ML24323A237
| ML24323A237 | |
| Person / Time | |
|---|---|
| Issue date: | 11/18/2024 |
| From: | Feitel R NRC/OIG |
| To: | |
| References | |
| Download: ML24323A237 (1) | |
Text
years years Promoting economy, efficiency, and effectiveness Semiannual Report to Congress April 1, 2024 September 30, 2024
VISION MISSION Find this document on our website:
nrcoig.oversight.gov.
Providing independent, objective audit, evaluation, and investigative oversight of the operations of the U.S. Nuclear Regulatory Commission and the Defense Nuclear Facilities Safety Board to protect people and the environment.
Advancing nuclear safety and security through audits, evaluations, and investigations.
On behalf of the Office of the Inspector General, U.S. Nuclear Regulatory Commission (NRC) and Defense Nuclear Facilities Safety Board (DNFSB), it is my pleasure to present this Semiannual Report to Congress, covering the period from April 1, 2024, to September 30, 2024. I continue to be grateful for the opportunity to lead this extraordinary group of managers, auditors, evaluators, investigators, and support staff, and I am extremely proud of their exceptional work.
This year, we continue to celebrate special milestones: 35 years as the NRC OIG and 10 years as the DNFSB OIG. Over the last 4 1/2 years, we have had a greater impact with our oversight due to our broader outreach through in-person plant and regional visits and engagement with the public, greater online presence, expanding personnel roster, information technology upgrades, and our state-of-the-art physical workspace. I, with my talented and dedicated OIG team, look forward to continuing this transformation with an eye on the horizon for opportunities to expand our reach.
During this reporting period, we issued 11 audit and evaluation reports, and recommended several ways to improve NRC and DNFSB safety, security, and corporate support programs. We also opened 18 NRC and DNFSB investigative cases and completed 26, 17 of which were referred to NRC and DNFSB management for action.
Our reports are intended to strengthen the NRCs and the DNFSBs oversight of their myriad endeavors and reflect the legislative mandate of the Inspector General Act, which is to identify and prevent fraud, waste, and abuse. The summaries herein showcase the variety of work our auditors and investigators have accomplished during this reporting period, dedicating their efforts to promoting the integrity, efficiency, and effectiveness of NRC and DNFSB programs and operations. I greatly appreciate their commitment to that mission.
Our success would not be possible without the collaborative efforts of my staff, the NRC, and the DNFSB to address OIG findings and implement corrective actions promptly. I thank both my staff and agency staff for their dedication, and I look forward to continued cooperation to ensure the integrity and efficiency of the agencies operations.
Robert J. Feitel Inspector General A Message from the Inspector General
Highlights......................................................................................................................................... 1 History, Mission, and Goals............................................................................................................ 3 Programs and Activities.................................................................................................................. 5 U.S. Nuclear Regulatory Commission Management Challenges and Audit, Evaluation, and Investigative Summaries......................................................................... 10 Defense Nuclear Facilities Safety Board Management Challenges and Audit, Evaluation, and Investigative Summaries.......................................................................... 31 Summary of Accomplishments..................................................................................................... 39 NRC and DNFSB Unimplemented Audit and Evaluation Recommendations............................. 47 Reporting Requirements............................................................................................................... 52 Peer Reviews................................................................................................................................. 53 Hotline Program.............................................................................................................. back cover Contents
1 Reports Recommendations Recommendations Issued Made Closed this period Audit topics covered in this report:
Audit of the U.S. Nuclear Regulatory Commissions Implementation of the Federal Information Security Modernization Act of 2014 for Fiscal Year 2024 (see page 12);
Audit of the U.S. Nuclear Regulatory Commissions Reactor Operator Licensing Examination Process (see page 12);
Evaluation of the U.S. Nuclear Regulatory Commissions Policies and Procedures for Emergency Evacuation of Disabled Personnel (see page 13);
Evaluation of the U.S. Nuclear Regulatory Commissions Use of Anti-gag Clauses in Nondisclosure Agreements (see page 14);
Audit of the U.S. Nuclear Regulatory Commissions Contract Management of Information Technology Services (see page 14);
Evaluation of the U.S. Nuclear Regulatory Commissions Information Technology Asset Management (see page 15);
Performance Audit of the U.S. Nuclear Regulatory Commissions Compliance with the Payment Integrity Information Act of 2019 for Fiscal Year 2023 (see page 16); and, Audit of the U.S. Nuclear Regulatory Commissions Safety Inspections of Class II Research and Test Reactors (see page 17).
Audits and Evaluations Highlights Reports Recommendations Recommendations Issued Made Closed this period Audit topics covered in this report:
Audit of the Defense Nuclear Facilities Safety Boards Implementation of the Federal Information Security Modernization Act of 2014 for Fiscal Year 2024 (see page 33);
Audit of the Defense Nuclear Facilities Safety Boards Freedom of Information Act Program (see page 33); and, Performance Audit of the Defense Nuclear Facilities Safety Boards Compliance with the Payment Integrity Information Act of 2019 for Fiscal Year 2023 (see page 34).
2 Investigations covered in this report:
Changes to San Onofre Nuclear Generating Station Site Characteristics (see page 21);
Special Inquiry into the Appearance of a Conflict of Interest Involving Members of the Advisory Committee on the Medical Uses of Isotopes (see page 22);
The U.S. Nuclear Regulatory Commission Inappropriately Approved a Certificate of Compliance for Radioactive Material Packages (see page 23);
Allegation Regarding the U.S. Nuclear Regulatory Commissions Oversight of Material Control and Accounting for Fuel Facilities (see page 26);
The U.S. Nuclear Regulatory Commissions Failure to Exercise Oversight of Agreement State Licensees with Special Nuclear Material of Low Strategic Significance (see page 28); and, Violation of the Prohibited Securities Rule and Other Ethics Requirements (see page 29).
Investigations Investigations Active Opened Completed Investigation Investigative Highlights Investigations Investigations Active Opened Completed Investigations Investigations covered in this report:
The Defense Nuclear Facility Safety Boards Use and Oversight of Contractor (see page 36); and, The Defense Nuclear Facilities Safety Board Personnel Security Programs Issuance of an Incorrect Credentialing (see page 37).
3 OIG History In the 1970s, government scandals, oil shortages, and stories of corruption covered by newspapers, television, and radio stations took a toll on the American publics faith in its government. The U.S. Congress knew it had to take action to restore the publics trust. It had to increase oversight of federal programs and operations. It had to create a mechanism to evaluate the effectiveness of government programs. It also had to provide an independent voice for economy, efficiency, and effectiveness within the federal government that would earn and maintain the trust of the American people.
In response, Congress passed the landmark legislation known as the Inspector General Act, which President Jimmy Carter signed into law in 1978. The IG Act created independent IGs, who would protect the integrity of government; improve program efficiency and effectiveness; prevent and detect fraud, waste, and abuse in federal agencies; and, keep agency heads, Congress, and the American people currently informed of their findings.
Today, the IG concept is a proven success. IGs continue to deliver significant benefits, and thanks to IG audits, evaluations, and investigations, billions of dollars have been returned to the federal government or have been better spent based on recommendations identified through them. IG investigations have also contributed to ensuring that thousands of wrongdoers are held accountable for their actions. The IG concept and its principles of good governance, accountability, and monetary recovery have been adopted by foreign governments as well, contributing to improved governance in many nations.
Nuclear Regulatory Commission OIG In accordance with the 1988 amendments to the Inspector General Act of 1978, the NRCs OIG was established on April 15, 1989, as an independent and objective unit to conduct and supervise audits, evaluations, and investigations relating to the NRCs programs and operations. The purpose of the OIGs audits, evaluations, and investigations is to prevent and detect fraud, waste, abuse, and mismanagement, and promote economy, efficiency, and effectiveness, in NRC programs and operations.
In addition, the OIG reviews existing and proposed regulations, legislation, and directives, and comments on any significant concerns.
History, Mission, and Goals
4 The NRCs mission is to license and regulate the nations civilian use of radioactive materials to protect public health and safety, promote the common defense and security, and protect the environment. The NRCs vision is to carry out this mission as a trusted, independent, transparent, and effective nuclear regulator, consistent with the NRCs Principles of Good Regulation.
Defense Nuclear Facilities Safety Board OIG Congress created the DNFSB as an independent agency within the executive branch to identify the nature and consequences of potential threats to public health and safety involving the U.S. Department of Energys (DOE) defense nuclear facilities, to elevate such issues to the highest levels of authority, and to inform the public. The DNFSB is the only independent technical oversight body for the nations defense nuclear facilities. The DNFSB is composed of experts in the field of nuclear safety with demonstrated competence and knowledge relevant to the agencys oversight functions.
The Consolidated Appropriations Act of 2014 authorized the Inspector General of the NRC to exercise the same authorities with respect to the DNFSB as the Inspector General exercises under the Inspector General Act of 1978 (5 U.S.C. App.) with respect to the NRC.
OIG Mission and Goals The OIG is committed to ensuring the integrity of NRC and DNFSB programs and operations. Developing an effective planning strategy is a critical aspect of meeting this commitment. Such planning ensures that audit, evaluation, and investigative resources are used effectively. To that end, the OIG developed a Strategic Plan that includes the major challenges and critical risk areas facing the NRC. The plan identifies the OIGs priorities and establishes a shared set of expectations regarding the OIGs goals and the strategies it will employ to achieve them. The OIGs most recent Strategic Plan for the NRC features three goals, which generally align with the NRCs mission and goals:
- Strengthen the NRCs efforts to protect public health and safety, and the environment;
- Strengthen the NRCs security efforts in response to an evolving threat environment; and,
- Increase the economy, efficiency, and effectiveness with which the NRC manages and exercises stewardship over its resources.
5 Audits and Evaluations Program The OIG Audits and Evaluations Program focuses on NRC and DNFSB management and financial operations, the economy or efficiency with which the agencies manage their programs or functions, and whether these programs achieve intended results.
OIG auditors assess the degree to which the NRC and the DNFSB comply with laws, regulations, and internal policies in carrying out their programs. OIG auditors also test program effectiveness and the accuracy and reliability of financial statements. The overall objective of an engagement is to identify ways to enhance agency operations and promote greater economy and efficiency. Engagements comprise four phases:
- Survey - An initial phase of the engagement process is used to gather information on the agencys organization, programs, activities, and functions. An assessment of vulnerable areas determines whether further review is needed;
- Fieldwork - Auditors gather detailed information to develop and support findings, conclusions, and recommendations;
- Reporting - The auditors present the information, findings, conclusions, and recommendations supported by the evidence gathered during the survey and fieldwork phases. The auditors hold exit conferences with management officials to obtain their views on issues in the draft report and present those comments in the published report, as appropriate. The published reports of OIG engagements include formal written comments in their entirety as an appendix; and,
- Resolution - Positive change results from the resolution process in which management takes action to improve operations based on the recommendations in the OIGs published report. Management actions are monitored until final action is taken on all recommendations. When management and the OIG cannot agree on the actions needed to correct a problem identified in an audit or evaluation report, the issue can be referred to the NRC Chair or DNFSB Chair for resolution.
