| |
Search Options | |||
| Index | Site Map | FAQ | Facility Info | Reading Rm | New | Help | Glossary | Contact Us | |
|||
Office of the Inspector General Semiannual Report to Congress (NUREG-1415, Vol. 15, No. 2)On this page:Table of Contents
Publication InformationManuscript Completed: April 2003 Office of the Inspector General Memorandum to the ChairmanOn behalf of the Office of the Inspector General (OIG) for the U.S. Nuclear Regulatory Commission (NRC), I am pleased to submit this Semiannual Report to the U.S. Congress. This report summarizes significant OIG activities during the period from October 1, 2002, to March 31, 2003, in compliance with Sections 4 and 5 of the Inspector General Act of 1978, as amended. During this reporting period, our office completed 12 performance and financial audits of NRC’s programs and operations. This work led OIG to make numerous recommendations and suggestions to NRC for program improvement. In addition, OIG completed 23 investigations and 2 Event Inquiries, and made 26 referrals to NRC management. Finally, OIG analyzed seven contract audit reports issued by the Defense Contract Audit Agency. Looking towards the future, OIG has engaged in an update of its strategic plan based in part on an assessment of the strategic challenges facing NRC. We seek to add value to NRC technical and administrative programs by aligning our strategic direction with NRC’s mission and strategic goals. As symbolized by the cover of this publication, this time in the history of the NRC is one marked by significant safety and security challenges for the agency and its licensees. OIG remains steadfast in its resolve to continue to work constructively with agency managers in their efforts to refine the efficiency and effectiveness of responsive agency programs that ultimately protect the health and safety of the public. Finally, I would like to express my appreciation for the collaborative work between my staff and agency managers to address OIG findings and to implement many of the recommendations made by my office. I also want to express my appreciation to all OIG staff for their continued professionalism, dedication, and willingness to accept new challenges. Sincerely, Hubert T. Bell
Executive SummaryThe following two sections highlight selected audits and investigations completed during this reporting period. More detailed summaries appear in subsequent sections of this report. Audits
Investigations
Office of the Inspector GeneralNearly 25 years ago, in October 1978, the Congress enacted and the President signed the Inspector General (IG) Act, creating independent audit and investigative offices in 12 Federal agencies. The IG Act established a framework to foster accountability and integrity in Government. Before its implementation, auditors and investigators were frequently scattered across the programs they were charged with reviewing, making it difficult to ensure independence, foster coordination, or detect patterns of abuse across agency programs. The IG Act essentially centralized and elevated the audit and investigative organization under an Inspector General, ensuring an independent voice to the agency head, the Congress, and the public, as well as the agency managers who act on IG recommendations. The IG Act has been amended several times over the years to add new IGs and clarify reporting requirements. Today, 57 Offices of Inspector General provide oversight for 59 Federal agencies. Inspectors General have two basic roles — to independently find and report on current problems and to foster good program management to prevent future problems. Inspectors General meet their specific statutory mission by:
The Office of the Inspector General community is charged with being a significant, positive force for improving the economy, efficiency, and effectiveness of Federal programs and operations and for preventing and detecting fraud, waste, abuse, and mismanagement. Offices of the Inspector General account for billions in saved and recovered Federal funds, as well as thousands of prosecutions, civil and personnel actions, and suspensions and debarments of businesses and individuals for wrongdoing. Helping to fight terrorism, evaluating the Nation’s critical infrastructure, striving to improve the Government’s financial management, and validating agency performance and accountability measures are among the key tasks facing the Nation’s Inspectors General today. These tasks have emerged as a result of priorities established by the President, the Congress, and, more recently, threats against our homeland. These priorities differ sharply from those faced by the newly formed IG offices nearly 25 years ago. In the case of the NRC, Congress established an independent OIG through a 1988 amendment to the IG Act. Today, OIG’s primary mission is to assist NRC by ensuring integrity, efficiency, and accountability in the agency’s programs to regulate the civilian use of byproduct, source, and special nuclear materials in a manner that adequately protects the health and safety of the public, as well as the environment, while promoting the Nation’s common defense and security. In Fiscal Year (FY) 2003, the NRC’s total budget authority is $578 million, which includes an appropriation of $6.8 million for OIG.
