Recommendations Database

Jump To:

As of February 1, 2023, there are 4825 open recommendations that still need to be addressed. 464 of these are priority recommendations, those that we believe warrant priority attention. Learn more about our priority designation on our Recommendations page.

Search for open recommendations by agency, topic, subject, or keyword/phrase below, or view all open recommendations by agency.

Skip to main search results
Clear All Filters
1 - 12 of 12 Recommendations, including 5 Priority Recommendations

Privacy: Dedicated Leadership Can Improve Programs and Address Challenges

Show
2 Open Recommendations
Agency Recommendation Status
Nuclear Regulatory Commission The Chairman of NRC should fully define and document a process for ensuring that the senior agency official for privacy or other designated privacy official is involved in assessing and addressing the hiring, training, and professional development needs of the agency with respect to privacy. (Recommendation 50)
Open

The Nuclear Regulatory Commission stated that it agreed with our recommendation and was developing plans to address it. Once the agency states that it has taken action, we plan to verify whether implementation has occurred.

Nuclear Regulatory Commission The Chairman of NRC should fully define and document the role of the senior agency official for privacy or other designated privacy official in reviewing and approving system categorizations, overseeing privacy control assessments, and reviewing authorization packages. (Recommendation 51)
Open

The Nuclear Regulatory Commission stated that it agreed with our recommendation and was developing plans to address it. Once the agency states that it has taken action, we plan to verify whether implementation has occurred.

Preventing a Dirty Bomb: Vulnerabilities Persist in NRC's Controls for Purchases of High-Risk Radioactive Materials

Show
2 Open Recommendations
Agency Recommendation Status
Nuclear Regulatory Commission The Chairman of NRC should immediately require that vendors verify category 3 licenses with the appropriate regulatory authority. (Recommendation 1)
Open

When the report was issued, NRC stated in their agency comments that they agreed with requiring vendors to verify category 3 licenses with the appropriate regulatory agency and had begun rulemaking that would require such verification. As of December 2022, the rulemaking was with the NRC Commission and agency officials told us that they would have more information on its status in early 2023.

Nuclear Regulatory Commission The Chairman of NRC should add security features to its licensing process to improve its integrity and make it less vulnerable to altering or forging licenses. These security features could include multifactor authentication or moving away from paper licenses to electronic-based licensing. (Recommendation 2)
Open

When the report was issued, NRC stated in their agency comments that they agreed with considering enhanced security features in the licensing process. Specifically, as part of their ongoing rulemaking process, they would consider providing guidance to regulators and licensees that would reduce the potential for altered or forged licenses to be used in acquiring category 3 radioactive sources. As of December 2022, the rulemaking was with the NRC Commission and agency officials told us that they would have more information on its status in early 2023.

Information Technology: Agencies Need to Fully Implement Key Workforce Planning Activities

Show
1 Open Recommendations
Agency Recommendation Status
Nuclear Regulatory Commission The Chairman of the Nuclear Regulatory Commission should ensure that the agency fully implements each of the seven key IT workforce planning activities it did not fully implement. (Recommendation 14)
Open – Partially Addressed

As of March 2022, the Nuclear Regulatory Commission (NRC) has taken steps to implement each of the seven key IT workforce planning activities, but has not yet fully addressed them. Specifically, NRC has identified certain competency gaps, and has developed and taken steps to implement strategies and plans to address them. In addition, NRC has monitored and reported on progress in addressing the gaps. However, NRC has not yet fully established its competency requirements for its IT staff. In March 2022, NRC reported that the agency plans to finish establishing the requirements by the end of

Combating Nuclear Terrorism: NRC Needs to Take Additional Actions to Ensure the Security of High-Risk Radioactive Material

Show
3 Open Recommendations
2 Priority
Agency Recommendation Status
Nuclear Regulatory Commission
Priority Rec.
This is a priority recommendation.
The Chairman of NRC should direct NRC staff to consider socioeconomic consequences and fatalities from evacuations in the criteria for determining what security measures should be required for radioactive materials that could be used in an RDD. (Recommendation 1)
Open

As of January 2022, NRC continues to disagree with this recommendation, and NRC did not provide us with documentation of any actions it plans to take to implement this recommendation. NRC maintains that the current regulatory requirements provide for the safe and secure use of all radioactive materials, regardless of category and there is no technical basis to go back and revisit those decisions. We disagree with NRC's assessment. We continue to believe that by implementing our recommendation NRC would have better assurance that it was considering more likely and more significant consequences

Nuclear Regulatory Commission
Priority Rec.
This is a priority recommendation.
The Chairman of NRC should require additional security measures for high-risk quantities of certain category 3 radioactive material, and assess whether other category 3 materials should also be safeguarded with additional security measures. (Recommendation 2)
Open

As of January 2022, NRC continues to neither explicitly agree nor disagree with this recommendation, but stated that it would consider our recommendation as part of a working group the agency has established. The working group provided a staff analysis on these issues to the Commission in August 2017, but NRC has not updated this analysis taking into account the new information we provided in our April 2019 report. We continue to believe that implementing our recommendation would provide greater assurance that NRC's requirements are sufficient to help ensure all high-risk radioactive material

Nuclear Regulatory Commission The Chairman of NRC should require all licensees to implement additional security measures when they have multiple quantities of category 3 americium-241 at a single facility that in total reach a category 1 or 2 quantity of material. (Recommendation 3)
Open

As of January 2022, NRC continues to disagree with this recommendation. NRC maintains that the issue of aggregation of radioactive material has already been considered and NRC has taken or is in the process of taking actions to clarify relevant guidance and procedures. We disagree with NRC's assessment. We believe that by implementing our recommendation NRC would have better assurance that licensees are not storing multiple quantities of category 3 americium-241 at a single facility that in total reach a category 1 or 2 quantity of material.