Each October, the OIG issues an Annual Plan that summarizes the audits and evaluations planned for the coming fiscal year. Unanticipated high-priority issues may arise that generate engagements not listed in the Annual Plan. OIG audit and evaluation staff continually monitor specific issue areas to strengthen the OIGs internal coordination and overall planning process. Under the OIG Issue Area Monitoring (IAM) program, staff designated for IAM are assigned responsibility for keeping abreast of major agency programs and activities. The broad IAM areas address nuclear reactors, nuclear materials, nuclear waste, international programs, security, information management, and financial management and administrative programs.
Programs and Activities
6 Investigative Program The OIGs responsibility for detecting and preventing fraud, waste, and abuse within the NRC and the DNFSB includes investigating possible violations of criminal statutes relating to agency programs and activities, investigating misconduct by employees and contractors, interfacing with the U.S. Department of Justice on OIG-related criminal and civil matters, and coordinating investigations and other OIG initiatives with federal, state, and local investigative agencies and other OIGs.
Investigations may be initiated as a result of allegations or referrals from private citizens; licensee employees; government employees; Congress; other federal, state, and local law enforcement agencies; OIG audits; the OIG Hotline; and, OIG initiatives directed at areas having a high potential for fraud, waste, and abuse.
Because the NRCs and DNFSBs missions involve protecting the health and safety of the public, the OIGs Investigative Program directs much of its resources and attention to investigating allegations of NRC or DNFSB staff conduct that could adversely impact matters related to health and safety. These investigations may address allegations of:
- Misconduct by high-ranking and other agency officials, such as managers and inspectors, whose positions directly impact public health and safety;
- Failure by agency management to ensure that health and safety matters are appropriately addressed;
- Failure by the NRC or DNFSB to provide sufficient information to the public and to seek and consider the publics input openly during the regulatory process;
- Conflicts of interest involving agency employees, contractors, and licensees, including such matters as promises of future employment for favorable regulatory treatment and the acceptance of gratuities; and,
- Fraud in the agencies procurement programs involving contractors violating government contracting laws and rules.
The OIG has also implemented a series of proactive initiatives designed to identify specific high-risk areas that are most vulnerable to fraud, waste, and abuse. A primary focus of these initiatives is moderating cybersecurity risks in the business environment. The OIG is committed to improving the security of the constantly changing electronic business environment by investigating unauthorized intrusions and computer-related fraud, and by conducting computer forensic examinations. The OIG also engages in proactive initiatives focused on determining instances of procurement fraud, theft of property, government credit card abuse, and fraud in other federal programs.
7 OIG General Counsel Regulatory Review Under section 4(a) of the Inspector General Act, codified at 5 U.S.C. § 404(a), the OIG reviews existing and proposed legislation, regulations, and policies, as well as the implementation of NRC Management Directives (MD) and DNFSB Directives. The OIG then makes recommendations to the agencies concerning the impact on the economy and efficiency of their programs and operations. Regulatory review is intended to help the agencies avoid implementing potentially flawed regulations or policies. The OIG does not concur or object to agency actions reflected in the regulatory documents, but rather offers comments.
Comments provided in the regulatory review process reflect the OIGs objective analysis of the language of proposed statutes, regulations, directives, and policies. The OIG structures its review to identify vulnerabilities and offer the agencies additional or alternative choices. The OIG also focuses on ensuring that agency policies and procedures do not negatively affect the OIGs operations or independence.
From April 1, 2024, to September 30, 2024, the OIG reviewed a variety of regulatory documents. In its reviews, the OIG remained cognizant of how the proposed rules or policies could affect the OIGs functioning or independence. The OIG also considered whether the rules or policies could significantly affect NRC or DNFSB operations or be of high interest to NRC or DNFSB staff and stakeholders. In conducting its reviews, the OIG applied its knowledge and awareness of underlying trends and overarching developments at the agencies and in the areas they regulate.
For the period covered by this Semiannual Report to Congress, the OIG did not identify any issues that would significantly compromise its independence or conflict with its audit or investigative functions. The OIG did, however, identify certain proposed staff polices that might affect, to some extent, the work of the OIG. In these cases, the OIG proposed edits or changes that would mitigate the impacts and requested responses from the staff. Agency staff either accepted the OIGs proposals or offered a well-supported explanation as to why the proposed changes were not accepted. The OIGs reviews for the period covered by this Semiannual Report are described in further detail below.
NRC Management Directives NRC MD 7.8, Outside Employment, provides the policies and procedures that implement the NRCs supplemental ethics rule, a rule requiring NRC employees to obtain prior approval before engaging in certain types of compensated outside employment. The NRC revised this MD to update the guidance for employees seeking approval of outside employment, included hyperlinks to the agencys Ethics Gateway web application and ethics SharePoint site, and clarified that the NRCs Chair will appoint a Designated Agency Ethics Official from the agencys Office of the General Counsel. The OIG provided comments on the revised MD to help clarify the directives terminology and procedures, and proposed reordering certain language in the MD to
8 explain better the role of the NRCs four regional counsels in reviewing outside-employment requests coming from the respective regions.
The OIG also reviewed the following MDs or other guidance documents during this reporting period: MD 3.9, NRC Staff and Contractor Speeches, Presentations, Papers, and Journal Articles on Regulatory and Technical Subjects; MD 3.15, Multimedia Services; MD 5.3, Agreement State Participation in Working Groups; MD 7.10, Political Activity; MD 9.23, Organization and Functions, Office of Nuclear Security and Incident Response; MD 9.28, Organization and Functions, Office of Nuclear Regulatory Research; MD 9.29, Organization and Functions, Regional Offices; MD 10.38, Position Management; MD 10.161, Civil Rights Program, Affirmative Employment and Diversity Management, and Diversity, Equity, and Inclusion Outreach; MD 12.4, NRC Communications Security (COMSEC) Program; and, MD 12.9, NRC Operations Security Program. While the OIG provided editorial or formatting suggestions for some of these directives, it had no substantive comments on them.
DNFSB Directives The OIG reviewed Directive Number D-221.1, Official Travel, which establishes policies and responsibilities for official business travel involving DNFSB employees.
The OIG recommended adding language to this directive that addresses, or at least incorporates by reference, the responsibilities of the agencys Executive Director of Operations (EDO) that are listed in the directives associated operating procedure.
The OIG also recommended that the DNFSB verify the operating procedure, or other agency guidance, that addresses recent changes to the Federal Travel Regulation (FTR) involving premium economy travel, including those summarized in the General Service Administrations Bulletin FTR 23-07 (Aug. 21, 2023).
Directive Number D-231.2, Freedom of Information Act (FOIA) Program, sets forth the DNFSBs policy for complying with FOIA and certain additional authorities that may be relevant to an agencys FOIA obligations. The DNFSB updated its prior FOIA directive, which dated back to 2001, to capture intervening changes in the law and revise agency procedures. The OIG recommended that the DNFSB clarify certain terminology in the directive, better define the roles of the EDO and the FOIA Public Liaison, and explain that, consistent with FOIA, only a senior agency official can be designated to serve as the Chief FOIA Officer.
Finally, the OIG reviewed Directive Number D-241.3, DNFSB Official Reception and Representation Funds, which establishes the policies governing the agencys distribution, use, and accounting of such funds. The OIG recommended that the DNFSB clarify what type of notification is required before using reception and representation funds at an event where neither the agencys Chair nor Vice Chair would be present. The OIG also recommended adding a citation to the Government Accountability Offices Principles of Federal Appropriations Law in the References section of the directive.
9 Other OIG Activities This summer, the OIG welcomed four student internscollege students Angelina Nguyen, Zoe Cross, Laura Levine, and law student Leanna Feinleibto experience working with the federal government and with the OIG.
Thank goodness for the student interns, said Inspector General Robert J.
Feitel, who have done so much to enhance our work.
While Angelina, Zoe, Laura, and Leanna certainly benefitted from learning about our important work, they also brought so much to the table to make us better.
They brought helping hands, fresh eyes, diverse academic interests, unique perspectives, and enthusiasm for the work we do. We hope that theyve had positive and enriching experiences working with the OIG!
Angelina Nguyen is a junior studying cyber security at the University of Mary Washington and plans to minor in sports marketing and management. Zoe Cross is a senior at the University of Maryland, College Park, studying criminal justice with a minor in global terrorism. Laura Levine is also a senior at the University of Maryland. She expects to graduate with her bachelors degree in political science in 2025 and a masters degree in applied political analytics the following year. Finally, Leanna Feinleib earned her bachelors degree in criminology, law and society, concentrating her studies in homeland security, from George Mason University. She is now a second-year law student at the University of Marylands Francis King Carey School of Law, planning to complete her juris doctor in 2026.
The OIG offers internship opportunities to students each year and has welcomed several former interns to its ranks as full-time OIG employees over the years.
Pictured from left are Legal Intern Leanna Feinleib, Deputy Inspector General Ziad Buhaissi, Audit Intern Laura Levine, General Counsel Michael Clark, Assistant Inspector General for Audits and Evaluations Hruta Virkar, Inspector General Robert J. Feitel, Audit Intern Angelina Nguyen, Chief of Staff and Deputy General Counsel Edward OConnell, and Audit Intern Zoe Cross.
10 U.S. Nuclear Regulatory Commission Management Challenges and Audit, Evaluation, and Investigative Summaries
11 The following were the most serious management and performance challenges facing the U.S. Nuclear Regulatory Commission in FY 2024* as identified by the Inspector General:
Challenge 1: Ensuring safety and security through risk-informed regulation of established and new nuclear technologies, as well as cyber and physical security activities impacting the NRCs mission; Challenge 2: Overseeing the decommissioning process and the management of decommissioning trust funds; Challenge 3: Implementing new legislative requirements related to NRC core mission areas and corporate support; Challenge 4: Ensuring the effective acquisition, management, and protection of information technology and data; Challenge 5: Hiring and retaining sufficient highly skilled employees to carry out the NRC mission; Challenge 6: Overseeing the safe and secure use of nuclear materials and storage and disposal of high-and low-level waste; Challenge 7: Managing financial and acquisitions operations to enhance fiscal prudence and transparency of resource management; Challenge 8: Maintaining public outreach related to the agencys regulatory process;
- and, Challenge 9: Planning for and assessing the impact of Artificial Intelligence and Machine Learning on nuclear safety and security.
- For more information on these challenges, see OIG-24-A-01, The Inspector Generals Assessment of the Most Serious Management and Performance Challenges Facing the Nuclear Regulatory Commission in Fiscal Year 2024.
