers are still identifying which processes they need to measure in order to gather relevant performance data. In commenting on our report, LANL officials agreed with our assessment of the Contractor Assurance System and noted that efforts to improve its maturity are ongoing. NNSA's Performance Evaluation Plans Principally Focus on Achieving Compliance with DOE Requirements and Do Not Sufficiently Reward LANL's Security Program for Improved Security Performance: LANL officials told us the laboratory also plans to realize sustained security improvements by meeting the security-related performance incentives in the annual performance evaluation plans NNSA uses to measure performance and determine an award fee. The fiscal year 2007 and fiscal year 2008 performance evaluation plans contain both objective and subjective measures of security performance that are tied to financial incentives. Objective measures of security performance use specific and discrete criteria that are not judgmental, such as achieving a particular score on a security evaluation, while subjective measures of security performance use broad criteria that are judgmental, such as effectiveness of security planning. According to NNSA's Site Office, the two sets of measures complement each other and allow NNSA to withhold incentive fees when its expectations for effective management and leadership are not met. Site Office officials told us it is possible LANL could achieve success in all of the objective security measures but fail to earn award fees on the basis of its performance assessed with subjective measures. We found that the objective measures included in the performance evaluation plans reward LANL for complying with existing DOE security requirements but do not sufficiently reward LANL for improving its security performance. Of the $51.3 million potentially available for LANS's total performance-based incentive fee in fiscal year 2008, only $1.43 million is associated with objective measures of security performance. Of this total, $1.4 million is an incentive for compliance with DOE security requirements, and only $30,000 is allocated to forward-looking and laboratorywide security improvement. According to a senior NNSA security official, compliance with DOE requirements does not assure that LANL's security program is functioning effectively, and actions to achieve compliance may not be valuable unless the actions also address management or operational needs. Specifically, in fiscal year 2008, we found the following objective provisions: * $800,000 to achieve the milestones LANL sets in an annual security operating plan, which aligns LANL's security activities with its budget. The fiscal year 2008 annual security operating plan provides a roadmap for LANL security program compliance with DOE requirements and includes milestones such as submitting the Site Safeguards and Security Plan, conducting security training, publishing security policy, completing quarterly equipment maintenance requirements, and conducting inventories of special nuclear material. * $200,000 to achieve an overall satisfactory rating on the Site Office's annual security survey. * $400,000 to achieve 90 percent of the milestones associated with the ongoing Phase 2 Nuclear Materials Safeguards and Security Upgrade construction project. * $30,000 to develop a forward-looking Safeguards and Security Modernization Plan, which according to a senior Site Office official, is in progress. This official said the Site Office expects LANL to deliver a plan that can begin to be implemented in fiscal year 2009, if the budget allows. However, the official also said the Site Office has not provided any criteria or guidance to LANL about what the plan should include. The objective measures for security performance established under the fiscal year 2007 Performance Evaluation Plan were similar to those established in fiscal year 2008. Specifically, for fiscal year 2007, we found the following incentive provisions: * about $1.2 million to achieve the milestones in the fiscal year 2007 annual security operating plan, which were as compliance-oriented as they are in the fiscal year 2008 annual security operating plan; * about $670,000 to ensure that inventories of special nuclear material accurately detected any gain or loss of material, excluding legacy material; * about $560,000 if DOE validated that LANL's Safeguards and Security program was rated "effective" on five of seven ratings contained in the Office of Independent Oversight assessment and was rated overall "satisfactory" in the Site Office survey; and: * about $270,000 to achieve all of the milestones included in the fiscal year 2007 annual operating plan for cyber security.[Footnote 28] Financial incentives associated with objective measures of security performance totaled nearly $2.7 million in fiscal year 2007. The entire $2.7 million encouraged LANL to comply with existing DOE requirements for effective security operations. LANL earned $2.4 million of the $2.7 million potentially available, despite the occurrence of the October 2006 security incident. NNSA increased the potential performance award fee associated with subjective measures for laboratory performance in fiscal year 2007 as a result of the October 2006 security incident and also included subjective measures in the fiscal year 2008 Performance Evaluation Plan. These measures evaluate LANS's leadership in integrating programs, including security, across the laboratory and achieving exemplary overall laboratory performance. We found that these measures are neither compliance-based nor forward-looking, but rather focus on overall quality of performance. In fiscal year 2007, LANL received its lowest performance rating in this category, earning only 35 percent of the over $10 million potentially available. LANL's low performance rating directly reflected the occurrence of the October 2006 security incident. In fiscal year 2008, the award fee potentially available for successful achievement of subjective measures is $10.3 million, approximately $125,000 more than in fiscal year 2007. One of the 20 criteria NNSA will consider in determining the fiscal