ML18052B080: Difference between revisions

From kanterella
Jump to navigation Jump to search
(Created page by program invented by StriderTol)
(Created page by program invented by StriderTol)
 
Line 15: Line 15:


=Text=
=Text=
{{#Wiki_filter:U. S. Nuclear Regulatory Commission Office of Inspector General FY 20 1 7 Performance Report February 2018
{{#Wiki_filter:U. S. Nuclear Regulatory Commission Office of Inspector General FY 2017 Performance Report February 2018


1 OIG PERFORMANCE REPORT Fiscal Year 2017 INTRODUCTION NRC was formed in 1975, in accordance with the Energy Reorganization Act of 1974, to regulate the various commercial and institutional uses of nuclear materials. The agency succeeded the Atomic Energy Commission, which previously had responsibility for both developing and regulating nuclear activities. Under its responsibility to protect public health and safety, NRC has three principal regulatory functions: (1) establish standards and regulations, (2) issue licenses for nuclear facilities and users of nuclear materials, and (3) inspect facilities and users of nuclear materials to ensure compliance with the requirements. These regulatory functions relate both to nuclear power plants and other uses of nuclear materials  
OIG PERFORMANCE REPORT Fiscal Year 2017 INTRODUCTION NRC was formed in 1975, in accordance with the Energy Reorganization Act of 1974, to regulate the various commercial and institutional uses of nuclear materials. The agency succeeded the Atomic Energy Commission, which previously had responsibility for both developing and regulating nuclear activities. Under its responsibility to protect public health and safety, NRC has three principal regulatory functions: (1) establish standards and regulations, (2) issue licenses for nuclear facilities and users of nuclear materials, and (3) inspect facilities and users of nuclear materials to ensure compliance with the requirements. These regulatory functions relate both to nuclear power plants and other uses of nuclear materials - like nuclear medicine programs at hospitals, academic activities at educational institutions, research, and such industrial applications as gauges and testing equipment.
- like nuclear medicine programs at hospitals, academic activities at educational institutions, research, and such industrial applications as gauges and testing equipment.
NRCs OIG was established as a statutory entity on April 15, 1989, in accordance with the 1988 amendment to the Inspector General Act of 1978. The OIG mission is to (1) independently and objectively conduct and supervise audits and investigations relating to programs and operations; (2) prevent and detect fraud, waste and abuse; and (3) promote economy, efficiency and effectiveness in agency programs and operations. Since FY 2014, per the Consolidated Appropriations Act, 2014, NRCs OIG has exercised the same authorities with respect to the Defense Nuclear Facilities Safety Board (DNFSB). In addition, OIG reviews existing and proposed regulations, legislation and directives and provides comments, as appropriate, regarding any significant concern.
NRC's OIG was established as a statutory entity on April 15, 1989, in accordance with the 1988 amendment to the Inspector General Act of 1978. The OIG mission is to (1) independently and objectively conduct and supervise audits and investigations relating to programs and operations; (2) prevent and detect fraud, waste and abuse; and (3) promote economy, efficiency and effectiveness in agency programs and operations. Since FY 2014, per the Consolidated Appropriations Act, 2014, NRC's OIG has exercised the same authorities with respect to the Defense Nuclear Facilities Safety Board (DNFSB). In addition, OIG reviews existing and proposed regulations, legislation and directives and provides comments, as appropriate, regarding any significant concern.
The Inspector General keeps the NRC Chairman, DNFSB Chairman, and Members of Congress fully and currently informed about problems, makes recommendations to the agency for corrective actions, and monitors NRCs progress in implementing such actions. In fulfilling this mission, OIG assists the NRC and DNFSB to accomplish its mission by ensuring integrity, efficiency and accountability in the agencys programs respectively.
The Inspector General keeps the NRC Chairman, DNFSB Chairman, and Members of Congress fully and currently informed about problems, makes recommendations to the agency for corrective actions, and monitors NRC's progress in implementing such actions. In fulfilling this mission, OIG assists the NRC and DNFSB to accomplish its mission by ensuring integrity, efficiency and accountability in the agency's programs respectively.
PROGRAM ACTIVITIES OIG accomplishes its mission through the conduct of its audit, investigative, and management and operational support programs, as well as its legislative and regulatory review activities.
PROGRAM ACTIVITIES OIG accomplishes its mission through the conduct of its audit, investigative, and management and operational support programs, as well as its legislative and regulatory review activities.
To fulfill its audit mission, OIG conducts performance, financial, and contract audits and evaluations.
To fulfill its audit mission, OIG conducts performance, financial, and contract audits and evaluations.
1


2 To fulfill its investigative mission, OIG conducts investigations relating to the integrity of NRC's and DNFSB's programs and operations. Most OIG investigations focus on allegations of fraud, waste, and abuse and violations of law or misconduct by NRC and DNFSB employees and contractors.
To fulfill its investigative mission, OIG conducts investigations relating to the integrity of NRCs and DNFSBs programs and operations. Most OIG investigations focus on allegations of fraud, waste, and abuse and violations of law or misconduct by NRC and DNFSB employees and contractors.
OIG's Strategic Goals, Strategies, and Actions The NRC-OIG Strategic Plan features three goals and guides the activities of the Audits and Investigations programs. The plan identifies the major challenges and risk areas facing the NRC and generally aligns with the agency's mission.
OIGs Strategic Goals, Strategies, and Actions The NRC-OIG Strategic Plan features three goals and guides the activities of the Audits and Investigations programs. The plan identifies the major challenges and risk areas facing the NRC and generally aligns with the agencys mission.
OIG Strategic Goals Strengthen NRC's efforts to protect public health and safety and the environment.
OIG Strategic Goals
Enhance NRC's efforts to increase security in response to an evolving threat environment.
* Strengthen NRCs efforts to protect public health and safety and the environment.
Increase the economy, efficiency, and effectiveness with which NRC manages and exercises stewardship over its resources.
* Enhance NRCs efforts to increase security in response to an evolving threat environment.
The NRC-OIG Strategic Plan for FY 2014  
* Increase the economy, efficiency, and effectiveness with which NRC manages and exercises stewardship over its resources.
- 2018 presents OIG's priorities for the covered timeframe and describes OIG's strategic direction to stakeholders, including the NRC Chairman, and the U.S. Congress. From this perspective, it presents OIG's results
The NRC-OIG Strategic Plan for FY 2014 - 2018 presents OIGs priorities for the covered timeframe and describes OIGs strategic direction to stakeholders, including the NRC Chairman, and the U.S. Congress. From this perspective, it presents OIGs results-based business case, explaining the return-on-investment. It also strengthens OIG by providing a shared set of expectations regarding the goals OIG expects to achieve and the strategies that will be used to do so. OIG adjusts the plan as circumstances necessitate, uses it to develop its annual plan and performance budget, and holds managers and staff accountable for achieving the goals and outcomes.
-based business case, explaining the return
OIGs strategic plan also includes a number of supporting strategies and actions that describe planned accomplishments. Through associated annual planning activities, audit and investigative resources focus on assessing NRCs safety, security, and corporate management programs involving the major challenges and risk areas facing the NRC. The work of OIG auditors and investigators support and complement each other in the pursuit of these objectives.
-on-investment. It also strengthens OIG by providing a shared set of expectations regarding the goals OIG expects to achieve and the strategies that will be used to do so. OIG adjusts the plan as circumstances necessitate, uses it to develop its annual plan and performance budget, and holds managers and staff accountable for achieving the goals and outcomes. OIG's strategic plan also includes a number of supporting strategies and actions that describe planned accomplishments. Through associated annual planning activities, audit and investigative resources focus on assessing NRC's safety, security, and corporate management programs involving the major challenges and risk areas facing the NRC. The work of OIG auditors and investigators support and complement each other in the pursuit of these objectives.
2


