Office of the Inspector General Semiannual Report to Congress (NUREG-1415, Vol. 19, No. 2)
Download complete documentThe following links on this page are to documents in Adobe Portable Document Format (PDF). See our Plugins, Viewers, and Other Tools page for more information. For successful viewing of PDF documents on our site please be sure to use the latest version of Adobe.
Table of Contents
- OIG Organization and Activities
- NRC’s Mission
- OIG Mission and Strategies
- Management Challenges
- OIG General Counsel Activities
- Other Activities
- Statistical Summary of OIG Accomplishments
- Abbreviations and Acronyms
- Reporting Requirements
Manuscript Completed: March 2007
Date Published: March 2007
Reporting Period: October 1, 2006 - March 31, 2007
Office of the Inspector General
U.S. Nuclear Regulatory Commission
Washington, DC 20555
A Message from the Inspector General
We are pleased to present the Nuclear Regulatory Commission (NRC) Office of the Inspector General (OIG) Semiannual Report to Congress for the 6-month period ending March 31, 2007.
During this semiannual period, we issued 12 audit reports on NRC’s financial statements, programs and operations. In addition, we issued 5 contract audit reports that contained $194,000 in questioned costs, and final agency action has been completed on a prior contract audit that resulted in $3.6 million in disallowed costs. OIG also opened 43 investigations, and completed 21 cases. Eleven cases were referred to the Department of Justice, and 31 were referred to NRC management for action during this reporting period.
Our work reflects the legislative mandate of the Inspector General Act to identify fraud, waste, and abuse and to recommend appropriate corrective actions. The audits and investigations highlighted in this report demonstrate our commitment to improving NRC’s programs and operations and protecting their integrity.
During the next few years, NRC will receive its first round of new reactor applications since 1978. Some applications may involve new reactor design technologies and a new licensing process (combined
operating license). NRC estimates that it will receive 16 or more new applications in the coming years, and projects that upward of 450 new staff positions will be needed to meet this demand.
Coinciding with the increase in regulatory responsibilities, is the expected retirement of many senior staff who have the experience in licensing reactors from the 1960s, 1970s, and 1980s. The agency’s ability to effectively review and license the new generation of commercial nuclear reactors will depend significantly on how well employees new to the process are trained and developed into effective reviewers and regulators at the staff and senior management level. Furthermore, construction oversight of future plants will be equally or more challenging.
The review of new applications involving new reactor technologies, a new licensing process, and a new staff in this realm, will necessitate strong control processes to ensure that the agency meets its review and licensing objectives. By being a proactive independent observer and evaluator, OIG will support the agency through its oversight and recommendations designed to reduce the inherent risks in carrying out this new regulatory program.I look forward to continuing the collaborative work between my staff and agency managers to accomplish our common goal of ensuring the effectiveness, efficiency, and integrity of NRC programs and operations.
Hubert T. Bell
The following two sections highlight selected audits and investigations completed during this reporting period. More detailed summaries appear in subsequent sections of this report.
- The Chief Financial Officers Act requires the OIG to annually audit NRC’s principal financial statements. An independent public accounting firm, with OIG oversight, conducted the audit.
- NRC uses an automated badging and card reader system to control access within NRC’s headquarters, regional offices, and the Technical Training
Center (TTC). OIG audited this system to determine whether the current badge access system meets its required operational capabilities and provides for the security, availability, and integrity of the system data.
- NRC’s current fuel cycle facility oversight program relies primarily on
inspections. Inspections at fuel cycle facilities occur several times a year and typically cover activities such as nuclear criticality control, chemical process, emergency preparedness, fire safety, and radiation safety. OIG audited this program to determine if NRC has an effective and efficient approach to fuel cycle facility oversight.
- NRC’s TTC provides training in specific areas including, reactor technology, probabilistic risk assessment, engineering support, radiation protection and fuel cycle technology. OIG audited the TTC to assess its effectiveness in (1) providing training to NRC staff, and (2) carrying out its administrative responsibilities.
- The events of September 11 made it clear that terrorists have the patience and ability to plan and conduct devastating attacks in the United States. After that event, NRC acted immediately to begin addressing physical security in the byproduct material program. This report consolidates the significant findings from two previous OIG reports on nuclear material security. Specifically, this report reexamined the question of how effectively NRC has examined its internal process for potential security vulnerabilities.
- OIG conducted an investigation into allegations that over the past 14 years, the NRC has allowed fire protection safety violations to occur at the Shearon Harris Nuclear Power Plant.
- OIG conducted an investigation into information that an NRC Physical
Security Inspector attempted to solicit employment from licensee employees at the Nuclear Fuel Services facility in Erwin, Tennessee.
- OIG completed an investigation into concerns regarding the availability to the public of sensitive NRC documents contained in Local Public Document Room microfiche files across the Nation.
- OIG conducted an investigation into concerns by the New Jersey Department of Environmental Protection (NJDEP) officials regarding decommissioning plans submitted by two NRC licensees, Heritage Minerals, Inc., and
Shieldalloy Metallurgical Corporation.
- OIG completed an investigation into allegations that NRC Region II staff had failed to address security vulnerability concerns at the Sequoyah Nuclear Power Plant in March 2006, which resulted in another security incident at the plant in June 2006.
- OIG completed an investigation based on a review of the NRC Administrative
Services Center, Metro Subsidy Program, which developed information
that Metrochek subsidies had been issued in the names of former NRC
- OIG completed a review of the NRC’s Drug-Free Workplace Program Plan after receiving concerns that the agency was not operating its program in
compliance with applicable Federal guidance and requirements.
OIG Organization and Activities
The U.S. Nuclear Regulatory Commission (NRC) was formed in 1975 to regulate the various commercial and institutional uses of nuclear materials by the Energy Reorganization Act of 1974. The agency succeeded the Atomic Energy Commission, which previously had responsibility for both developing and regulating nuclear activities.
NRC’s mission is to regulate the Nation’s civilian use of byproduct, source, and special nuclear materials to ensure adequate protection of public health and safety, promote the common defense and security, and protect the environment. NRC’s regulatory mission covers three main areas:
- Reactors - Commercial reactors for generating electric power and research and test reactors used for research, testing, and training.
- Materials - Uses of nuclear materials in medical, industrial, and academic settings and facilities that produce nuclear fuel.
- Waste - Transportation, storage, and disposal of nuclear materials and waste, and decommissioning of nuclear facilities from service.
Under its responsibility to protect public health and safety, NRC has three principal regulatory functions: (1) establish standards and regulations, (2) issue licenses for nuclear facilities and users of nuclear materials, and (3) inspect facilities and users of nuclear materials to ensure compliance with the requirements. These regulatory functions relate to both nuclear power plants and other uses of nuclear materials – like nuclear medicine programs at hospitals, academic activities at educational institutions, research work, and such industrial applications as gauges and testing equipment.
NRC places a high priority on keeping the public informed of its work. The agency maintains a current Web site and a public document room in Rockville, Maryland (NRC headquarters), and holds public hearings, public meetings in local areas and at NRC offices, and discussions with individuals and organizations.
OIG Mission and Strategies
In the 1970s, Government scandals, oil shortages, and stories of corruption covered by newspapers, television, and radio stations took a toll on the American public’s faith in its Government. The U.S. Congress knew it had to take action to restore the public’s trust. It had to increase oversight of Federal programs and operations. It had to create a mechanism to evaluate the effectiveness of Government programs. And, it had to provide an independent voice for economy, efficiency and effectiveness within the Federal Government that would earn and maintain the trust of the American people.