year 2008 award fee in this area is specific to overall performance, timeliness, and effectiveness of security commitments. A senior Site Office official told us that security performance will also be considered when NNSA evaluates overall laboratory leadership and management. However, according to Site Office officials, NNSA has not yet determined how it will weigh security against other criteria, such as Weapons or Threat Reduction program performance, when determining how much of the award fee LANS will earn for achieving subjective performance measures. Prior Findings on the NNSA Site Office's Capacity to Oversee Security at LANL Have Not Yet Been Addressed: While it is important for LANL to continue to improve the performance of its security programs through the use of the management tools previously discussed, the Site Office must still directly oversee LANL's security program. Specifically, the Site Office is required to conduct a comprehensive annual survey of LANL's Safeguards and Security performance to assure DOE that the site is appropriately protected. These surveys must be validated through, among other things, document reviews, performance testing, direct observation, and interviews. To conduct these surveys, as well as routine oversight, the Site Office must be appropriately staffed with trained professionals. In our January 2007 report on the effectiveness of NNSA's management of its security programs, we found that NNSA's site offices--including the Los Alamos Site Office--suffered from shortages of security personnel, lacked adequate training resources and opportunities for site office security staff, and lacked data to determine the overall effectiveness of its Safeguards and Security program.[Footnote 29] We reported that these factors contributed to weakness in NNSA's oversight of security at its laboratories and production facilities. During the course of this review, senior Los Alamos Site Office officials confirmed that these problems persist. For example, they said NNSA has not developed a strategy for determining long-term staffing needs at the Site Office. As of October 2007, the Site Office employed 13 security staff--enough for one person to oversee each of the topical areas the Site Office had to evaluate. This staffing level, officials said, was sufficient to cover only 15 percent of LANL's facilities. More recently, a senior security official at the Site Office said security staffing levels have decreased since October 2007. Furthermore, while NNSA had identified the need to train and certify Site Office security personnel in nuclear material control and accountability, vulnerability assessment, and personnel security, no specific funding for this training has been made available according to Site Office officials. According to the Los Alamos Site Office's Site Manager, the Site Office must employ expertise sufficient to determine, through effective oversight activities, whether LANL is implementing the policies and plans that it puts forward. Conclusions: Accomplishing the mission of conducting world-class scientific work at Los Alamos National Laboratory requires the laboratory to maintain a security program that effectively addresses current security risks, anticipates future security risks, and ensures that initiatives to address both current and future risks are sustained over the long-term. While LANL has focused its attention on fixing current security risks in reaction to recent incidents and has implemented initiatives that address a number of previously identified security concerns, LANL has not developed the long-term strategic framework necessary to ensure that these fixes are sustained over time. In addition, some important security problems identified in external evaluations have not been fully addressed. Moreover, our review pointed out the potential for cyber security risks to increase as a result of actions to improve physical security. Consequently, while LANL security officials have indicated their desire to prevent future security incidents, we believe that only a long-term, integrated strategy can help ensure that they will succeed. Continuously implementing security improvement initiatives over the long-term and proactively addressing new security risks also requires an effective process for assessing contractor performance on security activities. We believe the relative immaturity of and weaknesses in the management approaches LANL and NNSA intend to use to ensure that security improvements are sustained may limit their effectiveness and result in a failure to sustain security improvement initiatives. Specifically, DOE's Compliance Order requires LANL to take immediate actions to improve security deficiencies, but the Compliance Order does not serve as a tool for ensuring these actions are sustained. In addition, we have doubts that LANL's Contractor Assurance System can sustain security improvement initiatives until it is sufficiently mature, which may take several years. Therefore, we believe performance evaluation plans hold the most promise for ensuring that security initiatives are sustained over the long-term. When the LANL management and operating contract was competed in 2005, laboratory security was a key consideration. NNSA stated that it intended to put a contract in place, along with an annual performance evaluation plan, that would communicate its priorities and provide incentives to accomplish those priorities. However, despite NNSA's persistent statements about the importance of security, we believe that the performance evaluation plans that NNSA has issued under the new LANS contract do not provide meaningful financial incentives for strategic security improvements or communicate to LANL that security is a top federal priority. Rather than reward LANL for principally complying with current DOE security requirements, in our view, financial incentives in performance evaluation plans should be focused on the long-term improvement of security program effectiveness to a greater extent. We believe that LANL needs to develop a strategic plan for laboratory security that is comprehensive, contains solutions to address all