Strategic Goal 1: Safety Strengthen NRC's efforts to protect public health and safety and the environment.
Strategic Goal 1: Safety Strengthen NRCs efforts to protect public health and safety and the environment.
Discussio n: NRC will continue to face safety challenges in the years ahead related to nuclear reactor oversight, the regulation of nuclear materials, and the handling of nuclear waste. A significant concern for NRC is regulating the safe operation of the Nation's nuclear power plants through an established oversight process developed to verify that licensees identify and resolve safety issues before they adversely affect safe plant operation.
Discussion: NRC will continue to face safety challenges in the years ahead related to nuclear reactor oversight, the regulation of nuclear materials, and the handling of nuclear waste. A significant concern for NRC is regulating the safe operation of the Nations nuclear power plants through an established oversight process developed to verify that licensees identify and resolve safety issues before they adversely affect safe plant operation.
NRC is challenged to address both domestic and international operating experience that informs regulatory activities. NRC must also address license amendment requests to increase the power generating capacity of specific commercial reactors, license renewal requests to extend reactor operations beyond set expiration dates, and the introduction of new technology such as new and advanced reactor designs. In fulfilling its responsibilities to regulate nuclear materials, NRC must ensure that its regulatory activities regarding nuclear materials and nuclear fuel cycle facilities adequately protect public health and safety. Moreover, NRC's regulatory activities concerning nuclear materials must protect against radiological sabotage and theft or diversion of these materials. The licensing of facilities (e.g., fuel fabrication) with new technologies poses additional challenges.
NRC is challenged to address both domestic and international operating experience that informs regulatory activities. NRC must also address license amendment requests to increase the power generating capacity of specific commercial reactors, license renewal requests to extend reactor operations beyond set expiration dates, and the introduction of new technology such as new and advanced reactor designs.
The handling of nuclear waste includes bot h high-level and lo w-level waste. High level radioactive waste is primarily in the form of spent fuel discharged from commercial nuclear power reactors.
In fulfilling its responsibilities to regulate nuclear materials, NRC must ensure that its regulatory activities regarding nuclear materials and nuclear fuel cycle facilities adequately protect public health and safety. Moreover, NRCs regulatory activities concerning nuclear materials must protect against radiological sabotage and theft or diversion of these materials.
In the high-level waste area, High-level waste issues include the oversight of interim storage of spent nuclear fuel both at and away from reactor sites, certification of storage and transport casks, and the oversight of the decommissioning of reactors and other nuclear sites. Low
The licensing of facilities (e.g., fuel fabrication) with new technologies poses additional challenges.
-level waste includes items that have become contaminated with radioactive materials or have become radioactive through exposure to neutron radiation. Low
The handling of nuclear waste includes both high-level and low-level waste. High level radioactive waste is primarily in the form of spent fuel discharged from commercial nuclear power reactors. In the high-level waste area, High-level waste issues include the oversight of interim storage of spent nuclear fuel both at and away from reactor sites, certification of storage and transport casks, and the oversight of the decommissioning of reactors and other nuclear sites. Low-level waste includes items that have become contaminated with radioactive materials or have become radioactive through exposure to neutron radiation. Low-level waste disposal occurs at commercially operated facilities that must be licensed by either the NRC or Agreement States. However, there are currently only four operating low-level waste disposal facilities in the United States.
-level waste disposal occurs at commercially operated facilities that must be licensed by either the NRC or Agreement States. However, there are currently only four operating low
3
-level waste disposal facilities in the United States.
 
4 Strategy 1-1: Identify risk areas associated with NRC's oversight of operating reactors, and conduct audits and investigations that lead to NRC program improvements.
Strategy 1-1: Identify risk areas associated with NRCs oversight of operating reactors, and conduct audits and investigations that lead to NRC program improvements.
Actions: a. Assess the adequacy of NRC's licensing activities and oversight of licensees' compliance with the license. b. Assess the effectiveness of NRC's management of its operating reactor inspection programs and activities and its assessment of licensee ability to timely identify and resolve safety issues. c. Assess NRC oversight of vendor material and manufacturing methods used in the maintenance and modification of operating reactors. d. Assess the extent and effectiveness of NRC's regulatory preparedness for and response to design basis and beyond design basis events. e. Assess NRC's actions to include research activities to identify and address the potential risks associated with aging and obsolescence issues affecting the fleet of current reactors. f. Assess NRC's actions to identify and address the potential risks associated with the introduction of new technology into currently operating facilities.
Actions:
: g. Assess the adequacy of NRC's efforts to prepare for and provide oversight of new and advanced reactors as they become operational.
: a. Assess the adequacy of NRCs licensing activities and oversight of licensees compliance with the license.
: h. Monitor NRC activities and gather stakeholder information to identify potential gaps in NRC regulatory oversight.
: b. Assess the effectiveness of NRCs management of its operating reactor inspection programs and activities and its assessment of licensee ability to timely identify and resolve safety issues.
Conduct , as appropriate, investigations and event inquiries when gaps are identified.
: c. Assess NRC oversight of vendor material and manufacturing methods used in the maintenance and modification of operating reactors.
: i. Assess stakeholder allegations and NRC staff non-concurrences and Differing Professional Opinions (DPO), and conduct investigations and event inquiries into NRC's oversight of operating reactors. j. Assess stakeholder allegations and NRC staff non-concurrences and DPOs , and conduct investigations to ensure NRC regulations and oversight activities address supply chain vulnerabilities to include prevention of counterfeit
: d. Assess the extent and effectiveness of NRCs regulatory preparedness for and response to design basis and beyond design basis events.
, fraudulent, and substandard items entering the supply chain.
: e. Assess NRCs actions to include research activities to identify and address the potential risks associated with aging and obsolescence issues affecting the fleet of current reactors.
5 k. Assess stakeholder allegations and NRC staff non-concurrences and DPOs , and conduct investigations a nd event inquiries to determine NRC's efforts in addressing stakeholder and NRC staff safety concerns. l. Assess NR C's readiness to effectively and timely review licensee applications for license renewals and power uprates. m. Assess NRC's experience in timely identifying and effectively responding to emerging technical and regulatory issues. n. Assess NRC actions in its integrating lessons learned from the totality of the events at and associated with the nuclear accident at the Fukushima Dai-ichi facility to include improvements in its regulatory system and the management of its operating reactor inspection programs and activities.
: f. Assess NRCs actions to identify and address the potential risks associated with the introduction of new technology into currently operating facilities.
: g. Assess the adequacy of NRCs efforts to prepare for and provide oversight of new and advanced reactors as they become operational.
: h. Monitor NRC activities and gather stakeholder information to identify potential gaps in NRC regulatory oversight. Conduct, as appropriate, investigations and event inquiries when gaps are identified.
: i. Assess stakeholder allegations and NRC staff non-concurrences and Differing Professional Opinions (DPO), and conduct investigations and event inquiries into NRCs oversight of operating reactors.
: j. Assess stakeholder allegations and NRC staff non-concurrences and DPOs, and conduct investigations to ensure NRC regulations and oversight activities address supply chain vulnerabilities to include prevention of counterfeit, fraudulent, and substandard items entering the supply chain.
4
: k. Assess stakeholder allegations and NRC staff non-concurrences and DPOs, and conduct investigations and event inquiries to determine NRCs efforts in addressing stakeholder and NRC staff safety concerns.
: l. Assess NRC 's readiness to effectively and timely review licensee applications for license renewals and power uprates.
: m. Assess NRCs experience in timely identifying and effectively responding to emerging technical and regulatory issues.
: n. Assess NRC actions in its integrating lessons learned from the totality of the events at and associated with the nuclear accident at the Fukushima Dai-ichi facility to include improvements in its regulatory system and the management of its operating reactor inspection programs and activities.
: o. Assess the effectiveness of NRC efforts to facilitate public participation in the regulatory process while protecting information with a potential to impact the safety of NRC regulated facilities.
: o. Assess the effectiveness of NRC efforts to facilitate public participation in the regulatory process while protecting information with a potential to impact the safety of NRC regulated facilities.
: p. Assess NRC activities and their effectiveness in fostering an environment both internally and externally where safety issues can be raised without fear of retaliation.
: p. Assess NRC activities and their effectiveness in fostering an environment both internally and externally where safety issues can be raised without fear of retaliation.
Strategy 1
Strategy 1-2: Identify risk areas associated with NRCs oversight of the licensing and construction of new and advanced reactors, and conduct audits and investigations that lead to NRC program improvements.
-2: Identify risk areas associated with NRC's oversight of the licensing and construction of new and advanced reactors, and conduct audits and investigations that lead to NRC program improvements.
Actions:
Actions: a. Assess the extent to which NRC incorporates lessons learned fr om the licensing and construction process under Parts 50 and 52 and other applicable regulations for ongoing and future design certification, licensing, and construction inspection for new and advanced reactor technologies.
: a. Assess the extent to which NRC incorporates lessons learned from the licensing and construction process under Parts 50 and 52 and other applicable regulations for ongoing and future design certification, licensing, and construction inspection for new and advanced reactor technologies.
: b. Assess the adequacy of NRC's application acceptance and review process and approval standards to include its timeliness, thoroughness, effectiveness, and transparency.
: b. Assess the adequacy of NRCs application acceptance and review process and approval standards to include its timeliness, thoroughness, effectiveness, and transparency.
: c. Assess the adequacy of NRC's development and implementation of a construction inspection program. d. Assess the adequacy of NRC's development and implementation of a rigorous quality assurance oversight program.
: c. Assess the adequacy of NRCs development and implementation of a construction inspection program.
6 e. Assess the environmental review process associated with new and advanced reactor site construction to ensure that NRC carries out its responsibilities.
: d. Assess the adequacy of NRC's development and implementation of a rigorous quality assurance oversight program.
: f. Assess NRC's actions to address stakeholders' concerns over potential gaps in NRC oversight of new and advanced reactor construction.
5
: g. Assess NRC oversight of vendor material and manufacturing methods used in the construction of new and advanced reactor plants. h. Assess NRC's integration of domestic and international operating experience, generic safety issues, and introduction of new technologies (e.g., digital products) into new and advanced reactor licensing.
: e. Assess the environmental review process associated with new and advanced reactor site construction to ensure that NRC carries out its responsibilities.
: i. Assess allegations and conduct investigations and event inquiries into NRC's oversight of new and advanced reactors. j. Assess allegations and conduct investigations to ensure NRC regulations and oversight activities address supply chain vulnerabilities to include prevention of counterfeit, fraudulent, and substandard items entering the supply chain. k. Assess the effectiveness of NRC efforts to balance the oversight of new facility construction activities oversight with that for existing major fuel cycle facilities and operating reactors. l. Assess NRC activities and their effectiveness in fostering an environment both internally and externally where safety issues can be raised without fear of retaliation.
: f. Assess NRCs actions to address stakeholders concerns over potential gaps in NRC oversight of new and advanced reactor construction.
Strategy 1
: g. Assess NRC oversight of vendor material and manufacturing methods used in the construction of new and advanced reactor plants.
-3: Identify risk areas facing NRC's oversight of nuclear materials, and conduct audits and investigations that lead to NRC program improvements.
: h. Assess NRCs integration of domestic and international operating experience, generic safety issues, and introduction of new technologies (e.g., digital products) into new and advanced reactor licensing.
Actions: a. Assess NRC's implementation of programs for controlling, accounting for, tracking, and inspecting nuclear materials to include the National Source Tracking System, Web-based licensing, and the License Verification System. b. Assess NRC's licensing and oversight of the construction, startup, and operation of new fuel cycle facilities.
: i. Assess allegations and conduct investigations and event inquiries into NRCs oversight of new and advanced reactors.
 