NRC Management Challenges
12 SummariesNRC Audit of the U.S. Nuclear Regulatory Commissions Implementation of the Federal Information Security Modernization Act of 2014 for Fiscal Year 2024 OIG Strategic Goal: Corporate Support The Federal Information Security Modernization Act (FISMA) of 2014 established information security management requirements for agencies, including the requirement for an annual independent assessment by each agencys IG. The annual assessments provide agencies with the data needed to determine the effectiveness of overall information security programs and to develop strategies and best practices to improve information security. The OIG contracted with Sikich CPA LLC (Sikich) to conduct an independent audit of the NRCs overall information security program and practices in response to the FY 2024 IG FISMA Reporting Metrics. The audit objective was to assess the effectiveness of the information security policies, procedures, and practices of the NRC.
Audit Results This report made four recommendations to strengthen the NRCs information security program. Based on its assessment of the period October 1, 2023, through June 30, 2024, Sikich found that although the NRC has established an effective agency-wide information security program and effective information security practices, some weaknesses may impact the agencys ability to protect the NRCs systems and information optimally.
Addresses Management and Performance Challenge #5 Audit of U.S. Nuclear Regulatory Commissions Reactor Operator Licensing Examination Process OIG Strategic Goal: Safety The NRCs four regional offices are responsible for issuing licenses for reactor operators and senior reactor operators of commercial nuclear power plants in accordance with the NRCs regulations at 10 Code of Federal Regulations (C.F.R.)
Part 55, Operators Licenses. Following the completion of a facility-administered training program, the initial licensing examination is administered. The examinations are prepared, administered, and graded using the guidance in NUREG-1021, Operator Licensing Examination Standards for Power Reactors.
The audit objective was to determine the effectiveness, efficiency, and integrity of the NRCs oversight of the reactor operator licensing examination process.
Audits and Evaluations Division
13 Audit Results This report made one recommendation to identify process gaps and update NUREG-1021 to ensure that guidance in future revisions remains current and addresses emerging issues.
The NRCs oversight of the reactor operator licensing examination process is effective, efficient, and reliable. However, the agency could benefit from providing additional guidance and clarity in the current NUREG-1021 (Rev. 12). Specifically, NUREG-1021 lacks clarity in policy interpretation and contains process gaps the NRC had not identified during its update of the regulation. This lack of clarity in the guidance could lead to delays and errors processing reactor operator licensing applications and rendering requalification decisions.
Addresses Management and Performance Challenge #1 Evaluation of the U.S. Nuclear Regulatory Commissions Policies and Procedures for Emergency Evacuation of Disabled Personnel OIG Strategic Goal: Corporate Support Facilities occupied by federal government tenants are required to maintain occupant emergency plans describing actions occupants should take to ensure safety if a fire or other emergency occurs. These plans should address a broad range of hazards and threats, meet facility-specific needs, involve coordination with local emergency responders, and consider applicable codes and regulations.
The OIG initiated this evaluation in response to an employees allegation. The objective of the evaluation was to assess the extent to which the NRCs emergency evacuation policies and procedures for the agencys headquarters complex consider the needs of personnel with various disabilities.
Evaluation Results This report made four recommendations: three recommendations to improve two-way communication systems, area of refuge signage, and fire door accessibility, and one recommendation to enhance training for personnel needing or rendering assistance during an emergency evacuation.
The OIG found that the NRC headquarters occupant emergency plan includes adequate procedures to facilitate the emergency evacuation of disabled personnel and other personnel needing assistance. However, the agency must update two-way communication systems, area of refuge signage, and fire door accessibility to align with safety codes and better support personnel needing assistance during emergency evacuations. In addition, NRC headquarters personnel could benefit from more frequent limited-scope training to supplement annual full-scope evacuation and accountability drills.
Addresses Management and Performance Challenge #8
14 Evaluation of the U.S. Nuclear Regulatory Commissions Use of Anti-gag Clauses in Nondisclosure Agreements OIG Strategic Goal: Corporate Support The anti-gag provision in the Whistleblower Protection Enhancement Act (WPEA) requires all federal agency nondisclosure policies, forms, or agreements to include specific language from 5 U.S.C. section 2302(b)(13), explicitly notifying federal employees of the right to report wrongdoing. Under this provision, agencies may not impose nondisclosure agreements (NDAs) or nondisclosure policies without language informing employees that the statutory right to blow the whistle supersedes the terms and conditions of the NDA or policy. Among other things, NDAs must inform employees of the overriding right to communicate with Congress, Inspectors General, and the U.S. Office of Special Counsel. No agency may seek, through an NDA or otherwise, to chill such communications. In March 2024, Senator Charles E.
Grassley (R-IA) requested that all Inspectors General confirm their agencies are including the required anti-gag language from the WPEA in agency NDAs.
The evaluation objective was to determine if the NRCs NDAs and nondisclosure policies comply with 5 U.S.C. section 2302(b)(13).
Evaluation Results This report made three recommendations to address the compliance of the NRCs NDAs with the requirements of 5 U.S.C. section 2302(b)(13). The OIG found that the NRCs NDAs involving federal employees do not comply with the requirements of 5 U.S.C. section 2302(b)(13). Specifically, NRC employees hired before the WPEA was enacted were not retroactively informed of their whistleblower rights. In addition, some NDAs between the NRC and other federal agencies lack required anti-gag language. Further, the OIG found that anti-gag language is not included in NRC Form 176A, Security Acknowledgement.
Addresses Management and Performance Challenge #4 Audit of the U.S. Nuclear Regulatory Commissions Contract Management of Information Technology Services OIG Strategic Goal: Corporate Support The NRC strives to keep current with proven technologies to provide the agency with a secure and reliable information technology (IT) infrastructure and capabilities that increase productivity and maximize value. To better the agencys position in providing quality IT services, the Office of the Chief Information Officer (OCIO) has adopted an agile approach to procuring, developing, maintaining, and delivering IT services. The OCIO has moved away from a large seat contract with a single vendor for the agencys IT needs to the agency owning and managing its IT assets and overseeing multiple vendors that deliver IT services. The audit objective was to determine if the NRC is efficiently and effectively managing IT-related contracts for the agencys information technology services and support.
15 Audit Results This report made two recommendations to improve the NRCs management and contract closeouts. The OIG found that the NRC could improve its IT services and support through more consistent management with an emphasis on service level agreements (SLAs) and the timely closeout of IT-related contracts.
Consistent with federal regulations and prudent business practices, contract requirements should be clearly defined, and the appropriate performance standards should be developed so the NRC can measure the contractors performance. The NRC does not consistently use SLAs when awarding IT contracts, however, because the agency has no specific guidance on how or when to use SLAs. As a result, the NRC may be limiting its ability to measure contractor performance and might not receive the services the agency requires or purchases.
The NRC is required to close out contracts in an orderly and timely manner.
However, the NRC is not always prompt in contract closeouts and in deobligating excess funds. Delays occur because the NRC does not always prioritize contract closeouts and does not have a tracking method for contracts in the closeout process.
Delayed contract closeouts have led to a surplus of unliquidated obligations that could be put to better use.
Addresses Management and Performance Challenge #4 Evaluation of the U.S. Nuclear Regulatory Commissions Information Technology Asset Management OIG Strategic Goal: Corporate Support In December 2023, the OIGs Audits and Evaluations Division received an OIG Hotline complaint stating that NRC IT assets are not returned upon employee separation from the NRC, IT assets are not located where they are shown to be in the Configuration Management Database in the Information Technology Service Management (ITSM) toolset, new IT assets are not being logged into the appropriate database, and decommissioning procedures are not followed for IT assets.
The evaluation objective was to determine the facts and circumstances regarding allegations of information technology asset mismanagement.
Evaluation Results This report made six recommendations to improve the NRCs information technology asset management program. The OIG determined that the NRCs IT assets were not managed effectively throughout aspects of the IT lifecycle management process.
The OIG found that some NRC assets were not returned upon employee separation from the NRC. Specifically, three employees separated from the NRC without returning a total of four laptops.
16 In addition, NRC IT assets were not located where shown in the Configuration Management Database. The OIG found that 666 of 980 items were not in the locations assigned in the ITSM toolset. Further, new IT assets were not logged into the appropriate database until 3 months after the NRC received the assets. The OIG also found that NRC decommissioning procedures were not followed for IT assets.
Addresses Management and Performance Challenge #4 Performance Audit of the U.S. Nuclear Regulatory Commissions Compliance with the Payment Integrity Information Act of 2019 for Fiscal Year 2023 OIG Strategic Goal: Corporate Support The OIG engaged Sikich to conduct a performance audit of the NRCs compliance with the Payment Integrity Information Act of 2019 (PIIA) for FY 2023 in accordance with Office of Management and Budget (OMB) Circular A-136, Financial Reporting Requirements, section II.4.5, and with section VI.A. of OMB Memorandum M-21-19, which transmits Appendix C to OMB Circular No. A-123, Requirements for Payment Integrity Improvement.
The objective of this audit was to determine whether the NRC complied with the requirements of the PIIA for FY 2023. Accordingly, Sikich assessed the NRCs compliance with OMB guidance and corresponding reporting instructions. Sikich determined that the NRC met the applicable requirements for PIIA compliance for the five programs Sikich identified as susceptible to improper payments or unknown payments.
Audit Results Sikich found that the NRC complied with the requirements of the PIIA for FY 2023.
As required, the NRC published applicable payment integrity information with the annual financial statement and in the accompanying materials to its annual financial statements for the most recent fiscal year in accordance with payment integrity information guidance provided in OMB Circular A-136. The NRC posted the annual financial statement and accompanying materials required under OMB guidance on the agency website with a link to paymentaccuracy.gov, conducted an intellectual property risk assessment for each program with annual outlays greater than
$10 million at least once in the last 3 years, and adequately concluded whether the program is likely to make improper payments and unknown payments above or below the statutory threshold.
Sikich also found the NRCs reporting of and performance in reducing and recapturing improper payments and unknown payments to be generally accurate and complete. In response to Sikichs findings, the NRC concluded that a payment recapture audit would not be cost effective. The NRCs FY 2023 improper payment risk assessment concluded that there were no improper payments for the programs that met the PIIA threshold for testing.
Addresses Management and Performance Challenge #7
17 Audit of the U.S. Nuclear Regulatory Commissions Safety Inspections of Class II Research and Test Reactors OIG Strategic Goal: Safety The NRC regulates research and test reactors (RTRs) to ensure that licensees systems and operations are in accordance with regulatory requirements and provide acceptable protection of public health and safety.
Class II refers to those RTRs that are licensed to operate at power levels less than 2 megawatts. The NRCs Class II RTR inspection program is designed to provide sufficient flexibility to optimize the use of inspection resources and provide inspection commensurate with the safety significance of the RTR.
The audit objective was to determine whether the NRC performs safety inspections at Class II RTRs in accordance with agency guidance and inspection program objectives.
Audit Results This report made seven recommendations to improve the NRCs policies, procedures, and program controls for managing safety inspections of Class II RTRs.