previously identified security findings, takes an integrated view of physical and cyber security, provides opportunities for periodic updates to ensure additional security risks are identified and addressed, and is tied to meaningful performance incentive fees. Finally, as LANL plans for further reductions in its facility footprint, it has an opportunity to assess facilities' security weaknesses, as well as their deferred maintenance burdens and their anticipated contributions to future program missions, when it first determines which facilities should be reduced. In our view, including an assessment of facilities' security weaknesses in this initial decision-making process would enhance the security benefits derived from the effort to reduce the footprint. Recommendations for Executive Action: To improve security at Los Alamos National Laboratory, we recommend that the Secretary of Energy and the Administrator of NNSA require LANL to develop a comprehensive strategic plan for laboratory security that (1) addresses all previously identified security weaknesses, (2) contains specific and objective measures for developing and implementing solutions that address previously identified security weaknesses and against which performance can be evaluated, (3) takes an integrated view of physical and cyber security, (4) focuses on improving security program effectiveness, and (5) provides for periodic review and assessment of the strategic plan to ensure LANL identifies any additional security risks and addresses them. To ensure sustained improvement of LANL's security program, we recommend that the Administrator of NNSA provide meaningful financial incentives in future performance evaluation plans for implementation of this comprehensive strategic plan for laboratory security. To enhance security initiatives already under way at LANL, we recommend that NNSA require that future laboratory plans for footprint reduction include specific criteria for evaluating facilities' security risks when making initial selections of facilities for footprint reduction. Agency Comments and Our Evaluation: We provided NNSA with a copy of this report for review and comment. NNSA did not specifically comment on our recommendations. However, NNSA stated that while there is still much to be accomplished, NNSA believes that progress has been made in addressing reductions in classified parts, classified documents, vaults, and vault-type rooms, as well as with the implementation of engineered controls. While we acknowledge LANL's progress in our report, NNSA noted that several security problems at LANL addressed in the report--specifically, nonstandard storage of classified parts and the maturation of contractor assurance systems--are issues for the broader nuclear weapons complex as well. Overall, we continue to believe that the key issue is that NNSA and LANL cannot ensure that initiatives such as these will be sustained, or that changing security vulnerabilities will be identified and proactively addressed, without implementing our recommendations for a long-term strategic framework for security that effectively assesses contractor performance. NNSA's comments on our draft report are included in appendix V. NNSA also provided technical comments from LANL, which we have incorporated into this report as appropriate. As agreed with your offices, unless you publicly announce the contents of this report, we plan no further distribution until 30 days from the report date. At that time, we will send copies of this report to interested congressional committees, the Secretary of Energy, and the Administrator of NNSA. We will also make copies available to others upon request. In addition, the report will be made available at no charge on the GAO Web site at [hyperlink, http://www.gao.gov]. If you or your staffs have any questions about this report, please contact me at (202) 512-3481 or aloisee@gao.gov. Contact points for our Offices of Congressional Relations and Public Affairs may be found on the last page of this report. GAO staff who made major contributions to this report are listed in appendix VI. Signed by: Gene Aloise: Director, Natural Resources and Environment: [End of section] Appendix I: Objectives, Scope, and Methodology: To identify Los Alamos National Laboratory's (LANL) major programs, we collected Department of Energy (DOE) and LANL budget, program, and activities documentation. This documentation included data on work LANL conducts for other federal agencies and nonfederal organizations, as well as projects LANL undertakes at its own direction. We used this documentation to identify major program categories and to group LANL's activities within them. Specifically, we identified three major program categories--Nuclear Weapons Science, Threat Reduction Science and Support, and Fundamental Science and Energy; and two key support programs--Environmental Programs and Safeguards and Security. LANL officials reviewed and validated our results, and based on feedback they provided, we made adjustments as needed. To determine the extent to which LANL's major and support programs rely on classified resources to meet their objectives, we collected information on classified resource use on a facility basis. Although we initially requested data on each program's use of classified resources, this data was not available because LANL maintains this data on a facility basis. LANL's facilities are shared in a matrix management approach by the laboratory's 64 technical divisions to execute programs. To enhance the accuracy and completeness of the facility- level information we collected, we developed a data collection instrument for LANL officials to complete that included specific data fields and definitions. To select the facilities for inclusion in this data collection instrument, we used LANL's real property catalogue, which lists each of the 1,283 facilities on the laboratory's campus. From this list, we excluded facilities containing only utility services, such as steam plants, and facilities with full-time occupancies of fewer than 10 people, unless the facility, based on its use for experiments, could potentially house or store