: j. Assess allegations and conduct investigations to ensure NRC regulations and oversight activities address supply chain vulnerabilities to include prevention of counterfeit, fraudulent, and substandard items entering the supply chain.
7 c. Assess NRC activities concerning the licensing, safety oversight , and aging effects of existing fuel cycle facilities.
: k. Assess the effectiveness of NRC efforts to balance the oversight of new facility construction activities oversight with that for existing major fuel cycle facilities and operating reactors.
: d. Assess impact of the Agreement State program on the safety of materials and on NRC's regulatory activities.
: l. Assess NRC activities and their effectiveness in fostering an environment both internally and externally where safety issues can be raised without fear of retaliation.
: e. Review NRC and licensee reports and engage interested stakeholders to identify issues of concern in NRC oversight of nuclear material held by NRC licensees. f. Through proactive initiatives, determine if NRC provided effective oversight of nuclear materials.
Strategy 1-3: Identify risk areas facing NRCs oversight of nuclear materials, and conduct audits and investigations that lead to NRC program improvements.
: g. Assess the adequacy and effectiveness of NRC's license application and review process to ensure that only legitimate entities, to include certificat e holders , receive NRC byproduct material licenses. h. Assess allegations and conduct investigations concerning NRC's oversight of nuclear materials.
Actions:
: a. Assess NRCs implementation of programs for controlling, accounting for, tracking, and inspecting nuclear materials to include the National Source Tracking System, Web-based licensing, and the License Verification System.
: b. Assess NRCs licensing and oversight of the construction, startup, and operation of new fuel cycle facilities.
6
: c. Assess NRC activities concerning the licensing, safety oversight, and aging effects of existing fuel cycle facilities.
: d. Assess impact of the Agreement State program on the safety of materials and on NRCs regulatory activities.
: e. Review NRC and licensee reports and engage interested stakeholders to identify issues of concern in NRC oversight of nuclear material held by NRC licensees.
: f. Through proactive initiatives, determine if NRC provided effective oversight of nuclear materials.
: g. Assess the adequacy and effectiveness of NRCs license application and review process to ensure that only legitimate entities, to include certificate holders, receive NRC byproduct material licenses.
: h. Assess allegations and conduct investigations concerning NRCs oversight of nuclear materials.
: i. Assess NRC activities and their effectiveness in fostering an environment both externally and internally where safety issues can be raised without fear of retaliation.
: i. Assess NRC activities and their effectiveness in fostering an environment both externally and internally where safety issues can be raised without fear of retaliation.
Strategy 1
Strategy 1-4: Identify risk areas associated with NRCs oversight of high-level and low level waste, and conduct audits and investigations that lead to NRC program improvements.
-4: Identify risk areas associated with NRC's oversight of high-level and low- level waste, and conduct audits and investigations that lead to NRC program improvements.
Actions:
Actions: a. Assess NRC's activities addressing the DOE application for authorization to construct a geologic repository for high-level waste. b. Assess NRC's regulatory activities involving any interim or permanent repository facilities designated to receive high-level waste. c. Assess the key issues affecting the safe management of civilian low-level waste disposal, including the availability of low-level radioactive waste disposal sites. d. Assess NRC's oversight of nuclear waste issues associated with the decommissioning a nd cleanup of nuclear reactor sites and other facilities.
: a. Assess NRCs activities addressing the DOE application for authorization to construct a geologic repository for high-level waste.
: b. Assess NRCs regulatory activities involving any interim or permanent repository facilities designated to receive high-level waste.
: c. Assess the key issues affecting the safe management of civilian low-level waste disposal, including the availability of low-level radioactive waste disposal sites.
: d. Assess NRCs oversight of nuclear waste issues associated with the decommissioning and cleanup of nuclear reactor sites and other facilities.
7
: e. Assess allegations and conduct investigations and event inquiries to determine NRCs effectiveness in addressing stakeholder concerns regarding low-level and high-level waste issues.
: f. Assess NRC activities and their effectiveness in fostering an environment both internally and externally where safety issues can be raised without fear of retaliation.
: g. Assess NRC's oversight of the certification of storage and transportation casks.
Strategic Goal 2: Security Enhance NRCs efforts to increase security in response to an evolving threat environment.
Discussion: NRC must ensure that nuclear power and materials licensees take adequate measures to protect their facilities against radiological sabotage. In a threat environment where adversaries tactics and capabilities rapidly evolve, NRC faces the challenge of adapting to dynamic threats while also maintaining a stable security oversight regime commensurate with the agencys mission as a fair and impartial regulator. In addition, NRC aims to balance its security oversight obligations with a duty to share information with public stakeholders about threats to the Nation s nuclear power and materials sectors.
NRC plays a critical role in overseeing and supporting the emergency preparedness and incident response capabilities of nuclear power plant operators and the integration of their plans with government agencies in light of the prospect of natural disasters and terrorist threats. In addition, NRC must protect its infrastructure and take the necessary steps to ensure that its staff, facilities, and information technology assets are adequately protected against projected threats and provide for the maintenance of operations.
NRC has well-established inspection programs for evaluating the physical, information, and personnel security activities of nuclear power and materials licensees. However, the agency developed a cyber security directorate, and implemented an inspection program to evaluate the security of information technology used to operate nuclear power plants. This nascent cyber security program will face implementation challenges common to new inspection programs, such as communicating new requirements to licensees, conducting inspections in a consistent manner, and allocating sufficient resources to sustain the inspection program beyond its initial years. Cyber security also entails unique oversight challenges related to the mix of digital and analog systems at different nuclear power plants, as well as the need for NRC to understand in depth how digital equipment upgrades will impact plant operations and security. Lastly, the complexity of digital systems and possible interfaces with licensees administrative, security, and operations systems requires that NRC carefully test for 8