The NRC performs safety inspections at Class II RTRs in accordance with agency guidance; however, opportunities exist to improve policies, procedures, and controls for managing safety inspections of Class II RTRs. The OIG found that RTR inspection hours were not accurately charged. The NRC does not consistently track post-qualification and refresher training requirements and does not consistently review requests to meet inspector qualification requirements using alternate methods, such as equivalency justifications.
In addition, the NRC does not retain RTR inspection program information centrally and has not periodically reviewed RTR inspection program guidance as required by agency policy.
Addresses Management and Performance Challenge #4
18 Audits and Evaluations in Progress NRC Audit of the U.S. Nuclear Regulatory Commissions Travel Charge Card Program OIG Strategic Goal: Corporate Support The audit objective is to assess whether the NRCs policies and procedures are effective in preventing and detecting travel charge card misuse and payment delinquencies.
Addresses Management and Performance Challenge #7 Audit of the U.S. Nuclear Regulatory Commissions Recruitment and Retention Activities OIG Strategic Goal: Corporate Support The audit objective is to assess the NRCs effectiveness in recruiting and retaining staff to address critical skills shortfalls.
Addresses Management and Performance Challenge #5 Audit of the U.S. Nuclear Regulatory Commissions Use of Operating Experience in Emergency Diesel Generator Oversight OIG Strategic Goal: Safety The audit objective is to determine whether the NRC effectively uses operating experience information to oversee the emergency diesel generators at nuclear power plants.
Addresses Management and Performance Challenge #1 Audit of the U.S. Nuclear Regulatory Commissions Web-Based Licensing System OIG Strategic Goal: Safety The audit objective is to determine whether the Web-Based Licensing system effectively manages the NRCs materials licensing and inspection information and provides for the security, availability, and integrity of the system data.
Addresses Management and Performance Challenge #9
19 Audit of the U.S. Nuclear Regulatory Commissions Technical Qualifications Programs OIG Strategic Goal: Safety The audit objective is to determine the adequacy of the NRCs process to manage, track, and monitor its technical qualification programs.
Addresses Management and Performance Challenge #6 Evaluation of the U.S. Nuclear Regulatory Commissions Telework Program OIG Strategic Goal: Corporate Support The evaluation objective is to assess the NRCs use and oversight of its telework program and the administration of locality payments for telework employees.
Addresses Management and Performance Challenge #8 Audit of the U.S. Nuclear Regulatory Commissions Implementation of the Federal Information Security Modernization Act of 2014 for Fiscal Year 2024 at the Technical Training Center OIG Strategic Goal: Corporate Support The audit objective is to conduct an independent assessment of the NRCs FISMA implementation for FY 2024 at the agencys Technical Training Center.
Addresses Management and Performance Challenge #4 Audit of the U.S. Nuclear Regulatory Commissions Implementation of the Federal Information Security Modernization Act of 2014 for Fiscal Year 2024 at Region IV OIG Strategic Goal: Corporate Support The audit objective is to conduct an independent assessment of the NRCs FISMA implementation for FY 2024 at Region IV.
Addresses Management and Performance Challenge #4
20 Audit of the U.S. Nuclear Regulatory Commissions Fiscal Year 2024 Financial Statements OIG Strategic Goal: Corporate Support The audit objectives are to express opinions on the agencys financial statements and internal controls, review compliance with applicable laws and regulations, and review controls in the NRCs computer systems that are significant to the financial statements.
Addresses Management and Performance Challenge #7
21 Case SummariesNRC Changes to San Onofre Nuclear Generating Station Site Characteristics OIG Strategic Goal: Safety Complaint The OIG initiated this investigation based on a complaint that the NRC misrepresent[ed] and distort[ed] actual facts during public interactions regarding the agencys review of 10 C.F.R. 2.206 petitions pertaining to the design-basis flooding event at San Onofre Nuclear Generating Station (SONGS).
A section 2.206 petition is a request, which anyone may file, for the NRC to take actionincluding modifying, suspending, or revoking a licenseregarding a licensee or other person within the NRCs jurisdiction. A design-basis flood is the flood that poses the most severe hazards to the safety of a nuclear power plant; under 10 C.F.R. 52.79(a)(4)(i), nuclear power plants must be designed to withstand that flood.
Investigative Results The OIG did not substantiate the allegation that the NRC misrepresented and distorted facts in connection with its intake of the section 2.206 petitions.
The OIG found, however, that site characteristic data in the 2022 SONGS Defueling Safety Analysis Report (DSAR) are inconsistent with site characteristic data the licensee provided to the California Coastal Commission (CCC) during the 2015 state-level coastal development permitting process. The data in the 2022 DSAR are essentially the same design-basis flooding information the licensee provided to the NRC during initial licensing in 1981. Yet, during its investigation of matters related to the 2.206 petitions, the OIG reviewed a 2015 CCC report that contains data from and relies on a 2013 site-specific analysis, conducted as part of calculations for a probable maximum tsunami at SONGS. The design-basis flood value for still water level as reported in the 2022 DSAR is more than 6 feet lower than as reported in the 2015 CCC report.
Still water level is the average water elevation, including the effects of tides and storms but excluding the effects of wind waves and wave runup on shorelines and other embankments. Mean lower low water (MLLW) is the average level of the lowest tide for each day for a 19-year period. If the SONGS design-basis flood value for still water level has risen by more than 6 feet MLLW, such an increase challenges the original flood level estimates used in the NRCs design-basis evaluations of SONGS Units 2 and 3 and the adequacy of mitigating actions.
Investigations Division
22 In addition, in evaluating the probable maximum tsunami at SONGS Units 2 and 3, the 2015 CCC report considers wave runup elevations from far-field tsunami sources, again relying on the 2013 analysis. In contrast, the 2022 DSAR bases the probable maximum tsunami on local offshore fault zones.
The OIG did not identify an immediate safety concern regarding SONGS but conveyed to the NRC related information so the agency can assess the informations regulatory significance.
NRC Response The NRC is reviewing the information the OIG shared regarding the discrepancy between the SONGS site characteristic data the licensee reported to the NRC and the data the licensee provided to the CCC. The NRC committed to reviewing this issue in an inspection planned for the first quarter of FY 2025 and to documenting its resolution of this matter in an inspection report.
Addresses Management and Performance Challenge #1 Special Inquiry into the Appearance of a Conflict of Interest Involving Members of the Advisory Committee on the Medical Uses of Isotopes OIG Strategic Goal: Safety Investigative Results As discussed in the October 2023 - March 2024 Semiannual Report to Congress, the OIG found that two members of the NRCs Advisory Committee on the Medical Uses of Isotopes (ACMUI), which was providing advice related to petition for rulemaking number PRM-35-22, were active participants in a professional organization carrying out a campaign opposing PRM-35-22.
The ACMUI comprises a variety of health care professionals who advise the NRC on technical and policy issues regarding medical uses of radioactive material. A petition for rulemaking is a request, submitted by a person or entity, for a federal agency to adopt, revise, or withdraw a regulation. PRM-35-22, Reporting Nuclear Medicine Injection Extravasations as Medical Events, is a petition requesting the NRC require medical event reporting of radiopharmaceutical extravasations that result in localized dose equivalents exceeding 0.5 Sievert (50 rem).
In general, a medical event is a radiopharmaceutical dose administration that differs from the prescribed dose, drug, or recipient; when the difference exceeds the limits described in 10 C.F.R. 35.3045, the licensee must report the medical event to the NRC. An extravasation is the unintentional leakage of an intravenously administered solution into tissue around the infusion or injection site.
Title 5 C.F.R. 2635.502, Personal and business relationships, provides that when a federal employee determines a reasonable person with knowledge of the relevant facts would question the employees impartiality in a matter, the employee should not participate in the matter without agency authorization. In this case, two ACMUI
23 members failed to follow the procedures in section 2635.502 when the members participated in ACMUIs review of PRM-35-22 without prior authorization.
The OIG also found that the NRC lacked sufficient policies and internal controls to avoid both actual and apparent conflicts of interest for ACMUI members.
NRC Response The NRC responded to the OIGs findings by committing to five program enhancements, one completed and four underway:
- 1. The NRC updated the ACMUI member hiring process with candidate interview questions related to ethics and conflict of interest responsibilities;
- 2. The NRC will improve processes for assessing, documenting, tracking, coordinating with its Office of the General Counsel, and routinely inspecting determinations of conflicts of interest and appearance of conflicts of interest within the ACMUI;
- 3. The ACMUI will revise its bylaws with more information regarding the scope of federal conflict of interest requirements and members responsibilities to disclose potential conflicts of interest and appearance of conflicts of interest;
- 4. During the ACMUIs annual ethics training for all members, NRC ethics officials will provide additional information on conflicts of interest, appearance of conflicts of interest, and 5 C.F.R. 2635.502 covered relationships; and,
- 5. The NRC will revise the ACMUI members guide (NUREG/BR-0309) with additional detail on members conflict of interest and appearance of conflict-of-interest responsibilities.
In addition, the NRC is considering tracking ACMUI members affiliations and conflict of interest screenings through the WebACTS platform employed by the NRCs Advisory Committee on Reactor Safeguards.
Addresses Management and Performance Challenges #1, #6, and #8 The U.S. Nuclear Regulatory Commission Inappropriately Approved a Certificate of Compliance for Radioactive Material Packages OIG Strategic Goal: Safety Complaint The OIG initiated this investigation based on a complaint that the Office of Nuclear Material Safety and Safeguards (NMSS) inappropriately issued Holtec International Corporation (Holtec) Radiological Material Package Certificate of Compliance (CoC)
- 9375, Revision 0.
24 A CoC authorizes an organization to ship nuclear material in an approved transport system (package). Before modifying a previously approved package, an organization must obtain a revision of the CoC.
Allegedly, the issuance of CoC #9375, Revision 0, was inappropriate because it permitted Holtec to fabricate transportation containment boundary system components, for use in a radioactive non-fuel waste package, using American Society of Testing and Materials Standard A514 (ASTM A514).
Investigative Results The OIG substantiated the allegation that the NRC issued CoC #9375, Revision 0, inappropriately. Title 10 C.F.R. Part 71 regulates the packaging and transportation of radioactive material. NUREG-2216, Standard Review Plan for Transportation Packages for Spent Fuel and Radioactive Material, provides guidance to NRC staff for reviewing a licensees application for a transportation package under Part 71.
NUREG-2216 section 7.4.2.2 provides that transportation containment boundary system components should be designed and constructed in accordance with section III of the American Society of Mechanical Engineers Boiler and Pressure Vessel Code (ASME Code).
ASTM A514 is a steel known for its high-yield strength and weldability. ASTM A514 is not, however, a permissible material for transportation containment boundary system components under ASME Code section III.
The OIG found that two NRC materials technical reviewers failed to identify that the use of ASTM A514 steel as described in CoC #9375, Revision 0as well as in CoC
- 9375, Revision 1, as originally submittedconstituted the use of an unapproved material. Almost 1 year after the NRC issued CoC #9375, Revision 0, an NRC senior materials technical reviewer identified the issue and then implemented the Request for Additional Information process with Holtec, leading to correction of the issue.