classified resources. We also allowed like- facilities, such as individual bunkers used for high explosives testing, to be grouped together as one facility. Using these definitions, LANL officials determined that 633 facilities should be included in our review. We compared the facilities LANL had selected with the original real property list and agreed the 633 facilities selected by LANL represented the appropriate facilities for our analysis. Using the data collection instrument we had provided, LANL officials entered information on (1) the security protection level of each of the 633 facilities, as described by DOE Manual 470.4-2, Physical Protection, which defines different levels of security depending on the type and amount of classified resources these facilities store or house; (2) the types of classified resources housed or stored in each facility; (3) where practical, how many of each type of classified resource each facility stores or houses; (4) which of the laboratory's major and support programs rely on the classified resources in each facility; and (5) how much space each of the laboratory's major and support programs use in each facility as a percentage of that facility's gross square footage. We analyzed the data by aggregating facilities by program and apportioned classified resource usage according to three categories: (1) a program is the exclusive user of all of the space in a facility storing or housing classified resources, (2) a program is the primary user of space in a facility storing or housing classified resources because it uses more space than any of the other major or support programs at LANL, and (3) a program uses some space in a facility storing or housing classified resources. Because our analysis focused on facilities used for one of LANL's three major programs, we excluded facilities only used by laboratory support programs, resulting in final analysis of 607 of the original 633 facilities. To evaluate the completeness and accuracy of the information LANL officials provided, we compared the data with other documentary and testimonial evidence we collected during the course of our review to ensure that the data were consistent. For example, we had received briefings about the reduction of vault-type rooms at LANL, and we ensured that the total number of vault-type rooms LANL program managers had discussed with us during these briefings matched the total number of vault-type rooms identified in the facility data LANL provided. In addition, we compared the data provided on the security levels of specific facilities with our physical observations of security safeguards at these same facilities during site visits to determine whether the data LANL officials provided were consistent with our experiences at those facilities. We also conducted logic and electronic tests of the data and followed up with LANL officials to resolve discrepancies. We determined that these data were sufficiently reliable for our purposes. To identify the initiatives LANL is taking to consolidate its classified resources and reduce the scope of its physical footprint, we collected and reviewed data on LANL's plans for consolidating classified resources and interviewed key LANL, National Nuclear Security Administration (NNSA), and DOE officials. We also toured LANL facilities that house and store classified resources, such as vault- type rooms and the super vault-type room, and visited a facility where classified nuclear weapon parts are being destroyed. In addition, we identified the buildings that LANL was proposing to close as part of its footprint reduction effort and, using the information provided by LANL officials in response to our data collection instrument, determined whether closing these buildings could improve LANL's security posture by eliminating or consolidating the classified resources that may have been stored or housed in them as a result of footprint reduction. Finally, we visited sites currently undergoing closure and sites proposed for consolidation and reduction. To determine if LANL's security initiatives address previously identified security concerns, we reviewed security evaluations conducted by DOE's Office of Independent Oversight and NNSA's Site Office from fiscal years 2000 to 2008 and identified the security concerns raised by these evaluations. We then compared LANL's current initiatives with the results of our review of the security evaluations to determine if all of the security concerns were being addressed. We discussed the results of this analysis with DOE, NNSA headquarters, NNSA Site Office, and LANL contractor officials. In addition, we reviewed relevant DOE Office of Inspector General reports. To determine whether the management approach LANL is implementing under the new LANS contract is sufficient to ensure that LANL's security improvement initiatives are fully implemented and sustainable, we asked LANL and NNSA to identify how they intended to sustain security improvements and ensure the effectiveness of LANL's security. We reviewed the management approaches they identified, specifically (1) LANL's actions in response to DOE's July 2007 Compliance Order resulting from the October 2006 security incident, (2) the security- related aspects of the new Contractor Assurance System LANL is implementing, and (3) the incentives being used to improve security at LANL under the 2007 and 2008 Performance Evaluation Plans. As part of this review, we determined the extent to which each of these management approaches could sustain security improvement initiatives over the long- term and the extent to which these management approaches focused on either compliance with DOE security requirements or improved effectiveness of LANL's security program. We discussed these management approaches with LANL, NNSA headquarters, and NNSA Site Office officials. We conducted this performance audit from March 2007 to June 2008 in accordance with generally accepted government auditing standards. Those standards require that we plan and perform the audit to obtain sufficient, appropriate evidence to provide a reasonable basis for our findings and conclusions based on our audit