8 e. Assess allegations and conduct investigations and event inquiries to determine NRC's effectiveness in addressing stakeholder concerns regarding low-level and high-level waste issues. f. Assess NRC activities and their effectiveness in fostering an environment both internally and externally where safety issues can be raised without fear of retaliation.
vulnerabilities without compromising licensees digital networks.
: g. Assess NRC's oversight of the certification of storage and transportation casks. Strategic Goal 2:  Security Enhance NRC's efforts to increase security in response to an evolving threat environment.
Strategy 2-1: Identify risk areas involved in effectively securing both new and operating nuclear reactors, nuclear fuel cycle facilities, and nuclear materials, and conduct audits and investigations that lead to NRC program improvements.
Discussion:  NRC must ensure that nuclear power and materials licensees take adequate measures to protect their facilities against radiological sabotage. I n a threat environment where adversaries' tactics and capabilities rapidly evolve, NRC faces the challenge of adapting to dynamic threats while also maintaining a stable security oversight regime commensurate with the agency's mission as a fair and imparti al regulator.
Actions:
In addition , NRC aims to balanc e its security oversight obligations with a duty to share information with public stakeholders about threats to the Natio n's nuclear power and materials sectors. NRC plays a critical role in overseeing and supporting the emergency preparedness and incident response capabilities of nuclear power plant operators and the integration of their plans with government agencies in light of the prospect of natural disasters and terrorist threats. In addition, NRC must protect its infrastructure and take the necessary steps to ensure that its staff, facilities, and information technology assets are adequately protected against projected threats and provide for the maintenance of operations
: a. Assess the adequacy of NRCs oversight activities with regard to the security of nuclear materials, operating reactors, and nuclear fuel cycle facilities.
. NRC has well-established inspection programs for evaluating the physical, information, and personnel security activities of nuclear power and materials licensees. However , the agency developed a cyber security directorate, and implemented an inspection program to evaluate the security of information technology used to operate nuclear power plants. This nascent cyber security program will face implementation challenges common to new inspection programs, such as communicating new requirements to licensees , conducting inspections in a consistent manner, and allocating sufficient resources to sustain the inspection program beyond its initial years. Cyber security also entails unique oversight challenges related to the mix of digital and analog systems at different nuclear power plants, as well as the need for NRC to understand in depth how digital equipment upgrades will impact plant operations and security. Lastly, the complexity of digital systems and possible interfaces with licensees' administrative, security, and operations systems requires that NRC carefully test for 9 vulnerabilities without compromising licensees' digital networks. Strategy 2-1: Identify risk areas involved in effectively securing both new and operating nuclear reactors, nuclear fuel cycle facilities, and nuclear materials, and conduct audits and investigations that lead to NRC program improvements.
: b. Assess the comprehensiveness of NRCs threat assessment and the process for keeping it up to date.
Actions: a. Assess the adequacy of NRC's oversight activities with regard to the security of nuclear materials, operating reactors , and nuclear fuel cycle facilities.
: c. Assess the adequacy of regulations to respond to an evolving threat environment and the extent to which NRC is making appropriate adjustments.
: b. Assess the comprehensiveness of NRC's threat assessment and the process for keeping it up to date. c. Assess the adequacy of regulations to respond to an evolving threat environment and the extent to which NRC is making appropriate adjustments.
: d. Assess the key issues affecting the secure management of civilian low-level waste disposal.
: d. Assess the key issues affecting the secure management of civilian low-level waste disposal. e. Assess NRC's coordination with other agencies. f. Where appropriate, conduct investigations and event inquiries designed to address NRC's efforts in providing oversight of licensee security responsibilities.
: e. Assess NRCs coordination with other agencies.
: f. Where appropriate, conduct investigations and event inquiries designed to address NRCs efforts in providing oversight of licensee security responsibilities.
: g. Assess the adequacy of NRC oversight activities to ensure that security is incorporated into the design and construction of new facilities.
: g. Assess the adequacy of NRC oversight activities to ensure that security is incorporated into the design and construction of new facilities.
: h. Assess the adequacy of NRC efforts to develop and implement a comprehensive cyber security program for nuclear power plants and fuel cycle facilities.
: h. Assess the adequacy of NRC efforts to develop and implement a comprehensive cyber security program for nuclear power plants and fuel cycle facilities.
: i. Assess NRC activities and their effectiveness in fostering an environment both internally and externally where security can be raised without fear of retaliation.
: i. Assess NRC activities and their effectiveness in fostering an environment both internally and externally where security can be raised without fear of retaliation.
: j. Through proactive initiatives, determine if NRC provided effective oversight against radiological sabotage and theft or diversion of materials.
: j. Through proactive initiatives, determine if NRC provided effective oversight against radiological sabotage and theft or diversion of materials.
9


10 Strategy 2-2: Identify risk areas associated with maintaining a secure infrastructure (i.e., physical security, personnel security, an d information security), and conduct audits and investigations that lead to NRC program improvements.
Strategy 2-2: Identify risk areas associated with maintaining a secure infrastructure (i.e., physical security, personnel security, and information security), and conduct audits and investigations that lead to NRC program improvements.
Actions: a. Assess how NRC manages threats to its facilities, personnel , and information systems. b. Assess the extent to which NRC effectively implements physical, personnel, and information security controls and procedures.
Actions:
: c. As appropriate, conduct investigations into internal and external cyber breaches of NRC's infrastructure.
: a. Assess how NRC manages threats to its facilities, personnel, and information systems.
: d. As appropriate, conduct investigations into misconduct involving physical and personne l security. Strategy 2-3: Identify risks associated with emergency preparedness and incident response, and conduct audits and investigations that lead to NRC program improvements.
: b. Assess the extent to which NRC effectively implements physical, personnel, and information security controls and procedures.
Actions: a. Assess NRC's management of emergency preparedness guidelines, regulations, and program s Assess NRC's efforts to prepare for responding to nuclear incidents including training, system reliability and interoperability, personnel availability, and response team organization and coordination.
: c. As appropriate, conduct investigations into internal and external cyber breaches of NRCs infrastructure.
: b. Assess NRC's managemen t of coordination with Federal, State, and local governments and licensees.
: d. As appropriate, conduct investigations into misconduct involving physical and personnel security.
: c. As appropriate, conduct investigations related to NRC's addressing and responding to emergencies and nuclear incidents.
Strategy 2-3: Identify risks associated with emergency preparedness and incident response, and conduct audits and investigations that lead to NRC program improvements.
Strategy 2-4: Identify risks associated with internationa l activities related to security, and conduct audits and investigations that lead to NRC program improvements.
Actions:
Actions: a. Assess NRC's management of controls on the import and export of nuclear materials.
: a. Assess NRCs management of emergency preparedness guidelines, regulations, and programs Assess NRC's efforts to prepare for responding to nuclear incidents including training, system reliability and interoperability, personnel availability, and response team organization and coordination.
: b. Assess NRC involvement with international assistan ce including material control 11 and accountability and incident response. c. As appropriate, conduct investigations concerning NRC activities and oversight of the proliferation, import, and export of nuclear materials.
: b. Assess NRCs management of coordination with Federal, State, and local governments and licensees.
Strategic Goal 3:  Corporate Management Increase the economy, efficiency, and effectiveness with which NRC manages and exercises stewardship over its resources.
: c. As appropriate, conduct investigations related to NRCs addressing and responding to emergencies and nuclear incidents.
Discussion
Strategy 2-4: Identify risks associated with international activities related to security, and conduct audits and investigations that lead to NRC program improvements.
: NRC faces significant challenges to efficiently, effectively, and economically manage its corporate resources within the parameters of its budget. NRC must continue to provide infrastructure and support to accomplish its regulatory mission while responding to changes in the Nation's spent fuel policy, reliance on nuclear energy, and security threat environment.
Actions:
Addressing the corporate resource challenges of human capital, information management, and financial management will necessitate foresight and flexibility and a strategic approach to managing change during the strategic planning period. NRC must mitigate the loss of retiring senior experts and managers by enhancing its knowledge management, lessons learned, and training programs, along with attracting and retaining staff with the necessary competencies. NRC also needs to continue upgrading and modernizing its information technology resources for employees and to support public access to the regulatory process. Finally, the agency needs to continue to improve its management and control over financial resources and procurement practices.
: a. Assess NRCs management of controls on the import and export of nuclear materials.
NRC will need to address changes caused by internal and external factors that will challenge the agency's ability to achieve its goals efficiently and effectively.
: b. Assess NRC involvement with international assistance including material control 10
OIG will target corporate management risk areas for audits and investigations, to fulfill its statutory responsibility to evaluate the agency's financial management, and work with NRC to identify and improve weaknesses.
Strategy: 3-1:  Identify areas of corporate management risk within NRC and conduct audits and investigations that lead to NRC program improvements.
Actions:  a. Assess NRC's management of human capital to include training and development programs , knowledge management, and recruiting and retention activities.