In response, President Jimmy Carter in 1978 signed into law the landmark legislation known as the Inspector General Act (IG Act). The IG Act created independent Inspectors General (IGs), who would protect the integrity of Government; improve program efficiency and effectiveness; prevent and detect fraud, waste and abuse in Federal agencies; and keep agency heads, Congress, and the American people fully and currently informed of the findings of the IGs’ work.
Almost 30 years later, the IG concept is a proven success. The IGs continue to deliver significant benefits to our Nation. Thanks to IG audits and inspections, billions of dollars have been returned to the Federal Government or have been better spent based on recommendations identified through those audits and inspections. IG investigations have also contributed to the prosecution of thousands of wrongdoers. In addition, the IG concept of good governance, accountability, and monetary recoveries encourages foreign governments to seek our advice, with the goal of replicating the basic IG principles in their own governments.
NRC’s OIG was established as a statutory entity on April 15, 1989, in accordance with the 1988 amendment to the IG Act. NRC OIG’s mission is to (1) independently and objectively conduct and supervise audits and investigations relating to NRC programs and operations; (2) prevent and detect fraud, waste, and abuse; and (3) promote economy, efficiency, and effectiveness in NRC programs and operations.
OIG is committed to ensuring the integrity of NRC programs and operations. Developing an effective planning strategy is a critical aspect of accomplishing this commitment. Such planning ensures that audit and investigative resources are used effectively. To that end, OIG developed a Strategic Plan that includes the major challenges and critical risk areas facing NRC.
The plan identifies the priorities of OIG and establishes a shared set of expectations regarding the goals OIG expects to achieve and the strategies that will be employed to do so. OIG’s Strategic Plan features three goals which generally align with NRC’s mission and goals:
- Advance NRC’s efforts to enhance safety and protect the environment.
- Enhance NRC’s efforts to increase security in response to the current threat environment.
- Improve the economy, efficiency, and effectiveness of NRC corporate management.
The OIG Audit Program covers the management and financial operations, economy and efficiency with which an organization, program, or function is managed, and program results achieved. For this program, auditors assess the degree to which an organization complies with laws, regulations, and the internal policies in carrying out programs, and they test program effectiveness as well as the accuracy and reliability of financial statements. The overall objective of an audit is to identify ways to enhance agency operations and promote greater economy and efficiency. Audits comprise four phases:
- Survey phase - An initial phase of the audit usually is conducted to gather information, without detailed verification, on the agency’s organization, programs, activities, and functions. An assessment of vulnerable areas determines whether further review is needed.
- Verification phase - Detailed information is obtained to verify findings and support conclusions and recommendations.
- Reporting phase - The auditors present the information, findings, conclusions, and recommendations that are supported by the evidence gathered during the survey and verification phases. Exit conferences are held with management officials to obtain their views on the issues in the report. Comments from the exit conferences are presented in the published audit report, as appropriate. Formal written comments are included in their entirety as an appendix in the published audit report.
- Resolution phase - Positive change results from the resolution process in which management takes action to improve operations based on the recommendations in the published audit report. Management actions are monitored until final action is taken on all recommendations. When management and OIG cannot agree on the actions needed to correct a problem identified in an audit report, the issue can be taken to the Chairman for resolution.
Each September, OIG issues an Annual Plan that summarizes the audits planned for the coming year. Unanticipated high priority issues may arise that generate audits not listed in the Annual Plan. OIG audit staff continually monitor specific issue areas to strengthen OIG’s internal coordination and overall planning process. Under the OIG Issue Area Monitor (IAM) program, staff designated as IAMs are assigned responsibility for keeping abreast of major agency programs and activities. The broad IAM areas address nuclear reactors, nuclear materials, nuclear waste, international programs, security, information management, and financial management and administrative programs.
OIG’s responsibility for detecting and preventing fraud, waste, and abuse within NRC includes investigating possible violations of criminal statutes relating to NRC programs and activities, investigating misconduct by NRC employees, interfacing with the Department of Justice on OIG-related criminal matters, and coordinating investigations and other OIG initiatives with Federal, State, and local investigative agencies and other OIGs. Investigations may be initiated as a result of allegations or referrals from private citizens; licensee employees; NRC employees; Congress; other Federal, State, and local law enforcement agencies; OIG audits; the OIG Hotline; and IG initiatives directed at areas bearing a high potential for fraud, waste, and abuse.
Because NRC’s mission is to protect the health and safety of the public, one of the Investigation unit’s main focus and use of resources is investigations of alleged NRC staff misconduct that could adversely impact the agency’s handling of matters related to health and safety. These investigations typically include allegations of:
- Misconduct by high-ranking NRC officials and other NRC officials, such as managers and inspectors, whose positions directly impact public health and safety.
- Failure by NRC management to ensure that health and safety matters are appropriately addressed.
- Failure by NRC to appropriately transact nuclear regulation publicly and candidly and to openly seek and consider the public’s input during the regulatory process.
- Conflict of interest by NRC employees with NRC contractors and licensees involving such matters as promises of future employment for favorable or inappropriate treatment and the acceptance of gratuities.
- Fraud in the NRC procurement program involving contractors violating Government contracting laws and rules.
OIG has also implemented a series of proactive initiatives designed to identify specific high-risk areas that are most vulnerable to fraud, waste, and abuse. A primary focus is electronic-related fraud in the business environment. OIG is committed to improving the security of this constantly changing electronic business environment by investigating unauthorized intrusions and computer-related fraud, and by conducting computer forensic examinations. Other proactive initiatives focus on determining instances of procurement fraud, theft of property, Government credit card abuse, and fraud in Federal programs.
OIG General Counsel Activities
Pursuant to the Inspector General Act, 5 U.S.C. App. 3, Section 4(a)(2), OIG reviews existing and proposed legislation, regulations, and implementing Management Directives (MD) as well as policy issues, and makes recom mendations concerning their impact on the economy and efficiency of agency programs and operations.
From October 1, 2006, through March 31, 2007, OIG reviewed more than 250 agency documents, including approximately 120 Commission papers (SECYs), Staff Requirements Memoranda, and 130 Federal Register Notices, regulatory actions, and statutes. The most significant commentaries are summarized below:
Management Directive (MD) 9.14, Organization and Functions, Office of International Programs, addresses a vital program and as a result, guidance provided must be useable and comprehensive. OIG remarks focused on the need for more specific and detailed information in the directive. Further, the OIG suggested inclusion of additional guidance and definitions for referenced processes and organizations.
Management Directive 8.8, Management of Allegations, addresses a critical agency function, and was generally well constructed and comprehensive. The OIG comments related the need for inclusion of information on relevant OIG responsibilities and employee reporting requirements for matters within the purview of the Inspector General.To effectively track the agency’s response to regulatory review comments, OIG requests written replies within 90 days, with either a substantive reply or status of issues raised by OIG. During this reporting period, the agency forwarded seven substantive responses to OIG’s regulatory comments on draft management directives, as well as draft training plans, and Office of the Executive Director for Operations procedures.
On February 16, 2007, Maryann L. Grodin, General Counsel to the NRC Inspector General, served on a Federal Bar Association, Labor and Employment Law Section panel titled, “Privacy in the Workplace, Untangling the Web of Privacy Issues.” Panel members spoke on Electronic Privacy and Health Insurance Portability and Accountability Act matters, and Ms. Grodin addressed Privacy and Public Employment Issues. The panel enumerated and discussed the dozens of statutes and regulations currently pertaining to dissemination and protection of information as well as recent case law results.