The OIG determined that Holtec could have fabricated a package using the ASTM A514 standard under CoC #9375, Revision 0, without the NRCs knowledge. Holtec had the opportunity, for approximately 18 months, to fabricate a package using ASTM A514, and Holtec planned to use such a package in Sweden, but NRC regulations do not always require a licensee to notify the NRC before commencing fabrication. In this case, NRC regulations did not require Holtec to notify the NRC because the packages decay heat load was not more than 5 kilowatts and the packages normal operating pressure was not more than 103 kilopascals gauge.
The OIG also found that in April 2021, the NRC drafted LIC-FM-8, Revision No. 0, Peer Review Process, a divisional instruction on conducting peer reviews of licensing actions, but the NRC had not yet approved or otherwise dispositioned the instruction as of February 2024 (when the OIG communicated its findings to the NRC).
Lastly, the OIG observed that the NRCs Safety Evaluation Report for CoC #9375, Revision 0 and Revision 1, incorrectly referenced NUREG-1609, Standard Review Plan for Transportation Packages for Radioactive Material, instead of NUREG-2216, Standard Review Plan for Transportation Packages for Spent Fuel and Radioactive Material.
25 NRC Response In response to the OIGs finding that the NRC inappropriately issued CoC #9375, Revision 0, and that two NRC reviewers failed to identify that the proposed use of ASTM A514 was impermissible, the NRC took four steps to ensure it conducts high-quality licensing reviews and to focus on staff qualifications:
- 1. By discussing the details of this case, NMSS materials reviewers heightened their awareness of the need to determine whether applicants are using permissible materials;
- 2. The Materials and Structure Branch in NMSS committed to conducting mentoring activities and peer reviews routinely;
- 3. NMSS finalized division instruction ADM-FM-5, Administrative Process for Qualification; and,
- 4. The Materials and Structure Branch implemented a branch-specific qualification plan, including a training plan that familiarizes materials reviewers with code-required materials and other technical topics.
In response to the OIGs finding that Holtec could have fabricated a package using ASTM A514 without the NRCs knowledge, the NRC acknowledged that while vendors commonly provide to the agency a courtesy notice prior to fabrication, 10 C.F.R. 71.93(c) did not require notification prior to fabrication in this instance.
Holtec provided no courtesy notification of fabrication using the Revision 0 specifications, and the NRCs April 2024 inspection of the Holtec fabrication facility revealed no evidence that Holtec fabricated a package using those specifications. In February 2023, the NRC received a courtesy notification from Holtec indicating that Holtec planned to commence its first fabrication of the package (using compliant materials) in March 2023.
In response to the OIGs finding that the agency had not yet dispositioned a 2021 draft divisional instruction for staff conducting peer reviews of licensing actions, the NRC stated that the instruction had since been finalized and issued. The NRC explained that it had deferred completion of the instruction to mitigate a high workload while supervisors focused on hiring staff, but that for many years supervisors, at individual discretion, had used peer reviews when developing safety evaluations. The newly finalized instruction documents the best practices from those earlier staff practices.
Lastly, in response to the OIGs observation about the incorrect reference, the NRC acknowledged that the proper reference would have been to NUREG-2216.
Addresses Management and Performance Challenge #6
26 Allegation Regarding the U.S. Nuclear Regulatory Commissions Oversight of Material Control and Accounting for Fuel Facilities OIG Strategic Goal: Safety and Security Complaint The OIG received a complaint that unqualified inspectors performed material control and accounting (MC&A) inspections at fuel facilities from 2021 through 2023, and that some qualified MC&A inspectors have not completed the required refresher and continuing training. In addition, the complainant stated that there is a huge, short staffing of Region II MC&A inspectors, due to departures and other factors, leaving only one qualified MC&A inspector in the Division of Fuel Facility Inspections (DFFI).
Under 10 C.F.R. Part 74, licensees are required to maintain an MC&A program to track and verify onsite special nuclear material to prevent attempted theft or unauthorized production. The NRC performs both routine and reactive inspections of licensees MC&A programs. MC&A inspectors have specialized training and experience in MC&A.
Investigative Results The OIG did not substantiate that unqualified MC&A inspectors conducted inspections from 2021 through 2023, because Region II augmented its inspection staff with qualified MC&A inspectors who had transferred to other positions in the agency. The number of qualified MC&A inspectors in the responsible division (DFFI) had decreased since 2017 such that DFFI had to augment its inspection resources from 2021 to 2023. DFFI augmented its inspection resources with previously qualified inspectors from headquarters and former DFFI inspectors who had since assumed different assignments and moved to other organizations in Region II.
The OIG further found that most of the augmenting MC&A inspectors had not completed all Inspection Manual Chapter 1247, Appendix C5 qualification refresher and continuing training requirements. After the OIG began its reviews of the MC&A inspection program, and because of a separate OIG special inquiry regarding independent spent fuel storage installation inspectors, Region II initiated substantive corrective actions to address the issues the OIG had identified.
NRC Response The NRC responded to the OIGs findings with descriptions of how the agency will track and monitor ten actions intended to correct the falling number of qualified MC&A inspectors in DFFI and to ensure MC&A inspectors complete refresher and continuing training:
- 1. DFFI is prioritizing MC&A qualifications in its periodic staff planning reviews and is proactively assigning MC&A qualification training to cover forecasted gaps in staffing needs. DFFI is tracking these efforts through regular meetings on staffing;
27
- 2. Since the OIG provided its findings to the NRC, one DFFI inspector has completed MC&A training and successfully qualified as an MC&A inspector; through the regular meetings on staffing, DFFI continues to track a second inspectors progress toward qualification, which is expected by the end of 2024;
- 3. As needed, when an MC&A inspector departs DFFI for another part of the NRC, DFFI and the inspectors new supervisor will establish an informal agreement for the inspector to continue to provide MC&A inspection coverage;
- 4. As needed, when unforeseen circumstances arise, Region II will work collaboratively, both inside and outside Region II, to augment inspections with fungible resources such as MC&A subject matter experts;
- 5. Region IIs Mission Focus Team monitors the development of regional office instructions on qualifications and meets regularly;
- 6. To be supported by the regional office instructions as well, Region II encourages employees to complete subsequent-and cross-qualifications, thereby increasing fungibility of inspection resources. Subsequent-and cross-qualifications are currently voluntary;
- 7. Region II has coordinated with the Office of the Chief Human Capital Officer (OCHCO) to determine whether, consistent with the Collective Bargaining Agreement, Region II has the authority to mandate subsequent-and cross-qualification outside of an employees job function;
- 8. Due to the NRCs low demand for training MC&A inspectors compared to DOE demand for MC&A training, the NRCs primary training pipeline for MC&A inspectors is the DOE training center. The NRC has successfully worked, as needed, with the DOE to request priority for NRC MC&A inspector candidates at the DOE training center;
- 9. DFFI leadership is tracking and monitoring DFFIs coordination with OCHCO and the OCIO on improvements to the NRCs Training Management System to track qualification trainings automatically; and,
- 10. DFFI has reviewed a currently required refresher trainingHAZWOPERand proposed that, because this training duplicates other training, inspectors instead complete trainings that provide equivalent competencies, such as licensee-specific training and Site Access Training. DFFI has submitted a related proposal to the Office of Nuclear Material Safety and Safeguards, with its progress to be monitored through regular leadership engagement.
The NRC committed to continuing to track these corrective actions to completion as part of the agencys efforts to meet the MC&A program objectives.
Addresses Management and Performance Challenges #1 and #6
28 The U.S. Nuclear Regulatory Commissions Failure to Exercise Oversight of Agreement State Licensees with Special Nuclear Material of Low Strategic Significance OIG Strategic Goal: Safety Complaint The OIG initiated this investigation based on a complaint that, for more than 40 years, the NRC failed to oversee physical protection requirements for Agreement State licensees possessing special nuclear material of low strategic significance (SNM-LSS).
Investigative Results The OIG substantiated that, for more than 40 years, the NRC failed to exercise common defense and security oversight in accordance with 10 C.F.R. 150.14 for licensees possessing SNM-LSS in various Agreement States. An Agreement State is any state with which the NRC (or its predecessor, the Atomic Energy Commission) has entered into an agreement, under 42 U.S.C. 2021, authorizing the state to license and inspect byproduct, source, or special nuclear materials used or possessed within the states borders. Title 10 C.F.R. Part 150 defines activities in Agreement States over which the NRCs regulatory authority continues.
The OIG found that agency employees became aware of this failure to exercise regulatory oversight in 2018, but that the NRC did not implement remedial actions until 2023. Specifically, in March 2023, the agency issued an interim method to address the issue in Temporary Instruction 2800/044, Assessment of Physical Protection Requirements Under 10 C.F.R. 150.14 for Agreement State Licensees Possessing, Using, or Transporting [SNM-LSS]. Under the Temporary Instruction, regional inspectors are required to conduct specified inspections over 2 years beginning in March 2023.
In addition, the OIG found that the NRCs future actions to fulfill its regulatory oversight responsibilities are undecided and its timing is indefinite. Currently, the NRC lacks a formal process to ensure new Agreement State licensees with SNM-LSS notify the NRC when they become subject to 10 C.F.R. 73.67 inspection requirements.
NRC Response In response to the OIGs findings, the NRC committed to determining whether future inspections of Agreement State licensees possessing SNM-LSS are required. The NRC anticipates completing its evaluation of the results of the initial inspections, performed under Temporary Instruction 2800/044, by June 2025. Depending on those results and the safety and security significance of the SNM-LSS material, the NRC would develop an SNM-LSS inspection procedure and update its guidance to reflect an appropriate frequency for the NRC or Agreement States to perform the inspections.
29 The NRC also committed to ensuring, by June 2025, it is informed when Agreement States grant new licenses for SNM-LSS. Several regulations require Agreement State licensees, such as NRC licensees, to submit reports to the Nuclear Material Management and Safeguards System if the licensee ships, receives, or adjusts its onsite inventory for materials in designated quantities. The NRC will use that system to identify licensees that possess SNM-LSS. The NRC will also request information about licensees possessing SNM-LSS from Agreement States annually through the currently established Annual Count of Active Radioactive Material Licenses in the National Material Program.
Addresses Management and Performance Challenge #6 Violation of the Prohibited Securities Rule and Other Ethics Requirements OIG Strategic Goal: Corporate Management Complaint The OIG initiated this investigation based on a complaint from ethics officials in the Office of the General Counsel (OGC) that a Senior Executive Service (SES) employee failed to comply with financial disclosure requirements. The officials also alleged that the employee was not fully cooperative with OGCs efforts to bring him into compliance with those requirements. Allegedly, the employee owned two prohibited securities while employed by the NRC.