Organization and Functions of NRC's OIGNRC’s OIG includes auditors, criminal investigators, legal counsel, and a resource management and operations support (RMOS) staff. OIG’s audit program is designed to provide assurance to the Chairman and to Congress that NRC programs and operations are working efficiently and effectively. Consequently, the audit staff conducts performance and financial audits, as well as special evaluations. Performance audits focus on NRC’s administrative and programmatic operations. Financial audits focus on NRC’s internal control systems, transaction processing, and financial systems. In special evaluations, OIG auditors present OIG perspectives or information on specific topics. The mission of OIG’s investigative program is to perform investigative activities related to the integrity of NRC’s programs and operations. The majority of OIG’s investigations focus on violations of law or misconduct by NRC employees and contractors, as well as allegations of irregularities or abuses in NRC programs and operations. As a complement to the investigative function, the investigative staff also conducts Event Inquiries, which yield reports documenting the examination of events or agency regulatory actions that do not specifically involve individual misconduct. Instead, these reports identify staff actions that may have contributed to the occurrence of an event. In addition, the OIG investigative staff periodically performs root cause analyses and implements other preventive initiatives such as integrity awareness training. OIG’s General Counsel (GC) provides independent legal advice on issues concerning criminal law and procedures, evidence, and constitutional law as they relate to OIG’s investigative program. The GC also develops legal interpretations of appropriations law, financial management statutes and regulations, and procurement and funding rules in support of OIG’s audit program. In addition, the GC conducts and coordinates, with other cognizant OIG staff, in-depth reviews of existing and proposed legislation, regulations, and agency directives that affect NRC programs and operations and, as appropriate, provides written comments. The intent of these reviews is to assist the agency in prospectively identifying and preventing potential problems. The RMOS staff formulates and executes the OIG budget, prepares OIG’s Semiannual Report to Congress, operates an independent personnel program, administers the control of OIG funds, administers OIG’s information technology programs, coordinates strategic planning activities, and performs a variety of other support functions.
About the NRCMission NRC’s mission is to regulate the Nation’s civilian use of byproduct, source, and special nuclear materials to ensure adequate protection of public health and safety, promote the common defense and security, and protect the environment. NRC’s scope of responsibility includes regulation of commercial nuclear power plants; research, test, and training reactors; fuel cycle facilities; medical, academic, and industrial uses of nuclear materials; and the transport, storage, and disposal of nuclear materials and waste. Statutory Authority NRC was created as an independent agency by the Energy Reorganization Act of 1974, which abolished the Atomic Energy Commission and moved its regulatory function to NRC. This act, along with the Atomic Energy Act of 1954, as amended, provides the statutory foundation for regulation of the Nation’s nuclear power industry. NRC regulations are issued under the United States Code of Federal Regulations Title 10, Chapter 1. Major Activities NRC fulfills its responsibilities through a system of licensing and regulatory activities that include the following:
Organization NRC’s Commission is composed of five members, with one member designated by the President to serve as Chairman. Each member is appointed by the President, with the advice and consent of the Senate, and serves a term of 5 years. Members’ terms are staggered so that one Commissioner’s term expires on June 30th of every year. No more than three members of the Commission can be from the same political party. The NRC staff numbers approximately 2,900, with roughly two-thirds of the employees working at the agency’s headquarters in Rockville, Maryland. The remainder are primarily located in four regional offices and at resident inspector offices at each commercial nuclear power plant and some fuel cycle facilities.
The Audit ProgramTo help the agency improve its effectiveness during this period, OIG completed 12 performance and financial audits, which resulted in a number of recommendations and suggestions to NRC management. In addition, OIG analyzed seven contract audit reports issued by the U.S. Defense Contract Audit Agency (DCAA).Audit SummariesOIG’s 2002 Survey of NRC’s Safety Culture and Climate The OIG engaged an independent contractor, International Survey Research, to conduct a survey of NRC’s workforce to (1) measure NRC’s safety culture and climate, (2) compare results against NRC’s 1998 Safety Culture and Climate Survey, and (3) compare results to Government and national benchmarks. The study included a qualitative design phase, where a random sample of NRC employees and managers were interviewed, and a quantitative component consisting of a survey offered to all NRC employees. The survey generally concluded that the NRC safety culture and climate appears to be improving. Specifically, the workforce views itself as effective and dedicated to the NRC safety mission. Comparison with the 1998 survey results also indicates improvement in virtually every category or topical area. Further, the survey found that most scores exceed established national benchmarks for Government research and technical composites. However, the survey did reflect that two program support offices will require substantial effort to improve organizational culture and climate. In addition, the survey also found that Continuous Improvement Commitment, that is, employees’ views on commitment to public safety and whether employees are encouraged to communicate ideas to improve safety, regulations, and operations, is below norm and a matter of concern. Empowerment, Communication, Quality Focus, Management Leadership, and Organizational Commitment were determined to be areas requiring additional management focus. As a counterpoint, dramatic improvement