On March 15, 2007, representatives from the Japanese Nuclear Safety Commission(NSC) met with members of the NRC OIG. The NSC representatives were Kazuhiko Wakasugi and Junko Sugaya. The purpose of this meeting was to exchange information about understanding regulatory review and audit practices.
In the morning, the Japanese delegation attended NRC’s Regulatory Information Conference. The Conference was an opportunity for the NRC, the nuclear industry, and other agency stakeholders to discuss and exchange information in areas regarding nuclear safety initiatives and regulatory issues.
In the afternoon, OIG staff discussed the Inspector General Act of 1978 (Act) as the cornerstone for the existence of Inspectors General. They further explained the role of OIG’s audit component in meeting the requirements of the Act. Of particular interest to the NSC representatives was an explanation of the operational independence of the OIG, its access to information, and its role in relation to the Government Accountability Office. In addition to describing its roles and responsibilities, OIG staff provided a historical account of the office’s role in auditing the agency’s programs. OIG staff also explained the evolution of nuclear regulation including how the agency interacts with its stakeholders including Congress, other Federal agencies, the nuclear industry, and the public at large.NSC representative members found the information useful, particularly the relationship of OIG with the rest of NRC, the evolution of nuclear regulation, and the training provided to OIG staff to maintain audit proficiency.
Russ Irish retired from the NRC OIG on March 17, 2007, after 18 years with this office. Russ started his career in the nuclear power industry with the construction of the Byron Nuclear Power Plant. When construction finished, Russ took an audit position with the Tennessee Valley Authority, Office of Inspector General. In 1989, he started with the NRC OIG as an auditor and held increasingly responsible positions, retiring as the Senior Level Assistant for Audit Operations.
His leadership, professionalism, expertise, and enthusiasm will be missed.
The Assistant Inspector General for Investigations (AIGI) recently met with NRC staff members throughout the four regional offices. The meetings were designed to provide insight into NRC OIG investigations as well as to elicit feedback from the staff regarding any concerns or perceptions.
To help the agency improve its effectiveness and efficiency during this period, OIG completed 12 performance audits or evaluations that resulted in numerous recommendations to NRC management. OIG also analyzed 5 contract audit reports.
Inspector General’s Assessment of the Most Serious Management and Performance Challenges Facing NRC
OIG Strategic Goal: Corporate Management
On January 24, 2000, Congress enacted the Reports Consolidation Act of 2000 requiring Federal agencies to provide financial and performance management information in a more meaningful and useful format for Congress, the President, and the public. The Act requires that the Inspector General of each Federal agency annually summarize what he or she considers to be the most serious management and performance challenges facing the agency and assess the agency’s progress in addressing those challenges. Congress left the determination and threshold of what constitutes a most serious management and performance challenge to the discretion of the Inspectors General.
The Inspector General, in his submission, defined serious management and performance challenges as mission critical areas or programs that have the potential for a perennial weakness or vulnerability that, without substantial management attention, would seriously impact agency operations or strategic goals.
Assessment Results: Based on the adopted criteria, the Inspector General revised his list of the most serious management and performance challenges, identifying the following nine challenges that are considered to be the most serious. Eight of the nine challenges are essentially the same as last year. However, this year the Inspector General identified a new management and performance challenge, the ninth, titled “Ability to meet the demand for licensing new reactors.”
In addition, the Inspector General identified one 2005 management challenge, “Intra-agency communication (up, down, and across organizational lines),” to be removed as a result of the various actions taken by the NRC to improve internal communications.
|NRC’s Most Serious Management Challenges as of September 30, 2006|
Protection of nuclear material used for civilian purposes.
Administration of all aspects of financial management.
Protection of information.
Communication with external stakeholders throughout NRC regulatory activities.
Development and implementation of a risk-informed and performance-based regulatory approach.
Managing human capital.
Ability to modify regulatory processes to meet a changing environment.
Ability to meet the demand for licensing new reactors.
Implementation of information resources.
Although the nine challenges identified are distinct, they are also interdependent. The overarching challenge of managing human capital is the cornerstone to effectively addressing all other management and performance challenges. The NRC continues to address these challenges in its planning and day-to-day activities.
Audit of the Nuclear Regulatory Commission’s Financial Statements for the Fiscal Years 2006 and 2005
OIG Strategic Goal: Corporate Management
The Chief Financial Officers Act requires the Inspector General to annually audit the NRC’s principal financial statements in accordance with applicable standards. In addition, the audit evaluated the effectiveness in internal controls over financial reporting and the agency’s compliance with laws and regulations. An independent public accounting firm, under contract to the OIG, conducted the audit with OIG oversight.
- The auditors expressed an unqualified opinion on the agency’s Fiscal Years 2006 and 2005 financial statements.
Internal Controls Over Financial Reporting
- The auditors expressed a qualified opinion on the agency’s internal controls over financial reporting.
- The auditors cited NRC’s Fee Billing System as a continuing material weakness which precludes NRC’s internal controls from providing reasonable assurance that material misstatements in the financial statements will be prevented and detected on a timely basis.
- The auditors also cited Information System-wide Security Controls as a new material weakness. Specifically, most of the information systems have not undergone contingency plan testing, and a majority lack current certification and accreditation to operate.
Compliance with Laws and Regulations
- The agency continues to be noncompliant with the provisions of Office of Management and Budget Circular A-25, User Charges, regarding the calculation of Title 10 Code of Federal Regulations, Part 170, hourly rates. The auditors also identified a continuing substantial noncompliance related to the Fee Billing System. (Addresses Management Challenge #6)
Social Engineering Assessment
OIG Strategic Goal: Security
OIG conducted tests to determine specific weaknesses and vulnerabilities with the NRC’s physical, personnel, and network access controls. These tests were designed to simulate social engineering attempts to infiltrate and exploit vulnerabilities on three distinct attack vectors (telephonic, cyber, and physical) within the NRC security infrastructure. The assessment was performed with the benefit of contracted support. It was undertaken with the intent that it would serve as the basis by which the OIG could further assess the NRC security environment and where necessary recommend enhancements to existing controls.
Assessment Results: NRC has in general developed strong security programs and practices that, if followed, provide barriers to attackers. NRC has also taken measures to ensure that its main information systems are protected against unauthorized access and access attempts. Further discussion of this report’s findings and recommendations cannot take place in this unclassified forum because it contains sensitive security information. (Addresses Management Challenge #2)
Audit of NRC’s Badge Access System
OIG Strategic Goal: Security
The photo-identification/key card badge is an integral part of the NRC’s physical security program. In addition to containing personal identification information, the badge is a programmable key card for controlling building/area access at headquarters, each of the regional offices, and the Technical Training Center (TTC). All badge manufacturing is done at headquarters, and specific access rights are assigned to each badge via headquarters, regional, and TTC access control systems. Based on the level of rights assigned, employees and contractors place their key cards against card readers to gain entry to various parts of the buildings and, in some cases, during specific times of the day. NRC currently uses barium ferrite cards and readers. NRC refers to its system as the Access Control and Computer Enhanced Security System/Photo Identification Computer System (ACCESS).
The objective of this audit was to determine whether the current badge access system meets its required operational capabilities and provides for the security, availability, and integrity of the system data.
Audit Results: NRC’s badge access system is capable of providing effective support for NRC’s physical security program. However, specific cost-effective actions are needed to enhance this legacy system’s usage at NRC until a planned replacement system is implemented. OIG identified the following shortcomings with regard to ACCESS and related badge accountability processes:
- Weaknesses exist concerning system user access.
