Nuclear Security:

Weak Internal Controls Hamper Oversight of DOE's Security Program

RCED-92-146: Published: Jun 29, 1992. Publicly Released: Jul 31, 1992.

Additional Materials:


Victor S. Rezendes
(202) 512-6082


Office of Public Affairs
(202) 512-4800

Pursuant to a congressional request, GAO reviewed the Department of Energy's (DOE) practice of granting exceptions to its nuclear safeguards and security orders, focusing on: (1) the number of exceptions that DOE has approved; (2) whether DOE follows its procedures for reviewing and approving exceptions; and (3) the type of internal control system DOE uses for monitoring individual exceptions.

GAO found that: (1) DOE does not know how many exceptions it has approved because it has decentralized its handling of exception requests and does not have sufficient information to determine how many exceptions it has approved; (2) DOE used a contractor to attempt to identify DOE headquarters-approved exceptions and determined that it had approved 242 of 312 exception requests, but DOE did not validate or verify that count; (3) it could not determine whether DOE followed established procedures for reviewing and approving exceptions because of incomplete or unavailable records; (4) there is no database for monitoring and following up on individual exceptions; (5) DOE is unable to evaluate field offices' compliance with safeguards and security orders; and (6) DOE plans for an automated tracking system do not include an assessment of DOE information needs.

Recommendations for Executive Action

  1. Status: Closed - Implemented

    Comments: Office of Safeguards and Security has completed December 31, 1992 development of formalized documentation and record-keeping control process for its exceptions. Field offices have validated exceptions within a database and a new computerized system went into operation in July 1992.

    Recommendation: To correct the identified internal control deficiencies, the Secretary of Energy should direct the Office of Safeguards and Security to institute effective documentation and recordkeeping controls for exceptions, in line with the GAO "Standards for Internal Controls in the Federal Government."

    Agency Affected: Department of Energy

  2. Status: Closed - Implemented

    Comments: The Office of Security Affairs (SA) has hired an information resources management official to coordinate its information resources management requirements with other DOE offices. This official will ensure that SA interests are incorporated into the departmentwide information resources management structure within the Office of Administration and Management.

    Recommendation: The Secretary of Energy should direct the Office of Safeguards and Security to incorporate a strategic assessment of departmentwide information needs for exceptions information into the broader security information resource management planning process currently under way.

    Agency Affected: Department of Energy


Explore the full database of GAO's Open Recommendations »

Dec 10, 2020

Dec 8, 2020

Nov 19, 2020

Oct 29, 2020

Oct 15, 2020

Jul 24, 2020

Jun 24, 2020

Jun 9, 2020

May 13, 2020

May 12, 2020

Looking for more? Browse all our products here