gao-report-lanl-security-2008

United States Government Accountability Office GAO Report to Congressional Committees LOS ALAMOS NATIONAL LABORATORY Long-Term Strategies Needed to Improve Security and Management Oversight June 2008 GAO-08-694 What GAO Found United States Government Accountability Office Why GAO Did This Study Highlights Accountability Integrity Reliability June 2008 LOS ALAMOS NATIONAL LABORATORY Long-Term Strategies Needed to Improve Security and Management Oversight Highlights of GAO-08-694, a report to congressional committees In 2006, a Los Alamos National Laboratory (LANL) contract employee unlawfully removed classified information from the laboratory. This was the latest in a series of high-profile security incidents at LANL spanning almost a decade. LANL conducts research on nuclear weapons and other national security areas for the National Nuclear Security Administration (NNSA). GAO was asked to (1) identify LANL’s major programs and activities and how much they rely on classified resources; (2) identify initiatives LANL is taking to reduce and consolidate its classified resources and physical footprint and the extent to which these initiatives address earlier security concerns; and (3) determine whether its new management approaches will sustain security improvements over the long-term. To carry out its work, GAO analyzed LANL data; reviewed policies, plans, and budgets; and interviewed officials. With fiscal year 2007 budget authority of about $2.7 billion, LANL conducts work on over 175 programs that can be grouped into three major program categories—Nuclear Weapons Science, Threat Reduction Science and Support, and Fundamental Science and Energy—and two support program categories—Environmental Programs and Safeguards and Security. Respectively, LANL’s major programs serve to ensure the safety, performance, and reliability of the U.S. nuclear deterrent; support nonproliferation and counterproliferation efforts; and address energy security and other emerging national security challenges. LANL’s Nuclear Weapons Science programs are the primary users of the facilities housing classified resources. For example, the Nuclear Weapons Science programs are the primary users of 14 facilities that store special nuclear material while LANL’s other major programs are the primary users of only 7 such facilities. LANL has over two dozen initiatives under way that are principally aimed at reducing, consolidating, and better protecting classified resources, as well as reducing the physical footprint of the laboratory by closing unneeded facilities. While many of these initiatives address security concerns identified through past external evaluations—such as efforts to consolidate storage of classified documents and media into fewer secure facilities and to destroy unneeded classified nuclear weapon parts—significant security problems at LANL have received insufficient attention. Specifically, LANL has not implemented complete security solutions to address either classified parts storage in unapproved storage containers or weaknesses in its process for ensuring that actions taken to correct security deficiencies are completed. LANL intends to use three management approaches to sustain the security improvements it has been able to achieve to this point over the long-term: (1) undertake management actions required of LANL under the Com pliance Order issued by the Secretary of Energy as a result of the 2006 security incident, (2) develop a Contractor Assurance System to measure and improve LANL’s performance and management, and (3) implement annual performance evaluation plans NNSA uses to measure LANL’s performance and determine a contract award fee. These approaches contain weaknesses that raise doubts about their ability to sustain security improvements over the long-term. Specifically, the actions LANL has proposed to take to meet the terms of the Compliance Order are only short-term—with completion planned for December 2008. Further, according to LANL officials, the Contractor Assurance System is not fully deployed and the measures it includes may not be fully effective. Finally, the annual performance evaluation plans do not sufficiently reward improving long-term security program effectiveness. What GAO Recommends GAO recommends that (1) LANL develop a strategic security plan that focuses on improving security program effectiveness and addresses all identified security weaknesses, and (2) NNSA link implementation of this plan to meaningful financial incentives in future performance evaluation plans. NNSA did not specifically comment on GAO’s recommendations but provided general comments on the report. To view the full product, including the scope and methodology, click on GAO-08-694. For more information, contact Gene Aloise at (202) 5 12-3841 or [email protected]. Contents Letter 1 Results in Brief 6 Background 11 LANL Conducts Over 175 Program Activities That Fall into Three Major and Two Support Program Categories 17 LANL’s Nuclear Weapons Science Programs Rely on Classified Resources to Accomplish Their Missions to a Greater Extent Than Do Other LANL Programs 27 LANL Is Implementing Over Two Dozen Initiatives Officials Believe Will Reduce Security Risk and Improve Protection of Classified Resources 30 While LANL’s Initiatives Address Many Security Problems Identified in Prior External Evaluations, Other Significant Security Problems Have Received Insufficient Attention 37 LANL’s and NNSA’s Management Approaches to Sustain Security Improvements Over the Long-Term Are in the Early Stages of Development or Contain Weaknesses 44