12 b. Assess NRC's financial management practices to include development and collection of fees and budget processes. c. Provide reasonable assurance that NRC's financial statements are presented fairly in all material aspects. d. Assess NRC's development, implementation, and lifecycle management of information technology tools and systems. e. Assess NRC management systems to ensure the agency effectively uses best practices for common business processes such as the systematic approach to training , project managemen t , knowledge management, and process improvement.
and accountability and incident response.
: f. Assess NRC's management of administrative functions to include pro curements , property , and fac ilitie s. g. Assess allegations and conduct criminal and administrative investigations of misuse of NRC's corporate resources pertainin g to human resources , procurement, financial management, and information technology. h. Assess the efficiency and effectiveness of NRC's management of changes c aused by internal and external factors. i. Reduce instances of fraud, waste, and abuse through criminal and administrative investigations or proactive initiatives.
: c. As appropriate, conduct investigations concerning NRC activities and oversight of the proliferation, import, and export of nuclear materials.
Strategic Goal 3: Corporate Management Increase the economy, efficiency, and effectiveness with which NRC manages and exercises stewardship over its resources.
Discussion: NRC faces significant challenges to efficiently, effectively, and economically manage its corporate resources within the parameters of its budget. NRC must continue to provide infrastructure and support to accomplish its regulatory mission while responding to changes in the Nations spent fuel policy, reliance on nuclear energy, and security threat environment.
Addressing the corporate resource challenges of human capital, information management, and financial management will necessitate foresight and flexibility and a strategic approach to managing change during the strategic planning period. NRC must mitigate the loss of retiring senior experts and managers by enhancing its knowledge management, lessons learned, and training programs, along with attracting and retaining staff with the necessary competencies.
NRC also needs to continue upgrading and modernizing its information technology resources for employees and to support public access to the regulatory process. Finally, the agency needs to continue to improve its management and control over financial resources and procurement practices.
NRC will need to address changes caused by internal and external factors that will challenge the agencys ability to achieve its goals efficiently and effectively.
OIG will target corporate management risk areas for audits and investigations, to fulfill its statutory responsibility to evaluate the agencys financial management, and work with NRC to identify and improve weaknesses.
Strategy: 3-1: Identify areas of corporate management risk within NRC and conduct audits and investigations that lead to NRC program improvements.
Actions:
: a. Assess NRCs management of human capital to include training and development programs, knowledge management, and recruiting and retention activities.
11
: b. Assess NRCs financial management practices to include development and collection of fees and budget processes.
: c. Provide reasonable assurance that NRCs financial statements are presented fairly in all material aspects.
: d. Assess NRCs development, implementation, and lifecycle management of information technology tools and systems.
: e. Assess NRC management systems to ensure the agency effectively uses best practices for common business processes such as the systematic approach to training, project management , knowledge management, and process improvement.
: f. Assess NRCs management of administrative functions to include procurements, property, and facilities.
: g. Assess allegations and conduct criminal and administrative investigations of misuse of NRCs corporate resources pertaining to human resources, procurement, financial management, and information technology.
: h. Assess the efficiency and effectiveness of NRC's management of changes caused by internal and external factors.
: i. Reduce instances of fraud, waste, and abuse through criminal and administrative investigations or proactive initiatives.
: j. Assess NRC activities and their effectiveness in fostering an environment where corporate management issues can be raised without fear of retaliation.
: j. Assess NRC activities and their effectiveness in fostering an environment where corporate management issues can be raised without fear of retaliation.
12
PERFORMANCE DATA The following tables include the strategic goals, measures, and targets for the current strategic plan. They also provide actual performance data for FY 2013-FY 2017.
OIG Strategic Goal 1: Strengthen NRCs Efforts To Protect Public Health and Safety and the Environment 2013                  2014                  2015                    2016                  2017 Measure 1. Percentage of OIG products and activities that have a high impact on improving the NRCs safety program.
1 Target                      85%                    85%                  85%                      85%                  85%
Actual                      63% 2                100%                  100%                    100%                  100%
Measure 2. Percentage of audit recommendations agreed to by the agency.
Target                      92%                    92%                  92%                      92%                  92%
Actual                      100%                  36% 3                  86% 4                  100%                  95%
Measure 3. Percentage of final agency actions taken within 2 years on audit recommendations.
Target                      70%                    70%                  70%                      70%                  70%
Actual                      82%                  33% 5                  47% 6                    76%                  75%
Measure 4. Percentage of agency actions taken in response to investigative reports.
Target                      90%                    90%                  90%                      90%                  90%
Actual                      100%                  100%                  100%                    100%                    0% 7 Measure 5. Percentage of active cases completed in less than 18 months on average.
Target                      90% 8                  90%                  90%                      90%                  90%
Actual                      100%                  50% 9                50% 10                  60% 11                0% 12 Measure 6. Percentage of closed investigations referred to DOJ or other relevant authorities.
Target                                            20% 13                20%                      20%                  20%
Actual                                              N/A                  N/A                      N/A                    N/A Measure 7. Percentage of closed investigations resulting in indictments, convictions, civil suits or settlements, judgments, administrative actions, monetary results or IG clearance letters. 14 Target                                              60%                  60%                      60%                  60%
Actual                                            100%                  50%                    100%                  0% 15 OIG Strategic Goal 2: Enhance NRCs Efforts To Increase Security in Response To an Evolving Threat Environment 2013                  2014                  2015                    2016                  2017 Measure 1. Percentage of OIG products and activities that have a high impact on improving the NRCs security program.
Target                      85%                  85%                  85%                      85%                    85%
Actual                    100%                  100%                  100%                    91%                  100%
Measure 2. Percentage of audit recommendations agreed to by the agency.
Target                      92%                  92%                  92%                      92%                    92%
Actual                    100%                  100%                  100%                    100%                  100%
Measure 3. Percentage of final agency actions taken within 2 years on audit recommendations.
Target                      70%                  70%                  70%                      70%                    70%
Actual                      93%                  70%                  82%                    64% 16                55% 17 Measure 4. Percentage of agency actions taken in response to investigative reports.
Target                      90%                  90%                  90%                      90%                    90%
Actual                    100%                  100%                  100%                    100%                    N/A Measure 5. Percentage of active cases completed in less than 18 months on average.
Target                      90%                  90%                  90%                      90%                    90%
Actual                    33% 18                75% 19                100%                    80% 20                100%
Measure 6. Percentage of closed investigations referred to DOJ or other relevant authorities.
Target                                              20%                  20%                      20%                  20%
Actual                                              N/A                  N/A                    100%                  50%
Measure 7. Percentage of closed investigations resulting in indictments, convictions, civil suits or settlements, judgments, administrative actions, monetary results or IG clearance letters. 21 Target                                              60%                  60%                      60%                  60%
Actual                                            100%                  100%                    100%                  33% 22 13