Investigative Results The OIG substantiated that upon his appointment to the NRC, the SES employee filed an incomplete Office of Government Ethics (OGE) Form 278e, Executive Branch Personnel Public Financial Disclosure Report. Under 5 U.S.C. 13103 and 5 C.F.R. 2634.201, certain candidates for, nominees to, and holders of federal employment must file public financial disclosure reports containing the financial information enumerated in 5 C.F.R. Part 2634, Subpart C. Individuals must file this information by completing OGE Form 278e. In this case, the employee filed a 278e new-entrant report that did not contain all his reportable assets.
The OIG also found that the employee was not timely in his responses to OGCs requests that he provide information to complete his 278e new-entrant report, resulting in the report never being completed during his tenure with the NRC.
Instead, the employee voluntarily separated from the NRC and filed a 278e termination report after he left the agency.
In addition, the OIG found that the employee owned two prohibited securities while employed by the NRC. The employees ownership of these securities violated the NRCs supplemental ethics rule at 5 C.F.R. 5801.102, Prohibited securities. The OIG found no evidence, however, that the employee acted in his official NRC capacity intending to advance his financial interests in the prohibited securities.
30 NRC Response In response to the OIGs findings, the NRC affirmed its commitment to fostering ethical leadership and ensuring employee compliance with ethical responsibilities and obligations, particularly among supervisors. The NRC has updated its Senior Executive Service and Senior Level employee welcome letters to emphasize the importance of supervisors complying with ethical responsibilities, as well as to provide incoming senior government employees with updated contact information for the OGC ethics team. The NRC also updated its annual ethics training for filers of public financial disclosures to underscore the importance of supervisors ethical responsibilities.
Under 5 U.S.C. 3322, a federal agency must make a permanent notation in an employees official personnel record when the employee was the subject of a personnel investigation that had an adverse finding regarding the employee, was in the competitive or excepted service, and resigned from government employment before the investigation was resolved. In this case, the NRC determined that a 5 U.S.C. 3322 notation in the employees official personnel record was not applicable because an SES employee is neither in the competitive service nor the excepted service.
Addresses Management and Performance Challenge #5
31 Defense Nuclear Facilities Safety Board Management Challenges and Audit, Evaluation, and Investigative Summaries
32 The following were the most serious management and performance challenges facing the Defense Nuclear Facilities Safety Board in FY 2024* as identified by the Inspector General:
Challenge 1: Leading a healthy and sustainable organizational culture and climate; Challenge 2: Ensuring the effective acquisition and management of mission-specific infrastructure, including cyber, physical, and personnel security, and data; Challenge 3: Continuing a systematic safety focus in the DNFSBs technical safety oversight and reviews; Challenge 4: Recruiting, retaining, and developing executive and technical staff; and, Challenge 5: Elevating the DNFSBs public visibility and credibility and maintaining constructive relationships with the DOE and external stakeholders.
- For more information on these challenges, see DNFSB-24-A-01, The Inspector Generals Assessment of the Most Serious Management and Performance Challenges Facing the Defense Nuclear Facilities Safety Board in Fiscal Year 2024.
DNFSB Management Challenges
33 SummariesDNFSB Audit of the Defense Nuclear Facilities Safety Boards Implementation of the Federal Information Security Modernization Act of 2014 for Fiscal Year 2024 OIG Strategic Goal: Corporate Support The FISMA of 2014 established information security management requirements for agencies, including the requirement for an annual independent assessment by the agencys IG. The annual assessments provide agencies with the data needed to determine the effectiveness of overall information security programs and to develop strategies and best practices to improve information security. The OIG contracted with Sikich to conduct an independent audit of the DNFSBs overall information security program and practices in response to the FY 2023 IG FISMA Reporting Metrics.
The objective of this performance audit was to assess the effectiveness of the information security policies, procedures, and practices of the DNFSB.
Audit Results Sikich made four new recommendations to assist the DNFSB in strengthening its information security program.
Addresses Management and Performance Challenge #2 Audit of the Defense Nuclear Facilities Safety Boards Freedom of Information Act Program OIG Strategic Goal: Corporate Support The OIG conducted this audit because the OIG last audited the DNFSBs Freedom of Information Act (FOIA) program in 2014 and the FOIA Improvement Act of 2016 changed processes, roles, and responsibilities concerning federal agency FOIA programs.
Five key officials are involved in managing the DNFSBs FOIA program, including the Chief FOIA Officer, FOIA Attorney, and FOIA Public Liaison. Annually, the DNFSB receives approximately 20 to 30 FOIA requests, and retains contract support staff to help process these requests.
Audits and Evaluations Division
34 The audit objective was to assess the consistency and timeliness of the DNFSBs FOIA request decisions and to assess the agencys effectiveness in communicating FOIA policies to FOIA requesters.
Audit Results In this report, the OIG made eight recommendations intended to improve and strengthen the agencys FOIA program.
The DNFSBs FOIA request processing and communications are sometimes untimely, inconsistent with FOIA requirements, or insufficient to apprise requesters of the reasons for the agencys decision. Due to outdated agency guidance, FOIA decisions may be inconsistent with statutory requirements.
Agency processes must be documented and have adequate controls to ensure data reliability. However, FOIA program records and information are often missing or erroneous. These issues occur because the DNFSB lacks controls for its FOIA request management tool and an electronic records repository system. As a result, the agencys FOIA program knowledge management and public reporting could be compromised.
The time and materials service contract the DNFSB uses for FOIA program support identifies FOIA-specific terms, but some terms were not met. This failure occurred because the contracting officers representative (COR) was relatively inexperienced and inadequately supported, and the agencys FOIA program staff did not adequately communicate with the COR. Addressing these matters is important because time and materials contracts are considered high-risk and thus require enhanced oversight by experienced program staff.
Addresses Management and Performance Challenge #3 Performance Audit of the Defense Nuclear Facilities Safety Boards Compliance with the Payment Integrity Information Act of 2019 for Fiscal Year 2023 OIG Strategic Goal: Corporate Support The OIG engaged Sikich to conduct a performance audit of the DNFSBs compliance with the PIIA for FY 2023 in accordance with OMB Circular A-136, Financial Reporting Requirements, section II.4.5, and with section VI.A. of OMB Memorandum M-21-19, which transmits Appendix C to OMB Circular No. A-123, Requirements for Payment Integrity Improvement. Sikich assessed the DNFSBs compliance with OMB guidance and corresponding reporting instructions and determined that the DNFSB met the applicable requirements for PIIA compliance for the one program it identified as susceptible to improper payments or unknown payments.
The audit objective was to determine whether the DNFSB complied with the requirements of the PIIA for FY 2023.
35 Audit Results Sikich concluded that the DNFSB complied with the requirements of the PIIA for FY 2023. As required, the DNFSB published applicable payment integrity information with its annual financial statement and in the accompanying materials to its annual financial statements for the most recent fiscal year in accordance with payment integrity information guidance provided in OMB Circular A-136. The DNFSB also posted the annual financial statement and accompanying materials required under OMB guidance on the agency website with a link to paymentaccuracy.gov. In addition, the DNFSB conducted an improper payments risk assessment for each program with annual outlays greater than $10 million at least once in the last 3 years, and it adequately considered whether the program is likely to make improper payments and unknown payments above or below the statutory threshold.
Sikich also found the DNFSBs reporting of, and its performance in reducing and recapturing improper payments and unknown payments to be generally accurate and complete. The DNFSB reviewed Sikichs findings and concluded that a payment recapture audit would not be cost effective. In its FY 2023 improper payment risk assessment, the DNFSB also concluded that there were no improper payments for its programs that met the PIIA threshold for testing.
Addresses Management and Performance Challenge #2 Audits in ProgressDNFSB Audit of the Defense Nuclear Facilities Safety Boards Fiscal Year 2024 Financial Statements OIG Strategic Goal: Corporate Support The audit objectives are to express opinions on the agencys financial statements and internal controls, review compliance with applicable laws and regulations, and review controls in the DNFSBs computer systems that are significant to the financial statements.
Addresses Management and Performance Challenge #2 Audit of the Defense Nuclear Facilities Safety Boards Review Agendas OIG Strategic Goal: Safety The audit objective is to determine the DNFSBs effectiveness in developing and applying its review agendas.
Addresses Management and Performance Challenge #1
36 Case SummariesDNFSB The Defense Nuclear Facilities Safety Boards Use and Oversight of Contractor OIG Strategic Goal: Corporate Management Complaint The OIG initiated this investigation based on a complaint that the Board discriminated against DNFSB employees competing for the Executive Director of Operations (EDO) position. The alleged discrimination involved removing technical education and experience requirements from the EDO job announcement, thereby allowing outside applicants a higher chance of being selected for the position. It was also alleged that the Board wanted to hire only an outside candidate for the EDO position. It was further claimed that the Board procured a contractor to provide input on the job announcement and to work on Equal Employment Opportunity (EEO) issues, but later concealed the contractors involvement in that work.
During the investigation, the OIG reviewed whether some of the deliverables the contractor provided to the agency were within the scope of work. The OIG also reviewed whether government contracting personnel provided appropriate oversight of the contract and deliverables.
Investigative Results The OIG did not substantiate that the Board discriminated against DNFSB employees by inappropriately removing technical requirements from the EDO vacancy announcement. The Atomic Energy Act of 1954, as amended, does not mandate the EDO possess a technical background, and the backgrounds of the prior EDO and several acting EDOs do not reveal a precedent that requires the EDO to have a significant technical background. Further, the OIG found that the Board considered and interviewed two internal candidates for the positionone with a technical background and one with a limited technical background.
The OIG found that the contractor provided the DNFSB edits on the EDO vacancy announcement and edits to newly adopted policies involving the Executive Review Board. The OIG did not substantiate that the Board attempted to conceal the contractors involvement in that work, nor that providing those edits was outside the scope of work of the contract.
The OIG also found, however, that the contractor provided certain legal services that were outside the scope of work and should have been provided by the agencys OGC.
The Board also implemented one of the policies the contractor drafted without gaining concurrence from the OGC. After the OGC and the EDO informed the Board of their concerns, the Board rescinded the policy.
Investigations Division
37 The OIG further found that government contracting personnel at the DNFSB failed to provide adequate oversight of this contract. Contracting personnel did not review the contractor deliverables or notify the contracts activities manager that the services provided were outside the scope of work. Finally, the OIG found that contracting personnel failed to follow Federal Acquisition Regulation guidelines by not modifying the contracts scope of work to include the noncontracted deliverables, thereby denying the contractor the opportunity to assert the right to an adjustment in cost.
DNFSB Response In response to the OIGs finding of inadequate contract oversight, and because the main recipients of the contracted services are the agency head and other Board members, the Office of the EDO has assumed contract administration duties for this contract. The EDO is now the activity manager for the contract, and one of the EDOs senior program advisors, with more than a decade of experience in government contracting, is now the contracts COR.