was demonstrated in the category, Future of the NRC, which focuses on items that evaluate employee’s views on how NRC’s regulation of its licensees has changed in the past year and will change in the future. That is, the way people are managed day to day, communication, the quality of work produced, productivity, the public image of the agency, and the NRC as a whole. The survey concluded that improvement in these topics can positively impact issues gauged in the category Continuous Improvement Commitment. (Addresses All Management Challenges) Review of NRC’s Handling and Marking of Sensitive Unclassified Information OIG received a congressional request to review the adequacy of NRC’s programs for handling and releasing sensitive documents, as a result of preliminary draft of the Yucca Mountain Review Plan was inadvertently released to the public in September 2000. The draft plan provided guidance on evaluating a license application for a geological repository for spent nuclear fuel. As a predecisional document, the draft plan was an Official Use Only document and should have been treated as sensitive unclassified information protected from public disclosure until Commission approval was granted. Official Use Only information is one category of sensitive unclassified information that includes predecisional documents and information protected from public disclosure until certain conditions are met. While most of NRC’s documents are released to the public, NRC has a program and guidance to prevent the public release of sensitive unclassified information. However, OIG found that the guidance does not adequately protect Official Use Only documents from inadvertent public disclosure. Specifically:
OIG also found that NRC employees are not consistently implementing the requirement to report incidents of inadvertent release of sensitive unclassified information to the Office of the Executive Director for Operations. This practice would allow for the identification of systemic problems and the application of best practices agency-wide. The agency is taking corrective actions to address these issues. (Addresses Management Challenge #9) Memorandum Report: Inspector General’s Assessment of the Most Serious Management Challenges On January 24, 2000, Congress enacted the Reports Consolidation Act of 2000 which requires Federal agencies to provide an annual report that would consolidate financial and performance management information in a more meaningful and useful format for Congress, the President, and the public. Included in the act is the requirement that the report include a statement from the Inspector General that summarizes what the Inspector General considers to be the most serious management and performance challenges facing the agency and briefly assess the agency’s progress in addressing those challenges. Congress left the determination and threshold of what constitutes a most serious management challenge to the discretion of the Inspectors General. As a result, OIG applied the following definition:
The most serious management challenges facing NRC may be, but are not necessarily, areas that are problematic for the agency. The challenges, as identified, represent critical areas or difficult tasks that warrant high-level management attention. This year, OIG identified nine management challenges considered to be the most serious. (Addresses All Management Challenges)
Results of the Audit of the U.S. Nuclear Regulatory Commission’s Fiscal Year 2002 Financial Statements The Chief Financial Officers Act requires OIG annually to audit NRC’s Principal Financial Statements. An independent public accounting firm, under contract to OIG, conducted the audit for FY 2002. Their report contains (1) the principal statements and the auditor’s opinion on those statements, (2) the auditor’s opinion on management’s assertion about the effectiveness of internal controls, and (3) a report on NRC’s compliance with laws and regulations. The independent auditors issued an unqualified opinion on the balance sheet and the statements of changes in net position, net cost, budgetary resources, and financing. In the report on management’s assertion about the effectiveness of internal controls, the auditors concluded that management’s assertion is not fairly stated. The auditors reached this conclusion because management did not identify managerial cost accounting as a material weakness. The auditors identified three new reportable conditions and closed one prior-year reportable condition. The new conditions concern cost accounting implementation, accounting for internal use software monitoring, and external reporting of financial information. The report on NRC’s compliance with laws and regulations disclosed three noncompliances. The first is that NRC did not comply with Executive Order 13103, Computer Software Piracy. The second is that NRC’s 10 CFR Part 170 license fee rates are not based on full cost, and the third is that NRC is in substantial non-compliance with the Federal Financial Management Improvement Act of 1996 (FFMIA). The specific issue related to FFMIA is that managerial cost accounting was implemented, but did not meet Federal accounting and systems requirements. (Addresses Management Challenge #4) Memorandum Report — Review of NRC’s Implementation of the Federal Managers’ Financial Integrity Act for Fiscal Year 2002 The Federal Managers’ Financial Integrity Act (FMFIA) was enacted on September 8, 1982, in response to continuing disclosures of waste, loss, unauthorized use, and misappropriation of funds or assets associated with weak internal controls and accounting systems. Congress felt such abuses hampered the effectiveness and accountability of the Federal Government and eroded the public’s confidence. The FMFIA requires Federal managers to establish a continuous process for evaluating, improving, and reporting on the internal controls and accounting systems for which they are responsible. FMFIA requires the head of each executive agency subject to the FMFIA to submit a report to the President and Congress each year on the status of management controls and financial systems that protect the integrity of agency programs and administrative activities. NRC makes its FMFIA assessment and report in its annual Performance and Accountability Report. OIG reviewed NRC’s compliance with FMFIA for FY 2002 and found that NRC complied with its requirements. Although NRC is not reporting any material weaknesses, OIG reported one material weakness: NRC’s managerial cost accounting process does not meet Federal requirements. The agency has recognized this issue as a significant, but not material weakness. OIG first reported the lack of managerial cost accounting as a material weakness in the FY 1998 reports on FMFIA and the agency’s financial statements. NRC is actively pursuing a resolution to this issue. Although NRC implemented a cost accounting process and system at the end of FY 2002, the system does not meet Federal accounting standards and requirements for management information systems. The new system does not (1) address the uses of cost accounting as espoused in Statement of Federal Financial Accounting Standards No. 4, Managerial Cost Accounting Standards, or (2) contain the internal system controls required by the Federal Government’s Joint Financial Management Improvement Program. OIG will continue to report this issue as a material weakness until NRC successfully implements managerial cost accounting. (Addresses Management Challenge #4) Management Audits of NRC’s Four Regional Offices NRC has four regional offices located in King of Prussia, Pennsylvania (Region I); Atlanta, Georgia (Region II); Lisle, Illinois (Region III); and Arlington, Texas (Region IV). Each regional office operates under the direction of a Regional Administrator. The regional offices constitute the agency’s front line in carrying out its mission and implementing established agency policies and programs nationwide. NRC regulates 104 licensed nuclear power plants that supply about 20 percent of the Nation’s electricity needs. The agency also regulates about 4,900 licenses that use radioactive materials for industrial, medical, and academic purposes. NRC regional offices regulate about 4,700 of these licenses. For FY 2002, NRC’s regional offices had 784 full-time equivalent positions and $104.4 million to support regional operations. These reports reflect the results of OIG’s reviews to assess a wide range of regional technical and administrative activities in each of the four regions. Regions monitor performance using their operating plans that identify specific performance measures, or metrics, which the regions strive to accomplish. The regions report their metric data to headquarters in quarterly updates to their operating plans. While regional public health and safety metrics were generally found to be valid and reliable, the administrative metrics were not. Regional action is needed to improve (1) the validity and reliability of all metrics and reported results and (2) management controls in several administrative areas including facilities management, information management, and communication. Improved metrics will better enable the regional offices to evaluate their performance in specific technical and administrative areas. OIG also conducted interviews with reactor site-based inspectors and region-based inspectors and technical staff. The purpose of the interviews was to gain information for evaluating regional management’s support for the full range of regional activities. Overall, the inspectors and technical staff indicated they are able to perform their responsibilities and are generally satisfied with regional office management support. However, the inspectors and technical staff raised specific issues concerning NRC operations. Many of these issues will be included in future audits. (Addresses All Management Challenges) Headquarters Action Needed on Issues Identified from Regional Audits OIG found that the regional operating plan metrics and results reported against those metrics were not consistently valid or reliable. The consistency and quality of data varied widely from region to region. As a result, the usefulness of this information for decision making at the regional or headquarters levels is limited, and comparison among regions is often not possible. Because operating plans are continuing to evolve and administrative metrics are a recent addition, quality control and assurance has not been built into the process of developing, compiling, reviewing, and reporting regional metrics. Additionally, the agency’s emphasis to date has been on public health and safety metrics and, as a result, the regions’ administrative metrics have received limited review by headquarters officials. Management controls need improvement in the areas of continuity planning and protection of sensitive information. In the event of an emergency, the agency needs improved processes and procedures for transferring headquarters functions to an alternate site. Each of the four regions needs improved security measures to adequately protect sensitive information processed on its standalone systems. The absence of security controls over systems used to process classified and unclassified safeguards information increases the risk of loss, misuse, or unauthorized access to information resources. OIG also identified regional best practices that should be considered for adoption by other regions. (Addresses All Management Challenges) Use of E-Mail at NRC Electronic mail (e-mail) is the term used to describe correspondence sent or received in electronic form. E-mail has replaced the telephone as the primary and preferred method of business communication because it is faster and cheaper than traditional methods. While e-mail provides benefits for businesses, it also poses risks. For example, important e-mail correspondence is not always preserved, which may cause records management problems. Inappropriate employee use is another risk when employees access an organization’s e-mail system for personal use. OIG found that NRC management officials have not implemented adequate controls for ensuring that appropriate e-mail records become official agency records. Specifically, NRC management has not updated agency guidance concerning the identification of official records and has not finalized other documents that will provide valuable information on this subject to staff. Furthermore, NRC has not provided adequate training to staff on these subjects. As a result, offices approach records management inconsistently and may be failing to capture all official record material. The audit also determined that NRC employees generally use the e-mail system for official business or limited personal use in accordance with agency policy. In contrast, NRC contractors do not follow the Government-furnished information technology (IT) equipment usage policy. Contractors mistakenly believe that the NRC employee minimal-use policy applies to them. In addition, contracting and project officers neglected to include required clauses concerning contractor personal use of IT equipment in NRC contracts. As a result, contractors are not in compliance with NRC policy, which was written to avoid recurrences of instances of inappropriate use of Government-furnished IT equipment by contractors. None of the e-mail correspondence reviewed during the audit contained inappropriate or prohibited material. (Addresses Management Challenges #3 and #9) Computer Security Review at NRC’s Technical Training Center The NRC’s Technical Training Center (TTC), located in Chattanooga, Tennessee, provides training to meet the integrated NRC staff needs in the curriculum areas of reactor technology, probabilistic risk assessment, engineering support, radiation protection, fuel cycle, security and safeguards, and regulatory skills. The Office of Management and Budget Circular A-130, “Management of Federal Information Resources,” Appendix III requires agencies to implement and maintain an automated information systems security program, including the preparation of policies, standards, and procedures. The Federal Information Security Management Act (FISMA) of 2002 outlines the information security management requirements for agencies. These requirements include an independent evaluation of an agency’s information security program and practices, and an evaluation of the effectiveness of information security control techniques. The FISMA also requires an assessment of compliance with requirements and related information security policies, procedures, standards, and guidelines. The security review found that the controls implemented by TTC are generally effective in reducing the risk associated with their operations. However, several areas need improvement. These areas include administrative security controls, information technology controls, physical security controls, safety controls, and supporting utilities. The root cause of many of these deficiencies was the lack of a system security officer at TTC. Because the report contains sensitive unclassified information, the details of the areas needing improvement are not available for public dissemination. (Addresses Management Challenge #9)
Audits in ProgressAudit of NRC’s Contract Administration PracticesDuring FY 2002, NRC obligated $96 million in contract actions, excluding agreements with the Department of Energy (DOE). The Division of Contracts is responsible for (1) developing and implementing agency-wide contracting policies and procedures and (2) providing advice and assistance to NRC program officials regarding the Nuclear Regulatory Commission Acquisition Regulations, the Federal Acquisition Regulations, and methods for meeting program objectives consistent with such regulations. The objective of this audit is to review the economy, efficiency, and effectiveness of the management controls included in the NRC’s contract administration practices. The audit will focus on (1) contract administration and oversight of selected contracts and purchase orders, (2) acquisition workforce training, (3) contract closeouts, and (4) contract audit coverage. (Addresses Management Challenge #4) Audit of NRC’s Regulatory Oversight of Special Nuclear Materials NRC requires that its materials licensees establish and maintain material control and accountability programs and allow for NRC to inspect the materials, accounting controls, and premises where special nuclear material and source materials are used or stored. Additionally, NRC requires that licensees report information to the Nuclear Materials Management and Safeguards System (NMMSS), a computer database managed by the U.S. Department of Energy (DOE) and jointly used with NRC for tracking certain private- and Government-owned nuclear materials. The objective of this audit is to determine whether NRC adequately ensures that its licensees account for and control special nuclear material. (Addresses Management Challenges #1, 3, and 5) Audit of NRC’s Research and Test Reactor Program Research and test reactors are designed and utilized for research, testing, and educational purposes. NRC currently licenses 36 non-power reactors operating in 23 States. Fourteen others are being decommissioned. In contrast to commercial nuclear power facilities, most non-power reactors are located in urban areas, primarily on university campuses. They typically range in size from 0.10 watts to 20 megawatts (thermal). Most of these reactors have less than 1/1000th the power of a commercial power reactor. NRC inspects each facility periodically to ensure that programs are conducted in accordance with license requirements. Areas inspected include organizational structure, qualifications and responsibilities, operational activities, design and design control, review and audit functions, radiation and environmental protection, operator requalification, maintenance and surveillance activities, fuel handling, experiments, procedures, emergency preparedness, and safeguards and security. NRC conducts about 20 assessments of non-power reactors annually with inspection frequency based on the amount of nuclear material at the facility. Because of the agency’s focus on commercial power reactors, there is concern that the research and test reactor program may not be receiving adequate attention, especially in the current heightened security environment. The audit’s objective is to determine whether NRC’s research and test reactor program is providing adequate oversight of these facilities. (Addresses Management Challenges #1, 2, and 7) Audit of NRC’s Protection of Safeguards Information Safeguards information is sensitive unclassified information that specifically identifies the detailed (1) security measures of a licensee or an applicant for the physical protection of special nuclear materials or (2) security measures for the physical protection and location of certain plant equipment vital to the safety of production or utilization facilities. NRC established its Sensitive Unclassified Information Security Program to ensure that sensitive unclassified information is handled appropriately and is protected from unauthorized disclosure under pertinent laws, management directives, and applicable directives of other Federal agencies and organizations. OIG is conducting this audit to determine whether NRC’s program adequately ensures protection of safeguards information, prevents its inappropriate release to the public and NRC employees who should not have access, and adequately defines what constitutes safeguards information. (Addresses Management Challenge #9) Computer Security Review at NRC’s Region I Office Located in King of Prussia, Pennsylvania, the NRC’s Region I office operates under the direction of the Regional Administrator and covers an 11-State area and the District of Columbia, including 8 States with nuclear power plants. Region I also regulates about 1,725 licenses that use radioactive materials for industrial, medical, and academic purposes. OMB Circular A-130, “Management of Federal Information Resources,” Appendix III requires agencies to implement and maintain an automated information systems security program, including the preparation of policies, standards, and procedures. The Federal Information Security Management Act (FISMA) of 2002 outlines the information security management requirements for agencies. These requirements include an independent evaluation of an agency’s information security program and practices and an evaluation of the effectiveness of information security control techniques. The FISMA also requires an assessment of compliance with requirements and related information security policies, procedures, standards, and guidelines. The objectives of this computer security review are to (1) evaluate Region I’s information security program and practices, (2) evaluate the effectiveness of automated and manual security controls, and (3) identify problems that exist and make recommendations for corrective actions. (Addresses Management Challenges # 3 and 9) Followup Audit of NRC’s Internet Usage The objective of the audit is to assess the effect of the agency’s corrective actions since the prior audit was completed in October 2002. The previous audit disclosed that over an 8 day period in June 2001, between 52 percent and 79 percent of employee Internet usage was for personal use. Some personal use was in direct violation of NRC policy. Because of the amount of personal use and the occurrence of prohibited activity, NRC needed to enforce and clarify its May 2001 information technology policy covering personal Internet use. (Addresses Management Challenge #3) Audit of NRC’s Personnel Security Program The Government personnel security system was established following World War II as a means of supporting the information classification system and of implementing the Truman and Eisenhower Administrations’ programs to investigate the loyalty of Federal Government officials. Over the past half century, a variety of directives and additional regulations have been issued to tailor the system to specific needs and respond to specific concerns. The goal of the personnel security process is to determine whether past behavior is a matter of concern for future reliability. A security clearance indicates that a person has been investigated and deemed eligible for access to classified information based on established criteria set out in regulations. Before prospective Federal employees and contractors who work in the national security arena can have access to national security information, they must undergo an investigation and adjudication to determine whether they should receive a security clearance. The audit’s objective is to determine whether the program is effectively managed and achieves its goals. (Addresses Management Challenge #9)
The Investigative ProgramDuring this reporting period, OIG received 150 allegations, initiated 64 investigations, and completed 23 investigative and 2 Event Inquiries. In addition, OIG made 26 referrals of allegations to NRC management. Investigative Case SummariesNRC Regulation of Davis-Besse Regarding Damage to the Reactor Vessel Head OIG completed an inquiry into concerns raised by the Union of Concerned Scientists (UCS) regarding a perceived lack of NRC oversight of the Davis-Besse Nuclear Power Station (DBNPS). In August 2001, the NRC issued NRC Bulletin 2001-01 which sought to have licensees shut down and perform inspections by December 31, 2001, on plants identified as being highly susceptible to vessel head penetration nozzle cracking. UCS alleged that NRC allowed DBNPS to continue operating until February 16, 2002, without performing those inspections despite indications of significant cracking to the reactor vessel head. As a result of this inquiry, OIG found that NRC’s decision to allow DBNPS to continue operating until February 16, 2002, without performing vessel head penetration nozzle inspections was driven in large part by a desire to lessen the financial impact on the licensee that would result from an earlier shutdown. While the decision by the staff to allow DBNPS to continue to operate was consistent with NRC’s performance goal to reduce unnecessary regulatory burden, it was contrary to NRC Bulletin 2001-01’s intent that at-risk plants conduct timely inspections to ensure that NRC regulatory requirements related to reactor coolant leakage were met. OIG also found that NRC staff were reluctant to take regulatory action against a licensee absent absolute proof of a violation, despite strong indications that DBNPS did not comply with NRC regulations and plant technical specifications and may have operated with reduced safety margins. In addition, OIG found that the NRC staff developed a well-documented technical basis for preparing an order to shut down DBNPS, and on November 21, 2001, informed the Commission of the intent to shut down the plant on or before December 31, 2001. However, contrary to the strong justification present in the order, the NRC never forced a shutdown. Instead, the NRC staff concluded that the licensee could safely operate DBNPS until February 16, 2002, provided the licensee implemented several compensatory measures it had developed. OIG found that the NRC staff did not document its analytical bases for reaching this conclusion. (Addresses Management Challenge #2) NRC’s Regulatory Oversight Over the Control of Special Nuclear Material at Millstone Unit 1 OIG completed an inquiry concerning the reported loss of two spent nuclear fuel rods at Millstone Nuclear Power Station Unit 1. In November 2000, the NRC license holder for Millstone Northeast Nuclear Energy Company discovered it could not locate two spent fuel rods which were last accounted for in 1978. The OIG inquiry reviewed NRC oversight of the licensee’s special nuclear material accountability program at Millstone Unit 1 from the late 1970s to the present. As a result of this inquiry, OIG found that the missing fuel rods were last accounted for during a 1978 Material Control and Accountability (MC&A) inspection at Millstone Unit 1 conducted by the NRC. The purpose of the inspection was to account for special nuclear material maintained by the licensee. The fuel rods were no longer present in the spent fuel pool when the NRC conducted the next MC&A inspection in 1982. However, OIG determined that the NRC inspector did not identify the loss of these fuel rods during the 1982 inspection because he relied on an inaccurate beginning inventory amount provided by the licensee instead of using the verified ending inventory amount reflected in the NRC 1978 inspection report. OIG also determined that the last MC&A inspection conducted at Millstone was in 1982 and that since 1988, MC&A inspections are no longer performed as part of the baseline or supplemental inspections at nuclear power plants. (Addresses Management Challenge #1) Unlawful Interaction Between NRC and DOE Staffs Regarding Yucca Mountain OIG conducted an investigation into allegations by the Attorney General of the State of Nevada pertaining to Government activities involving the Yucca Mountain nuclear waste repository site. Specifically, it was alleged that NRC and DOE representatives conducted private meetings which, contrary to NRC regulatory and policy mandates, excluded Nevada State representatives and members of the public. Moreover, it was alleged that these private meetings violated restrictions placed on pre-licensing and ex-parte communications between NRC and a potential licensee. It was also alleged that NRC staff engaged in an inappropriate cooperative effort with DOE to secure an opinion from the Office of Government Ethics (OGE) which adversely affected the State of Nevada. As a result of this investigation, OIG determined that the NRC staff and DOE representatives were not involved in prohibited ex-parte communications, that excluded Nevada State representatives and members of the public because the Yucca Mountain licensing process was not in the adjudicatory phase. The pre-licensing communications between the NRC and DOE representatives occurred during informal meetings which were in accordance with the pre-licensing phase of the application process and were consistent with NRC regulatory requirements and policy mandates. In addition, with respect to State of Nevada concerns pertaining to the OGE opinion, OIG found that in January 2002, OGE representatives contacted NRC and DOE staff in an effort to develop a consistent and comprehensive policy for all executive branch agencies whose former employees might seek to represent private parties concerning Yucca Mountain. In July 2002, OGE issued official guidance to all executive branch agencies concerning Federal conflict-of-interest restrictions as applied to the Yucca Mountain licensing process. (Addresses Management Challenge #5) Inappropriate Handling of an Enforcement Action by Region III OIG conducted an investigation into several concerns about the handling of an enforcement action related to prohibited employment discrimination by Exelon Nuclear Generation Company, an NRC licensee. It was alleged that (1) NRC erred in settling the enforcement action in that the action violated NRC’s enforcement policy, (2) NRC ignored findings that an Exelon manager deliberately discriminated against an employee for engaging in protected activity, and (3) NRC conducted closed meetings with Exelon to discuss a settlement of NRC’s enforcement action without the knowledge of the employee’s attorney and contrary to promises made by NRC. As a result of the investigation, OIG determined that because the licensee admitted violating NRC regulations pertaining to prohibited employment discrimination, NRC exercised enforcement discretion and settled the matter prior to holding an enforcement conference. OIG learned that while settlement of an enforcement action prior to holding an enforcement conference is unusual, this action was coordinated with NRC’s Office of the General Counsel and the Office of the Executive Director for Operations. Additionally, OIG found that the settlement did not violate NRC’s enforcement policy, because the enforcement policy is silent regarding the timing of negotiated settlements. OIG also found that the Exelon employee’s attorney was not excluded by NRC staff from participating in NRC enforcement proceedings because no formal enforcement meetings took place. In addition, OIG found that on October 3, 2002, NRC issued a Confirmatory Order to Exelon which confirmed the licensee’s commitment to train its managers at all Exelon plants concerning NRC requirements related to maintaining a safety work environment. Fraud by NVT Involving NRC Custodial Contract OIG conducted an investigation into information provided by a former Nguyen Van Thanh Technologies (NVT) employee alleging that NVT failed to meet several contract requirements involving preventive maintenance. NVT had a 5-year building maintenance contract with NRC in the amount of $5 million. As a result of the investigation, OIG found that the NVT project manager for the NRC contract instructed the former NVT employee to falsify entries in generator and fire pump log books for the emergency lighting and fire sprinkler systems at NRC headquarters buildings between February 2000 and January 2001. These entries made it appear that this safety equipment was tested, as required by the NRC contract, when in fact such testing had not occurred. In March 2002, the project manager for NVT and the corporation were indicted by a Federal Grand Jury in the Southern District of Maryland on 12 counts of violation of Title 18 United States Code (USC), Section 1001, False Statements, and 18 USC, Section 2, Aiding and Abetting. The indictments against the NVT project manager and NVT were subsequently dismissed in lieu of a civil settlement by the U.S. Attorney’s office.
Investigative StatisticsSource of Allegations — October 1, 2002, through March 31, 2003
Disposition of Allegations — October 1, 2002, through March 31, 2003
Status of Investigations
Summary of Investigations
Other ActivitiesRegulatory ReviewPursuant to the Inspector General Act, 5 U.S.C. App. 3, Section 4(a)(2), OIG reviews existing and proposed legislation, regulations, management directives, and policy issues and makes recommendations as appropriate concerning their impact on the economy and efficiency of agency programs and operations. NRC agency directives requiring submission of all draft legislation, regulations, and policies to OIG facilitates this statutory review. The review encompasses issues raised in OIG investigations, audits, and prior regulatory commentaries. In examining submitted documents reflecting regulatory, statutory, and policy actions, the regulatory review program’s main objective is to examine agency actions to assist in the elimination of fraud, waste, and abuse within the agency. In addition, comments are also used to address issues related to preserving OIG’s independence and integrity under the office’s statutory precept. Comments are made through formal memoranda as well as during meetings and discussions. As stated in the objectives section of Management Directive (MD) 1.1, the purpose of the NRC Management Directive System is to effectively communicate policies, objectives, responsibilities, authorities, requirements, guidance, and information to NRC employees. Specific direction is a critical element in avoiding fraud and abuse in agency programs and operations. Therefore, the NRC OIG expends significant effort in reviewing and commenting on management directives. From October 1, 2002, through March 31, 2003, OIG reviewed about 200 agency documents, including approximately 100 Commission papers (SECYs) and 75 Federal Register Notices, regulatory actions, and statutes. During this period, several comments focused on management and process issues reflected in draft management directives. Other significant comments related to recent changes and emphasis within agency security functions. The most significant commentaries are summarized below. Comments provided for MD 8.17, “Licensee’s Complaint Against NRC Employees,” emphasized the requirement that all instances of misconduct must be promptly reported to the Inspector General. Advice provided after review of draft MD 8.18, “NRC Generic Communications Program,” conveyed the importance of having all relevant direction contained in a single reference. In this case, OIG recommended that a copy of the Committee to Review Generic Requirements Charter be included in the directive. Remarks provided for MD 4.8, “Performance Measurement,” related that greater specificity was needed. In addition, the need for consistency among the regional offices was discussed. Similarly, the OIG provided specific guidance as to areas requiring additional clarification and expansion. MD 11.1, “Acquisition of Supplies and Services,” was recently revised. OIG comments included suggestions for additional direction on contract audit procedures. Significant and new initiatives in the area of security were the subject of two comments. The agency drafted a comprehensive statement on “Information Systems Security Incident Response Processing” to identify critical positions and their responsibilities and to formalize processes to be employed when security incidents occur. OIG comments provided additional information and guidance as to reference sources for additional contacts within the Federal Government and suggested inclusion of the OIG Duty Agent in the contact structure. Also in the security area, OIG commented on revision to MD 12.2, “NRC Classified Security Program.” In this instance, OIG and agency managers worked together to clarify the classification and delegation authority of individuals identified in the directive. NRC OIG Strategic PlanThe NRC OIG is currently updating its strategic plan. As part of the update process, OIG identified the strategic challenges facing NRC. To identify these strategic challenges, OIG considered information provided during the office’s annual planning conferences, the Inspector General’s updated assessment of the most serious management challenges facing the NRC, the NRC Chairman’s parallel effort to identify the agency’s management challenges, and recent work completed by OIG’s audit and investigative units. The strategic plan will serve to strengthen the office by establishing a shared set of expectations regarding what we expect to achieve and the strategies that we will use to do so. We will adjust the plan as circumstances necessitate and will use it to develop our annual plan and budget submission, report on progress in our semiannual reports, and hold our managers and staff accountable for achieving the goals and outcomes. In a “best case” scenario, we would identify the major risks confronting the NRC and focus all of our resources on mitigating them. The reality, however, is that a considerable percentage of OIG resources are devoted to required activities such as auditing the NRC financial statements, responding to potential wrongdoing by conducting investigations, and responding to information requests from the NRC, Congress, and the public. As a result, the level of resources that OIG can devote to key priorities is constrained. The OIG has shaped a strategic plan that aligns itself with NRC’s mission and strategic goals. We have identified major challenges and risk areas facing the NRC and are developing strategic goals based on that analysis. As a result of this alignment, audit and investigative resources will focus on adding value to NRC technical and administrative programs. This will be done by identifying opportunities for improvement in the agency and conducting activities to prevent and detect fraud, waste, mismanagement, and inefficiency in NRC programs and operations. The work of OIG auditors and investigators support and complement each other in the pursuit of these objectives. PCIE/ECIE Award of Excellence for Administrative SupportAlicia Penaherrera, Administrative Assistant for the NRC OIG, was a recipient of the first President’s Council on Integrity & Efficiency/Executive Council on Integrity & Efficiency (PCIE/ECIE) Award of Excellence for Administrative Support. In her role as Administrative Assistant for OIG, Ms. Penaherrera provides comprehensive oversight of every aspect of the office administrative program. She thoroughly and completely provides a sought-for consistency and reliability in both generic and complex administrative procedures. Ms. Penaherrera creatively seeks solutions to emerging administrative difficulties and issues. She is always ready to step in and assist in the preparation of office critical reports, despite her extensive day-to-day responsibilities. She is recognized as a mainstay in the effective operation of the OIG. Without exception, she completes her varied assignments professionally, effectively, and efficiently. In her frequent role as the voice of the OIG, she displays a tone of competence and genuine interest to those who interact with the OIG, thereby promoting a positive, professional image for the office. The award, which consisted of a special plaque with a citation, was presented at the annual PCIE/ECIE Annual Awards Ceremony on October 30, 2002. The citation read, “For exceptional support and oversight of all administrative and clerical responsibilities in the Office of the Inspector General.”
AppendicesAudit Listings
AUDIT TABLESDuring this reporting period, OIG analyzed seven contract audit reports issued by the DCAA. Table I – Post-Award Findings
Table II – Pre-Award Findings
Abbreviations
Reporting Requirements IndexThe Inspector General Act of 1978, as amended (1988), specifies reporting requirements for semiannual reports. This index cross-references those requirements to the applicable pages where they are fulfilled in this report.
|
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
Privacy Policy |
Site Disclaimer |
Total:
150