- The system contains inaccurate data concerning special access areas and the current employee population.
- Badge accountability measures are inadequate.
- System documentation is incomplete or missing to include lack of follow-up on penetration results.
- TTC lacks a backup power supply for ACCESS.
These problems exist because concerns about ACCESS are overshadowed by the agency’s plan to replace the system as part of its Homeland Security Presidential Directive-12 (HSPD-12) solution. Left unaddressed, these weaknesses undermine the effectiveness of NRC’s physical security approach to control access into and within NRC facilities. (Addresses Management Challenge #5)
Audit of NRC’s Regulation of Nuclear Fuel Cycle Facilities
OIG Strategic Goal: Safety
The NRC’s current fuel cycle facility safety oversight program relies primarily on inspections focused on reviews of safety, safeguards, and environmental protection. This program applies to gaseous diffusion plants, highly enriched uranium fuel fabrication facilities, low-enriched uranium fuel fabrication facilities, and uranium hexafluoride production facilities. Inspections at fuel cycle facilities occur several times a year and typically cover activities such as nuclear criticality control, chemical process, emergency preparedness, fire safety, and radiation safety. NRC’s inspection results are documented in inspection reports.
This audit’s objective was to determine if NRC has an effective and efficient approach to fuel cycle facility oversight.
Audit Results: The agency’s current Fuel Cycle Facility Oversight Program would be enhanced by developing and implementing a framework that is modeled after a structured process, such as the process that NRC established for operating reactors. NRC staff identified needed improvements in its oversight program for regulating fuel cycle facilities. To address this issue, NRC staff began developing a structured process that emulated the reactor oversight process. However, NRC stopped short of fully developing and implementing a framework and implementing improvements that would enhance NRC’s Fuel Cycle Facility Oversight Program. These staff-identified improvements would:
- Reduce regulatory burden,
- Increase effectiveness, efficiency, and realism,
- Increase public confidence,
- Provide objective assessments,
- Provide predictable and timely responses to licensee performance, and
- Improve licensee safety performance.
Absent action to implement these improvements, the framework for regulating fuel cycle facilities is not as robust as it could be. (Addresses Management Challenge #3)
Audit of NRC’s Technical Training Center
OIG Strategic Goal: Corporate Management
When the NRC was established in 1974, it provided technical training at its Headquarters in Bethesda, Maryland. Pursuant to recommendations following the accident at the Three Mile Island nuclear power plant, NRC moved its technical training to Chattanooga, Tennessee. The Technical Training Center (TTC) provides training in specific areas including, reactor technology, probabilistic risk assessment, engineering support, radiation protection and fuel cycle technology.
The objective of this audit was to identify opportunities to improve the economy, efficiency, and effectiveness of the TTC’s operations.
Audit Results: Collectively, TTC instructors are knowledgeable, experienced and enthusiastic. While agency officials and former TTC students were generally pleased with the training provided by TTC, OIG identified opportunities for improvement in the following areas:
- Inventory practices for NRC equipment,
- Completeness and currency of policies and procedures,
- Maintenance of training materials,
- Scheduling course revisions,
- Instructor training and rotation, and
- Tracking and trending of course evaluations.
Addressing these areas will improve the efficiency and effectiveness of TTC’s training program and better prepare NRC for significant operational challenges that lie ahead. (Addresses Management Challenge #8)
Summary Report and Perspectives on Byproduct Material Security and Control
OIG Strategic Goal: Safety and Security
The events of September 11 made it clear that terrorists have the patience and ability to plan and conduct devastating attacks in the United States. After that event, the NRC acted immediately to begin addressing physical security in the byproduct material program. NRC implemented or has planned a variety of measures to regulate, provide for, and improve the security of byproduct material, to include:
- Issuance of a series of advisories and security-related orders that addressed the importance of the security and control of licensed material,
- Continued development of the National Source Tracking System,
- Instituted background checks of certain licensees,
- Shared licensee information with other Federal agencies, and
- Chaired and participated in a multi-agency task force on radiation source protection and security.
Audit Results: Despite these efforts, the agency can do more to identify and evaluate byproduct material security risks. Specifically, the NRC should undertake an impartial and comprehensive look inward at its own business and regulatory processes. Such an assessment should include examination of the management, operational, and technical security controls and the extent to which these controls are (1) implemented correctly, (2) operating as intended, and (3) producing the desired outcome with respect to mitigating security vulnerabilities. Without such an assessment, the agency is not aware of potential weaknesses and vulnerabilities in its byproduct material security program. An independent perspective would serve to validate or provide suggested improvements for the agency’s ongoing byproduct material efforts. (Addresses Management Challenges #1, #3, and #4)
Audit of NRC’s Nuclear Material Events Database
OIG Strategic Goal: Safety
The Nuclear Materials Events Database (NMED) contains a historical collection of information on the occurrence, description, and resolution of events involving the use of radioactive materials in the United States. NMED accommodates the sharing of material event data submitted by Agreement States, non-Agreement States, and NRC licensees. NMED provides users with search capabilities to analyze its data. NRC staff use NMED data for a variety of reasons, including inspections, performance metrics, and trend analysis. An agency contractor is responsible for data entry, coding, and quality control of the data which is obtained from NRC and material licensee reports.
Audit Results: OIG found that, in general, the NMED system works as intended and is a benefit to the agency. That is, NRC is using NMED as a data repository for licensee materials events. However, some concerns with a related system, the Fuel Cycle Nuclear Material Events Database (FCNMED) were identified. Specifically, the FCNMED lacks formalized guidance and appropriate oversight. Furthermore, through January 2008, NRC has budgeted about $52,000 in contract dollars for FCNMED, but the agency is not fully using the system to achieve the maximum benefit for its money.
There are several conditions that preclude FCNMED from being used as intended. Specifically:
- Many NRC staff members are not aware that FCNMED exists and are not accessing its data,
- The FCNMED data available to NRC staff is updated on a monthly basis, and
- There is limited assurance that the FCNMED data is complete.
Because there are no written FCNMED procedures for NRC staff and no one is officially the database content coordinator, NRC’s trending, performance metrics, and regulatory analyses may not include all pertinent fuel cycle data. As a result, NRC could be missing precursors to significant issues. Although the lack of these controls may not be critical at this time, it could become an issue should the nuclear industry, including the fuel cycle program, grow as is forecasted. (Addresses Management Challenge #3)
Audits in Progress
Audit of the Nuclear Power Plant License Renewal Program
OIG Strategic Goal: Safety
The Atomic Energy Act provides for a license period of 40 years for commercial nuclear power plants, but includes provisions for extending the license beyond this initial period. This original 40-year term for reactor licenses was based on economic and antitrust considerations--not on limitations of nuclear technology. Due to this selected time period, however, some structures and components may have been engineered on the basis of an expected 40-year service life. The maximum renewal period of licenses is for an additional 20 years. The first original operating license expired in the year 2006; approximately 13 percent will expire by the end of the year 2012 and more than 36 percent will expire by the year 2015. At this time, there are approximately 24 completed applications, 7 applications under review, and 25 letters of intent to seek license renewal.