In response to the OIGs findings that the agency accepted deliverables that were outside the scope of work without a contract modification, the DNFSB will publish written guidance in FY 2025 regarding the roles and responsibilities of contracting officers, CORs, and technical monitors. The DNFSB noted that this contractor impliedly agreed that the deliverables were within the scope of work by providing the deliverables and not requesting a modification, but the EDO and COR increased collaboration with the OGC and the contracting officer to ensure future work items are within the scope of work.
Addresses Management and Performance Challenges #2 and #4 The Defense Nuclear Facilities Safety Board Personnel Security Programs Issuance of an Incorrect Credentialing OIG Strategic Goal: Corporate Management Complaint The OIG initiated this investigation based on a complaint that the agency mistakenly issued a new employee a Personal Identity Verification (PIV) credential with a Q clearance designator when the employee did not have a Q clearance.
Investigative Results The OIG substantiated that the DNFSB issued a new employee a PIV credential with a Q clearance designator when the employee did not have a Q clearance. A Q clearance is a security clearance issued by the DOE. A DNFSB employee responsible for DNFSB security operations filled out and submitted DOE Form 206.4, Information Sheet for Sponsorship of HSPD-12 Credential, for entry into the USAccess system by selecting the field for Q instead of BAO (Building Access Only). The USAccess system is a General Services Administration system used to issue government PIV credentials. The same security employee who incorrectly filled out DOE Form 206.4 also performed the final review of the form.
38 Approximately 3 years later, the DNFSB security employee who filled out the DOE Form 206.4 became aware of the inaccurate PIV credential. The security employee took no corrective action until approximately 8 months later, when the employee canceled the credential and requested a replacement. The DNFSB took minimal steps to recover the canceled credential in a timely manner. The OIG found that the security employee provided inaccurate information to the Board Chair and failed to provide complete and pertinent information to the OIG during its investigation.
The OIG could not rule out the possibility that the mistakenly credentialed employee gained access to classified information or DNFSB sensitive areas. The DNFSB maintained surveillance footage of the Sensitive Area/Limited Area (SALA) entrance for 30 days only and did not monitor and enforce the agencys sign-in policy for accessing this space. Therefore, the mistakenly credentialed employee could have piggybacked into the SALA with another employee and neglected to sign into the logbook. To piggyback, an unauthorized individual enters a restricted area with an authorized employee without having to swipe the individuals PIV credential. At the same time, the records available to the OIG for review did not show the mistakenly credentialed employee attempted to use his PIV credential to access the SALA, and the employee did not sign into the SALA logbook.
DNFSB Response In response to the OIGs findings that an employee responsible for DNFSB security operations incorrectly completed a DOE Form 206.4 to sponsor an employee without a Q clearance for a PIV credential with a Q clearance indicator, took no action to correct the error until approximately 8 months after he became aware of the error, provided inaccurate information to the Board, and failed to provide complete and pertinent information to the OIG during its investigation, the DNFSB considered disciplinary action; however, the employee separated from the DNFSB after becoming aware of the proposed disciplinary action.
In accordance with 5 U.S.C. 3322, the DNFSB made a permanent notation in the security employees official electronic personnel folder.
In response to the OIGs finding that the DNFSB incorrectly issued the PIV credential with the Q clearance designator, the agency heightened senior level visibility of DNFSB security operations by creating a GS-15 Director position to oversee the Security Division within the Office of the Executive Director of Operations.
In addition, the DNFSB has reviewed its security programincluding how the agency cooperates and divides safeguards and security responsibilities with the DOEand is implementing a project plan to improve the program. Pursuant to the project plan, the agency intends to create or update security policies and processes, certify the SALA according to DOE guidance, and mandate Security Division staff complete educational development plans.
Addresses Management and Performance Challenges #2, #4, and #5
39 Summary of Accomplishments
40 NRC Audits and Evaluations Completed Report No.
Date Issued Report Title Open Recommendations as of 09/30/24 Total Potential Cost Savings OIG-24-A-11 09/30/2024 Audit of the U.S. Nuclear Regulatory Commissions Implementation of the Federal Information Security Modernization Act of 2014 for Fiscal Year 2024 4
0 OIG-24-A-10 09/30/2024 Audit of the U.S. Nuclear Regulatory Commissions Reactor Operator Licensing Examination Process 1
0 OIG-24-E-03 09/27/2024 Evaluation of the U.S. Nuclear Regulatory Commissions Policies and Procedures for Emergency Evacuation of Disabled Personnel 4
0 OIG-24-E-02 09/20/2024 Evaluation of the U.S. Nuclear Regulatory Commissions Use of Anti-gag Clauses in Nondisclosure Agreements 3
0 OIG-24-A-09 07/03/2024 Audit of the U.S. Nuclear Regulatory Commissions Contract Management of Information Technology Services 2
$1,108,544 OIG-24-E-01 07/03/2024 Evaluation of the U.S. Nuclear Regulatory Commissions Information Technology Asset Management 6
$37,000 OIG-24-A-08 05/20/2024 Performance Audit of the U.S.
Nuclear Regulatory Commissions Compliance with the Payment Integrity Information Act of 2019 for Fiscal Year 2023 0
0 OIG-24-A-07 04/11/2024 Audit of the U.S. Nuclear Regulatory Commissions Safety Inspections of Class II Research and Test Reactors 7
0 Audits and Evaluations Division
41 Contract Audit Reports The NRC OIG did not have any contract engagements from April 1, 2024, through September 30, 2024.
NRC Audit and Evaluation Resolution Activities OIG Reports Issued with Recommendations that Funds be Put to Better Use Reports Number of Reports Funds to be Put to Better Use A. For which no management decision had been made by the commencement of the reporting period 0
0 B. Issued during the reporting period 2
$1,145,544 Subtotal (A + B) 2
$1,145,544 C. For which a management decision was made during the reporting period:
- i. Dollar value of disallowed costs 0
0 ii. Dollar value of costs not disallowed 0
0 D. For which no management decision had been made by the end of the reporting period 0
0
42 DNFSB Audits and Evaluations Completed Report No. &
Date Issued Report Title Open Recommendations as of 09/30/24 Total Potential Cost Savings DNFSB-24-A-05 09/30/2024 Audit of the Defense Nuclear Facilities Safety Boards Implementation of the Federal Information Security Modernization Act of 2014 for Fiscal Year 2024 4
0 DNFSB-24-A-04 08/13/2024 Audit of the Defense Nuclear Facilities Safety Boards Freedom of Information Act Program 8
0 DNFSB-24-A-03 05/20/2024 Performance Audit of the Defense Nuclear Facilities Safety Boards Compliance with the Payment Integrity Information Act of 2019 for Fiscal Year 2023 0
0 Contract Audit Reports The OIG did not complete any DNFSB contract audit reports for the reporting period.
DNFSB Audit and Evaluation Resolution Activities The OIG did not complete any DNFSB audit reports with monetary impact during this reporting period.
43 NRC Allegations Received Investigations Division 10 2
2 17 5
19 19 36 Reviewing Complaints Referred for OIG Audit Referred to Other Agency Correlated to Existing OIG Investigation Reviewed (no additional action needed)
Referred to NRC Management Referred for New OIG Investigation Closed Administratively 0
5 10 15 20 25 30 35 40 Disposition of Allegations 24 25 1
29 24 1
4 1
1 Anonymous General Public Intervenor NRC Employee NRC Management OIG Audit OIG Proactive Initiative Other Government Agency Congressional 0
5 10 15 20 25 30 35 Sources of Allegations 110 complaints received (53 from the NRC OIG Hotline)
44 Status of Investigations Federal DOJ Referrals.................................................... 3 Criminal Information/Indictments............ 0 Accepted......................................................... 0 Criminal Convictions................................... 0 Declined......................................................... 3 Civil Penalties............................................. 0 Pending.......................................................... 0 Recoveries.................................................... 0 Criminal Information/Indictments.................. 0 Arrests................................................................ 0 NRC Administrative Actions Criminal Conviction/Civil Settlement.............. 1 Review/Change of Agency Process............. 7 Civil Recovery (recoveries pending).... $181,500 Other (counseling/training)........................ 5 Retirement/Resignation............................. 3 State and Local Pending Agency Action.............................. 11 Referrals............................................................ 0 Potential Cost Savings................................. 0 Summary of Investigations Classification of Investigations Opened Cases Completed Cases Reports Issued*
Active Cases Criminal 1
0 0
1 Employee Misconduct 4
2 2
3 External Fraud 1
8 8
1 Other 1
1 1
0 Internal Fraud 1
0 0
1 Management Misconduct 5
4 4
2 Miscellaneous 0
1 1
0 Misuse of Govt. Property 1
0 0
1 Technical Complaints 1
7 7
0 Mishandling of Technical Allegations 1
0 0
1 TOTAL:
16 23 23 10
- Number of reports issued represents the number of completed cases for which allegations were substantiated and the results were reported outside of the OIG.
45 DNFSB Allegations Received Of the 13 complaints, 12 were received from the OIG Hotline. Of the 13 complaints, 7 were completed administratively, 1 was referred to DNFSB management for action, 1 was referred for OIG Investigation, and 4 are in the review process.
Status of Investigations Federal Criminal Information/Indictments............ 0 DOJ Referrals.............................................. 1 Criminal Convictions................................... 0 Criminal Information/Indictments............ 0 Civil Penalty Fines.................................... $0 Criminal Conviction.................................... 0 Recoveries................................................. $0 Civil Penalty Fines.................................... $0 Recoveries................................................. $0 DNFSB Administrative Actions Pending Agency Action............................... 0 State and Local Review/Change of Agency Process............. 1 Referrals...................................................... 0 Retirements/Resignations.......................... 1 1
7 2
2 1
DNFSB Employee DNFSB Management General Public Anonymous Other Government Agencies 0
1 2
3 4
5 6
7 8
Sources of Allegations
46 Summary of Investigations Classification of Investigations Opened Cases Completed Cases Reports Issued*
Active Cases Employee Misconduct 1
1 1
1 Management Misconduct 1
2 2
0 TOTAL:
2 3
3 1
- Number of reports issued represents the number of completed cases for which allegations were substantiated and the results were reported outside of the OIG.
47 NRC and DNFSB Unimplemented Audit and Evaluation Recommendations
48 Open NRC and DNFSB Recommendations The following are NRC and DNFSB audit and evaluation reports that have open OIG recommendations as of September 30, 2024. The OIG continues to work with NRC and DNFSB officials to resolve and close the recommendations. Each link provides a status of the corresponding recommendation as reported on Oversight.gov and as available on the OIGs website.