objectives. We believe that the evidence obtained provides a reasonable basis for our findings and conclusions based on our audit objectives. [End of section] Appendix II: LANL's NNSA Supported Nuclear Weapons Science Programs: LANL conducted work on 41 Nuclear Weapons Science programs in fiscal year 2007, all of which were supported by NNSA. When program objectives are shared, they have been combined in the table below. Dollars in millions: Program: Operation of Facilities; Description: Supports the operation and maintenance of facilities and infrastructure that support the accomplishment of Nuclear Weapons Science programmatic missions; Fiscal year 2007 budget[A]: $332.9; Fiscal year 2007 FTEs[B]: 1,021. Program: Pit Manufacturing and Certification; Description: Re-establishes an immediate capability to manufacture pits in support of the nuclear weapons stockpile, plans for long-term pit manufacturing capability, and manufactures specific quantities of W88 pits; Fiscal year 2007 budget[A]: $226.9; Fiscal year 2007 FTEs[B]: 599. Program: Line Item Construction; Description: Supports the construction of new facilities and significant upgrades to existing facilities; Fiscal year 2007 budget[A]: $226.6; Fiscal year 2007 FTEs[B]: 73[C]. Program: Advanced Simulation and Computing; Description: Provides the advanced computing infrastructure--hardware, software, and code--to simulate nuclear weapon performance; Fiscal year 2007 budget[A]: $202.5; Fiscal year 2007 FTEs[B]: 446. Program: Stockpile Services; Description: Conducts research, development, and production work that is applicable to multiple nuclear weapon systems, as opposed to a specific weapons system (for example, basic research on critical factors of nuclear weapon operations); Fiscal year 2007 budget[A]: $140.7; Fiscal year 2007 FTEs[B]: 361. Program: Stockpile Systems; Description: Supports routine maintenance, periodic repair, replacement of components, and surveillance of the W76, W78, W88, and B61 weapon types; Fiscal year 2007 budget[A]: $67.4; Fiscal year 2007 FTEs[B]: 162. Program: Facilities and Infrastructure Recapitalization; Description: Provides worker safety and operational improvements to facilities, such as heating and electrical system upgrades; Fiscal year 2007 budget[A]: $52.6; Fiscal year 2007 FTEs[B]: 73[C]. Program: Life Extension Program; Description: Extends the lifetime of warheads or components of these warheads to ensure that they continue to perform as designed--currently programs focus on the W76 and B61 weapon types; Fiscal year 2007 budget[A]: $44.1; Fiscal year 2007 FTEs[B]: 120. Program: Dynamic Materials Properties; Description: Develops physics-based data and models of all stockpile materials that are validated against past nuclear test history and are incorporated into weapons simulation models to make these models more realistic; Fiscal year 2007 budget[A]: $29.9; Fiscal year 2007 FTEs[B]: 88. Program: Secondary Assessment Technologies; Description: Develops tools and capabilities to understand the physics behind the secondary stage of a nuclear weapon explosion without underground testing; Fiscal year 2007 budget[A]: $28.1; Fiscal year 2007 FTEs[B]: 75. Program: Enhanced Surveillance; Description: Provides component and material lifetime assessments to support weapon refurbishment decisions and develops capabilities to identify and predict aging-related concerns in the stockpile; Fiscal year 2007 budget[A]: $22.9; Fiscal year 2007 FTEs[B]: 61. Program: Material Recycle and Recovery; Description: Provides for recycling and recovery of nuclear materials from fabrication and assembly and dismantlement operations and supports purification of these materials for safe and environmentally acceptable storage; Fiscal year 2007 budget[A]: $21.4; Fiscal year 2007 FTEs[B]: 47. Program: Advanced Radiography; Description: Supports development of technologies and line item construction for three-dimensional imagery of primary stage implosions of mock nuclear weapons to improve models and simulations; Fiscal year 2007 budget[A]: $21.1; Fiscal year 2007 FTEs[B]: 55. Program: Primary Assessment Technologies; Description: Develops tools and capabilities to understand the physics behind the primary stage of a nuclear weapon explosion without underground testing; Fiscal year 2007 budget[A]: $19.1; Fiscal year 2007 FTEs[B]: 55. Program: Nuclear Weapons Incident Response; Description: Assists in operating, maintaining, and exercising DOE's capability to respond to global radiological accidents and incidents; Fiscal year 2007 budget[A]: $17.9; Fiscal year 2007 FTEs[B]: 45. Program: Inertial Confinement Fusion - Ignition; Description: Provides data, modeling, and diagnostic instrumentation in support of high-energy density physics work, including efforts to achieve fusion ignition; Fiscal year 2007 budget[A]: $15.3; Fiscal year 2007 FTEs[B]: 41. Program: Retired Systems; Description: Supports dismantlement activities for weapon-types that have been retired; Fiscal year 2007 budget[A]: $9.9; Fiscal year 2007 FTEs[B]: 13. Program: Advanced Design and Production Technologies; Description: Designs and produces new technologies for use in manufacturing activities including weapon detonators and pits; Fiscal year 2007 budget[A]: $4.7; Fiscal year 2007 FTEs[B]: 13. Program: Test Readiness; Description: Maintains underground nuclear test capabilities that could be operationalized in a given period of time should the United States decide to return to underground nuclear testing; Fiscal year 2007 budget[A]: $3.8; Fiscal year 2007 FTEs[B]: 10. Program: Program Readiness; Description: Provides resources for supporting activities that cut across Nuclear Weapons Science facilities and programs such as nuclear criticality safety; Fiscal year 2007 budget[A]: $3.5; Fiscal year 2007 FTEs[B]: 8. Program: Reliable Replacement Warhead; Description: Identifies designs for a replacement warhead that will sustain long-term confidence in the safety, security, and reliability of the nuclear weapons stockpile and can be certified without the use of underground nuclear testing; Fiscal year 2007 budget[A]: $3.4; Fiscal year 2007 FTEs[B]: 6. Program: Enhanced Surety; Description: Provides technology options to enhance safety and security in refurbished weapons; Fiscal year 2007 budget[A]: $2.3; Fiscal year 2007 FTEs[B]: 8. Program: Weapons Systems Engineering Assessment Technology; Description: Provides data, diagnostics, and capabilities to develop engineering models that will help assess weapon designs; Fiscal year 2007 budget[A]: $1.8; Fiscal year 2007 FTEs[B]: 9. Program: Nuclear Survivability; Description: Provides the tools and technologies needed to design and qualify components to meet requirements for environments with high levels of radiation, such as space; Fiscal year 2007 budget[A]: $1.3; Fiscal year 2007 FTEs[B]: 4. Program: High Explosives and Weapons Operations; Description: Ensures the capability to manufacture and assemble high explosive components of nuclear weapons; Fiscal year 2007 budget[A]: $1.3; Fiscal year 2007 FTEs[B]: 1. Program: Nonnuclear Readiness; Description: Provides the electrical, electronic, and mechanical capabilities required to weaponize a nuclear explosive; Fiscal year 2007 budget[A]: $1.3; Fiscal year 2007 FTEs[B]: 2. Program: Total; Fiscal year 2007 budget[A]: $1,502.8; Fiscal year 2007 FTEs[B]: 3,396. Source: GAO analysis of LANL and DOE data. [A] Fiscal year 2007 budget includes new budget authority and unexpended funds carried over from prior fiscal years. [B] Full-time equivalent (FTE) employees include direct LANL employees, as well as subcontractors for security and maintenance. [C] The figure includes only LANL employees and security and maintenance subcontractors; it does not include construction subcontractors. [End of table] [End of section] Appendix III: LANL's NNSA Supported Threat Reduction Science and Support Programs: LANL conducted work on 12 Threat Reduction Science and Support programs in fiscal year 2007 that were supported by NNSA. Of these 12 programs, 9 had budgets in fiscal year 2007 that exceeded $1 million each. Information about these programs is in the table below. Dollars in millions: Program: Nonproliferation and Verification Research and Development; Description: Provides science, as well as monitoring, sensing, and measurement technologies, to observe the earth from space-based satellites and ground-based systems in order to detect banned nuclear explosions; Fiscal year 2007 budget[A]: $95.5; Fiscal year 2007 FTEs[B]: 254. Program: U.S. Surplus Fissile Materials Disposition; Description: Provides plutonium processing technologies and operations in support of efforts to disassemble pits and convert the plutonium in them into fuel usable in commercial nuclear reactors; Fiscal year 2007 budget[A]: $43; Fiscal year 2007 FTEs[B]: 117. Program: International Nuclear Materials Protection and Cooperation; Description: Provides expertise in nuclear materials accountability that supports U.S. efforts to secure nuclear materials in Russia and other areas of concern, as well as detection of nuclear materials as they move through global border crossings and seaports; Fiscal year 2007 budget[A]: $31; Fiscal year 2007 FTEs[B]: 33[C]. Program: Nonproliferation and International Security; Description: Provides policy and technical support for U.S. nonproliferation and arms control treaties that promote WMD reductions, as well as nuclear weapons programs dismantlement, specifically in North Korea; Fiscal year 2007 budget[A]: $26.4; Fiscal year 2007 FTEs[B]: 52. Program: Global Threat Reduction Initiative; Description: Supports efforts to secure, package, and transport vulnerable or high-risk nuclear materials throughout the world for safe storage or disposal; Fiscal year 2007 budget[A]: $16; Fiscal year 2007 FTEs[B]: 24. Program: Surplus Plutonium Pit Storage; Description: Provides safe storage configurations for surplus plutonium until the plutonium is moved from LANL for disposition; Fiscal year 2007 budget[A]: $5.2; Fiscal year 2007 FTEs[B]: 0. Program: Line Item Construction; Description: Supports construction of the Pit Disassembly and Conversion Facility--which will dismantle surplus pits and convert the plutonium in them into a form that can ultimately be used commercially for fuel--at the Savannah River Site in South Carolina; Fiscal year 2007 budget[A]: $2.9; Fiscal year 2007 FTEs[B]: 2[D]. Program: Russian Transition Initiatives; Description: Supports efforts to downsize the former Soviet Union's nuclear weapons complex by helping create business opportunities for displaced weapons workers; Fiscal year 2007 budget[A]: $1.9; Fiscal year 2007 FTEs[B]: 2[C]. Program: Russian Plutonium Disposition; Description: Provides scientific and technical support in fulfillment of the U.S. commitment to Russia to help it dispose of surplus weapons- grade plutonium; Fiscal year 2007 budget[A]: $1.6; Fiscal year 2007 FTEs[B]: 0. Program: Total; Fiscal year 2007 budget[A]: $223.5; Fiscal year 2007 FTEs[B]: 484. Source: GAO analysis of LANL and DOE data. Note: In addition to these programs for which NNSA provides funds, other parts of DOE provided an additional $9 million to support Safeguards and Security for nuclear nonproliferation activities at LANL. [A] The fiscal year 2007 budget includes new budget authority and unexpended funds carried over from prior fiscal years. [B] FTEs include direct LANL employees, as well as subcontractors for security and maintenance. [C] Includes the LANL employees who serve as project managers for projects implemented overseas. [D] The figure includes only LANL employees and security and maintenance subcontractors; it does not include construction subcontractors. [End of table] [End of section] Appendix IV: LANL's Fundamental Science and Energy Programs Supported by DOE: Dollars in millions. DOE, Office of Science; Program descriptions: Supports 11 programs at LANL that focus on materials sciences, chemistry, biological and environmental research, fusion, theoretical and nuclear physics, nonaccelerator based physics, and computational and technology research; Fiscal year 2007 budget[A]: $81.8; Fiscal year 2007 FTEs[B]: 213. DOE, Office of Nuclear Energy; Program descriptions: Supports five programs at LANL that focus on space and defense nuclear power