13 PERFORMANCE DATA The following tables include the strategic goals, measures, and targets for the current strategic plan. They also provide actual performance data for FY 2013
OIG Strategic Goal 3: Improve the Economy, Efficiency, and Effectiveness With Which NRC Manages and Exercises Stewardship Over Its Resources 2013                   2014                 2015                   2016                   2017 Measure 1. Percentage of OIG products and activities that have a high impact on improving the NRCs corporate management program.
-FY 2017. OIG Strategic Goal 1:  Strengthen NRC's Efforts To Protect Public Health and Safety and the Environment 2013 2014 2015 2016 2017 Measure 1. Percentage of OIG products and activities that have a high impact 1 on improving the NRC's safety program.
Target                     85%                   85%                   85%                   85%                   85%
Target 85% 85% 85% 85% 85% Actual 63%2 100% 100% 100% 100% Measure 2. Percentage of audit recommendations agreed to by the agency. Target 92% 92% 92% 92% 92% Actual 100% 36%3 86%4 100% 95% Measure 3. Percentage of final agency action s taken within 2 years on audit recommendations.
Actual                   83% 23                 74% 24                 87%                   85%                   93%
Target 70% 70% 70% 70% 70% Actual 82% 33%5 47%6 76% 75% Measure 4. Percentage of agency actions taken in response to investigative reports
Measure 2. Percentage of audit recommendations agreed to by the agency.
. Target 9 0% 9 0% 9 0% 9 0% 9 0% Actual 100% 100% 100% 100% 0%7 Measure 5. Percentage of active cases completed in less than 18 months on average
Target                     92%                   92%                   92%                   92%                   92%
. Target 90%8 90% 90% 90% 90% Actual 100% 50%9 50%10 60%11 0%12 Measure 6. Percentage of closed investigations referr ed to D O J or other relevant authorities.
Actual                   88% 25                 100%                   100%                   100%                   100%
Target  20%13 20% 20% 20% Actual  N/A N/A N/A N/A Measure 7. Percentage of closed investigations resulting in indictment s, conviction s, civil suit s or settlement s, judgment s, administrative action s, monetary results or IG clearance letters
Measure 3. Percentage of final agency actions taken within 2 years on audit recommendations.
.14 Target  60% 60% 60% 60% Actual  100% 50% 100% 0%15  OIG Strategic Goal 2: Enhance  NRC's Efforts To Increase Security in Response To an Evolving Threat Environment 2013 2014 2015 2016 2017 Measure 1. Percentage of OIG products a nd activities that have a high impact on improving the NRC's security program.
Target                     70%                   70%                   70%                   70%                   70%
Target 8 5% 8 5% 8 5% 8 5% 8 5% Actual 100% 100% 100% 91% 100% Measure 2. Percentage of audit recommendations agreed to by the agency. Target 92% 92% 92% 92% 92% Actual 100% 100% 100% 100% 100% Measure 3. Percentage of final agency actions taken within 2 years on audit recommendations.
Actual                     73%                   90%                   90%                   80%                   81%
Target 70% 70% 70% 70% 70% Actual 93% 70% 82% 64%16 55%17 Measure 4. Percentage of agency actions taken in response to investigative report
Measure 4. Percentage of agency actions taken in response to investigative reports.
: s. Target 90% 90% 90% 90% 90% Actual 100% 100% 100% 100% N/A Measure 5. Percentage of active cases completed in less than 18 months on average
Target                     90%                   90%                   90%                   90%                   90%
. Target 90% 90% 90% 90% 90% Actual 33%18 75%19 100% 80%20 100% Measure 6. Percentage of closed investigations referred to DOJ or other relevant authorities.
Actual                   100%                   100%                   100%                   100%                   89% 26 Measure 5. Percentage of active cases completed in less than 18 months on average.
Target  20% 20% 20% 20% Actual  N/A N/A 100% 50% Measure 7. Percentage of closed investigations resulting in indictment s, conviction s, civil suit s or settlement s, judgment s, administrative action s, monetary results or IG clearance letters
Target                   90% 27                 90%                   90%                   90%                   90%
. 21 Target  60% 60% 60% 60% Actual  100% 100% 100% 33%22 14 OIG Strategic Goal 3:  Improve the Economy, Efficiency, and Effectiveness With Which NRC Manages and Exercises Stewardship Over Its Resources 2013 2014 2015 2016 2017 Measure 1. Percentage of OIG products and activities that have a high impact on improving the NRC's corporate management program.
Actual                     95%                   91%                 58% 28                 78% 29                 85% 30 Measure 6. Percentage of closed investigations referred to DOJ or other relevant authorities.
Target 85% 85% 85% 85% 85% Actual 83%23 74%24 87% 85% 93% Measure 2. Percentage of audit recommendations agreed to by the agency. Target 92% 92% 92% 92% 92% Actual 88%25 100% 100% 100% 100% Measure 3. Percentage of final agency actions taken within 2 years on audit recommendations.
Target                                             20% 31                 20%                     20%                   20%
Target 70% 70% 70% 70% 70% Actual 73% 90% 90% 80% 81% Measure 4. Percentage of agency actions taken in response to investigative reports
Actual                                             27%                   28%                     45%                   44%
. Target 90% 90% 90% 90% 90% Actual 100% 100% 100% 100% 89%26 Measure 5. Percentage of active cases completed in less than 18 months on average
Measure 7. Percentage of closed investigations resulting in indictments, convictions, civil suits or settlements, judgments, administrative actions, monetary results or IG clearance letters.
. Target 90%27 90% 90% 90% 90% Actual 95% 91% 58%28 78%29 85%30 Measure 6. Percentage of closed investigations referred to DOJ or other relevant authorities
Target                                             60% 32                 60%                     60%                   60%
. Target 20%31 20% 20% 20% Actual 27% 28% 45% 4 4% Measure 7. Percentage of closed investigations resulting in indictment s, conviction s, civil sui t s or settlement s, judgment s , administrative action s, monetary results or IG clearance letters.
Actual                                             100%                   73%                     71%                   70%
Target 60%32 60% 60% 60% Actual 100% 73% 71% 70% FY 2017 BUDGET RESOURCES The following table depicts the relationship of the Inspector General program and associated FY 2017 budget resources to the OIG's strategic and general goals.
FY 2017 BUDGET RESOURCES The following table depicts the relationship of the Inspector General program and associated FY 2017 budget resources to the OIGs strategic and general goals.
Program Links to Strategic and General Goals
Program Links to                                     OIG Strategic and General Goals Strategic and General Goals
($K) OIG Strategic and General Goals Advance NRC's Safety Efforts ($K)
($K)                   Advance NRCs            Enhance NRCs                  Improve NRCs Safety Efforts ($K)     Security Efforts ($K)     Corporate Management ($K)
Enhance NRC's Security Efforts ($K)
Improve NRC's Corporate Management ($K)
FY 2017 Programs ($11,160; 58 FTE)
FY 2017 Programs ($11,160; 58 FTE)
Audits ($7,332; 37 FTE)
Audits                                     $3,144                    $1,162                          $3,026
$3,144 18.5 FTE $1,162 6.5 FTE $3,026 12.0 FTE Investigations
($7,332; 37 FTE)                         18.5 FTE                 6.5 FTE                         12.0 FTE Investigations                             $1,485                    $637                            $1,706
($3,828; 21 FTE)
($3,828; 21 FTE)                         8.0 FTE                   3.5 FTE                         9.5 FTE Verification and Validation of Measured Values and Performance OIG uses an automated management information system to capture program performance data for the Audits and Investigations Programs. The integrity of the system was thoroughly tested and validated prior to implementation. Reports generated by the system provide both detailed information and summary data. All system data are deemed reliable.
$1,485 8.0 FTE $637 3.5 FTE $1,706 9.5 FTE Verification and Validation of Measured Values and Performance OIG uses an automated management information system to capture program performance data for the Audits and Investigations Programs. The integrity of the system was thoroughly tested and validated prior to implementation. Reports generated by the system provide both detailed information and summary data. All system data are deemed reliable.
14


15 CROSS-CUTTING FUNCTIONS WITH OTHER GOVERNMENT AGENCIES NRC OIG has cross
CROSS-CUTTING FUNCTIONS WITH OTHER GOVERNMENT AGENCIES NRC OIG has cross-cutting functions with other law enforcement agencies. For example, OIG provides investigatory case referrals to the Department of Justice (DOJ). It also coordinates investigative activities with U.S. Attorneys offices, as well as with other agencies as required.
-cutting functions with other law enforcement agencies. For example, OIG provides investigatory case referrals to the Department of Justice (DOJ). It also coordinates investigative activities with U.S. Attorneys' offices, as well as with other agencies as required.
PEER REVIEWS An independent audit peer review performed in September 2015 by the Federal Communications Commission OIG found that the Audits Programs system of quality control provided reasonable assurance that audits were conducted in accordance with applicable professional standards.
PEER REVIEWS An independent audit peer review performed in September 2015 by the Federal Communications Commission OIG found that the Audits Program's system of quality control provided reasonable assurance that audits were conducted in accordance with applicable professional standards.
In addition, an independent investigative peer review was conducted in October 2016 by the Tennessee Valley Authority OIG. The program was found to be in full compliance with quality standards established by the Council of the Inspectors General on Integrity and Efficiency and the Attorney General Guidelines for Offices of Inspectors General with Statutory Law Enforcement Authority.
In addition, an independent investigative peer review was conducted in October 2016 by the Tennessee Valley Authority OIG. The program was found to be in full compliance with quality standards established by the Council of the Inspectors General on Integrity and Efficiency and the Attorney General Guidelines for Offices of Inspectors General with Statutory Law Enforcement Authority.
CONCLUSION OIG met the majority (63 percent) of its audit and investigative program goals for FY 2017 by meeting 12 of 19 measurable items (2 investigative items were not measurable because there were no investigations applicable to the measure during FY 17). Of the seven goals that were not met, three were not met because there was only one investigative case applicable to each measure and the one case did not meet the measure. In addition, a fourth goal was missed by 1 percent (goal was 90 percent, and 89 percent was achieved). OIG continuously reviews its Strategic Plan to ensure that its goals and work strategies continue to add value to the NRC in carrying out its important safety and security mission.
CONCLUSION OIG met the majority (63 percent) of its audit and investigative program goals for FY 2017 by meeting 12 of 19 measurable items (2 investigative items were not measurable because there were no investigations applicable to the measure during FY 17). Of the seven goals that were not met, three were not met because there was only one investigative case applicable to each measure and the one case did not meet the measure. In addition, a fourth goal was missed by 1 percent (goal was 90 percent, and 89 percent was achieved). OIG continuously reviews its Strategic Plan to ensure that its goals and work strategies continue to add value to the NRC in carrying out its important safety and security mission.
 
1 High impact is the effect of an issued report or activity undertaken that results in: a) confirming risk areas or management challenges that caused the agency to take corrective action, b) real dollar savings or reduced regulatory burden, c) identifying significant wrongdoing by individuals that results in criminal or administrative action, d) clearing an individual wrongly accused, or e) identifying regulatory actions or oversight that may have contributed to the occurrence of a specific event or incident or resulted in a potential adverse impact on public health or safety.
1 High impact is the effect of an issued report or activity undertaken that results in: a) confirming risk areas or management challenges that caused the agency to take corrective action, b) real dollar savings or reduced regulatory burden, c) identifying significant wrongdoing by individuals that results in criminal or administrative action, d) clearing an individual wrongly accused, or e) identifying regulatory actions or oversight that may have contributed to the occurrence of a specific event or incident or resulted in a potential adverse impact on public health or safety.
2 Starting in FY 2010, a more rigorous standard was applied for the impact of investigations in the safety arena.
2 Starting in FY 2010, a more rigorous standard was applied for the impact of investigations in the safety arena.
3 The agency required more than 90 days to resolve two of the five recommendations in the Audit of NRC's Management of Licensee Commitments prior to resolution. Subsequently, all five recommendations were resolved.
3 The agency required more than 90 days to resolve two of the five recommendations in the Audit of NRCs Management of Licensee Commitments prior to resolution. Subsequently, all five recommendations were resolved.
16                                       
15


