Highlights for April 14– 18, 2003Activities Underway Office of Safeguards and Security Evaluations (OA-10) Hanford/PNNL Comprehensive Inspection: Planning actions and coordination with the site points-of-contact continues. The on-site data collection phase will commence as scheduled. Members of the performance testing team are meeting with site representatives to coordinate the proposed force-on-force exercises. CMPC Special Reviews: Data collection activities were completed at the Chicago Operations Office and ANL-W. Report writing continues this week. OA-10 is developing a presentation on the protection of classified removable media for the April 25 meeting of the SO policy group. OA is meeting with the Office of Intelligence to review the accreditation package for the PNNL SCIF. Office of Cyber Security Evaluations (OA-20) Perimeter Scanning Project: OA-20 personnel in partnership with the Office of the Chief Information Officer initiated a special study (Perimeter Scanning Project) to map out and characterize DOE’s network perimeter. As part of this initiative, OA-20 is also offering to scan DOE networks for vulnerabilities in order that line management can address weaknesses. This effort is being undertaken to improve the Department’s protection posture. Testing has been completed for 34 DOE sites. Testing is currently ongoing at several additional sites. Discussions with cyber security personnel at several NNSA sites are ongoing to establish additional scanning agreements. Unannounced Cyber Security Penetration Testing: OA-20 has developed a draft protocol for the conduct of unannounced penetration testing of DOE computer systems. The protocol is undergoing internal office review. Cyber Security Inspection of the Hanford Site and Pacific Northwest National Laboratory: OA-20 will begin the initial phase of a cyber security inspection as scheduled. This is part of the combined Safeguards and Security and Cyber Security Inspection. DOE Cyber Security Conference: OA-20 managers and staff provided a series of briefings at DOE's computer security conference held in Baltimore, Maryland April 14-17. Presentations were designed to raise awareness of OA mission activities and oversight strategies, technical assessment methodologies, and most commonly identified security vulnerabilities. Office of Emergency Management Oversight (OA-30) OA-30 and OA-50 continue to plan for the combined inspection of the East Tennessee Technology Park. OA-30 and OA-50 have begun planning for a combined inspection of the Idaho National Engineering and Environmental Laboratory (INEEL). The next INEEL planning discussion has been scheduled for April 24. Office of Environment, Safety and Health Evaluations (OA-50) Sandia National Laboratory - NM Inspection: The final report was transmitted to the site on April 7. A final approved corrective action plan is due with 60 calendar days. Y-12 National Security Complex Inspection: Validation and closeout activities were completed April 10. Comments on the report are due on April 24. ETTP Inspection: Planning and coordination activities continue. A team planning session in Germantown was conducted. OA-30 has the overall lead for this inspection. INEEL Inspection: Planning for the combined ES&H and Emergency Management inspection is progressing as scheduled. A follow-up conference call with site management has been scheduled for April 24, 2003. The Director of OA-50 will participate in the call along with the Director of OA-30 (Team Leader). AAAHC: The Sandia National Laboratories - California application for accreditation to the AAAHC was accepted and approved. The accreditation survey is scheduled for May. DNFSB Commitments and Management Challenge Actions Plans: Discussions have been ongoing with EH and NNSA managers and staff on actions planned to address recent IG reports and DNFSB commitments. Meeting with Senior Managers from the Nuclear Safety Directorate (NSD) of the United Kingdom (UK): On April 15, the Office Director met with senior managers from the NSD of the UK. Coordination and exchange of management systems strategies between OA and the NSD continue. Areas of mutual interest include inspection and review methodologies, safety performance measures, self-assessment approaches, and training of inspectors. Activities Completed Office of Safeguards and Security Evaluations (OA-10) Savannah River Site (SRS) Comprehensive Inspection: OA received comments from SRS on the draft inspection and incorporated the comments, as appropriate. The report was distributed. Argonne National Laboratory-East (ANL-E) Comprehensive Inspection: On-site data collection and draft report were completed. Closeout was conducted on April 16. OA-10 management and selected staff completed work with representatives from SO to develop proposed corrective action plans in response to findings made by the GAO and the IG in two recent reports. Office of Cyber Security Evaluations (OA-20) Cyber Security Inspection at the Argonne National Laboratory – East (ANL-E): OA-20 completed a cyber security inspection at ANL-E. A draft report has been prepared and has been provided to site management for review. Briefings for Office of Science management on the inspection results have been scheduled for this week. Office of Environment, Safety and Health Evaluations (OA-50) Pantex Plant Inspection: The corrective action plan was reviewed and determined to be responsive to the findings. A response memorandum has been developed. Draft DOE Manual 414.1-1 was reviewed and comments provided. The Office Director conducted a briefing on the environmental results of the Los Alamos National Laboratory Environment, Safety, and Health and Emergency Management Inspection for EH-1 and staff.
|