systems, the nuclear fuel cycle, nuclear power generation, and the production and distribution of radioactive isotopes; Fiscal year 2007 budget[A]: $41.6; Fiscal year 2007 FTEs[B]: 102. DOE, Office of Fossil Energy; Program descriptions: Supports 35 programs at LANL that focus on research and development in carbon capture and sequestration, unconventional fuels, fuel utilization, climate, and predicting engineered natural systems; Fiscal year 2007 budget[A]: $27.6; Fiscal year 2007 FTEs[B]: 68. Total; Fiscal year 2007 budget[A]: $151.0; Fiscal year 2007 FTEs[B]: 383. Source: GAO analysis of LANL and DOE data. [A] The fiscal year 2007 budget includes new budget authority and unexpended funds carried over from prior fiscal years. [B] FTEs include direct LANL employees, as well as subcontractors for security and maintenance. [End of table] [End of section] Appendix V: Comments from the National Nuclear Security Administration: Department of Energy: National Nuclear Security Administration: Washington, DC 20585: June 5, 2008: Mr. Gene Aloise: Director: Natural Resources and Environment: Government Accountability Office: Washington, DC 20548: Dear Mr. Aloise: The National Nuclear Security Administration (NNSA) appreciates the opportunity to review the Government Accountability Office's (GAO) draft report, GAO-08-694, "Los Alamos National Laboratory: Long-Term Strategies Needed to Improve Security and Management Oversight." We understand that GAO was requested by the House's Committee on Energy and Commerce and its Subcommittee on Oversight and Investigations to: (1) identify the Laboratory's major programs and activities and how much they rely on classified recourses; (2) identify initiatives the Laboratory is taking to reduce and consolidate classified resources and physical footprint and the extent to which these initiatives address earlier security concerns; and, (3) determine whether new management approaches will sustain security improvements over the long-term. We appreciate GAO's efforts and the report's depiction of the Laboratory's programs and world-class status in the areas of science and engineering. However, the report also addresses perceived inadequacies in the Laboratory's security program and gives the impression that the significant problems that remain are, by-and-large, not being addressed. NNSA does not believe this to be the case. While there is much to be accomplished, progress has been made in addressing reductions in classified parts, classified documents and corresponding reductions in vault and vault type rooms. Equally, there is significant progress achieved in the implementation of engineered controls. As you are aware, there have been several Independent Oversight Site Office reviews which indicate that initiatives implemented by the Laboratory to correct those noted deficiencies form the framework for long-term security improvements. The report discusses to the storage of nonstandard parts, and NNSA agrees that this particular topic is an area of concern. NNSA is addressing the issue of storage for nonstandard parts corporately. It is not just a Los Alamos concern. Also, at a corporate level is the issue of Contractor Assurance Systems. Contractor Assurance Systems are evolving and maturing with all of NNSA's contractors, our collective efforts are to make any of the assurance systems integrated on a site- wide basis. It is a dynamic process and refinements are made to all of the systems on an ongoing basis. Finally, the Los Alamos material management system referenced in the draft report is recognized as outdated, as stated in the report. The Laboratory, Site Office and Program element have plans in place to replace the existing system by 2010, baring any unforeseen budget reductions. NNSA is providing additional technical comments to the report through separate means and will address the report's recommendations through the Management Decision process. These comments are designed to correct factual inaccuracies or misperceptions. Should you have any questions related to this response, please contact Richard Speidel, Director, Policy and Internal Controls Management, at 202-586-5009. Sincerely, Signed by: Michael C. Kane: Associate Administrator for Management and Administration: [End of section] Appendix VI GAO Contact and Staff Acknowledgments: GAO Contact: Gene Aloise, (202) 512-3841 or aloisee@gao.gov: Staff Acknowledgments: In addition to the individual named above, James Noel, Assistant Director; Nabajyoti Barkakati; Allison Bawden; Omari Norman; Rachael Schacherer; Rebecca Shea; Carol Herrnstadt Shulman; and Greg Wilshusen made key contributions to this report. [End of section] Footnotes: [1] The other design and development laboratories are Lawrence Livermore National Laboratory in Livermore, California, and Sandia National Laboratories in Albuquerque, New Mexico, and Livermore, California. [2] In commenting on our report, LANL officials noted that following the voluntary separation in January 2008, laboratory employment totaled around 11,000. [3] Special nuclear material is considered to be Category I when it is weapons-grade and occurs in specified forms and quantities. Category II, III and IV special nuclear material is of lower strategic significance and quantity than Category I special nuclear material. [4] The Nuclear Emergency Search Team provides technical capabilities to respond to potential and actual radiological threats and incidents. [5] U.S. Department of Energy Office of Inspector General, Office of Audit Services, The National Nuclear Security Administration's Management of Classified Weapons Parts, DOE/IG-0772 (Washington, D.C., July 2007) [6] GAO, Los Alamos National Laboratory: Information on Security of Classified Data, Nuclear Material Controls, Nuclear and Worker Safety, and Project Management Weaknesses, [hyperlink, http://www.gao.gov/cgi- bin/getrpt?GAO-08-173R] (Washington, D.C.: Jan. 10, 2008) [7] GAO, Stand-Down of Los Alamos National Laboratory: Total Costs Uncertain; Almost All Mission-Critical Programs Were Affected but Have Recovered, [hyperlink, http://www.gao.gov/cgi-bin/getrpt?GAO-06-83] (Washington, D.C.: Nov. 18, 2005) [8] In 