4 The agency required more than 90 days to resolve two of two recommendations in the Audit of NRC's Oversight of Active Component Aging. Subsequently, all two recommendations were resolved.
4 The agency required more than 90 days to resolve two of two recommendations in the Audit of NRCs Oversight of Active Component Aging. Subsequently, all two recommendations were resolved.
5 The agency required more than 2 years for final action on one of four recommendations in the Audit of NRC's Issuance of General Licenses. Final action was completed in October 2014.
5 The agency required more than 2 years for final action on one of four recommendations in the Audit of NRCs Issuance of General Licenses. Final action was completed in October 2014.
6 The agency required more than 2 years for final action on six of six recommendations in the Audit of NRC's Oversight of Industrial Radiography. Final action was completed in October 2015.
6 The agency required more than 2 years for final action on six of six recommendations in the Audit of NRCs Oversight of Industrial Radiography. Final action was completed in October 2015.
7 Only one case was applicable to this measure and the agency did not take action in response to the report.
7 Only one case was applicable to this measure and the agency did not take action in response to the report.
8 In FY 2012, OIG began to measure the percentage of active cases completed in less than 18 months on average.
8 In FY 2012, OIG began to measure the percentage of active cases completed in less than 18 months on average.
Line 164: Line 243:
15 Only one case was applicable to this measure and it did not result in any of the listed outcomes.
15 Only one case was applicable to this measure and it did not result in any of the listed outcomes.
16 One audit recommendation required additional time to close. This recommendation has since been closed.
16 One audit recommendation required additional time to close. This recommendation has since been closed.
17 Four of eight recommendations on the Independent Evaluation of NRC's Implementation of the Federal Information Security Management Act (FISMA) for Fiscal Year 2012 required additional time to close. These four recommendations have since been closed.
17 Four of eight recommendations on the Independent Evaluation of NRCs Implementation of the Federal Information Security Management Act (FISMA) for Fiscal Year 2012 required additional time to close. These four recommendations have since been closed.
18 In the security arena, the complexity of the investigative cases resulted in several cases exceeding 18 months on average. 19 Of the four active investigative cases measured in the security arena for the year, three cases were closed in less than 18 months, which resulted in an achievement rate of 75 percent.
18 In the security arena, the complexity of the investigative cases resulted in several cases exceeding 18 months on average.
19 Of the four active investigative cases measured in the security arena for the year, three cases were closed in less than 18 months, which resulted in an achievement rate of 75 percent.
20 The complexity of one investigation required additional time to close this investigation.
20 The complexity of one investigation required additional time to close this investigation.
21 Starting in FY 2014, OIG began measuring the percentage of closed investigations that resulted in an indictment, conviction, civil suit or settlement, judgment, administrative action, or monetary result. Starting in FY 2017, OIG added closed investigations that resulted in IG clearance letters to this measure. A clearance letter is a document provided to an employee in cases where an investigation is initiated in response to an allegation of employee 17                                       
21 Starting in FY 2014, OIG began measuring the percentage of closed investigations that resulted in an indictment, conviction, civil suit or settlement, judgment, administrative action, or monetary result. Starting in FY 2017, OIG added closed investigations that resulted in IG clearance letters to this measure. A clearance letter is a document provided to an employee in cases where an investigation is initiated in response to an allegation of employee 16


misconduct and the misconduct is not substantiated.
misconduct and the misconduct is not substantiated.
Line 173: Line 253:
23 Starting in FY 2010, a more rigorous standard was applied for the impact of investigations in the corporate management arena.
23 Starting in FY 2010, a more rigorous standard was applied for the impact of investigations in the corporate management arena.
24 Starting in FY 2010, a more rigorous standard was applied for the impact of investigations in the corporate management arena.
24 Starting in FY 2010, a more rigorous standard was applied for the impact of investigations in the corporate management arena.
25 The agency needed more than 90 days to review the recommendations in the Audit of NRC's Contract Administration of the Enterprise Project Management (EPM). The agency agreed to all recommendations.
25 The agency needed more than 90 days to review the recommendations in the Audit of NRCs Contract Administration of the Enterprise Project Management (EPM). The agency agreed to all recommendations.
26 One of nine investigative cases resulted in no action taken in response to an investigative report which resulted in an 89 percent achievement rate.
26 One of nine investigative cases resulted in no action taken in response to an investigative report which resulted in an 89 percent achievement rate.
27 In FY 2012, OIG began to measure the percentage of active cases completed in less than 18 months on average.
27 In FY 2012, OIG began to measure the percentage of active cases completed in less than 18 months on average.
Line 180: Line 260:
30 The complexity of several investigations required additional time to close these investigations.
30 The complexity of several investigations required additional time to close these investigations.
31 In FY 2014, OIG began to measure the percentage that resulted in a referral for action to the Department of Justice, State or local law enforcement officials or relevant administrative authority.
31 In FY 2014, OIG began to measure the percentage that resulted in a referral for action to the Department of Justice, State or local law enforcement officials or relevant administrative authority.
32 Starting in FY 2014, OIG began measuring the percentage of closed investigations that resulted in an indictment, conviction, civil suit or settlement, judgment, administrative action, or monetary result. Starting in FY 2017, OIG added closed investigations that resulted in IG clearance letters to this measure. A clearance letter is a document provided to an employee in cases where an investigation is initiated in response to an allegation of employee misconduct and the misconduct is not substantiated.}}
32 Starting in FY 2014, OIG began measuring the percentage of closed investigations that resulted in an indictment, conviction, civil suit or settlement, judgment, administrative action, or monetary result. Starting in FY 2017, OIG added closed investigations that resulted in IG clearance letters to this measure. A clearance letter is a document provided to an employee in cases where an investigation is initiated in response to an allegation of employee misconduct and the misconduct is not substantiated.
17}}

Latest revision as of 19:32, 21 October 2019

2017 Oig Performance Report - 02.21.18
ML18052B080
Person / Time
Issue date: 02/28/2018
From:
NRC/OIG
To:
References
Download: ML18052B080 (18)


Text

U. S. Nuclear Regulatory Commission Office of Inspector General FY 2017 Performance Report February 2018

OIG PERFORMANCE REPORT Fiscal Year 2017 INTRODUCTION NRC was formed in 1975, in accordance with the Energy Reorganization Act of 1974, to regulate the various commercial and institutional uses of nuclear materials. The agency succeeded the Atomic Energy Commission, which previously had responsibility for both developing and regulating nuclear activities. Under its responsibility to protect public health and safety, NRC has three principal regulatory functions: (1) establish standards and regulations, (2) issue licenses for nuclear facilities and users of nuclear materials, and (3) inspect facilities and users of nuclear materials to ensure compliance with the requirements. These regulatory functions relate both to nuclear power plants and other uses of nuclear materials - like nuclear medicine programs at hospitals, academic activities at educational institutions, research, and such industrial applications as gauges and testing equipment.

NRCs OIG was established as a statutory entity on April 15, 1989, in accordance with the 1988 amendment to the Inspector General Act of 1978. The OIG mission is to (1) independently and objectively conduct and supervise audits and investigations relating to programs and operations; (2) prevent and detect fraud, waste and abuse; and (3) promote economy, efficiency and effectiveness in agency programs and operations. Since FY 2014, per the Consolidated Appropriations Act, 2014, NRCs OIG has exercised the same authorities with respect to the Defense Nuclear Facilities Safety Board (DNFSB). In addition, OIG reviews existing and proposed regulations, legislation and directives and provides comments, as appropriate, regarding any significant concern.

The Inspector General keeps the NRC Chairman, DNFSB Chairman, and Members of Congress fully and currently informed about problems, makes recommendations to the agency for corrective actions, and monitors NRCs progress in implementing such actions. In fulfilling this mission, OIG assists the NRC and DNFSB to accomplish its mission by ensuring integrity, efficiency and accountability in the agencys programs respectively.

PROGRAM ACTIVITIES OIG accomplishes its mission through the conduct of its audit, investigative, and management and operational support programs, as well as its legislative and regulatory review activities.

To fulfill its audit mission, OIG conducts performance, financial, and contract audits and evaluations.

1

To fulfill its investigative mission, OIG conducts investigations relating to the integrity of NRCs and DNFSBs programs and operations. Most OIG investigations focus on allegations of fraud, waste, and abuse and violations of law or misconduct by NRC and DNFSB employees and contractors.

OIGs Strategic Goals, Strategies, and Actions The NRC-OIG Strategic Plan features three goals and guides the activities of the Audits and Investigations programs. The plan identifies the major challenges and risk areas facing the NRC and generally aligns with the agencys mission.

OIG Strategic Goals

  • Strengthen NRCs efforts to protect public health and safety and the environment.
  • Enhance NRCs efforts to increase security in response to an evolving threat environment.
  • Increase the economy, efficiency, and effectiveness with which NRC manages and exercises stewardship over its resources.

The NRC-OIG Strategic Plan for FY 2014 - 2018 presents OIGs priorities for the covered timeframe and describes OIGs strategic direction to stakeholders, including the NRC Chairman, and the U.S. Congress. From this perspective, it presents OIGs results-based business case, explaining the return-on-investment. It also strengthens OIG by providing a shared set of expectations regarding the goals OIG expects to achieve and the strategies that will be used to do so. OIG adjusts the plan as circumstances necessitate, uses it to develop its annual plan and performance budget, and holds managers and staff accountable for achieving the goals and outcomes.

