Office of the Inspector General Semiannual Report to Congress (NUREG-1415, Vol. 18, No. 2)
Download complete documentThe following links on this page are to documents in Adobe Portable Document Format (PDF). See our Plugins, Viewers, and Other Tools page for more information. For successful viewing of PDF documents on our site please be sure to use the latest version of Adobe.
Table of Contents
- OIG Organization and Activities
- Statistical Summary of OIG Accomplishments
- Abbreviations and Acronyms
- Reporting Requirements
Manuscript Completed: April 2006
Date Published: April 2006
Reporting Period: October 1, 2005 - March 31, 2006
Office of the Inspector General
U.S. Nuclear Regulatory Commission
Washington, DC 20555
A Message from the Inspector General
This Semiannual Report to Congress highlights the activities of the U.S. Nuclear Regulatory Commission (NRC) Office of the Inspector General (OIG) for the 6-month period ending March 31, 2006.
Our work reflects the legislative mandate of the Inspector General Act to identify fraud, waste, and abuse and to recommend appropriate corrective actions. The audits and investigations highlighted in this report demonstrate our commitment to improving the NRC’s programs and
operations and protecting their integrity. During this reporting period, we continued to assist the Commission’s management in addressing its mission-related priorities.
Our office completed 11 performance and financial audit reports on NRC’s programs and operations making recommendations to NRC for program improvement. In addition, OIG completed 25 investigations and 1 Event Inquiry which produced $16,938 in recoveries. A total of 30 cases were referred to the Department of Justice and 27 were forwarded to NRC management for action during this reporting period.
OIG remains committed to being an instrument for positive change at the NRC. This goal is achieved through the diligent work of all OIG employees. In addition to the results demonstrated through our various audits and investigations, this year we were the proud recipients of two group “Award for Excellence” honors from the President’s Council on Integrity and Efficiency.
Finally, I would like to express my appreciation for the collaborative work between my staff and agency managers to address OIG findings and implement the recommendations made by my office. I look forward to continuing this work as we strive to accomplish our common goal of ensuring the effectiveness, efficiency, and integrity of NRC programs and operations.
Hubert T. Bell
The following two sections highlight selected audits and investigations completed during this reporting period. More detailed summaries appear in subsequent sections of this report.
- The Chief Financial Officers Act requires OIG annually to audit NRC’s principal financial statements. An independent public accounting firm, under contract to OIG, conducted the audit with OIG oversight.
- Video news releases are complete audiovisual presentations produced by non-news organizations that are intended to be indistinguishable from traditional television news reports. OIG performed an audit to determine whether NRC has implemented measures to comply with Federal law concerning the development of video news releases.
- The Integrated Personnel Security System (IPSS) supports NRC’s personnel and facility security programs, such as badge management, classified visit tracking, personnel security tracking, and drug testing management. OIG performed an audit to determine if IPSS meets its required operational
- OIG performed a followup audit of NRC’s decommissioning fund program to identify opportunities for program improvement and evaluate implementation of recommendations made in a February 2000 OIG audit report. NRC’s oversight of licensee decommissioning funding assurance is intended to provide reasonable assurance that there will be sufficient funds to safely decommission the nuclear reactors.
- OIG engaged an independent contractor to conduct a survey of NRC’s workforce to assess the agency’s safety culture and climate. The overall objectives were to (1) compare the results from this survey with two previous surveys conducted in 1998 and 2002, and (2) compare the results to Government and national benchmarks.
- Pursuant to NRC’s post September 11, 2001, comprehensive review of the agency’s safeguards and security program, the NRC established the Office of Nuclear Security and Incident Response (NSIR). NSIR’s mission is to prevent nuclear security incidents and to respond to security and safety events. Since its inception, NSIR has been involved in many substantive and incident response initiatives. OIG performed an audit to evaluate NSIR operations.
- The events of September 11, 2001, heightened the Nation’s concerns that the loss or theft of radioactive material could lead to malicious use. Because NRC is planning to use a proposed National Source Tracking System to track all phases of the life cycle of byproduct material, OIG conducted an audit that focused on the development of that system.
- A radiological dispersal device, also known as a dirty bomb, is a conventional explosive that incorporates radioactive material and releases it on detonation. The major purpose of a dirty bomb is to create terror and disruption, not to cause death by radiation. OIG conducted audit work to determine if NRC ensures, through its license application and review process, that only legitimate entities receive NRC byproduct material licenses.
- OIG completed an investigation involving NRC’s practice of allowing States to regulate NRC licensees in areas pre-empted by Congress to the Federal Government by establishing radiation dose release limits for byproduct,
source, or special nuclear material that differ from the standards set by the NRC. OIG became aware of this issue following the application by the governor of Minnesota for Agreement State status.
- OIG conducted an investigation based on information that the NRC Division of Financial Services staff sent a payment for over $1 million to the wrong NRC contractor. During the investigation, OIG learned that NRC management had not reported the error to the NRC’s independent auditors, despite the possible effect on the financial statement review process.
- OIG conducted an investigation into an allegation that a manager in NRC’s Office of the Chief Financial Officer (OCFO) participated in a golf outing at an exclusive, private golf course with partners of a financial management services company and showed favoritism toward this company while the firm was attempting to obtain a financial management consulting services contract with NRC.
- OIG conducted an investigation based on information aired in an October 2005 American Broadcasting Company (ABC) television episode of Primetime which reported that NRC oversight of security measures in place at research and test reactor facilities licensed by NRC was inadequate.
- OIG conducted an investigation into the actions of a foreign assignee at NRC headquarters who connected his computer to the NRC computer network in violation of NRC computer security requirements without the knowledge of NRC computer security personnel.
- OIG conducted an investigation into a concern that the NRC had inappropriately issued a license to a firm to distribute weapon-sights containing radioactive material.
OIG Organization and Activities
The U.S. Nuclear Regulatory Commission (NRC) was formed in 1975 to regulate the various commercial and institutional uses of nuclear energy, including power plants. The agency succeeded the Atomic Energy Commission, which previously had responsibility for both developing and regulating nuclear activities.
NRC’s mission is to regulate the Nation’s civilian use of byproduct, source, and special nuclear materials to ensure adequate protection of public health and safety, promote the common defense and security, and protect the environment. NRC’s regulatory mission covers three main areas:
- Reactors - Commercial reactors for generating electric power and research and test reactors used for research, testing, and training.
- Materials - Uses of nuclear materials in medical, industrial, and academic settings and facilities that produce nuclear fuel.
- Waste - Transportation, storage, and disposal of nuclear materials and waste, and decommissioning of nuclear facilities from service.
Under its responsibility to protect public health and safety, NRC has three principal regulatory functions: (1) establish standards and regulations, (2) issue licenses for nuclear facilities and users of nuclear materials, and (3) inspect facilities and users of nuclear materials to ensure compliance with the requirements. These regulatory functions relate both to nuclear power plants and other uses of nuclear materials – like nuclear medicine programs at hospitals, academic activities at educational institutions, research work, and such industrial applications as gauges and testing equipment.