NRC Audit of the NRCs Decommissioning Funds Program (OIG-16-A-16) 2 of 9 recommendations open since June 8, 2016 Recommendation 1 Recommendation 2 Independent Evaluation of the NRCs Implementation of the Federal Information Security Modernization Act (FISMA) of 2014 for Fiscal Year 2019 (OIG-20-A-06) 3 of 7 recommendations open since April 29, 2020 Recommendation 2c Recommendation 5 Recommendation 6 Independent Evaluation of the NRCs Implementation of the Federal Information Security Modernization Act (FISMA) of 2014 for Fiscal Year 2020 (OIG-21-A-05) 5 of 13 recommendations open since March 19, 2021 Recommendation 5 Recommendation 6 Recommendation 8 Recommendation 12 Recommendation 13 Audit of the NRCs Implementation of the Enterprise Risk Management Process (OIG-21-A-16) 7 of 8 recommendations open since September 28, 2021 Recommendation 1 Recommendation 2 Recommendation 3 Recommendation 4 Recommendation 6 Recommendation 7 Recommendation 8 Independent Evaluation of the NRCs Implementation of the Federal Information Security Modernization Act (FISMA) of 2014 for Fiscal Year 2021 (OIG-22-A-04) 5 of 18 recommendations open since December 20, 2021 Recommendation 6 Recommendation 7 Recommendation 8 Recommendation 11 Recommendation 13 Audit of the NRCs Permanent Change of Station Program (OIG-22-A-05) 1 of 4 recommendations open since January 19, 2022 Recommendation 1 Audit of the NRCs Drop-In Meeting Policies and Procedures (OIG-22-A-12) 2 of 4 recommendations open since August 12, 2022 Recommendation 1 Recommendation 4 Audit of the NRCs Strategic Workforce Planning Process (OIG-22-A-13) 3 of 3 recommendations open since September 26, 2022 Recommendation 1 Recommendation 2 Recommendation 3 Audit of the NRCs Implementation of the Federal Information Security Modernization Act (FISMA) of 2014 for Fiscal Year 2022 (OIG-22-A-14) 4 of 7 recommendations open since September 29, 2022 Recommendation 2 Recommendation 4 Recommendation 6 Recommendation 7
49 Audit of the U.S. Nuclear Regulatory Commissions Oversight of Irretrievable Well Logging Source Abandonments (OIG-23-A-04) 4 of 5 recommendations open since May 4, 2023 Recommendation 1.1 Recommendation 1.2 Recommendation 1.4 Recommendation 2.1 Audit of the U.S. Nuclear Regulatory Commissions Processes for Deploying Reactive Inspection Teams (OIG-23-A-06) 1 of 3 recommendations open since May 10, 2023 Recommendation 3.1 Audit of the U.S. Nuclear Regulatory Commissions (NRC) Implementation of the Federal Information Security Modernization Act of 2014 for Fiscal Year 2023 (OIG-23-A-10) 2 of 3 recommendations open since August 21, 2023 Recommendation 1 Recommendation 3 Audit of the U.S. Nuclear Regulatory Commission's Implementation of the Federal Information Security Modernization Act of 2014 for Fiscal Year 2023 Region I: King of Prussia, Pennsylvania (OIG-24-A-03) 2 of 4 recommendations open since January 25, 2024 Recommendation 1 Recommendation 3 Audit of the U.S. Nuclear Regulatory Commissions Security Oversight of Category 1 and Category 2 Quantities of Radioactive Material (OIG-24-A-06) 2 of 3 recommendations open since March 25, 2024 Recommendation 1.1 Recommendation 1.3 Audit of the U.S. Nuclear Regulatory Commissions (NRC) Safety Inspections of Class II Research and Test Reactors (OIG-24-A-07) 7 of 7 recommendations open since April 11, 2024 Recommendation 1.1 Recommendation 1.2 Recommendation 2.1 Recommendation 2.2 Recommendation 2.3 Recommendation 3.1 Recommendation 4.1 Evaluation of the U.S. Nuclear Regulatory Commissions Information Technology Asset Management (OIG-24-E-01) 6 of 6 recommendations open since July 3, 2024 Recommendation 1.1 Recommendation 1.2 Recommendation 2.1 Recommendation 3.1 Recommendation 4.1 Recommendation 4.2 Audit of the U.S. Nuclear Regulatory Commissions Contract Management of Information Technology Services (OIG-24-A-09) 2 of 2 recommendations open since July 3, 2024 Recommendation 1.1 Recommendation 2.1 Evaluation of the U.S. Nuclear Regulatory Commissions Use of Anti-gag Clauses in Nondisclosure Agreements (OIG-24-E-02) 3 of 3 recommendations open since September 20, 2024 Recommendation 1.1 Recommendation 2.1 Recommendation 3.1 Evaluation of the U.S. Nuclear Regulatory Commissions Policies and Procedures for Emergency Evacuation of Disabled Personnel (OIG-24-E-03) 4 of 4 recommendations open since September 27, 2024 Recommendation 1.1 Recommendation 1.2 Recommendation 1.3 Recommendation 2.1
50 Audit of the U.S. Nuclear Regulatory Commissions Reactor Operator Licensing Examination Process (OIG-24-A-10) 1 of 1 recommendation open since September 30, 2024 Recommendation 1.1 Audit of the U.S. NRCs Implementation of the Federal Information Security Modernization Act of 2014 for Fiscal Year 2024 (OIG-24-A-11) 4 of 4 recommendations open since September 30, 2024 Recommendation 1 Recommendation 2 Recommendation 3 Recommendation 4 DNFSB Audit of the DNFSBs Human Resources Program (DNFSB-20-A-04) 4 of 6 recommendations open since January 27, 2020 Recommendation 1 Recommendation 2 Recommendation 3 Recommendation 4 Independent Evaluation of the DNFSBs Implementation of the Federal Information Security Modernization Act (FISMA) of 2014 for Fiscal Year 2019 (DNFSB-20-A-05) 4 of 11 recommendations open since March 31, 2020 Recommendation 3 Recommendation 5 Recommendation 8 Recommendation 11 Independent Evaluation of DNFSBs Implementation of the Federal Information Security Modernization Act (FISMA) of 2014 for Fiscal Year 2020 (DNFSB-21-A-04) 5 of 14 recommendations open since March 25, 2021 Recommendation 1 Recommendation 2 Recommendation 3 Recommendation 9 Recommendation 11 Independent Evaluation of the DNFSBS Implementation of the Federal Information Security Modernization Act (FISMA) of 2014 for FY 2021 (DNFSB-22-A-04) 4 of 24 recommendations open since December 21, 2021 Recommendation 4 Recommendation 9 Recommendation 11 Recommendation 23 Audit of the Defense Nuclear Facilities Safety Boards Implementation of the Federal Information Security Modernization Act of 2014 (DNFSB-23-A-04) 1 of 1 recommendation open since September 29, 2023 Recommendation 1 Audit of the Defense Nuclear Facilities Safety Board's Freedom of Information Act Program (DNFSB-24-A-04) 8 of 8 recommendations open since August 13, 2024 Recommendation 1.1 Recommendation 1.2 Recommendation 1.3 Recommendation 1.4 Recommendation 2.1 Recommendation 2.2 Recommendation 3.1 Recommendation 3.2 Audit of the Defense Nuclear Facilities Safety Boards Implementation of the Federal Information Security Modernization Act of 2014 for Fiscal Year 2024 (DNFSB-24-A-05) 4 of 4 recommendations open since September 30, 2024 Recommendation 1 Recommendation 2 Recommendation 3 Recommendation 4
51 Appendix
52 The Inspector General Act of 1978, as amended in 1988, specifies reporting requirements for semiannual reports. This index cross-references those requirements to the pages where they are fulfilled in this report.
Citation Reporting Requirements Page(s)
Section 4(a)(2)
Review of legislation and regulations 7-8 Section 5(b)(1)
Significant problems, abuses, and deficiencies 12-38 Section 5(b)(2)
Recommendations for corrective action 12-17, 33-35 Section 5(b)(3)
Prior significant recommendations not yet completed 48-50 Section 5(b)(4)
Matters referred to prosecutive authorities N/A Section 5(b)(6)
Listing of audit reports 40, 42 Section 5(b)(6)
Listing of audit reports with questioned costs or funds put to better use 40-41 Section 5(b)(7)
Summary of significant reports 12-38 Section 5(b)(8)
Statistical tables for audit reports questioned costs N/A Section 5(b)(9)
Statistical tables for audit reports funds to be put to better use 41 Section 5(b)(10)
Audit reports issued before commencement of the reporting period (a) for which no management decision has been made, (b) which received no management comment within 60 days, and (c) with outstanding, unimplemented recommendations, including aggregate potential costs savings.
N/A Section 5(b)(11)
Significant revised management decisions N/A Section 5(b)(12)
Significant management decisions with which the OIG disagreed N/A Section 5(b)(13)
FFMIA section 804(b) information N/A Section 5(b)(14)
(15)(16)
Peer review information 53 Section 5(b)(17)
Investigations statistical tables 43-46 Section 5(b)(18)
Description of metrics N/A Section 5(b)(19)
Investigations of senior Government employees where misconduct was substantiated N/A Section 5(b)(20)
Whistleblower retaliation N/A Section 5(b)(21)
Interference with IG independence N/A Section 5(b)(22)(A)
Audit or evaluations that were closed and the reports not made public N/A Section 5(b)(22)(B)
Investigations involving senior Government employees that were closed and the reports not made public 29-30 Reporting Requirements
53 Audits and Evaluations Division The U.S. National Science Foundation OIG peer reviewed the OIGs audit and evaluation program in accordance with Government Auditing Standards and Council of the Inspectors General on Integrity and Efficiency (CIGIE) requirements. Peer reviews are rated pass, pass with deficiencies, or fail. In a report dated August 28, 2024, the OIG received the highest external peer review rating of pass.
Investigations Division The Peace Corps OIG peer reviewed the OIGs investigative program. The final report, dated June 2, 2024, reflected that the OIGs investigative program is in full compliance with the quality standards established by CIGIE and the Attorney General Guidelines for OIGs with Statutory Law Enforcement Authority. These safeguards and procedures provide reasonable assurance of conforming with professional standards in the planning, execution, and reporting of investigations.
Peer Reviews
54 The Hotline Program provides NRC and DNFSB employees, other government employees, licensee/utility employees, contractors, and the public with a confidential means of reporting suspicious activity concerning fraud, waste, abuse, and employee or management misconduct. Mismanagement of agency programs or danger to public health and safety may also be reported. The OIG does not attempt to identify persons contacting the Hotline.
What should be reported?
- Contract and Procurement Irregularities Abuse of Authority
- Conflicts of Interest Misuse of Government Credit Card
- Theft and Misuse of Property Time and Attendance Abuse
- Travel Fraud Misuse of IT Resources
- Misconduct Program Mismanagement How do I contact the OIG?
Call the OIG Hotline:
1-800-233-3497 TTY/TDD: 7-1-1, or 1-800-201-7165 7:00 a.m. - 4:00 p.m. (ET)
After hours, please leave a message.
Submit an Online Form:
https://nrcoig.oversight.gov/oig-hotline Write:
U.S. Nuclear Regulatory Commission Office of the Inspector General Hotline Program, MS O12-A12 11555 Rockville Pike Rockville, Maryland 20852-2738 Hotline Program