Nuclear Security: NRC Has Enhanced the Controls of Dangerous Radioactive Materials, but Vulnerabilities Remain

Show
3 Open Recommendations
2 Priority
Agency Recommendation Status
Nuclear Regulatory Commission
Priority Rec.
This is a priority recommendation.
Because some quantities of radioactive materials are potentially dangerous to human health if not properly handled, NRC should take action to better track and secure these materials and verify the legitimacy of the licenses for those who seek to possess them. Specifically, the NRC should take the steps needed to include category 3 sources in the National Source Tracking System and add agreement state category 3 licenses to the Web-based Licensing System as quickly as reasonably possible.
Open

In October 2016, NRC issued a Staff Requirements Memorandum (SRM) "Proposed Staff Re-Evaluation of Category 3 Source Accountability," (SRM-COMJMB-16-0001) and directed NRC staff to take specific actions to evaluate whether it is necessary to revise NRC regulations or processes governing source protection and accountability for category 3 sources. Among other things, this re-evaluation considered GAO's recommendations. In August 2017, NRC staff completed its analysis and provided recommendations to the NRC Commissioners. (Most of this analysis is available on NRC's website.) In its analysis

Nuclear Regulatory Commission
Priority Rec.
This is a priority recommendation.
Because some quantities of radioactive materials are potentially dangerous to human health if not properly handled, NRC should take action to better track and secure these materials and verify the legitimacy of the licenses for those who seek to possess them. Specifically, the NRC should at least until such time that category 3 licenses can be verified using the License Verification System, require that transferors of category 3 quantities of radioactive materials confirm the validity of a would-be purchaser's radioactive materials license with the appropriate regulatory authority before transferring any category 3 quantities of licensed materials.
Open

In October 2016, NRC issued a Staff Requirements Memorandum (SRM) "Proposed Staff Re-Evaluation of Category 3 Source Accountability," (SRM-COMJMB-16-0001) and directed NRC staff to take specific actions to evaluate whether it is necessary to revise NRC regulations or processes governing source protection and accountability for category 3 sources. Among other things, this re-evaluation considered GAO's recommendations. In August 2017, NRC staff completed its analysis and provided recommendations to the NRC Commissioners. (Most of this analysis is available on NRC's website.) In its analysis

Nuclear Regulatory Commission Because some quantities of radioactive materials are potentially dangerous to human health if not properly handled, NRC should take action to better track and secure these materials and verify the legitimacy of the licenses for those who seek to possess them. Specifically, the NRC should, as part of the ongoing efforts of NRC working groups meeting to develop enhancements to the prelicensing requirements for category 3 licenses, consider requiring that an on-site security review be conducted for all unknown applicants of category 3 licenses to verify that each applicant is prepared to implement the required security measures before taking possession of licensed radioactive materials.
Open

In October 2016, NRC issued a Staff Requirements Memorandum (SRM) "Proposed Staff Re-Evaluation of Category 3 Source Accountability," (SRM-COMJMB-16-0001) and directed NRC staff to take specific actions to evaluate whether it is necessary to revise NRC regulations or processes governing source protection and accountability for category 3 sources. Among other things, this re-evaluation considered GAO's recommendations. In August 2017, NRC staff completed its analysis and provided recommendations to the NRC Commissioners. (Most of this analysis is available on NRC's website.) In its analysis

Nuclear Regulatory Commission: NRC Needs to Improve Its Cost Estimates by Incorporating More Best Practices

Show
1 Open Recommendations
1 Priority
Agency Recommendation Status
Nuclear Regulatory Commission
Priority Rec.
This is a priority recommendation.
To improve the reliability of its cost estimates, as NRC revises its cost estimating procedures, the NRC Chairman should ensure that the agency aligns the procedures with relevant cost estimating best practices identified in the GAO Cost Estimating and Assessment Guide and ensure that future cost estimates are prepared in accordance with relevant cost estimating best practices.
Open

In August 2019, NRC staff reported that the Commission had directed them to revise the guidance and resubmit it to the Commission by January 2020. In February 2020, the NRC staff submitted the revised guidance to the Commission. NRC staff said that following Commission review and approval, NRC will publish the guidance. We will review the cost-benefit guidance when it is released and determine if it responds to this recommendation.

Have a Question about a Recommendation?

For questions about a specific recommendation, contact the person or office listed with the recommendation. For general information about recommendations, contact GAO's Audit Policy and Quality Assurance office at (202) 512-6100 or apqa@gao.gov.