NRC places a high priority on keeping the public informed of its work. The agency maintains a current Web site and a public document room in Rockville, Maryland (NRC headquarters) and holds public hearings, public meetings in local areas and at NRC offices, and discussions with individuals and organizations.
OIG Mission and Strategies
In the 1970s, Government scandals, oil shortages, and stories of corruption covered by newspapers and television and radio stations took a toll on the American public’s faith in its Government. The U.S. Congress knew it had to take action to restore the public’s trust. It had to increase oversight of Federal programs and operations. It had to create a mechanism to evaluate the effectiveness of Government programs. And, it had to provide an independent voice for economy, efficiency, and effectiveness within the Federal Government that would earn and maintain the trust of the American people.
In response, President Jimmy Carter in 1978 signed into law the landmark legislation known as the Inspector General Act (IG Act). The IG Act created independent Inspectors General (IGs), who would: protect the integrity of Government; improve program efficiency and effectiveness; prevent and detect fraud, waste, and abuse in Federal agencies; and keep agency heads, Congress, and the American people fully and currently informed of the findings of the IGs’ work.
Almost 30 years later, the IG concept is a proven success. The IGs continue to deliver significant benefits to our Nation. Thanks to IG audits and inspections, billions of dollars have been returned to the Federal Government or have been better spent based on recommendations identified through those audits and inspections. IG investigations have also contributed to the prosecution of thousands of wrongdoers. In addition, the IG concept of good governance, accountability, and monetary recoveries encourages foreign governments to seek our advice, with the goal of replicating the basic IG principles in their own governments.
NRC’s OIG was established as a statutory entity on April 15, 1989, in accordance with the 1988 amendment to the IG Act. NRC OIG’s mission is to (1) independently and objectively conduct and supervise audits and investigations relating to NRC programs and operations; (2) prevent and detect fraud, waste, and abuse; and (3) promote economy, efficiency, and effectiveness in NRC programs and operations.
OIG is committed to ensuring the integrity of NRC programs and operations. Developing an effective planning strategy is a critical aspect of accomplishing this commitment. Such planning ensures that audit and investigative resources are used effectively. To that end, OIG developed a Strategic Plan that includes the major challenges and critical risk areas facing NRC.
The plan identifies the priorities of OIG and establishes a shared set of expectations regarding the goals OIG expects to achieve and the strategies that will be employed to do so. OIG’s Strategic Plan features three goals which generally align with NRC’s mission and goals:
- Advance NRC’s efforts to enhance safety and protect the environment.
- Enhance NRC’s efforts to increase security in response to the current threat environment.
- Improve the economy, efficiency, and effectiveness of NRC corporate management.
The OIG Audit Program covers the management and financial operations, economy or efficiency with which an organization, program, or function is managed; and program results achieved. For this program, auditors assess the degree to which an organization complies with laws, regulations, and internal policies in carrying out programs, and they test program effectiveness as well as the accuracy and reliability of financial statements. The overall objective of an audit is to identify ways to enhance agency operations and promote greater economy and efficiency. Audits comprise four phases:
- Survey phase - An initial phase of the audit usually is conducted to gather information, without detailed verification, on the agency’s organization, programs, activities, and functions. An assessment of vulnerable areas determines whether further review is needed.
- Verification phase - Detailed information is obtained to verify findings and support conclusions and recommendations.
- Reporting phase - The auditors present the information, findings, conclusions, and recommendations that are supported by the evidence gathered during the survey and verification phases. Exit conferences are held with management officials to obtain their views on the issues in the report. Comments from the exit conferences are presented in the published audit report, as appropriate. Formal written agency management comments are included in their entirety as an appendix in the published audit report.
- Resolution phase - Positive change results from the resolution process in which management takes action to improve operations based on the recommendations in the published audit report. Management actions are monitored until final action is taken on all recommendations. When management and OIG cannot agree on the actions needed to correct a problem identified in an audit report, the issue can be taken to the Chairman for resolution.
Each September, OIG issues an Annual Plan that summarizes the audits planned for the coming year. Unanticipated high priority issues may arise that generate audits not listed in the Annual Plan. OIG audit staff continually monitor specific issue areas to strengthen OIG’s internal coordination and overall planning process. Under the OIG Issue Area Monitor (IAM) program, staff designated as IAMs are assigned responsibility for keeping abreast of major agency programs and activities. The broad IAM areas address nuclear reactors, nuclear materials, nuclear waste, international programs, security, information management, and financial management and administrative programs.
OIG’s responsibility for detecting and preventing fraud, waste, and abuse within NRC includes investigating possible violations of criminal statutes relating to NRC programs and activities, investigating misconduct by NRC employees, interfacing with the Department of Justice on OIG-related criminal matters, and coordinating investigations and other OIG initiatives with Federal, State, and local investigative agencies and other OIGs. Investigations may be initiated as a result of allegations or referrals from private citizens; licensee employees; NRC employees; Congress; other Federal, State, and local law enforcement agencies; OIG audits; the OIG Hotline; and IG initiatives directed at areas bearing a high potential for fraud, waste, and abuse.
Because NRC’s mission is to protect the health and safety of the public, one of the Investigation unit’s main area of focus and use of resources is investigations of alleged NRC staff misconduct that could adversely impact the agency’s handling of matters related to health and safety. These investigations typically include allegations of:
- Misconduct by high-ranking NRC officials and other NRC officials, such as managers and inspectors, whose positions directly impact public health and safety
- Failure by NRC management to ensure that health and safety matters are appropriately addressed.
- Failure by NRC to appropriately transact nuclear regulation publicly and candidly and to openly seek and consider the public’s input during the regulatory process.
- Conflict of interest by NRC employees with NRC contractors and licensees involving such matters as promises of future employment for favorable or inappropriate treatment and the acceptance of gratuities.
- Fraud in the NRC procurement program involving contractors violating Government contracting laws and rules.
OIG has also implemented a series of proactive initiatives designed to identify specific high-risk areas that are most vulnerable to fraud, waste, and abuse. A primary focus is electronic-related fraud in the business environment. OIG is committed to improving the security of this constantly changing electronic business environment by investigating unauthorized intrusions and computer-related fraud, and by conducting computer forensic examinations. Other proactive initiatives focus on determining instances of procurement fraud, theft of property, Government credit card abuse, and fraud in Federal programs.
|NRC’s Most Serious Management Challenges as of September 30, 2005|
Protection of nuclear material used for civilian purposes.
Administration of all aspects of financial management.
Protection of information.
Communication with external stakeholders throughout NRC regulatory activities.
Development and implementation of a risk-informed and performance-based regulatory approach.
Intra-agency communication (up, down, and across organizational lines).
Ability to modify regulatory processes to meet a changing environment.
Managing human capital.
Implementation of information resources.
OIG General Counsel Activities
Pursuant to the Inspector General Act, 5 U.S.C. App. 3, Section 4(a)(2), OIG reviews existing and proposed legislation, regulations, and implementing Management Directives (MD) and policy issues and makes recommendations concerning their impact on the economy and efficiency of programs and operations administered by the agency. NRC agency directives that require submission of all draft legislation, regulations, and policies to OIG facilitate this statutory review.
OIG conducts its regulatory review program by examining agency documents reflecting proposed regulatory, statutory, and policy actions and measures them against standards evaluating the potential for fraud, efficiency, and effectiveness. The review also encompasses issues raised in OIG investigations, audits, and prior regulatory review commentaries.
In addition, OIG commentaries are used to address issues related to preserving the independence and integrity of OIG under its statutory precept. These objectives are met through formal memoranda as well as meetings and discussions.
In order to more effectively track the agency’s response to regulatory review comments, OIG requests written replies within 90 days, with either a substantive reply or status of issues raised by OIG.
From October 1, 2005, through March 31, 2006, OIG reviewed more than 245 agency documents, including approximately 100 Commission papers (SECYs) and 145 Federal Register Notices, regulatory actions, and statutes. The most significant commentaries are summarized below:
Management Directive (MD) 3.53, NRC Records and Document Management Program and Associated Handbooks, was an effort to consolidate the agency’s records management program to facilitate the retrieval of guidance associated with the lifecycle management guidance, and use of agency records. The volume of the consolidated material was noted to render it difficult to use. The size of the consolidated volume also resulted in some inconsistencies in direction and redundancy. OIG also related concerns with the Directive’s process for handling former Commissioners’ documents, and suggested that these be the subject of a separate directive.
OIG also reviewed the draft Training and Development Strategic Plan, and found it was generally complete and well constructed. The 5-year goals that were identified were meaningful and substantive so as to support the agency in its effort to maintain and develop a highly skilled workforce. OIG suggested that the agency review the provided goals and associated strategies to determine if they met definitions imposed by the Office of Management and Budget. We also commented that, in some cases, it appears that the goals and related strategies were one and the same. OIG suggested that an additional strategy might be developed to meet with program managers on a semiannual basis concerning their programmatic requirements, and/or to use a survey tool to obtain the information to redefine outcome goals. The agency was also urged to examine the proper mix of centralized and decentralized training.
OIG reviewed the agency’s revised draft Travel Card Management Plan and found it was generally responsive to comments OIG provided to an earlier draft in November 2005. Comments on the most recent version focused on clarifying the OIG role in processing violations and related that while OIG investigates these matters, it does not compile statistics on the cases or recommended penalties for confirmed misuse.
The agency drafted a comprehensive Anti-Harassment Policy and submitted it to OIG for review. The document was well structured and complete. Minor comments focused on the role of the Inspector General in these matters, with specific direction on the limitations on Inspector General reporting of allegations to agency personnel and agency reporting requirements to the Inspector General.
The agency ethics official forwards matters to OIG for information and for comment. During this period, the ethics office revised two directives, MD 7.6, Public and Confidential Financial Disclosure Reports, and MD 7.7, Security Ownership. Both were well written, effective communications. The input from OIG was limited to relating changes in reporting requirements within OIG for application of the Financial Disclosure reports and stock ownership restrictions.
MD 8.2, NRC Incident Response Program, had two noted lapses. First, it did not adequately relate the requirement to notify the OIG when the Incident Response Program was activated. In addition, it related that the details of one aspect of the program “will be outlined in a procedure.” OIG noted that this wording and approach was not adequate.
The agency’s proposed rule on Secure Transfer of Nuclear Material (10 CFR Parts 30, 70, 73 and 110), was initiated to address requirements levied by Section 656 of the Energy Policy Act of 2005, titled, Secure Transfer of Nuclear Materials. This section covered three main areas: requirements for a system for manifesting shipments of radioactive materials, requirements that certain persons involved in such shipments be subject to security background checks, and provisions for excepting shipments of certain types of radioactive materials or classes of individuals from the requirements of Section 656 of the act. OIG comments were provided in the context of ongoing audit work in the area of nuclear materials. The first comments responded to the manifesting requirement that the Commission shall establish a system to ensure that materials are accompanied by a manifest describing the type and amount of materials being transferred or received. OIG noted that the current rulemaking package does not provide an analysis supporting the agency’s conclusion that already established requirements are sufficient in a post-9/11 environment. The other significant remark observed that although the rulemaking does provide some discussion, there is not a thorough, quantitative, cost-benefit analysis supporting the exceptions to the requirements.
Finally, OIG reviewed the agency draft Online Acquisition Training Property Management course. The course was found to provide helpful and relevant guidance. OIG remarks focused on inclusion of specific direction on compliance timeframes and protection of data in the disposal process.
NRC OIG Receives PCIE Awards for Excellence
The President’s Council on Integrity and Efficiency (PCIE) and the Executive Council on Integrity and Efficiency (ECIE) recognized two OIG teams in 2005 by awarding them the prestigious Award for Excellence. The first team was recognized for exceptional dedication, professionalism, and accomplishment in investigating and reporting failures in NRC’s billing and financial statement process for nuclear reactor plants licensed by the agency. The team consisted of members George Mulley, Senior Level Assistant for Investigative Operations; Rossana Raspa, Investigative Team Leader; James Taylor, Special Agent; and Thomas Barth, Special Agent.
The team completed an investigation into an allegation that staff in the Division of Financial Management (DFM), Office of the Chief Financial Officer, failed to report 75 underbilled reactor inspection invoice errors totaling $2.4 million during Fiscal Year (FY) 2003 to OIG independent auditors. OIG’s investigation determined that an NRC nuclear reactor licensee advised DFM staff that there was a possible $500,000 error in a reactor inspection bill for FY 2003. OIG determined that two DFM managers subsequently became aware of the underbilling error for FY 2003 for the reactor plant licensee. The error indicated an internal control deficiency within the NRC license fee billing system. Additionally, the two DFM managers became aware that the staff had reviewed all reactor license fee invoices issued during FY 2003 and identified an additional 74 invoices that underbilled NRC reactor licensees a total of $1.9 million. These DFM managers were also aware that the billing errors indicated an internal control weakness which could impact the reliability of NRC’s FY 2003 financial statements.
This investigative work directly and indirectly generated numerous results. There has been renewed focus upon the financial programs operated by NRC that impact nuclear power plants across the United States. The investigation also led to the correction of the past NRC financial statements and an increased emphasis on producing accurate financial statements that hold NRC accountable for use of funds. At the request of the Government Accountability Office, OIG also provided the investigative results to representatives for use in a response to Congress regarding concerns with Federal agency financial statements errors and restatements.
The second team to be acknowledged by the PCIE/ECIE was the Nuclear Power Plant Incident Response Audit Team,which consisted of Russell Irish, Audit Team Leader; Shyrl Coker, Audit Manager; Debra Lipkey, Senior Management Analyst; Yvette Russell, Senior Auditor; and David Ditto, Management Analyst. This audit addressed issues that are a top priority for the safety and security of the United States. Furthermore, the audit has implications for other Federal agencies that must function as first responders to any event that is of operational or terrorist origin. By conducting this review, the audit team demonstrated that NRC’s nuclear power plant incident response program was not as robust as the agency believed. Specifically, the auditors found that (1) NRC’s four regions reacted to and evaluated incidents inconsistently and this could lead to inadequate responses, (2) incident response training is not standardized and qualifications for incident response team members are not well defined possibly resulting in unqualified and untrained staff, and (3) licensees do not fully understand NRC’s incident response program and, as a result, coordination may be hampered during an actual incident.
Agency officials agreed with the findings and recommendations in the audit
report and committed to develop an improvement plan that would address all 17 of the report’s recommendations. The audit is expected to result in a more robust incident response program that not only meets traditional operational issues, but also addresses the response needed to answer a potential terrorist threat.
To help the agency improve its effectiveness and efficiency during this period, OIG completed 11 financial and performance audits or evaluations that resulted in numerous recommendations to NRC management.
Results of the Audit of the Nuclear Regulatory Commission’s Financial Statements for Fiscal Year 2005
OIG Strategic Goal: Corporate Management
The Chief Financial Officers Act requires OIG annually to audit NRC’s principal financial statements. In addition, the audit evaluated the effectiveness of the internal controls over financial reporting and the agency’s compliance with laws and regulations. An independent public accounting firm, under contract to OIG, conducted the audit with OIG oversight.
FY 2005 Financial Statements
- The auditors expressed an unqualified opinion on the agency’s FY 2005 financial statements.
FY 2005 Internal Controls
- The auditors expressed a qualified opinion on the agency’s internal controls. They cited NRC’s Fee Billing System as a continuing material weakness, which precludes NRC’s internal controls from providing a reasonable assurance that material misstatements in the financial statements will be prevented and detected on a timely basis.
- The auditors also cited three other reportable conditions, which are significant deficiencies in internal control design or operations. Specifically:
- Monitoring of accounting for internal use software.
- Information systemwide security controls.
- Financial controls over disbursements.
FY 2005 Compliance with Laws and Regulations
- The agency continues to be noncompliant with the provisions of OMB Circular A-25, User Charges, regarding the calculation of Title 10 Code of Federal Regulations (CFR), Part 170, hourly rates. The auditors also identified a continuing substantial noncompliance related to the Fee Billing System and a new substantial noncompliance associated with information systemwide security controls. (Addresses Management Challenge #6)
Audit of NRC’s Controls Over Video News Releases
OIG Strategic Goal: Corporate Management
Video news releases are complete audiovisual presentations produced by non-news organizations that are intended to be indistinguishable from traditional television news reports. The objective of this audit was to determine whether NRC has implemented measures to comply with Federal law concerning the development of video news releases. This topic is of particular importance to NRC because of its responsibility under the Energy Reorganization Act of 1974 to regulate, but not promote, the civilian use of nuclear materials.
Audit results. NRC does not have controls to achieve compliance with Federal regulations concerning the development of video news releases. Specifically, NRC (1) does not have a process to ensure that video news releases include the required agency identifier and (2) has not conducted a sufficient review to determine whether it is in compliance with this requirement.
NRC communications officials expressed high ethical standards regarding the need to include an agency identifier within video news releases. According to an Office of Public Affairs official, NRC has never issued a video news release and does not intend to do so in the future. Further, if the agency were ever to produce such a video, the production would be properly identified as to its origin.
However, NRC has no process to ensure that, should an office opt to develop a video news release, the product would include the necessary identifier. NRC communications officials also acknowledged they are not aware of every audiovisual production that NRC offices produce.
As a result, NRC risks diminished public confidence by producing an inappropriate video news release that, unmarked, could appear to promote nuclear power. (Addresses Management Challenge #7)
Audit of NRC’s Integrated Personnel Security System
OIG Strategic Goal: Corporate Management
The Integrated Personnel Security System (IPSS) supports NRC’s personnel and facility security programs, such as badge management, classified visit tracking, personnel security tracking, and drug testing management. The objective of this audit was to determine if IPSS meets its required operational capabilities.
Audit results. IPSS does not perform in accordance with its required operational capabilities. Specifically,
- The system is not fully functional.
- System data is inaccurate and missing.
- System checks to ensure data accuracy and correspondence between related data items are inadequate.
- Security measures are inadequate or missing.
- IPSS lacks a records disposition schedule.
As a result, NRC staff lack IPSS reports to ensure the effectiveness of the security program, must maintain duplicate systems for drug testing and badge management, cannot ensure that reinvestigations are performed in a timely manner, and cannot determine with confidence when and at what cost the system will be fully functional. Furthermore, personnel security information is vulnerable to misuse. System development has gone from $386,850 with an estimated completion of June 2003 to $640,000 and an estimated completion of December 2006. However, given previous complications in fulfilling the system design requirements, there is no assurance that the system will perform satisfactorily even then. (Addresses Management Challenges #2 and 5)
Follow-up Audit of the Nuclear Regulatory Commission’s Decommissioning Fund Program
OIG Strategic Goal: Corporate Management
NRC provides oversight of licensee decommissioning funding assurance which is intended to provide reasonable assurance that there will be sufficient funds to safely decommission the nuclear reactors. The objectives of this audit were to identify opportunities for program improvement and evaluate implementation of recommendations made in a February 2000 audit report.
Audit results. NRC cannot verify that there is reasonable assurance that there will be adequate funds for decommissioning nuclear power plants consistent with prudent business practices. Specifically, decommissioning trust fund balances are not verified and NRC’s investment restrictions are limited in scope and applicability. Further, management action is needed to improve quality control and to reassess the NRC formula used to provide decommissioning funding assurance.
As a result, there are (1) $23.3 billion in decommissioning trust funds at risk, (2) increased vulnerabilities to decommissioning funding shortfalls, and (3) potential adverse impacts on the reliability of NRC’s assessment of licensee financial assurance and the amount of funds needed for decommissioning. (Addresses Management Challenges #3 and 6)
2005 Nuclear Regulatory Commission’s Safety Culture and Climate Survey
OIG Strategic Goal: Corporate Management
OIG engaged an independent contractor, International Survey Research, Inc. (ISR), to conduct a survey of NRC’s workforce to assess the agency’s safety culture and climate. The overall objectives were to (1) compare the results from this survey with two previous surveys conducted in 1998 and 2002, and (2) compare the results to Government and national benchmarks. All NRC employees and managers were eligible to participate. The survey concluded with an overall return rate of 70 percent, which is significantly higher than previous survey administrations.
Survey Results. NRC made substantial progress in improving its safety culture and climate since the 2002 survey. When compared against ISR’s U.S. National Norm or the U.S. Research and Development Norm, NRC scores are significantly above the norm. The historical comparison of results from 2002 to 2005 looks quite positive, with 16 of 18 categories statistically more favorable than the 2002 results. Communication, which has been a high priority for NRC since the last survey in 2002, is now the highest scoring category. The NRC Mission and Strategic Plan also experienced a double-digit improvement. Due to these high scores, ISR recommended that NRC be compared to the U.S. High Performance Norm in future surveys.
However, there are opportunities for improvement. Specifically, the agency should focus on improving the following areas:
- Its use of the Differing Professional Opinion Program and employee awareness of alternate methods to raise concerns.
- The organizational focus related to risk-informed and performance-based regulation.
- Management recognition and respect of the value of human differences.
- Employee perception of a lack of knowledge transfer from staff who are retiring.
(Addresses Management Challenge #8)
Audit of NRC’s Office of Nuclear Security and Incident Response (NSIR)
OIG Strategic Goal: Security
NSIR’s mission is to prevent nuclear security incidents and to respond to security and safety events. The objective of this audit was to evaluate NSIR operations.
Audit results. NSIR has accomplished a great deal since its inception in April 2003. Along with starting up a new organization, NSIR officials drafted and implemented numerous security orders, approved security plans, enhanced the force-on-force exercise program, and coordinated with the Department of Homeland Security on a wide variety of security initiatives. Now, however, NSIR needs to focus on refining and formalizing its day-to-day operations to improve its ability to meet its mission. Specifically, NSIR needs to:
- Improve the management of its workload.
- Improve its security communication procedures.
- Fully address concerns with its organizational effectiveness.
(Addresses Management Challenges #1, 2, 4, and 8)
Audit of the Development of the National Source Tracking System
OIG Strategic Goal: Safety
NRC regulates medical, academic, and industrial uses of radioactive material generated by or from a nuclear reactor. NRC regulations define this radioactive material as byproduct material. This material may be in the form of a sealed source, which is radioactive material sealed in a capsule or closely bonded in solid form. There is widespread use of byproduct material in the United States and abroad for peaceful purposes. However, this material could also be used maliciously in a radioactive dispersal device (dirty bomb). NRC is proposing to build the National Source Tracking System (NSTS), a Web-based system that will contain cradle-to-grave information on high-risk sealed sources. This audit focused on the development of that system.
Audit Results. As proposed, NSTS may be inadequate because the supporting analysis is based on unreliable data and does not consider options stated by the International Atomic Energy Agency (IAEA). Specifically, the number of individual sources for the system was estimated at about 3,600; however, the actual number of sources could be as high as 36,000. While the IAEA suggested minimum levels for tracking radioactive sources, it also suggested tracking
beyond those levels. However, NRC decided to track only to the minimum level and did not formally consider options beyond the minimum level. In short, a comprehensive regulatory analysis is lacking.
As a result, NRC may not account for all byproduct material that represents a risk to the common defense and security and public health and safety. Such risks could result in economic, psychological, and physical harm to the United States and the public. (Addresses Management Challenges #1 and 4)
Audit of the NRC Byproduct Materials License Application and Review Process
OIG Strategic Goal: Safety
The terrorist attacks of September 11, 2001, heightened the Nation’s concerns that the loss or theft of radioactive (byproduct) material could lead to malicious use in a radiological dispersal device (RDD). An RDD, also known as a dirty bomb, is a conventional explosive that incorporates radioactive material and releases it on detonation. The major purpose of a dirty bomb is to create terror and disruption, not to cause death by radiation.
OIG conducted this work as part of a larger effort to determine whether NRC’s oversight of byproduct material provides reasonable assurance that licensees account for and control the materials. OIG’s specific objective for this report was to determine if NRC ensures, through its license application and review process, that only legitimate entities receive NRC byproduct material licenses.
Audit Results. NRC officials are not aware of the full spectrum of vulnerabilities in the byproduct material license application and review process. This awareness is lacking because NRC has not looked inwards at its own business and regulatory processes. Specifically, the agency has not conducted vulnerability assessments of all aspects of the materials program, including the license application and review process.
Consequently, individuals with malevolent intentions could exploit vulnerabilities in the license application and review process to obtain byproduct material for use in a dirty bomb. (Addresses Management Challenges #1 and 4).
Audits in Progress
Review of NRC’s Policy on Public Disclosure of Documents
OIG Strategic Goal: Safety
The NRC Commission has broad discretion in making policy decisions on matters within its jurisdictional mandate. NRC’s principles of openness, fairness, and due process are embodied in legal, regulatory, and procedural requirements that govern policymaking. NRC has developed a number of procedures to ensure that business is conducted efficiently, effectively, and in accordance with these principles.
Policy decisions should be appropriately open to public scrutiny and be based on “reasoned decisionmaking” with a complete record including alternative public and agency staff positions. These decisions should include due process considerations providing for appropriate stakeholder input.
The objective of this audit is to determine whether Commission policy formulation is consistent with Commission procedures and relevant legal and regulatory requirements. The audit will also review the effectiveness of procedures used by the staff and Commission to ensure that the policy is consistent with providing for common defense and security and to protect the health and safety of the public. This audit is the result of an issue that arose during work associated with the Audit of NRC’s Oversight of Byproduct Materials and Sealed Sources. (Addresses Management Challenge #7)
Audit of NRC’s Regulation of Nuclear Fuel Cycle Facilities
OIG Strategic Goal: Safety
Typical Fuel Fabrication Plant
NRC licenses, certifies, and inspects commercial facilities that convert uranium ore into fuel used in nuclear power plants. These facilities include gaseous diffusion plants, highly enriched uranium fuel fabrication facilities, low enriched uranium fuel fabrication facilities, and one uranium hexafluoride production facility. Each facility possesses large quantities of materials that could pose a significant threat to the public and the environment. In September 1999, an apparent criticality accident occurred at a fuel conversion plant in Tokaimura, Japan, exposing workers at the plant and members of the public to radiation. Families in the surrounding area were evacuated while others were advised to take shelter. In December 2003, there was an accidental release of uranium hexafluoride gas at a United States plant. The incident caused four people to be hospitalized.
The agency’s regulation of nuclear fuel cycle facilities seeks to ensure that licensees adequately protect public health and safety, worker safety, the environment and promote the common defense and security when source or special nuclear material is used during the nuclear fuel production cycle.
OIG has not previously evaluated this program, which has been undergoing change in recent years to make it more risk-informed and performance-based. The objective of this audit is to determine whether NRC’s regulation of nuclear fuel cycle facilities is effective and efficient. (Addresses Management Challenge #3)
Audit of the Use of Probabilistic Risk Assessment (PRA)
OIG Strategic Goal: Safety
NRC’s PRA policy statement reflects a commitment to increasing the use of PRA technology in all regulatory matters to the extent supported by the state of the art in PRA methods and data, and in a manner that complements the NRC’s deterministic approach and supports NRC’s traditional defense-in-depth philosophy. Implementation of this policy was expected to improve the regulatory process in three areas: (1) by incorporating PRA insights in regulatory decisions, (2) by conserving agency resources, and (3) by reducing unnecessary regulatory burden on licensees.
The objectives of this audit are to determine whether NRC is (1) using PRA appropriately in its regulation of licensees given the current state of the art in technology, and (2) achieving the objectives of its PRA policy statement.
(Addresses Management Challenge #3)
Audit of the Nuclear Power Plant License Renewal Program
OIG Strategic Goal: Safety
The Atomic Energy Act provides for a license period of 40 years for commercial nuclear power plants, but includes provisions for extending the license beyond this initial period. This original 40-year term for reactor licenses was based on economic and antitrust considerations—not on limitations of nuclear technology. Due to this selected time period, however, some structures and components may have been engineered on the basis of an expected 40-year service life. The maximum renewal period of licenses is for an additional 20 years. The first operating license will expire in the year 2006; approximately 10 percent will expire by the end of the year 2010 and more than 40 percent will expire by the year 2015. At this time, there are approximately 14 completed applications, 8 applications under review, and 23 letters of intent to seek license renewal.
The agency has accumulated experience with the license renewal process, and the expectation is that a large number of applications will be reviewed over the next decade. The reactors currently in operation are the first generation of power reactors. Operation of these plants beyond 40 years and upwards to 60 years introduces the potential that new aging phenomena could be observed in the next two decades.
The objective of this audit is to determine the effectiveness of license renewal reviews using standards existing in various agency documents and regulations. OIG will also review scheduling and resource management. (Addresses Management Challenges #1 and 3)
Audit of the Baseline Security Inspection Program
OIG Strategic Goal: Security
The baseline inspection program is an integral part of NRC’s reactor oversight process. The program, which provides the routine level of inspection conducted at all power reactor facilities regardless of licensee performance, is designed to detect indications of declining safety performance in key areas. One component of the baseline inspection program focuses on security. However, baseline security inspections were on hold during FY 2003 while the agency verified compliance with April 2003 orders limiting security force working hours, requiring additional security officer training and qualification, and improving protective plant strategies. In January 2004, the agency completed training for a new baseline security and safeguards inspection program and in February, the agency began conducting inspections under the program.
The objective of this audit is to assess the effectiveness of the baseline security and safeguards inspection program, including whether the program has adequate resources to achieve its goals and ensure the physical protection of the Nation’s nuclear power reactor facilities. (Addresses Management Challenge #1)
Audit of Computer Security at Regions and TTC
OIG Strategic Goal: Security
NRC depends heavily on information system security measures to avoid data tampering, fraud, inappropriate access to and disclosure of sensitive information, and disruptions in critical operations. It is NRC’s policy to maintain an automated information systems security program to provide appropriate administrative, technical, and physical security measures for the protection of the information resources.
The objectives of this audit are to evaluate (1) the adequacy of NRC’s information security programs and practices in the regions and the Technical Training Center (TTC), and (2) the effectiveness of the regions’ and TTC’s security control techniques. (Addresses Management Challenge #2)
Audit of HSPD-12 and the Badge Access System
OIG Strategic Goal: Security
Homeland Security Presidential Directive-12 (HSPD-12) is a mandatory governmentwide standard created to enhance security, increase efficiency, and reduce identity fraud of Government employees and contractors. The Office of
Management and Budget has directed Government agencies to begin issuing credentials to employees and contractors by October 27, 2006, and finish by October 27, 2007.
The photo-identification/key card badge is an integral part of NRC’s physical security program. In addition to containing personal identification information, the badge is a programmable key card for controlling building/area access at headquarters, each of the regional offices, and the TTC. All badge manufacturing is done at headquarters, and specific access rights are assigned to each badge via headquarters, regional, and TTC access control systems. Based on the level of rights assigned, employees and contractors place their key cards against card readers to gain entry to various parts of the buildings and, in some cases, during specific times of day. NRC currently uses barium ferrite cards and readers, but plans to transition to a different technology within the next several years because of HSPD-12 requirements.
The objectives of this audit are to: 1) determine whether the agency is positioned to meet HSPD-12 requirements, and 2) determine if the badge access system meets its required operational capabilities and provides for the security, availability, and integrity of the system data. (Addresses Management Challenge #5)
Evaluation of NRC’s Information Security Practices
OIG Strategic Goal: Security
The Federal Information Security Management Act (FISMA) was enacted on December 17, 2002. FISMA permanently reauthorized the framework laid out in the Government Information Security Reform Act, which expired in November 2002. FISMA outlines the information security management requirements for agencies, including the requirement for an annual review and annual independent assessment by agency Inspectors General. In addition, FISMA includes new provisions such as the development of minimum standards for agency systems, aimed at further strengthening the security of the Federal Government information and information systems. The annual assessments provide agencies with the information needed to determine the effectiveness of overall security programs and to develop strategies and best practices for improving information security.
The objectives of this evaluation are to evaluate (1) the adequacy of NRC’s information security programs and practices for NRC major applications and general support systems of record for FY 2005, (2) the effectiveness of agency information security control techniques, and (3) the implementation of the NRC’s corrective action plan created as a result of the 2004 FISMA program review. (Addresses Management Challenge #2)
Audit of NRC’s Technical Training Center
OIG Strategic Goal: Security
The NRC’s Office of Human Resources manages training programs conducted at the TTC in Chattanooga, Tennessee. The TTC, with a budget of $3.6 million and 27 FTE, conducts training programs related to the regulation of nuclear materials and facilities, including nuclear power plant technology, radiation protection, risk assessment, and regulatory skills.
OIG is performing an audit of TTC’s operations which includes such areas as strategic planning, coordination with customers/stakeholders, management information and analysis, human capital management, process management, and performance results.
The objective of this audit is to identify opportunities to improve the economy, efficiency, and/or effectiveness of TTC’s operations in consonance with the President’s Management Agenda. (Addresses Management Challenge #9)
During this reporting period, OIG received 154 allegations, initiated 65 investigations and 2 Event Inquiries, and closed 25 cases. In addition, the OIG made 27 referrals to NRC management.
Investigative Case Summaries
NRC’s Handling of a Preemption Matter
OIG Strategic Goal: Safety
U.S. Operating Commercial Nuclear Power Reactors
OIG completed a review of concerns that while Section 274 of the Atomic Energy Act mandated that the regulation of byproduct, source, or special nuclear material was the exclusive jurisdiction of the NRC, certain States have established radiation dose release limits for those materials that differ from the release standard set by NRC. However, even though States were regulating NRC licensees in an area preempted by Congress to the Federal Government, NRC did not act proactively to address these encroachments. OIG became aware of this issue as a result of a July 2004 application to NRC from the Governor of Minnesota for Agreement State status. During a review of the application for Agreement State status, NRC staff became concerned about a 1992 State of Minnesota Public Utilities Commission order that required an annual radiation dose release limit for dry cask storage at a nuclear plant in the State which conflicted with the NRC dose limit. During OIG review of this matter, OIG found that while it has been the longstanding practice of NRC to not become involved in a potential preemption matter unless an NRC licensee initiates court action, NRC has no written policy regarding how the agency addresses preemption issues. In the Atomic Energy Act, Congress intended that regulation of a licensee be exercised by either the NRC Commission or State, but not by both. This intent was echoed by parties interviewed by OIG, including NRC stakeholders and staff, who wanted NRC to more proactively involve itself with preemption matters. Those facts, coupled with NRC’s criticism of the State of Minnesota during its review of the Agreement State Application for an action taken by the State with NRC’s knowledge over 10 years ago indicated that the current “hands off” practice of NRC in this area needed review and possible revision. OIG recommended that the NRC Commission direct the staff to review past NRC practices regarding preemption issues and to develop written policy for Commission approval concerning future actions by NRC in the area of State regulation of nuclear power plants. (Addresses Management Challenges #1 and 7)
Inappropriate Regulation of NRC Materials Licensee
OIG Strategic Goal: Security
OIG conducted an investigation concerning an allegation that NRC inappropriately issued a license in January 2001 to a licensee to distribute tritium weapon-sights that were manufactured overseas. The NRC license required that the licensee be the initial recipient of the tritium weapon-sights once they arrived from overseas, to perform an NRC-approved quality control review of the product, and to distribute the product from its facility located in New York. However, OIG obtained information that another company that was co-located with the licensee was the “exclusive distributor” of the weapon-sights in the United States.
OIG determined that prior to receiving the NRC distribution license, the licensee also needed a possession license for the weapon-sights. Because the licensee was located in an Agreement State, it had to receive its possession license from the State of New York. OIG learned that NRC obtained a copy of the possession license prior to issuing the distribution license to the licensee. OIG visited the licensee’s distribution facility and found that the licensee was co-located with the other company; however, the NRC licensee occupied its own separate locked area with the facility. OIG also found that one of the licensee’s employees was also employed by the other company and that this employee performed the NRC-approved quality control review of the weapon-sights on behalf of the licensee and then transferred the product to the second company for public sale. A law firm representing the licensee verified that the licensee rented space from the other company and that the employee was employed by both companies. Consequently, OIG determined that NRC did appropriately issue the distribution license to the licensee. (Addresses Management Challenge #1)
Failure to Report Contractor Payment Error to OIG Auditors
OIG Strategic Goal: Corporate Management
OIG conducted an investigation based upon information that the Division of Financial Services (DFS), Office of the Chief Financial Officer, NRC staff sent a payment for over $1 million to the wrong contractor. OIG learned that DFS staff mistakenly issued an electronic payment to an NRC contractor that had an almost identical corporate name as the NRC contractor which should have received the payment. The $1 million was returned to NRC, and NRC later issued a payment which included interest to the proper contractor. The erroneous payment was discovered by the independent auditors contracted by OIG to audit the FY 2005 NRC financial statements. DFS management had not reported the error to the independent auditors, despite the possible effect of the erroneous payment upon the financial statement review process. However, when questioned about the erroneous payment, DFS management provided a complete, accurate presentation of the facts and implemented additional internal control measures to the payment process.
OIG determined there was no indication that DFS staff intentionally withheld information related to the erroneous payment. OIG independent auditors will address the internal control issues raised by the erroneous payment as a reportable condition within the NRC FY 2005 audit report. (Addresses Management Challenge #6)
NRC Oversight of Research Test Reactors
OIG Strategic Goal: Security
The OIG conducted an investigation based on information aired in an October 2005 American Broadcasting Company (ABC) television episode of Primetime. The program reported that students were easily able to circumvent security measures and gain access to 12 of 13 university nuclear research and test reactor (RTR) facilities licensed by NRC. The Primetime program concluded that NRC oversight of the security measures in place at RTRs was inadequate.
During this investigation, OIG determined that following the events of September 11, 2001, NRC instituted increased security measures at RTRs which were based on the type and quantity of material onsite. Specifically, NRC sent each RTR site-specific Interim Compensatory Measures (ICM) for physical security and requested RTRs to develop implementation plans. NRC continued this oversight by conducting inspections of RTRs’ implementation plans for the ICMs to ensure that required security measures have been implemented at each RTR site.
OIG also determined that NRC staff appropriately addressed the specific incidents of apparent lack of security at RTRs reported in the ABC Primetime episode. OIG found that NRC first became aware of suspicious visitors to RTRs in June 2005. After coordination with the Federal Bureau of Investigation, NRC learned that the students were journalism students hired by ABC. Prior to the October 2005 Primetime episode, NRC obtained limited footage of the Primetime episode and reviewed the apparent security lapses documented by Primetime. NRC found one instance that was contrary to the RTRs’ security plans. NRC found that one of the ABC student reporters momentarily stepped uninvited through a door into the protected area of the RTR while speaking to the RTR operator. Due to this unauthorized access to the facility, the RTR was issued a violation; however, the violation was “non-cited” because the licensee’s actions were sufficient to protect public health and safety. (Addresses Management Challenge #1)
Computer Security Issue in the Office of Nuclear Regulatory Research
OIG Strategic Goal: Security
OIG conducted an investigation into reports that the operating system on a standard NRC desktop computer provided to a foreign assignee (FA) had been replaced without approval and that the computer had been connected to the NRC computer network in violation of applicable security guidance.
NRC’s FA program dates back to March 1974 and serves as an opportunity for employees of foreign counterpart agencies to gain firsthand experience with NRC operations. During their postings at the NRC, FAs are assigned duties similar to those of NRC employees. These assignments are based on the FA’s background and experience. FAs are not allowed access to classified or sensitive unclassified materials during their assignments at NRC.
OIG determined through staff interviews that the FA had likely replaced the agency standard Windows XP operating system with the Linux operating system to run programs associated with the FA’s assigned duties. As a result, this
computer was connected to the NRC computer network in violation of security plans specifically designed for the FA. No indications were found that the FA was provided accounts or access to resources on the NRC computer network. However, the computer assigned to the FA was later reconfigured and reissued to other NRC staff members following the FA’s departure from the agency which prevented a complete review of the computer by OIG. OIG also determined that the implementation of NRC’s computer security policies related to FAs was lax and that staff members’ security awareness concerning FAs was deficient. (Addresses Management Challenge #2)
A Conflict of Interest Between an OCFO Manager and a Contractor
OIG Strategic Goal: Corporate Management
OIG conducted an investigation into an allegation that a manager in NRC’s Office of the Chief Financial Officer (OCFO) golfed at an exclusive, private golf course with partners of a financial management services company and allegedly showed favoritism toward this company while the firm was attempting to obtain a financial management consulting services contract with NRC.
OIG determined that the OCFO manager participated in four golf outings with partners of the company at an exclusive private club in Potomac, Maryland during the time this same OCFO manager was responsible for overseeing most aspects of the procurement process, including initiating the procurement request and signing the procurement action, that resulted in the financial management services company being awarded a contract of approximately $1.5 million with NRC. The cost of three of the four golf outings, which included meals and drinks, was charged to the company’s corporate golf course account. Further, OIG found that the OCFO manager had six lunches with a partner of the company at various restaurants in the Washington, DC metropolitan area. The company partner paid for these lunches and was reimbursed for these expenses by the company. (Addresses Management Challenge #6)
Statistical Summary of OIG Accomplishments
Source of Allegations — October 1, 2005, through March 31, 2006
|Other Government Agency||1|
|Allegations resulting from Hotline calls: 39||Total: 154|
Disposition of Allegations — October 1, 2005, through March 31, 2006
|Referred for OIG Investigation||64|
|Referred for OIG Audit||5|
|Referred to NRC Management and Staff||27|
|Correlated to Existing Case||12|
|Referred to Other Agency||1|
|Pending Review or Action||1|
Status of Investigations
Summary of Investigations
|Internal Program Audit and Special Evaluation Reports|
11/10/05 Results of the Audit of the United States Nuclear Regulatory Commission’s Financial Statements for Fiscal Years 2005 and 2004
|11/18/05||Independent Auditors’ Report on the U.S. Nuclear Regulatory Commission’s Special Purpose Financial Statements as of September 30, 2005, and 2004, and for the Years Then Ended||OIG-06-A-02|
|12/02/05||Independent Accountants’ Report on the Application of Agreed-Upon Procedures on the Closing Package Intragovernmental Activity and Balances as of September 30, 2005||OIG-06-A-03|
|12/21/05||Review of NRC’s Implementation of the Federal Managers’ Financial Integrity Act for Fiscal Year 2005||OIG-06-A-04|
|12/22/05||Audit of Controls Over Video News Releases||OIG-06-A-05|
|01/09/06||Audit of NRC’s Integrated Personnel Security System||OIG-06-A-06|
|02/06/06||Follow-up Audit of the Nuclear Regulatory Commission’s Decommissioning Fund Program||OIG-06-A-07|
|02/10/06||2005 NRC Safety Culture and Climate Survey||OIG-06-A-08|
|02/16/06||Audit of NRC’s Office of Nuclear Security and Incident Response||OIG-06-A-09|
|02/23/06||Audit of the Development of the National Source Tracking System||OIG-06-A-10|
|03/16/06||Audit of the NRC Byproduct Materials License Application and Review Process||OIG-06-A-11|
|OIG Reports Containing Questioned Costs1
April 1, 2005 – September 30, 2005
|A.||For which no management decision
had been made by the commencement
of the reporting period
|B.||Which were issued during the
|Subtotal (A + B)||2||$43,547||$3,606,365|
|C.||For which a management decision was
made during the reporting period:
|(i) dollar value of disallowed costs||1||$5,114||0|
|(ii) dollar value of costs not disallowed||0||0||0|
|D.||For which no management decision
had been made by the end of the
|E.||For which no management decision was
made within 6 months of issuance
1Questioned costs are costs that are questioned by the OIG because of an alleged violation of a provision of a law, regulation, contract, grant, cooperative agreement, or other agreement or document governing the expenditure of funds; a finding that, at the time of the audit, such costs are not supported by adequate documentation; or a finding that the expenditure of funds for the intended purpose is unnecessary or unreasonable.
2The General Services Administration (GSA) is responsible for the management decision on these questioned and unsupported costs. GSA has advised that the decision will be made sometime in 2006.
|OIG Reports Issued with Recommendations
That Funds Be Put to Better Use3
October 1, 2004 – March 31, 2005
|A.||For which no management decision had been made by the commencement of the reporting period||0||0|
|B.||Which were issued during the reporting period||0||0|
|C.||For which a management decision was made during the reporting period:|
|(i) dollar value of recommendations that were agreed to by management||0||0|
|(ii) dollar value of recommendations that were not agreed to by management||0||0|
|D.||For which no management decision had been made by the end of the reporting period||0||0|
|E.||For which no management decision was made within 6 months of issuance||0||0|
that funds be put to better use” is a recommendation by the OIG
that funds could be used more efficiently if NRC management took actions
to implement and complete the recommendation, including: reductions in
outlays; deobligation of funds from programs or operations; withdrawal
of interest subsidy costs on loans or loan guarantees, insurance, or bonds;
costs not incurred by implementing recommended improvements related to
the operations of NRC, a contractor, or a grantee; avoidance of unnecessary
expenditures noted in preaward reviews of contract or grant agreements;
or any other savings which are specifically identified.
|Recommendations Described in Previous Semiannual Reports on Which Corrective Action Has Not Been Completed|
|Date||Report Title||Report Number|
Audit of NRC’s Regulatory Oversight of Special Nuclear Materials
Recommendation 1: Conduct periodic inspections to verify that material licensees comply with material control and accountability (MC&A) requirements, including, but not limited to, visual inspections of licensees’ to special nuclear material (SNM) inventories and validation of reported information.
Recommendation 5: Establish an independent NRC system of accounting for SNM possessed by NRC and Agreement State licensees and ensure that beginning balances are accurate based on NRC’s physical verification of a statistical sample of the location and amounts of SNM held by licensees or a review of a statistical sample of a licensee’s records or some combination thereof.
Review of NRC’s Drug-Free Workplace Plan
Recommendation 3: Obtain U.S. Department of Health and Human Services approval of the NRC Drug-Free Workplace Plan prior to implementation.
Audit of NRC’s Incident Response Program
Recommendation 1: Establish a defined agencywide incident response plan that includes standards for performance, delineation of the conduct of exercises and drills, and a well-defined objective mechanism for evaluating incident response during exercises.
Evaluation of NRC’s Certification and Accreditation Efforts
Recommendation 1: Develop and implement procedures for monitoring timely initiation of certification and accreditation efforts.
Recommendation 2: Develop and implement a mechanism for holding responsible managers and their staff accountable for completing certification and accreditation efforts in a timely manner.
Abbreviations and Acronyms
|ASLBP||Atomic Safety Licensing Board Panel|
|ABC||American Broadcasting Company|
|DFM||Division of Financial Management (NRC)|
|DFS||Division of Financial Services (NRC)|
|FISMA||Federal Information Security Management Act|
|HSPD-12||Homeland Security Presidential Directive-12|
|IAEA||International Atomic Energy Agency|
|IAM||Issue Area Monitor|
|ICM||Interim Compensatory Measures|
|IG Act||Inspector General Act|
|IPSS||Integrated Personnel Security System|
|ISR||International Survey Research, Inc.|
|NRC||U.S. Nuclear Regulatory Commission|
|NSIR||Office of Nuclear Security and Incident Response (NRC)|
|NSTS||National Source Tracking System|
|OCFO||Office of the Chief Financial Officer (NRC)|
|OIG||Office of the Inspector General (NRC)|
|PCIE/ECIE||President’s Council on Integrity and Efficiency/Executive Council on Integrity and Efficiency|
|PRA||Probabilistic Risk Assessment|
|RDD||radiological dispersal device|
|RTR||research and test reactor|
|SNM||special nuclear material|
|TTC||Technical Training Center (NRC)|
The Inspector General Act of 1978, as amended (1988), specifies reporting requirements for semiannual reports. This index cross-references those requirements to the applicable pages where they are fulfilled in this report.
|Section 4(a)(2)||Review of Legislation and Regulations||7|
|Section 5(a)(1)||Significant Problems, Abuses, and Deficiencies||13-19, 26-30|
|Section 5(a)(2)||Recommendations for Corrective Action||13-19|
|Section 5(a)(3)||Prior Significant Recommendations Not Yet Completed||36-37|
|Section 5(a)(4)||Matters Referred to Prosecutive Authorities||32|
|Section 5(a)(5)||Information or Assistance Refused||None|
|Section 5(a)(6)||Listing of Audit Reports||33|
|Section 5(a)(7)||Summary of Significant Reports||13-19, 26-30|
|Section 5(a)(8)||Audit Reports — Questioned Costs||34|
|Section 5(a)(9)||Audit Reports — Funds Put to Better Use||35|
|Section 5(a)(10)||Audit Reports Issued Before Commencement of the Reporting
Period for Which No Management Decision Has Been Made
|Section 5(a)(11)||Significant Revised Management Decisions||None|
|Section 5(a)(12)||Significant Management Decisions with Which the OIG Disagreed||None|