The agency has an accumulated experience with the license renewal process, and the expectation is that a large number of applications will be reviewed over the next decade. The reactors currently in operation are the first generation of power reactors. Operation of these plants beyond 40 years and upwards to 60 years introduces the potential that new aging phenomena could be observed in the next two decades.The objective of this audit is to determine the effectiveness of license renewal reviews using standards existing in various agency documents and regulations. (Addresses Management Challenges #1 and #3)
Audit of the Nuclear Power Plant Power Uprate Program
OIG Strategic Goal: Safety
NRC regulates the maximum power level at which a commercial nuclear power plant may operate. The process of increasing the maximum power level at which a plant may operate is called a power uprate. There are three categories of power uprates, including (1) measurement uncertainty recapture power uprates, which are less than 2 percent and are achieved by implementing enhanced techniques for calculating reactor power; (2) stretch power uprates, which are typically up to 7 percent and are within the design capacity of the plant, and (3) extended power uprates which have been approved for increases as high as 20 percent. Extended power uprates often require significant modifications to plant equipment, such as the high-pressure turbines, condensate pumps and motors, main generators, and transformers.
Licensees seek permission to perform a power uprate by submitting a license application amendment to NRC. Since 1977, NRC has approved over 110 power uprates, resulting in a combined increase of over 4,900 megawatts electric to the Nation’s electric generating capacity. NRC anticipates as many as 25 power uprate applications during the next 5 years. Some of these future power uprate requests may be for plants that have been approved or may seek approval of a license renewal to operate plants for 20 additional years beyond their original 40-year license term.
The objective of this audit is to examine the support and justification for approving power uprate amendment applications. (Addresses Management Challenges #1 and #3)
Audit of NRC’s Enforcement Program
OIG Strategic Goal: Safety
The NRC’s enforcement jurisdiction is drawn from the Atomic Energy Act of 1954, as amended, and the Energy Reorganization Act of 1974, as amended. In recognition that violations occur in a variety of activities and have varying levels of significance, the Commission set out to create an enforcement framework with graduated sanctions to reflect this diversity. The Commission’s first public statement of policy on enforcement (the first Enforcement Policy) was published in 1980. Although the policy statement has changed several times, two goals of the enforcement program remain unchanged: to emphasize the importance of compliance with regulatory requirements; and, to encourage prompt identification, and prompt, comprehensive correction of violations. The enforcement program is also intended to meet the agency’s performance goals.
Violations are identified through inspections and investigations. All violations are subject to civil enforcement action and may also be subject to criminal prosecution. After an apparent violation is identified, it is assessed in accordance with the Commission’s Enforcement Policy. Because the policy statement is not a regulation, the Commission may deviate from the Enforcement Policy as appropriate under the circumstances of a particular case.
The objectives of this audit are to determine how NRC assesses (1) the significance of violations, and (2) the level of enforcement action to be taken. (Addresses Management Challenges #1 and #3)
Audit of the Emergency Preparedness Program
OIG Strategic Goal: Safety and Security
Emergency Preparedness (EP) measures are designed to address a wide range of event scenarios. Following the events of 9/11, the NRC evaluated the EP planning basis, issued orders requiring compensatory measures for nuclear security and safety, and observed license performance during security-based EP drills and exercises and security force-on-force exercise evaluations. Based on the information obtained through the drills and exercises, the staff determined that the EP basis remains valid but recognized that security events differ from accident-initiated events.
The objective of this audit is to assess the effectiveness of the EP program since it has been incorporated into the Office of Nuclear Security and Incident Response. (Addresses Management Challenge #1)
Audit of Security at NRC Headquarters
OIG Strategic Goal: Security
NRC buildings contain many security features and the agency has increasingly hardened its protection against access to its Headquarters (HQ). NRC HQ meets the U.S. Department of Justice’s recommended minimum physical security standards for Federal buildings. However, an August 15, 2002, OIG report found that NRC needed to further enhance HQ physical security and emergency response capability to improve its ability to prevent unauthorized individuals from accessing NRC space, protect the facility from physical attack, and mitigate the impact of an attack. Improvements were needed with regard to vehicle access control, building access control, and emergency preparedness.
The objective of this audit is to assess the adequacy of physical security measures at NRC Headquarters for three main areas: physical security, emergency preparedness, and written procedures. (Addresses Management Challenge #1)
Audit of Non-Capitalized Property
OIG Strategic Goal: Corporate Management
During FY 2001, OIG evaluated policies governing the accountability and control of NRC’s non-capitalized information technology property. The review found that property management policies for this equipment adhered to applicable laws and regulations; however, management controls to implement these policies were inadequate or lacking. In addition, the Property and Supply System, an online interactive computer system that functions as the official database for the agency’s property transactions, contained inaccurate information. During FYs 2004 and 2005, NRC developed the Space and Property Management System (SPMS), a new property and supply system designed to replace the old system. SPMS became operational on December 13, 2004, and final acceptance of the system by the Office of Administration took place in June 2005.
NRC policy requires the effective and efficient management of property including sufficient controls to deter or prevent loss through fraud, waste, or misuse. This policy not only applies to property in the agency’s possession, but also to property physically maintained by NRC’s contractors. As of June 14, 2006, SPMS accounts for approximately 16,791 pieces of non-capitalized property with an acquisition cost of approximately $28.2 million. This includes 4,256 pieces of sensitive property such as laptops and personal digital assistants with an acquisition cost of approximately $4.3 million. (Addresses Management Challenge #6)
Audit of NRC’s Process for Placing Documents in the ADAMS Public and Non-Public Libraries
OIG Strategic Goal: Corporate Management
NRC maintains many of its official records electronically in the Agencywide Documents Access and Management System (ADAMS). NRC offices are responsible for identifying which documents must be preserved as official agency records and which of these records are to be maintained electronically in ADAMS libraries. They are also responsible for determining which of these records should be publicly available and marking them appropriately to ensure they are housed in ADAMS public or non-public libraries. Such determinations must be made for records generated internally by NRC staff and for mail sent to NRC from external sources. About 5,300 records are added each month to ADAMS, and about 45 percent of these are made publicly available.
In August 2006, a public interest group representative informed OIG of several instances where NRC mistakenly assigned non-public availability to documents that should have been made public. In addition, OIG learned of instances where documents that should not be publicly available were found in ADAMS public libraries. Subsequently, OIG initiated this audit, which was not included in the OIG Annual Plan.
The audit objective is to determine the effectiveness and consistency by which documents are profiled and processed for entry into the public or non-public ADAMS libraries. (Addresses Management Challenges #2, #5, and #7)
During this reporting period, OIG received 122 allegations, initiated 43 investigations and closed 21 cases. In addition, the OIG made 31 referrals to NRC management and 11 to the Department of Justice.
Investigative Case Summaries
Inadequate Handling of Fire Safety Violations at Shearon Harris Nuclear Power Plant
OIG Strategic Goal: Safety
The OIG conducted an investigation into allegations in a Title 10 Code of Federal Regulations (CFR), Section 2.206 petition submitted by public interest groups requesting that the NRC staff take enforcement action against the Shearon Harris Nuclear Power Plant (Shearon Harris) which is licensed by the Carolina Power and Light Company. The petitioners requested that NRC take enforcement action against Shearon Harris because of recurring fire safety violations which affected safe shutdown functions of the plant. The petition asserted that the NRC has allowed fire protection safety violations to continue for 14 years and has“prioritized utility profits over public safety.”
OIG determined that the NRC had conducted quarterly and triennial inspections at Shearon Harris for the last 14 years. OIG reviewed 85 inspection reports issued by the NRC regarding Shearon Harris during the period December 1993 to October 2006. These reports documented NRC inspections of the Shearon Harris fire protection program and identified fire safety issues at Shearon Harris. OIG noted that the licensee has taken corrective actions in response to identified fire safety issues.
OIG also found that in June 2004, Shearon Harris, along with 41 other nuclear power plants, volunteered to participate in a pilot program to transition the plant to meet the National Fire Protection Association Standard 805, a performance-based standard for fire protection for light-water reactor electric generating plants. Because Shearon Harris volunteered to participate in this pilot program, the NRC is allowed to exercise enforcement discretion on fire safety-related issues. During the enforcement discretion period (2005 to 2008) NRC has the flexibility concerning whether to issue fire safety violations against Shearon Harris for fire safety-related issues. (Addresses Management Challenge #1)
Security of Sensitive NRC Material Located at Former Local Public Document Room Libraries
OIG Strategic Goal: Security
OIG completed an investigation into concerns regarding the availability of sensitive NRC documents contained in microfiche files in public libraries across the Nation. This issue was raised after a public interest group had purchased from a community college a microfiche collection of NRC documents, which included sensitive documents. The community college had obtained the microfiche collection from a public library.
In April 1971, NRC implemented a Local Public Document Room (LPDR) program which established document collections in libraries that were primarily located near commercial nuclear power plants. The LPDR collections contained hard copy documents pertaining only to the local site. In July 1990, NRC replaced hard copy documents with a microfiche collection of all publicly available NRC documents issued since January 1981 pertaining to all NRC licensees. Currently, the microfiche collection contains approximately 2 million records related to NRC regulatory activities nationwide that were issued to the public by NRC from approximately January 1981 to October 1999.
In November 1999, NRC transitioned to a new electronic recordkeeping system, the Agencywide Documents Access and Management System (ADAMS). As a result of ADAMS, NRC stopped funding the LPDR program and informed LPDR libraries that the agency was relinquishing ownership of the microfiche collections. Libraries had the option of keeping their collections or returning them to the Government. While the majority of the LPDR libraries chose to maintain their microfiche collections, several elected to transfer their collections to the Government Printing Office Federal Depository Library Program libraries to ensure permanent public access to this information.
Following the events of September 11, 2001, NRC reviewed sensitive documents that were publicly available in the NRC Web site and its public portion of ADAMS, the Publicly Available Records System (PARS). As a result, NRC removed from PARS approximately 1,200 documents generated after 1999 that were considered, from a post-September 11 perspective, to pose a security threat. At that time, NRC was also aware that the microfiche collection in the LPDRs contained a number of sensitive documents; however, a decision was made to not remove sensitive documents contained in the microfiche collections. In 2004, NRC re-examined ADAMS and removed additional sensitive information that was available to the public. NRC also reviewed information located in another publicly accessible component of ADAMS: the Public Legacy Library, which contains bibliographic citations for microfiche versions of all documents issued publicly by NRC before November 1, 1999. The Public Legacy Library enables an individual to locate and retrieve a microfiche document by providing the LPDR microfiche address for the document. Based on its review of the Public Legacy Library, the staff removed approximately 10,000 bibliographic citations pertaining to special nuclear material because this information revealed the location in the LPDR of sensitive microfiche documents. However, the actual documents remained in the LPDR microfiche collection.
To assess the status of the LPDR collections, OIG visited 27 of the 86 former LPDRs located throughout the United States. OIG found that while the microfiche collections at 27 libraries visited by OIG are available to members of the public, the majority of the librarians interviewed by OIG were unfamiliar with the NRC microfiche collections and the process for retrieving documents from these collections. Additionally, OIG found that most of the microfiche documents contained in the former LPDR collections are available from other sources including public and Government databases as well as commercial vendors.
OIG found that the LPDR collections contain a number of documents that the NRC has, since September 11, 2001, reclassified as Sensitive Unclassified Non-Safeguards Information (SUNSI) and removed from public access through ADAMS. However, the NRC staff has taken no action to remove these same documents from public access through the LPDR microfiche collections because, in their view, the documents have been widely available to the public and recent upgrades in nuclear power plant protective strategies make these aged documents of minimal value to an adversary. The staff’s rationale for not controlling the documents in the LPDRs calls into question the legitimacy of continuing to classify these documents as sensitive.
OIG learned that NRC’s inconsistent handling of documents considered sensitive has also created concern among some public stakeholders. Specifically, while the NRC staff will not release documents deemed as sensitive to a private citizen, the staff has taken no action to restrict a citizen from obtaining the same documents from the former LPDRs. This inconsistency has created a perception that the NRC may be using the continued classification of a number of documents as SUNSI merely to exclude the public from participation in NRC proceedings where these documents could be referenced.
OIG learned also that while the files in the former LPDRs contain approximately 2 million microfiche documents, a private citizen may locate particular documents through inquiry into the public portion of ADAMS. By searching the ADAMS historical citations (Public Legacy Library), an individual can obtain the microfiche address of a specific document issued prior to November 1, 1999, and locate the document address in the LPDR microfiche collection. This holds true for a number of microfiche documents that had been removed from ADAMS because of their sensitivity. (Addresses Management Challenges #1 and #4)
Inappropriate Solicitation of Employment by an NRC Inspector to a Licensee
OIG Strategic Goal: Corporate Management
OIG conducted an investigation based on an allegation from a licensee employee at Nuclear Fuel Services (NFS), in Erwin, Tennessee, that an NRC Physical Security Inspector inappropriately solicited employment from the NFS staff. Specifically, the NFS employee alleged that the NRC inspector mentioned to the NFS staff that he could fix NFS’s security problems in exchange for employment at NFS. Additionally, the NFS employee alleged that the NRC inspector provided NFS staff with a note containing the NRC inspector’s home address. Based on the note, the NFS employee believed that the NRC inspector was interested in a position at NFS.
OIG determined that the NRC inspector did not solicit employment from the NFS staff.
The NFS staff, to whom the NRC inspector allegedly made the comment about his ability to fix the security problems at NFS, denied that they ever heard the NRC inspector ask for employment or make the statement. In addition, OIG found that the NRC inspector was conducting an inspection at NFS when he received separate concerns which questioned the employment practices at NFS. As a part of the NRC inspector’s review, he asked questions about the NFS employment process, including where the applications were posted. The NFS employee did not have the employment information readily available for the NRC inspector. Therefore, the NRC inspector provided his home address on a note for the NFS employee to allow the NFS employee to quickly mail to him the information related to the NFS employment issues. OIG learned that it was acceptable for the NRC inspector to provide his personal mailing address to the NFS employee to facilitate receiving inspection information. Moreover, it would have also been appropriate for the NRC inspector to have requested general information, such as employment applications, from licensee employees for personal purposes. (Addresses Management Challenge #1)
Inappropriate Regulation by NRC of Clean-Up of Radioactive Waste in New Jersey
OIG Strategic Goal: Safety
OIG conducted an investigation based on information that State officials from the New Jersey Department of Environmental Protection (NJDEP) had concerns regarding the decommissioning plans (DP) submitted by two NRC licensees located in New Jersey: Heritage Minerals, Inc. (Heritage), and Shieldalloy Metallurgical Corporation (Shieldalloy). Specifically, NJDEP argued that the NRC decommissioning standards for the Heritage site were too lenient. Also, NJDEP opposed the DP proposed by Shieldalloy and maintained that the NRC should not have accepted for review the DP submitted by Shieldalloy.
OIG learned that Heritage has been mining minerals from the native sands on the Heritage site since 1986. Heritage was granted an NRC license in 1991 which licensed the residue material as well as the Heritage processing facility. In November 1997, Heritage submitted a DP to terminate its license so that the site could be released for “unrestricted use.” However, in 1998, NRC promulgated a new License Termination Rule (LTR), which changed NRC radiation limits for decommissioning sites from a dose-based limit to a concentration-based limit. The new LTR included a provision which allowed any licensee to apply for decommissioning under the old guidelines if its DP had been submitted by August, 1998. Heritage was one of 12 NRC licensees who requested this allowance. However, the NRC Commissioners required that their approval be given prior to releasing any of the 12 sites if they exceeded the new radiation limits. The Commission reviewed the NRC staff’s assessment of the Heritage DP and approved the recommendation to release the Heritage site for unrestricted use.
OIG learned that Shieldalloy was granted an NRC license in 1995 which authorized possession of uranium and thorium. In June 2006, after two previous submittals were rejected, the NRC accepted for review a Shieldalloy DP which proposed a long-term control license. As part of this process, the NRC staff will prepare a Safety Evaluation Report and an Environmental Impact Statement. The Environmental Impact Statement will be issued for public comment.
OIG determined that the NRC staff’s review of the DP of Heritage was conducted in accordance with applicable NRC regulations and guidelines. Also, the NRC staff is currently reviewing the DP submitted by Shieldalloy, and it is expected that the review will take approximately 2 years to include a public comment period. (Addresses Management Challenge #1)
Adequacy of NRC Handling of Security Vulnerabilities Reported by Security Guards at Sequoyah Nuclear Power Plant
OIG Strategic Goal: Safety
OIG received information regarding Region II’s alleged handling of security concerns at Tennessee Valley Authority’s (TVA) Sequoyah Nuclear Power Plant (SNPP). The Project On Government Oversight (POGO), a non-profit organization, reported to the NRC that it had seen a pattern of NRC Regions being aware of security concerns at nuclear power plants but not informing NRC Headquarters. As an example, POGO cited an incident whereby Region II was warned about the vehicle portal vulnerability at SNPP in March 2006. However, in June 2006 a crate containing 30 assault rifles, ordered by the facility, was delivered to the protected area and left unattended for 2 days. POGO alleged that in March 2006, Region II took no action to address SNPP’s vehicle portal vulnerability which resulted in the June 2006 incident.
OIG reviewed NRC allegation records and interviewed staff members who participated in the allegation process. OIG learned that the NRC staff reviewed and addressed a general concern provided in March 2006 through the NRC’s allegation process. Specifically, Region II referred the March 2006 concern to TVA which later provided Region II the results of its review. Additionally, OIG learned that the general security vulnerability concern reported in March 2006 was not directly related to the June 2006 incident. OIG found that the NRC Region II learned of the June 2006, incident during a baseline security inspection in July 2006, and the Region immediately informed NRC Headquarters. OIG also found that the plant had informed a resident inspector at the time of the incident, but that he had failed to further notify his management. The inspector was counseled on this matter by the Region. Additionally, the NRC conducted a special inspection to specifically address this incident in August 2006, and determined that the licensee had committed two violations of NRC regulations. OIG found no evidence of NRC staff misconduct during this investigation. (Addresses Management Challenge #1)
Issuing Metrochek Subsidies in the Name of Departed NRC Employees
OIG Strategic Goal: Corporate Management
OIG conducted an investigation based on a review of the NRC Administrative Services Center, Metro Subsidy Program which developed information that Metrochek subsidies had been issued in the names of former NRC employees. The Metrochek Subsidy Program is managed by NRC contractors. NRC contractors handling the program are responsible for the daily operations which include distributing, reporting, and conducting an inventory of the Metrochek subsidies.
OIG determined that the Metrochek farecards were distributed on nine separate occasions in the names of six former NRC employees. Each Metrochek farecard issued in the name of a former employee was for $105.00. OIG found that an NRC contractor responsible for managing the Metrochek Subsidy Program, had initialed and/or forged contractor co-workers’ initials on the Metrochek distribution report, then stole the Metrochek farecards. The contractor used the Metrochek farecards for personal use. (Addresses Management Challenge #6)
NRC Drug-Free Workplace Program Plan
OIG Strategic Goal: Corporate Management
The OIG completed an investigation based on information that the agency was not operating its Drug-Free Workplace Program in compliance with applicable Federal guidance and requirements. The program, mandated by Executive Order 12564, outlines NRC policies and procedures for drug testing employees. OIG learned that Federal agencies must receive certification for their plans from the Department of Health and Human Services (HHS).
OIG reviewed program plans and related documents and interviewed NRC staff involved in overseeing and implementing the Drug-Free Workplace Plan. OIG learned that in 1997, NRC implemented the NRC Drug-Free Workplace Plan. However, this Plan, which is the guidance currently used by the NRC, has never received HHS concurrence. Since February 2005, NRC has submitted three versions of a proposed revision to the Plan, but to date the NRC has not received HHS certification for the proposed revision. OIG had previously highlighted the lack of HHS certification and other drug testing program shortcomings to NRC in audits conducted in 2004. Additionally, OIG found that the agency has deviated from the 1997 Plan in its implementation of the drug testing program. In particular, the agency has failed to follow its own guidance in obtaining the services of a Drug Rehabilitation Assessment Coordinator and in the roles and responsibilities of the Employee Assistance Program Manager. OIG also noted that disagreements between NRC managers involved in implementing the Plan have precluded the sharing of necessary program information and the resolution of program issues. (Addresses Management Challenge #6)
Statistical Summary of OIG Accomplishments
Source of Allegations — October 1, 2006, through March 31, 2007
|Other Government Agency||3|
|Allegations resulting from the Hotline: 37||Total: 122|
Disposition of Allegations —October 1, 2006, through March 31, 2007
|Referred for OIG Investigation||43|
|Referred for OIG Audit||1|
|Referred to NRC Management and Staff||31|
|Referred to External Agency||2|
|Pending Review or Action||6|
|Correlated to Existing Case||3|
Status of Investigations
Summary of Investigations
|Internal Program Audit and Special Evaluation Reports|
|10/06/2006||Inspector General’s Assessment of the Most Serious Management and Performance Challenges Facing the Nuclear Regulatory Commission||OIG-07-A-01|
|11/09/2006||Results of the Audit of the United States Nuclear Regulatory Commission’s Financial Statements for Fiscal Years 2006 and 2005 (For information call OIG at 301-415-5915)||OIG-07-A-02|
|11/22/2006||Independent Auditors’ Report on the U.S. Nuclear Regulatory Commission’s Special-Purpose Financial Statements as of September 30, 2006, and 2005, and for the Years then Ended (For information call OIG at 301-415-5915)||OIG-07-A-03|
|11/30/2006||Social Engineering Assessment - OFFICIAL USE ONLY - NOT FOR PUBLIC RELEASE (For information call OIG at 301-415-5915)||OIG-07-A-04|
|01/09/2007||Audit of NRC’s Technical Training Center||OIG-07-A-05|
|01/10/2007||Memorandum Report: Audit of NRC’s Regulation of Nuclear Fuel Cycle Facilities||OIG-07-A-06|
|01/10/2007||Memorandum Report: Review of NRC’s Implementation of the Federal Managers’ Financial Integrity Act for Fiscal Year 2006||OIG-07-A-07|
|01/10/2007||Transmittal of the Independent Auditors’ Report on the Condensed Financial Statements of the United States Nuclear Regulatory Commission for Fiscal Years 2006 and 2005||OIG-07-A-08|
|01/12/2007||Transmittal of the Independent Accountants’ Report on the Application of Agreed-Upon Procedures on the Closing Package Intergovernmental Activity and Balances||OIG-07-A-09|
|01/23/2007||Audit of NRC’s Badge Access System||OIG-07-A-10|
|03/23/2007||Audit of NRC’s Nuclear Material Events Database||OIG-07-A-11|
|03/30/2007||Summary Report and Perspectives on Byproduct Material Security and Control||OIG-07-A-12|
|Contract Audit Reports|
|Questioned Costs||Unsupported Costs|
Science and Engineering Associates
|1/18/07||Urban Meridian Joint Venture
Corp. of Columbus
|OIG Reports Containing Questioned Costs1
April 1, 2006 – September 30, 2006
|A.||For which no management decision
had been made by the commencement
of the reporting period
|B.||Which were issued during the
|Subtotal (A + B)||1||$38,433||$3,606,365|
|C.||For which a management decision was made during the reporting period:|
|(i) dollar value of disallowed costs||0||0||0|
|(ii) dollar value of costs not disallowed||0||0||0|
|D.||For which no management decision
had been made by the end of the
|E.||For which no management decision was
made within 6 months of issuance
1Questioned costs are costs that are questioned by the OIG because of an alleged violation of a provision of a law, regulation, contract, grant, cooperative agreement, or other agreement or document governing the expenditure of funds; a finding that, at the time of the audit, such costs are not supported by adequate documentation; or a finding that the expenditure of funds for the intended purpose is unnecessary or unreasonable.
2The General Services Administration (GSA) is responsible for the management decision on these questioned and unsupported costs. GSA has advised that the decision will be made sometime in 2006.
|OIG Reports Issued with Recommendations
That Funds Be Put to Better Use3
October 1, 2004 – March 31, 2005
|A.||For which no management decision had been made by the commencement of the reporting period||0||0|
|B.||Which were issued during the reporting period||0||0|
|C.||For which a management decision was made during the reporting period:|
|(i) dollar value of recommendations that were agreed to by management||0||0|
|(ii) dollar value of recommendations that were not agreed to by management||0||0|
|D.||For which no management decision had been made by the end of the reporting period||0||0|
|E.||For which no management decision was made within 6 months of issuance||0||0|
that funds be put to better use” is a recommendation by the OIG
that funds could be used more efficiently if NRC management took actions
to implement and complete the recommendation, including: reductions in
outlays; deobligation of funds from programs or operations; withdrawal
of interest subsidy costs on loans or loan guarantees, insurance, or bonds;
costs not incurred by implementing recommended improvements related to
the operations of NRC, a contractor, or a grantee; avoidance of unnecessary
expenditures noted in preaward reviews of contract or grant agreements;
or any other savings which are specifically identified.
|Significant Recommendations Described in Previous Semiannual Reports on Which Corrective Action Has Not Been Completed|
|Date||Report Title||Report Number|
Audit of NRC’s Regulatory Oversight of Special Nuclear Materials
Recommendation 1: Conduct periodic inspections to verify that material licensees comply with material control and accountability (MC&A) requirements, including, but not limited to, visual inspections of licensees’ special nuclear material (SNM) inventories and validation of reported
Review of NRC’s Drug-Free Workplace Plan
Recommendation 3: Obtain U.S. Department of Health and Human Services approval of the NRC Drug-Free Workplace Plan prior to implementation.
Audit of NRC’s Incident Response Program
Recommendation 1: Establish a defined agencywide incident response plan that includes standards for performance, delineation of the conduct of exercises and drills, and a well-defined objective mechanism for evaluating incident response during exercises.
Evaluation of NRC’s Certification and Accreditation Efforts
Recommendation 1: Develop and implement procedures for monitoring timely initiation of certification and accreditation efforts.
Recommendation 2: Develop and implement a mechanism for holding responsible managers and their staff accountable for completing certification and accreditation efforts in a timely manner.
|Summary of Audit Reports Without Management Decision For More Than Six Months|
|Date||Report Title||Report Number|
Audit of the Development of the National Source Tracking System
Summary: OIG made two recommedations to the Executive Director for Operations to (1) conduct a thorough regulatory analysis for all radioactive sources that should be included in the new system, and (2) validate data in an existing data base. The agency disagreed with the first recommendation
Reason Unresolved: The agency’s proposed action does not fully address the intent of OIG’s recommendation. OIG recommended that NRC conduct a comprehensive regulatory analysis of a much broader group of materials, including aggregation of sources and bulk material. NRC’s proposal falls far short of what OIG recommends. OIG plans to send the issue to the audit resolution process.
Audit of the NRC’s Byproduct Materials License Application and Review Process
Summary: OIG made two recommendations to the Executive Director for Operations to (1) conduct a complete vulnerability assessment of the materials program, including the license application and review process, and (2) modify the license application and review process to mitigate the risks identified in the vulnerability assessment. The agency disagreed with both recommendations and the recommendations remain unresolved.
Reason Unresolved: OIG’s recommendation cannot be implemented unless and until NRC has undertaken a comprehensive vulnerability assessment of the materials program.The recommendation to modify the license and application review to mitigate risks discovered during a comprehensive vulnerability assessment necessarily depends on the results of such an assessment. OIG plans to send the issue to the audit resolution process.
Abbreviations and Acronyms
|AEA||Atomic Energy Act|
|ACCESS||Access Control and Computer Enhanced Security System|
|ADAMS||Agencywide Documents Access and Management System|
|FCNMED||Fuel Cycle Nuclear Materials Events Database|
|HHS||U.S. Department of Health and Human Services|
|HSPD-12||Homeland Security Presidential Directive-12|
|IAM||Issue Area Monitor|
|IG Act||Inspector General Act|
|LPDR||Local Public Document Room|
|LTR||License Termination Rule|
|NFS||Nuclear Fuel Services|
|NMED||Nuclear Materials Events Database|
|NJDEP||New Jersey Department of Environmental Protection|
|NRC||U.S. Nuclear Regulatory Commission|
|NSC||Nuclear Safety Commission (Japan)|
|OIG||Office of the Inspector General (NRC)|
|PARS||Publicly Available Records System|
|POGO||Project on Government Oversight|
|PRA||Probabilistic Risk Assessment|
|SNPP||Sequoyah Nuclear Power Plant|
|SPMS||Space and Property Management System|
|SUNSI||Sensitive Unclassified Non-Safeguards Information|
|TTC||Technical Training Center (NRC)|
|TVA||Tennessee Valley Authority|
The Inspector General Act of 1978, as amended (1988), specifies reporting requirements for semiannual reports. This index cross-references those requirements to the applicable pages where they are fulfilled in this report.
|Section 4(a)(2)||Review of Legislation and Regulations||6|
|Section 5(a)(1)||Significant Problems, Abuses, and Deficiencies||9-18, 23-30|
|Section 5(a)(2)||Recommendations for Corrective Action||9-18|
|Section 5(a)(3)||Prior Significant Recommendations Not Yet Completed||37-48|
|Section 5(a)(4)||Matters Referred to Prosecutive Authorities||32|
|Section 5(a)(5)||Information or Assistance Refused||None|
|Section 5(a)(6)||Listing of Audit Reports||33|
|Section 5(a)(7)||Summary of Significant Reports||9-18, 23-30|
|Section 5(a)(8)||Audit Reports — Questioned Costs||35|
|Section 5(a)(9)||Audit Reports — Funds Put to Better Use||36|
|Section 5(a)(10)||Audit Reports Issued Before Commencement of the Reporting
Period for Which No Management Decision Has Been Made
|Section 5(a)(11)||Significant Revised Management Decisions||None|
|Section 5(a)(12)||Significant Management Decisions with Which OIG Disagreed||None|