2007, BWX Technologies consolidated its operations under the name The Babcock & Wilcox Company. [9] GAO, National Nuclear Security Administration: Additional Actions Needed to Improve Management of the Nation's Nuclear Programs, [hyperlink, http://www.gao.gov/cgi-bin/getrpt?GAO-07-36] (Washington, D.C.: Jan. 19, 2007). [10] According to LANL officials, the number of employees at the laboratory varies from day to day depending on the number of subcontractors on site, including, for example, those working on construction projects. [11] Modern nuclear weapons have a primary stage, or pit, that is the initial source of energy and a secondary stage that is driven by the primary and provides additional explosive energy. [12] We are defining classified resources to include any classified matter, material, or facility--such as documents, special nuclear material, and vault-type rooms--that require physical security protections. [13] For more information on how these reviews are administered, see [hyperlink, http://www.gao.gov/cgi-bin/getrpt?GAO-07-36]. [14] GAO, Nuclear Weapons: Annual Assessment of the Safety, Performance, and Reliability of the Nation's Stockpile, [hyperlink, http://www.gao.gov/cgi-bin/getrpt?GAO-07-243R] (Washington, D.C.: Feb. 2, 2007). [15] GAO, Nuclear Weapons: NNSA Needs to Refine and More Effectively Manage Its New Approach for Assessing and Certifying Nuclear Weapons, [hyperlink, http://www.gao.gov/cgi-bin/getrpt?GAO-06-261] (Washington, D.C.: Feb. 3, 2006). [16] As part of a separate review, GAO is currently evaluating the management of NNSA's Life Extension Program and, in particular, the efforts related to refurbishing LANL's W76 and B61 nuclear weapon systems. [17] GAO, Nuclear Weapons: NNSA Needs to Establish a Cost and Schedule Baseline for Manufacturing a Critical Nuclear Weapon Component, [hyperlink, http://www.gao.gov/cgi-bin/getrpt?GAO-08-593] (Washington, D.C.: May 23, 2008). [18] U.S. Department of Energy Office of Inspector General, Office of Audit Services, The Department's Progress in Meeting Los Alamos National Laboratory Consent Order Milestones, DOE/IG-0793 (Washington, D.C., April 2008). [19] GAO, Federal Research: Information on DOE's Laboratory-Directed R&D Program, [hyperlink, http://www.gao.gov/cgi-bin/getrpt?GAO-04-489] (Washington, D.C.: Apr. 30, 2004). [20] LANL's footprint reduction plans acknowledge that some new facilities must also be constructed to replace those reduced. However, the effect on LANL's total footprint from new square footage that would be created through construction is not reported in these plans. [21] These assessments were conducted in fiscal years 2000, 2003, 2007, and 2008. In fiscal year 2004, the Office of Independent Oversight conducted three special topic assessments, none of which, according to an Office of Independent Oversight official, focused specifically on classified resource protection. In fiscal year 2008, a special assessment was conducted of LANL to follow-up on findings from the fiscal year 2007 assessment. [22] Surveys were conducted every fiscal year between 2000 and 2007, except for fiscal year 2004 when a survey was not conducted because of the LANL shutdown. [23] DOE/IG-0772. [24] We are currently conducting a separate review of cyber security across the DOE nuclear weapons complex, including at LANL. [25] GAO, Nuclear Security: NNSA Needs to Better Manage Its Safeguards and Security Program, [hyperlink, http://www.gao.gov/cgi-bin/getrpt?GAO- 03-471] (Washington, D.C.: May 30, 2003). [26] [hyperlink, http://www.gao.gov/cgi-bin/getrpt?GAO-07-36]. [27] The other two critical security issues relate to cyber security at LANL. As described earlier in this report, we are separately reviewing cyber security across the DOE complex, including at LANL; thus, cyber security is not included in this review. [28] In fiscal year 2008, cyber security performance was measured separately from physical security, and $1.2 million in potential award fees were allocated to cyber security. [29] [hyperlink, http://www.gao.gov/cgi-bin/getrpt?GAO-07-36]. [End of section] GAO's Mission: The Government Accountability Office, the audit, evaluation and investigative arm of Congress, exists to support Congress in meeting its constitutional responsibilities and to help improve the performance and accountability of the federal government for the American people. GAO examines the use of public funds; evaluates federal programs and policies; and provides analyses, recommendations, and other assistance to help Congress make informed oversight, policy, and funding decisions. GAO's commitment to good government is reflected in its core values of accountability, integrity, and reliability. Obtaining Copies of GAO Reports and Testimony: The fastest and easiest way to obtain copies of GAO documents at no cost is through GAO's Web site [hyperlink, http://www.gao.gov]. Each weekday, GAO posts newly released reports, testimony, and correspondence on its Web site. To have GAO e-mail you a list of newly posted products every afternoon, go to [hyperlink, http://www.gao.gov] and select "E-mail Updates." Order by Mail or Phone: The first copy of each printed report is free. Additional copies are $2 each. A check or money order should be made out to the Superintendent of Documents. GAO also accepts VISA and Mastercard. Orders for 100 or more copies mailed to a single address are discounted 25 percent. Orders should be sent to: U.S. Government Accountability Office: 441 G Street NW, Room LM: Washington, D.C. 20548: To order by Phone: Voice: (202) 512-6000: TDD: (202) 512-2537: Fax: (202) 512-6061: To Report Fraud, Waste, and Abuse in Federal Programs: Contact: Web site: [hyperlink, http://www.gao.gov/fraudnet/fraudnet.htm]: E-mail: fraudnet@gao.gov: Automated answering system: (800) 424-5454 or (202) 512-7470: Congressional Relations: Ralph Dawn, Managing Director, dawnr@gao.gov: (202) 512-4400: U.S. Government Accountability Office: 441 G Street NW, Room 7125: Washington, D.C. 20548: Public Affairs: Chuck Young, Managing Director, youngc1@gao.gov: (202) 512-4800: U.S. Government Accountability Office: 441 G Street NW, Room 7149: Washington, D.C. 20548: