ML21300A236

From kanterella
Jump to navigation Jump to search
OIG Fy 2022 Annual Plan for Dnfsb Dated October 27th, 2021
ML21300A236
Person / Time
Issue date: 10/27/2021
From:
NRC/OIG, OIG Watch
To:
References
Download: ML21300A236 (30)
v  d  e


Text

Office of the Inspector General Defense Nuclear Facilities Safety Board Annual Plan Fiscal Year 2022

FOREWORD I am pleased to present the Office of the Inspector Generals (OIGs) Fiscal Year (FY) 2022 Annual Plan for the Defense Nuclear Facilities Safety Board (DNFSB). The Annual Plan provides the audit and investigative strategies and associated summaries of the specific work planned for the coming year. In addition, it sets forth the OIGs formal strategy for identifying priority issues and managing its workload and resources for FY 2022.

Congress created the DNFSB in September 1988 as an independent Executive Branch agency to identify the nature and consequences of potential threats to public health and safety at the U.S. Department of Energys (DOE) defense nuclear facilities, elevate those issues to the highest levels of authority, and inform the public. The DNFSB strives to protect public health and safety by ensuring implementation of safety standards at the DOEs defense nuclear facilities; conducting in-depth reviews of new DOE defense facilities during design and construction to ensure the early integration of safety into the plan; and providing oversight to prevent an accidental detonation of a nuclear weapon during the evaluation, maintenance, or dismantling process.

The OIG prepared this Annual Plan to align with the OIGs Strategic Plan for FYs 2019-2023, which is based, in part, on an assessment of the strategic challenges facing the DNFSB. The Strategic Plan identifies the OIGs priorities and establishes a shared set of expectations regarding the goals we expect to achieve and the strategies we will employ over that timeframe. The OIG based this Annual Plan on the foundation of the Strategic Plan and the Inspector Generals Assessment of the Most Serious Management and Performance Challenges Facing the Defense Nuclear Facilities Safety Board in Fiscal Year 2022. In developing this Annual Plan, the OIG sought input from Congress, DNFSB board members, and DNFSB staff at headquarters and DOE sites that have defense nuclear facilities.

We have programmed all available resources to address the matters identified in this plan.

This approach maximizes the use of our resources. However, it is sometimes necessary to modify this plan as circumstances, priorities, or resources warrant in response to a changing environment.

Robert J. Feitel Inspector General Robert J. Feitel NRC and DNFSB Inspector General Robert J. Feitel Digitally signed by Robert J. Feitel Date: 2021.10.27 11:26:56 -04'00'

TABLE OF CONTENTS MISSION AND AUTHORITY................................................................................................. 1 PLANNING STRATEGY........................................................................................................ 2 AUDIT AND INVESTIGATION DNFSB OVERVIEW............................................................. 2 AUDIT STRATEGY............................................................................................................... 3 INVESTIGATION STRATEGY.............................................................................................. 3 PERFORMANCE MEASURES............................................................................................. 5 OPERATIONAL PROCESSES............................................................................................. 6 AUDITS...................................................................................................................... 6 INVESTIGATIONS..................................................................................................... 8 HOTLINE.................................................................................................................... 9 APPENDICES A. AUDITS PLANNED FOR FY 2022 Audit of the DNFSBs Fiscal Year 2021 Financial Statements and Improper Payments................................................................................................. A-1 Independent Evaluation of the DNFSBs Implementation of the Federal Information Security Modernization Act of 2014 for FY 2021..................... A-2 Audit of the DNFSBs Compliance with Standards Established by the Digital Accountability and Transparency Act of 2014.............................................. A-3 Audit of the DNFSBs FY 2022 Financial Statements and Improper Payments................................................................................................. A-4 Independent Evaluation of the DNFSBs Implementation of the Federal Information Security Modernization Act of 2014 for FY 2022..................... A-5 Audit of the DNFSBs Internal Control Program...................................................... A-6 Audit of the DNFSBs Records Management Program........................................... A-7 Audit of the DNFSBs Equal Employment Opportunity Program............................. A-8 Audit of the DNFSBs Process for Planning and Implementing Oversight Activities.................................................................................................. A-9 B. INVESTIGATIONS - PRIORITIES, OBJECTIVES, AND INITIATIVES FOR FY 2022 C. ISSUE AREAS AND DESIGNATED ISSUE AREA MONITORS D. ABBREVIATIONS AND ACRONYMS

1 MISSION AND AUTHORITY Congress established the Nuclear Regulatory Commission (NRC) OIG on April 15, 1989, under the Inspector General Act amendments in Public Law 100-504. In addition, the Consolidated Appropriations Act of 2014, provided that notwithstanding any other provision of law, the NRC Inspector General (IG) is authorized in 2014 and subsequent years to exercise the same authorities concerning the DNFSB, as determined by the NRC IG, as the IG exercises under the Inspector General Act of 1978 (5 U.S.C. App.) for the NRC.

The OIGs mission is to provide independent, objective audit and investigative oversight of NRC and DNFSB operations to protect people and the environment. In furtherance of the execution of this mission and of particular importance to the OIGs annual plan development, the IG summarized what he considers to be the most serious management and performance challenges facing the DNFSB and assessed the DNFSBs progress in addressing those challenges. In its latest annual assessment (October 2021), the IG identified the following as the most serious management and performance challenges facing the DNFSB:0F1

1. Managing a productive organizational culture and climate;
2. Ensuring the safe and effective acquisition and management of mission-specific infrastructure, including cyber, physical and personnel security, and data;
3. Ensuring a systematic safety focus in the DNFSBs technical oversight and reviews;
4. Using the COVID-19 lessons learned to strengthen the DNFSBs readiness to respond to future mission-affecting disruptions; and,
5. Managing the DNFSBs efforts to elevate its visibility and influence and to assess and improve its relationship with the DOE.

Through its Issue Area Monitor (IAM) program, the OIG staff members monitor the DNFSBs performance on these management and performance challenges. These challenges help inform decisions concerning which audits and evaluations to conduct each fiscal year.

1The OIG has not ranked these challenges in any order of importance.

2 PLANNING STRATEGY The FY 2022 Annual Plan is based, in part, on knowledge gained through the OIG audit and investigative activities. These activities pertain to the DNFSB and its operations, work conducted under the IAM program, and the Inspector Generals assessment of the most serious management and performance challenges facing the DNFSB.

AUDIT AND INVESTIGATION DNFSB OVERVIEW Congress established the DNFSB, an independent executive branch agency, in September 1988. The DNFSB is charged with providing technical safety oversight of the DOEs defense nuclear facilities and activities to provide adequate protection of the health and safety of the public and workers. Its mission is to provide independent analysis, advice, and recommendations to the Secretary of Energy to advise the Secretary, as operator and regulator of DOEs defense nuclear facilities, about adequate protection of public health and safety at these facilities.

When fully staffed, the DNFSBs board is composed of five presidentially appointed, Senate-confirmed members who are required by law to be respected experts in the field of nuclear safety with a demonstrated competence and knowledge relevant to its independent investigative and oversight functions. Most of the DNFSBs approximate 100 full-time equivalents (FTEs) work at its Washington, DC, headquarters. The Board requested $31,000,000 and 115 FTEs to carry out its mission in FY 2022. There is no change from the agencys FY 2021 appropriation level of $31,000,000.

The DNFSBs enabling statute assigns specific functions to the agency for accomplishing its safety oversight mission, including to:

  • Review and evaluate the content and implementation of standards relating to the design, construction, operation, and decommissioning of DOE defense nuclear facilities at each facility and recommend to the Secretary of Energy specific measures needed to ensure that public health and safety are adequately protected;
  • Investigate any event or practice at a DOE defense nuclear facility the DNFSB determines has adversely affected or may adversely affect public health and safety;
  • Review the design of new DOE defense nuclear facilities before construction begins and recommend modifications of the design deemed necessary to ensure public health and safety; and,
  • Make recommendations to the Secretary of Energy pertaining to the operation, standards, and research needs pertaining to DOE defense nuclear facilities that the DNFSB deems necessary to ensure public health and safety.

In making its recommendations, the DNFSB shall consider and specifically

3 assess risk and the technical and economic feasibility of implementing the recommended measures.

The OIG derives audit and investigation oversight responsibilities from the DNFSBs array of programs, functions, and support activities established to accomplish its mission.

AUDIT STRATEGY Effective audit planning requires current knowledge about the DNFSBs mission, and the programs and activities used to carry out that mission. Accordingly, the OIG continually monitors specific issue areas to strengthen its internal coordination and overall planning process. Under the offices IAM program, staff designated as issue area monitors keep abreast of major DNFSB programs and activities. The broad IAM areas address information management, nuclear safety, and corporate management. Appendix A provides an overview of the audits planned for FY 2022, and Appendix C contains a list of the assigned staff and the issue areas for which they are responsible.

The audit planning process yields audit assignments that identify opportunities for increased efficiency, economy, and effectiveness in DNFSB programs and operations; detect and prevent fraud, waste, abuse, and mismanagement; improve program and security activities at headquarters and site locations; and respond to emerging circumstances and priorities. The OIG bases priority for conducting audits on:

  • Mandatory legislative requirements;
  • Critical agency risk areas;
  • Emphasis by the President, Congress, Board Chairman, or other Board members;
  • A programs susceptibility to fraud, manipulation, or other irregularities;
  • Dollar magnitude for resources involved in the proposed audit area;
  • Newness, changed conditions, or sensitivity of an organization, program, function, or activities;
  • Prior audit experience, including the adequacy of internal controls; and,
  • Availability of audit resources.

INVESTIGATION STRATEGY OIG Investigations strategies and initiatives add value to DNFSB programs and operations by identifying and investigating allegations of fraud, waste, abuse, and mismanagement leading to criminal, civil, and administrative penalties, and recoveries. By focusing on results, the OIG has designed specific performance

4 targets concentrating on effectiveness. Because the DNFSBs mission is to protect public health and safety, the primary investigative concentration involves alleged DNFSB misconduct or inappropriate actions that could adversely impact health and safety. These investigations typically include allegations of:

  • Misconduct by high-ranking DNFSB officials and other DNFSB officials, such as managers and inspectors, whose positions directly impact public health and safety;
  • Failure by the DNFSBs management to ensure that health and safety matters are appropriately addressed;
  • Conflict of interest and ethics violations; and,
  • Indication of management or supervisory retaliation or reprisal.

The OIG will also implement initiatives designed to monitor specific high-risk areas within the DNFSBs corporate management that are most vulnerable to fraud, waste, abuse, and mismanagement. A significant focus will be on emerging information technology and national security issues that could negatively impact the security and integrity of DNFSB data and operations. The OIG is committed to improving the security of the constantly changing electronic business environment by investigating unauthorized intrusions and computer-related fraud and by conducting computer forensic examinations. Other proactive initiatives will focus on determining instances of procurement fraud, theft of property, insider threats, and government travel charge card and government purchase card misuse and abuse.

The OIG will meet with the DNFSBs internal and external stakeholders to identify systemic issues or vulnerabilities as part of these proactive initiatives. This approach will allow the identification of potential vulnerabilities and an opportunity to improve agency performance, as warranted.

OIG personnel will routinely interact with public interest groups, individual citizens, industry workers, and DNFSB staff to identify possible lapses in the DNFSBs oversight that could impact public health and safety. The OIG will also conduct proactive initiatives and reviews into areas of current or future regulatory safety or security interest to identify emerging issues or address ongoing concerns regarding the quality of the DNFSBs oversight.

Appendix B provides investigation priorities, objectives, and initiatives for FY 2022.

Specific investigations are not included in the plan because investigations are primarily responsive to reported violations of law and misconduct by DNFSB employees and contractors, as well as allegations of irregularities or abuse in the DNFSBs programs and operations.

5 PERFORMANCE MEASURES For FY 2022, the OIG will use several key performance measures and targets for gauging the relevance and impact of our audit and investigative work. The OIG calculates these measures relative to each of its strategic goals to determine how well it is accomplishing its objectives. The performance measures are:

  • Percentage of OIG audit products and activities that cause the agency to take corrective action to improve agency safety, security, or corporate management programs; ratify adherence to agency policies, procedures, or requirements; or identify actual dollar savings or reduced regulatory burden (i.e., high impact);
  • Percentage of audit recommendations agreed to by the agency;
  • Percentage of final agency actions taken within 2 years on audit recommendations;
  • Percentage of OIG investigative products and activities that identify opportunities for improvements to agency safety, security, or corporate management programs; ratify adherence to policies/procedures; or confirm or disprove allegations of wrongdoing (e.g., high impact);
  • Percentage of agency actions taken in response to investigative reports;
and,
  • Percentage of cases completed within 18 months.

6 OPERATIONAL PROCESSES The following sections detail the approach used to carry out the audit and investigative responsibilities previously discussed.

AUDITS The OIGs audit process comprises the steps taken to conduct audits and involves specific actions, ranging from annual audit planning to audit follow-up activities. The underlying goal of the audit process is to maintain an open channel of communication between the auditors and DNFSB officials to ensure audit findings are accurate and fairly presented in the audit report. The OIG performs the following types of audits:

  • Performance audits focus on the DNFSBs administrative and program operations and evaluate the effectiveness and efficiency with which managerial responsibilities are carried out, including whether the programs achieve intended results;
  • Financial audits, including the financial statement audit required by the Chief Financial Officers Act, the Government Management and Reform Act, and U.S. Office of Management and Budget (OMB) Bulletin 21-04, Audit Requirements for Federal Financial Statements, attest to the reasonableness of the DNFSBs financial statements and evaluate financial programs; and,
  • Contract audits evaluate the costs of goods and services procured by the DNFSB from commercial enterprises.

The audit process comprises the following steps:

1. Audit Planning - Each year, the OIG solicits suggestions from Congress, DNFSB management, external parties, and OIG staff. It develops this Annual Plan and distributes it to interested parties. In addition, it lists the audits planned to be initiated during the fiscal year and their general objectives, depending on the availability of resources. Thus, the annual audit plan is a living document that the office may revise as circumstances warrant, with a subsequent redistribution of staff resources;
2. Audit Notification - The OIG formally notifies the office responsible for a specific program, activity, or function of its intent to begin an audit of that program, activity, or function;
3. Entrance Conference - The OIG meets with DNFSB officials to advise them of the objective(s) and scope of the audit and the general audit methodology it will follow;
4. Survey - The OIG conducts exploratory work before the more detailed audit work commences to:

7

  • Gather data for refining audit objectives, as appropriate;
  • Document internal control systems;
  • Become familiar with the activities, programs, and processes to be audited; and,
  • Identify areas of concern to management.

After the survey phase, the audit team will recommend to the Assistant Inspector General for Audits (AIGA) a go or no go decision regarding the verification phase. If the audit team recommends a no go and the AIGA approves it, the office does not continue any work on the audit;

5. Audit Fieldwork - The audit team performs a comprehensive review of selected areas of a program, activity, or function using an audit program explicitly developed to address the audit objectives;
6. End of Fieldwork Briefing with Agency - After audit fieldwork, the audit team discusses its tentative report findings and recommendations with the auditee;
7. Discussion Draft Report - The OIG provides a discussion draft copy of the report to DNFSB management in preparation for the exit conference;
8. Exit Conference - The OIG meets with the appropriate DNFSB officials to discuss the discussion draft report to provide DNFSB management the opportunity to confirm information, ask questions, and provide any necessary clarifying data;
9. Final Draft Report - If DNFSB management requests one during the exit conference, the OIG provides a final draft copy of the report that includes comments or revisions from the exit conference to obtain formal written comments;
10. Final Audit Report - The final report includes, as necessary, any revisions to the facts, conclusions, and recommendations of the draft report discussed in the exit conference or generated in writing;
11. Response to Report Recommendations - Offices that are responsible for the specific program or process audited provide a written response on each recommendation (usually within 30 days) contained in the final report.

DNFSB managements responses indicate agreement or disagreement with the recommended action. For agreement, DNFSB management provides corrective actions taken or planned and actual or target dates for completion. For disagreement, DNFSB management provides reasons for disagreement and any alternative proposals for corrective action;

12. Impasse Resolution - If the response by the action office to a recommendation is unsatisfactory, the OIG may determine that intervention at a higher level is required; and,
13. Audit Follow-up and Closure - This process ensures that management implements recommendations the OIG makes.

8 INVESTIGATIONS The OIGs investigative process typically begins with receiving an allegation of fraud, mismanagement, or misconduct. Because our office must decide to initiate an investigation within a few days of each referral, the OIG does not schedule specific investigations in its annual investigative plan.

The OIG opens investigations following investigative priorities and considering prosecutorial guidelines established by the local U.S. Attorneys for the U.S.

Department of Justice (DOJ). In addition, the Council of the Inspectors General on Integrity and Efficiency Quality Standards for Investigations, the OIG Special Agent Handbook, and various guidance provided periodically by the DOJ govern the OIGs investigations.

Only four individuals in the OIG can authorize opening an investigative case: the IG, the Deputy IG, the Assistant IG for Investigations (AIGI), and the Special Agent in Charge. Every allegation received by the OIG is given a unique identification number and entered into a database. Some allegations result in investigations, while the OIG retains others as the basis for audits, refers them to DNFSB management, or, if appropriate, directs them to another law enforcement agency.

When the OIG opens an investigation, the office assigns it to a special agent who prepares a plan of investigation. This planning process includes reviewing the criminal and civil statutes, program regulations, and applicable agency policies. The special agent then conducts the investigation and uses a variety of investigative techniques to ensure completion.

In cases when the special agent determines that someone may have committed a crime, he or she will discuss the investigation with a federal or local prosecutor to determine if the office will pursue a prosecution. In cases when a prosecuting attorney decides to proceed with a criminal or civil prosecution, the special agent assists the attorney in any preparation for court proceedings that may be required.

For investigations that do not result in a prosecution but are handled administratively by the agency, the special agent prepares an investigative report summarizing the facts disclosed during the investigation. The OIG distributes the investigative report to agency officials who need to know the results of the investigation. For investigative reports provided to agency officials regarding substantiated administrative misconduct, the OIG requires a response within 120 days regarding any potential action taken due to the investigative findings. For all other investigative products, such as referrals of allegations and findings requiring a review of agency processes and procedures, the OIG requires a 90-day response unless an alternative deadline is set.

The OIG summarizes the criminal and administrative action taken because of its investigations and includes this data in its Semiannual Report to Congress.

9 HOTLINE The OIG Hotline Program provides DNFSB employees, contract employees, and the public with a confidential means of reporting to the OIG instances of fraud, waste, abuse, and mismanagement relating to Board programs and operations.

Please

Contact:

E-mail:

Online Form Telephone: 1-800-233-3497 TDD 1-800-201-7165, or 7-1-1 Address:

U.S. Nuclear Regulatory Commission Office of the Inspector General Hotline Program Mail Stop O5-E13 11555 Rockville Pike Rockville, MD 20852

APPENDIX A AUDITS PLANNED FOR FY 2022

A-1 Audit of the DNFSBs Fiscal Year 2021 Financial Statements and Improper Payments DESCRIPTION AND JUSTIFICATION: The Chief Financial Officers Act, the Government Management and Reform Act, and U.S. Office of Management and Budget (OMB) Bulletin 21-04, Audit Requirements for Federal Financial Statements, require that the OIG audits the DNFSBs financial statements.

The Payment Integrity Information Act (PIIA) requires each agency to estimate its improper payments annually. In addition, the PIIA requires federal agencies to periodically review all programs and activities that the agency administers and identify all programs and activities that may be susceptible to significant improper payments.

OBJECTIVES: The audit objectives are to:

  • Express opinions on the agencys financial statements and internal controls;
  • Review compliance with applicable laws and regulations;
  • Review controls in the DNFSBs computer systems that are significant to the financial statements; and,
  • Assess the DNFSBs compliance with the PIIA and report any material weaknesses in internal control.

SCHEDULE: Initiated in the third quarter of FY 2021.

STRATEGIC GOAL 3: Corporate ManagementIncrease the economy, efficiency, and effectiveness with which the DNFSB manages and exercises stewardship over its resources.

STRATEGY 3-1: Identify areas of corporate management risk within the DNFSB and conduct audits and/or investigations that lead to DNFSB program improvements.

MANAGEMENT CHALLENGE 2: Ensuring the safe and effective acquisition and management of mission-specific infrastructure, including cyber, physical and personnel security, and data.

A-2 Independent Evaluation of the DNFSBs Implementation of the Federal Information Security Modernization Act of 2014 for FY 2021 DESCRIPTION AND JUSTIFICATION: Congress enacted the Federal Information Security Modernization Act (FISMA) in 2014. The FISMA outlines agencies information security management requirements, including an annual independent assessment by the agencys IG. The FISMA includes provisions, such as further developing minimum standards for agency systems to strengthen the federal governments information and information systems. The annual assessments provide agencies with the information needed to determine their overall security programs effectiveness and develop strategies and best practices for improving information security.

The FISMA provides the framework for securing the federal governments information technology, including unclassified and national security systems. All agencies must implement the requirements of the FISMA and report annually to the OMB and Congress on the effectiveness of their security programs.

OBJECTIVE: The evaluation objective is to conduct an independent assessment of the DNFSBs FISMA implementation for FY 2021.

SCHEDULE: Initiated in the third quarter of FY 2021.

STRATEGIC GOAL 2: SecurityStrengthen DNFSBs security efforts in response to an evolving threat environment.

STRATEGY 2.1: Identify risks in maintaining a secure infrastructure (i.e., facility, personnel, and cyber security), and conduct audits and/or investigations that lead to DNFSB improvements.

MANAGEMENT CHALLENGE 2: Ensuring the safe and effective acquisition and management of mission-specific infrastructure, including cyber, physical and personnel security, and data.

A-3 Audit of the DNFSBs Compliance with Standards Established by the Digital Accountability and Transparency Act of 2014 DESCRIPTION AND JUSTIFICATION: The Digital Accountability and Transparency Act of 2014 (DATA Act) requires federal agencies to report financial and payment data following data standards established by the Department of Treasury and the OMB. A public website displays the data reported. In addition, the DATA Act requires IGs to review the data submitted by the agency under the act and report to Congress on the completeness, timeliness, quality, and accuracy of this information.

Under the act, the OIG issued audit reports in November 2017 and November 2019, and plans to publish the next audit in 2021. This audit pertains to the review of data sampled for FY 2021 and is due November 8, 2021.

OBJECTIVES: The audit objectives are to review the first quarter data submitted by the DNFSB under the DATA Act and determine its completeness, timeliness, accuracy, and quality, and to assess the implementation of the governing standards by the agency.

SCHEDULE: Initiated in the third quarter of FY 2021.

STRATEGIC GOAL 3: Corporate ManagementIncrease the economy, efficiency, and effectiveness with which the DNFSB manages and exercises stewardship over its resources.

STRATEGY 3-1: Identify areas of corporate management risk within the DNFSB and conduct audits and/or investigations that lead to DNFSB program improvements.

MANAGEMENT CHALLENGE 2: Ensuring the safe and effective acquisition and management of mission-specific infrastructure, including cyber, physical and personnel security, and data.

A-4 Audit of the DNFSBs FY 2022 Financial Statements and Improper Payments DESCRIPTION AND JUSTIFICATION: The Chief Financial Officers Act, the Government Management and Reform Act, and U.S. Office of Management and Budget (OMB) Bulletin 21-04, Audit Requirements for Federal Financial Statements, require that the OIG audit the DNFSB's financial statements.

The PIIA requires each agency to estimate its improper payments annually. In addition, the PIIA requires federal agencies to periodically review all programs and activities that the agency administers and identify all programs and activities that may be susceptible to significant improper payments.

OBJECTIVES: The audit objectives are to:

  • Express opinions on the agencys financial statements and internal controls;
  • Review compliance with applicable laws and regulations;
  • Review controls in the DNFSBs computer systems that are significant to the financial statements; and,
  • Assess the DNFSBs compliance with the PIIA and report any material weaknesses in internal control.

SCHEDULE: Initiate in the second quarter of FY 2022.

STRATEGIC GOAL 3: Corporate ManagementIncrease the economy, efficiency, and effectiveness with which the DNFSB manages and exercises stewardship over its resources.

STRATEGY 3-1: Identify areas of corporate management risk within the DNFSB and conduct audits and/or investigations that lead to DNFSB program improvements.

MANAGEMENT CHALLENGE 2: Ensuring the safe and effective acquisition and management of mission-specific infrastructure, including cyber, physical and personnel security, and data.

A-5 Independent Evaluation of the DNFSBs Implementation of the Federal Information Security Modernization Act of 2014 for FY 2022 DESCRIPTION AND JUSTIFICATION: The FISMA of 2014 outlines agencies information security management requirements, including an annual independent assessment by the agencys IG. The FISMA includes provisions, such as developing minimum standards for agency systems further, to strengthen the federal governments information and information systems. The annual assessments provide agencies with the information needed to determine security programs overall effectiveness and develop strategies and best practices for improving information security.

The FISMA provides the framework for securing the federal governments information technology, including unclassified and national security systems. All agencies must implement the requirements of the FISMA and report annually to the OMB and Congress on the effectiveness of their security programs.

OBJECTIVE: The evaluation objective is to conduct an independent assessment of the DNFSBs FISMA implementation for FY 2022.

SCHEDULE: Initiate in the second quarter of FY 2022.

STRATEGIC GOAL 3: Corporate ManagementIncrease the economy, efficiency, and effectiveness with which the DNFSB manages and exercises stewardship over its resources.

STRATEGY 3-1: Identify areas of corporate management risk within the DNFSB and conduct audits and/or investigations that lead to DNFSB program improvements.

MANAGEMENT CHALLENGE 2: Ensuring the safe and effective acquisition and management of mission-specific infrastructure, including cyber, physical and personnel security, and data.

A-6 Audit of the DNFSBs Internal Control Program DESCRIPTION AND JUSTIFICATION: The DNFSBs Directive 22-1 states that the DNFSBs Internal Control Program is to establish and maintain cost-effective internal controls, in part, to ensure programs achieve their intended results and that the board uses resources consistent with its mission. The DNFSBs Internal Control Program Operating Procedures require a formal assessment of significant work processes periodically. The board may assess additional specific work processes as determined by the Executive Committee on Internal Control based on the following factors considered cumulatively:

  • Risk assessment;
  • Frequency;
  • Results of previous internal control program assessments;
  • Results of external audits; and,
  • Cost versus benefit.

OBJECTIVE: The audit objective is to determine whether the DNFSB consistently adheres to federal and agency guidance and processes when reviewing formal internal control assessments.

SCHEDULE: Initiate in the fourth quarter of FY 2022.

STRATEGIC GOAL 3: Corporate ManagementIncrease the economy, efficiency, and effectiveness with which the DNFSB manages and exercises stewardship over its resources.

STRATEGY 3-1: Identify areas of corporate management risk within the DNFSB and conduct audits and/or investigations that lead to DNFSB program improvements.

MANAGEMENT CHALLENGE 2: Ensuring the safe and effective acquisition and management of mission-specific infrastructure, including cyber, physical and personnel security, and data.

A-7 Audit of the DNFSBs Records Management Program DESCRIPTION AND JUSTIFICATION: DNFSB Directive Number D-421.1, Records Management Program, establishes policy and assigns responsibilities for the DNFSB Records Management (RM) Program. The DNFSB RM Program demonstrates that the DNFSB operates in accordance with (a) 42 U.S.C. § 2286 et seq., Enabling Statute of the Defense Nuclear Facilities Safety Board, other regulations, and guidance, and (b) documents DNFSBs organization, policies, procedures, and decisions.

Records created by the DNFSB are stored, maintained, and disposed of locally by the DNFSBs Offices of the General Counsel, General Manager, and Technical Director following the DNFSB records retention schedules. The statute requires that permanent email records are managed via the Capstone approach, and electronic records are fully managed in electronic format. Accordingly, as of December 31, 2019, the DNFSB must manage all permanent electronic records in an electronic format.

The DNFSB conducts business on official DNFSB information systems to ensure that any use of a non-DNFSB information system does not affect the preservation of federal records for federal records purposes or the ability to identify and process those records if requested under the Freedom of Information Act, Privacy Act, or for other official business.

OBJECTIVE: The audit objective is to determine whether the DNFSBs records management program is being managed efficiently and effectively.

SCHEDULE: Initiate in the second quarter of FY 2022.

STRATEGIC GOAL 3: Corporate ManagementIncrease the economy, efficiency, and effectiveness with which the DNFSB manages and exercises stewardship over its resources.

STRATEGY 3-1: Identify areas of corporate management risk within DNFSB and conduct audits and/or investigations that lead to DNFSB program improvements.

MANAGEMENT CHALLENGE 2: Ensuring the safe and effective acquisition and management of mission-specific infrastructure, including cyber, physical and personnel security, and data.

A-8 Audit of the DNFSBs Equal Employment Opportunity Program DESCRIPTION AND JUSTIFICATION: Equal employment opportunity (EEO),

diversity, and inclusion are at the heart of what makes an effective and productive workforce. On November 25, 2020, the DNFSB established an Equal Employment Opportunity Policy to provide equal opportunity in all personnel/employment programs, practices, and decisions, and to prohibit discrimination based on race, color, religion, sex (including pregnancy, gender identity, and sexual orientation),

national origin, age, disability, genetic information, marital status, veterans status, political affiliation, and reprisal for engaging in protected activity or other non-merit based factors.

The DNFSB adheres to 29 C.F.R. Part 1614, Federal Sector Equal Employment Opportunity, for processing EEO complaints filed with the DNFSB by individual employees or applicants for employment or any person intending to file a complaint on behalf of such individuals. Further, the DNFSBs Operating Procedure, OP-111.1-1, EEO Program, requires EEO counselors to meet minimum hours of EEO training.

The DNFSBs commitment to EEO, diversity, and inclusion is not only a legal obligation, but also a moral imperative (to treat others with respect and value the humanity of every person) and a business imperative (to attract and retain talent, to be innovative to enhance our workplace culture, and to deliver the best on behalf of the American people).

OBJECTIVE: The audit objective is to determine the efficiency and effectiveness of the DNFSBs Equal Employment Opportunity Program.

SCHEDULE: Initiate in the third quarter of FY 2022.

STRATEGIC GOAL 3: Corporate managementIncrease the economy, efficiency, and effectiveness with which the DNFSB manages and exercises stewardship over its resources.

STRATEGY 3-1: Identify areas of corporate management risk within the DNFSB and conduct audits and/or investigations that lead to DNFSB program improvements.

MANAGEMENT CHALLENGE 1: Managing a productive organizational culture and climate.

A-9 Audit of the DNFSBs Process for Planning and Implementing Oversight Activities DESCRIPTION AND JUSTIFICATION: The DNFSB routinely develops an annual plan to oversee the DOEs defense nuclear facilities. The DNFSB independently oversees the DOE using technical experts located at the agencys headquarters and resident inspectors situated at the various facilities throughout the country.

Together, this cadre of highly experienced and knowledgeable staff conducts inspections to determine if the DOE is operating facilities safely and according to established regulations.

The DNFSB has recently been experiencing attrition of technical staff. Thus, there is a growing concern that the decline of technical staff challenges the agencys ability to prioritize essential oversight duties effectively and efficiently. Additionally, the DOE recently issued DOE O 140.1, Interface with the Defense Nuclear Facilities Safety Board, emphasizing line management accountability and establishing precise requirements and responsibilities when working with the DNFSB. However, this order may impede the DNFSBs ability to perform oversight activities and coordinate with the DOE adequately. Together, these two concerns present potential challenges to the DNFSB regarding its ability to fulfill its mission effectively.

OBJECTIVE: The audit objective is to determine whether the DNFSBs planning and implementation of oversight activities are effective in helping the DNFSB accomplish its mission.

SCHEDULE: Initiated in the third quarter of FY 2021.

STRATEGIC GOAL 1: SafetyStrengthen the DNFSBs efforts to oversee the safe operation of DOE defense nuclear facilities.

STRATEGY 1-1: Identify risk areas associated with the DNFSBs oversight of DOE defense nuclear facilities and conduct audits and/or investigations that lead to improved DNFSB performance and communications.

MANAGEMENT CHALLENGE 3: Ensuring a systematic safety focus in the DNFSBs technical oversight and reviews.

APPENDIX B INVESTIGATIONS - PRIORITIES, OBJECTIVES, AND INITIATIVES FOR FY 2022

Investigations Appendix B B-1 INTRODUCTION The AIGI is responsible for developing and implementing an investigative program that furthers the OIGs objectives. The AIGIs primary responsibilities include investigating possible violations of criminal statutes relating to the DNFSBs programs and activities, investigating allegations of misconduct by DNFSB employees, interfacing with the DOJ on OIG-related criminal matters, and coordinating investigations and OIG initiatives with other federal, state, and local investigative agencies and other AIGIs.

Investigations cover various allegations concerning criminal wrongdoing or administrative misconduct affecting various DNFSB programs and operations.

Investigations may be initiated because of allegations or referrals from private citizens; DNFSB employees; Congress; other federal, state, and local law enforcement agencies; OIG Audits; the OIG Hotline; and proactive efforts directed at areas bearing a high potential for fraud, waste, abuse, and mismanagement.

The OIG developed this investigative plan to focus OIG investigative priorities and use available resources most effectively. It provides strategies and planned investigative work for FY 2022. As identified by the OIG, the most serious management and performance challenges facing the DNFSB were also considered in the development of this plan.

PRIORITIES The OIG estimates it will initiate approximately five investigations in FY 2022.

Reactive investigations into allegations of criminal and other wrongdoing will prioritize the OIGs use of available resources. Because the DNFSBs mission is to protect public health and safety, Investigations main concentration of effort and resources involve investigations of alleged DNFSB employee misconduct that could adversely impact matters related to public health and safety.

OBJECTIVES To facilitate the most effective and efficient use of limited resources, Investigations has established specific objectives aimed at preventing and detecting fraud, waste, abuse, and mismanagement as well as optimizing the DNFSBs effectiveness and efficiency. Investigations will focus its investigative efforts in areas that include possible violations of criminal statutes relating to the DNFSBs programs and operations and allegations of misconduct by DNFSB employees.

Investigations Appendix B B-2 INITIATIVES

  • Investigate allegations of misconduct by DNFSB employees and contractors under federal statutes, regulations, and management directives;
  • Investigate alleged violations of governmentwide ethics regulations posed by conflicts of interest;
  • Conduct fraud awareness briefings and information presentations to provide practical and implementable knowledge basis for DNFSB employees and external stakeholders that support anti-fraud activities;
  • Conduct activities to protect the DNFSBs IT infrastructure against internal and external computer intrusions by working in close coordination with DNFSB IT staff;
  • Attempt to detect possible wrongdoing perpetrated against the DNFSBs procurement and contracting program. This activity will include periodic meetings with DNFSB management officials, contract specialists, project managers, project officers, and other identified employees;
  • Proactive review of government travel charge card and the government purchase card programs to prevent, detect, and investigate alleged misuse and abuse; and,
  • Proactive attention focused on emerging issue areas that present potential future challenges for the DNFSB that may require OIG involvement.

The OIG Hotline

  • Promptly process complaints received via the OIG Hotline.
  • Initiate investigations when warranted and adequately dispose of allegations that do not warrant OIG investigation.

Freedom of Information Act (FOIA) and Privacy Act

  • OIG is an independent component within the DNFSB and responds to requests for records that are exclusively DNFSB OIG-related such as OIG inspections, audits, or investigations relating to the programs and operations of the DNFSB.
  • The General Counsel to the IG is the principal contact point within OIG for advice and policy guidance on matters pertaining to the administration of the FOIA. All requests are handled professionally and expeditiously.

Liaison Program Maintain close working relationships with the Intelligence Community (IC) and other law enforcement agencies, public interest groups, and Congress through periodic meetings with pertinent congressional staff, public interest groups, and appropriate IC and law enforcement organizations.

Investigations Appendix B B-3 ALLOCATION OF RESOURCES The Office of Investigations undertakes both proactive initiatives and reactive investigations. The office will use most available investigative resources for reactive investigations and allocate the balance to proactive investigative efforts, such as reviews of DNFSB contract files, examinations of DNFSB IT systems to identify weaknesses or misuse by agency employees, studies of delinquent government travel, and purchase card accounts.

APPENDIX C ISSUE AREAS AND DESIGNATED ISSUE AREA MONITORS

Issue Area Monitors Appendix C C-1 ISSUE AREAS AND DESIGNATED ISSUE AREA MONITORS DNFSB Corporate Support Functions Vicki Foster Tincy Thomas de Colón Megan Velasquez Angel Wang Jimmy Wong Connor McCune Karen Corado Financial Terri Cooper Felicia Silver Muhammad Arefin Curtis Brown William Chung George Gusack Shreedhar Kandel Information Technology Terri Cooper Jenny Cheung Muhammad Arefin Curtis Brown William Chung George Gusack Shreedhar Kandel DNFSB - Nuclear Materials (Safety and Security)

Regina Revinzon Tim Wilson Roxana Hartsock Janelle Wiggs Stephanie Dingbaum Julie Corwin John Thorp DNFSB - Nuclear Safety Regina Revinzon Tim Wilson Roxana Hartsock Janelle Wiggs Stephanie Dingbaum Julie Corwin John Thorp

APPENDIX D ABBREVIATIONS AND ACRONYMS

0BABBREVIATIONS AND ACRONYMS AIGA Assistant Inspector General for Audit AIGI Assistant Inspector General for Investigation DATA Act Digital Accountability and Transparency Act DOE U.S. Department of Energy DOJ U.S. Department of Justice DNFSB Defense Nuclear Facilities Safety Board EEO Equal Employment Opportunity FISMA Federal Information Security Modernization Act FOIA Freedom of Information Act FTE Full-time Equivalent FY Fiscal Year IAM Issue Area Monitor IC Intelligence Community IG Inspector General NRC U.S. Nuclear Regulatory Commission OIG Office of the Inspector General OMB Office of Management and Budget PIIA Payment Integrity Information Act RM Records Management U.S.C.

United States Code

Retrieved from "https://kanterella.com/w/index.php?title=ML21300A236&oldid=3806852"