OIGs strategic plan also includes a number of supporting strategies and actions that describe planned accomplishments. Through associated annual planning activities, audit and investigative resources focus on assessing NRCs safety, security, and corporate management programs involving the major challenges and risk areas facing the NRC. The work of OIG auditors and investigators support and complement each other in the pursuit of these objectives.

2

Strategic Goal 1: Safety Strengthen NRCs efforts to protect public health and safety and the environment.

Discussion: NRC will continue to face safety challenges in the years ahead related to nuclear reactor oversight, the regulation of nuclear materials, and the handling of nuclear waste. A significant concern for NRC is regulating the safe operation of the Nations nuclear power plants through an established oversight process developed to verify that licensees identify and resolve safety issues before they adversely affect safe plant operation.

NRC is challenged to address both domestic and international operating experience that informs regulatory activities. NRC must also address license amendment requests to increase the power generating capacity of specific commercial reactors, license renewal requests to extend reactor operations beyond set expiration dates, and the introduction of new technology such as new and advanced reactor designs.

In fulfilling its responsibilities to regulate nuclear materials, NRC must ensure that its regulatory activities regarding nuclear materials and nuclear fuel cycle facilities adequately protect public health and safety. Moreover, NRCs regulatory activities concerning nuclear materials must protect against radiological sabotage and theft or diversion of these materials.

The licensing of facilities (e.g., fuel fabrication) with new technologies poses additional challenges.

The handling of nuclear waste includes both high-level and low-level waste. High level radioactive waste is primarily in the form of spent fuel discharged from commercial nuclear power reactors. In the high-level waste area, High-level waste issues include the oversight of interim storage of spent nuclear fuel both at and away from reactor sites, certification of storage and transport casks, and the oversight of the decommissioning of reactors and other nuclear sites. Low-level waste includes items that have become contaminated with radioactive materials or have become radioactive through exposure to neutron radiation. Low-level waste disposal occurs at commercially operated facilities that must be licensed by either the NRC or Agreement States. However, there are currently only four operating low-level waste disposal facilities in the United States.

3

Strategy 1-1: Identify risk areas associated with NRCs oversight of operating reactors, and conduct audits and investigations that lead to NRC program improvements.

Actions:

a. Assess the adequacy of NRCs licensing activities and oversight of licensees compliance with the license.
b. Assess the effectiveness of NRCs management of its operating reactor inspection programs and activities and its assessment of licensee ability to timely identify and resolve safety issues.
c. Assess NRC oversight of vendor material and manufacturing methods used in the maintenance and modification of operating reactors.
d. Assess the extent and effectiveness of NRCs regulatory preparedness for and response to design basis and beyond design basis events.
e. Assess NRCs actions to include research activities to identify and address the potential risks associated with aging and obsolescence issues affecting the fleet of current reactors.
f. Assess NRCs actions to identify and address the potential risks associated with the introduction of new technology into currently operating facilities.
g. Assess the adequacy of NRCs efforts to prepare for and provide oversight of new and advanced reactors as they become operational.
h. Monitor NRC activities and gather stakeholder information to identify potential gaps in NRC regulatory oversight. Conduct, as appropriate, investigations and event inquiries when gaps are identified.
i. Assess stakeholder allegations and NRC staff non-concurrences and Differing Professional Opinions (DPO), and conduct investigations and event inquiries into NRCs oversight of operating reactors.
j. Assess stakeholder allegations and NRC staff non-concurrences and DPOs, and conduct investigations to ensure NRC regulations and oversight activities address supply chain vulnerabilities to include prevention of counterfeit, fraudulent, and substandard items entering the supply chain.

4

k. Assess stakeholder allegations and NRC staff non-concurrences and DPOs, and conduct investigations and event inquiries to determine NRCs efforts in addressing stakeholder and NRC staff safety concerns.
l. Assess NRC 's readiness to effectively and timely review licensee applications for license renewals and power uprates.
m. Assess NRCs experience in timely identifying and effectively responding to emerging technical and regulatory issues.
n. Assess NRC actions in its integrating lessons learned from the totality of the events at and associated with the nuclear accident at the Fukushima Dai-ichi facility to include improvements in its regulatory system and the management of its operating reactor inspection programs and activities.
o. Assess the effectiveness of NRC efforts to facilitate public participation in the regulatory process while protecting information with a potential to impact the safety of NRC regulated facilities.
p. Assess NRC activities and their effectiveness in fostering an environment both internally and externally where safety issues can be raised without fear of retaliation.

Strategy 1-2: Identify risk areas associated with NRCs oversight of the licensing and construction of new and advanced reactors, and conduct audits and investigations that lead to NRC program improvements.

Actions:

a. Assess the extent to which NRC incorporates lessons learned from the licensing and construction process under Parts 50 and 52 and other applicable regulations for ongoing and future design certification, licensing, and construction inspection for new and advanced reactor technologies.
b. Assess the adequacy of NRCs application acceptance and review process and approval standards to include its timeliness, thoroughness, effectiveness, and transparency.
c. Assess the adequacy of NRCs development and implementation of a construction inspection program.
d. Assess the adequacy of NRC's development and implementation of a rigorous quality assurance oversight program.

5

e. Assess the environmental review process associated with new and advanced reactor site construction to ensure that NRC carries out its responsibilities.
f. Assess NRCs actions to address stakeholders concerns over potential gaps in NRC oversight of new and advanced reactor construction.
g. Assess NRC oversight of vendor material and manufacturing methods used in the construction of new and advanced reactor plants.
h. Assess NRCs integration of domestic and international operating experience, generic safety issues, and introduction of new technologies (e.g., digital products) into new and advanced reactor licensing.
i. Assess allegations and conduct investigations and event inquiries into NRCs oversight of new and advanced reactors.
j. Assess allegations and conduct investigations to ensure NRC regulations and oversight activities address supply chain vulnerabilities to include prevention of counterfeit, fraudulent, and substandard items entering the supply chain.
k. Assess the effectiveness of NRC efforts to balance the oversight of new facility construction activities oversight with that for existing major fuel cycle facilities and operating reactors.
l. Assess NRC activities and their effectiveness in fostering an environment both internally and externally where safety issues can be raised without fear of retaliation.

Strategy 1-3: Identify risk areas facing NRCs oversight of nuclear materials, and conduct audits and investigations that lead to NRC program improvements.

Actions:

a. Assess NRCs implementation of programs for controlling, accounting for, tracking, and inspecting nuclear materials to include the National Source Tracking System, Web-based licensing, and the License Verification System.
b. Assess NRCs licensing and oversight of the construction, startup, and operation of new fuel cycle facilities.

6

c. Assess NRC activities concerning the licensing, safety oversight, and aging effects of existing fuel cycle facilities.
d. Assess impact of the Agreement State program on the safety of materials and on NRCs regulatory activities.
e. Review NRC and licensee reports and engage interested stakeholders to identify issues of concern in NRC oversight of nuclear material held by NRC licensees.
f. Through proactive initiatives, determine if NRC provided effective oversight of nuclear materials.
g. Assess the adequacy and effectiveness of NRCs license application and review process to ensure that only legitimate entities, to include certificate holders, receive NRC byproduct material licenses.
h. Assess allegations and conduct investigations concerning NRCs oversight of nuclear materials.
i. Assess NRC activities and their effectiveness in fostering an environment both externally and internally where safety issues can be raised without fear of retaliation.

Strategy 1-4: Identify risk areas associated with NRCs oversight of high-level and low level waste, and conduct audits and investigations that lead to NRC program improvements.

Actions:

a. Assess NRCs activities addressing the DOE application for authorization to construct a geologic repository for high-level waste.
b. Assess NRCs regulatory activities involving any interim or permanent repository facilities designated to receive high-level waste.
c. Assess the key issues affecting the safe management of civilian low-level waste disposal, including the availability of low-level radioactive waste disposal sites.
d. Assess NRCs oversight of nuclear waste issues associated with the decommissioning and cleanup of nuclear reactor sites and other facilities.

7

e. Assess allegations and conduct investigations and event inquiries to determine NRCs effectiveness in addressing stakeholder concerns regarding low-level and high-level waste issues.
f. Assess NRC activities and their effectiveness in fostering an environment both internally and externally where safety issues can be raised without fear of retaliation.
g. Assess NRC's oversight of the certification of storage and transportation casks.

Strategic Goal 2: Security Enhance NRCs efforts to increase security in response to an evolving threat environment.

Discussion: NRC must ensure that nuclear power and materials licensees take adequate measures to protect their facilities against radiological sabotage. In a threat environment where adversaries tactics and capabilities rapidly evolve, NRC faces the challenge of adapting to dynamic threats while also maintaining a stable security oversight regime commensurate with the agencys mission as a fair and impartial regulator. In addition, NRC aims to balance its security oversight obligations with a duty to share information with public stakeholders about threats to the Nation s nuclear power and materials sectors.

NRC plays a critical role in overseeing and supporting the emergency preparedness and incident response capabilities of nuclear power plant operators and the integration of their plans with government agencies in light of the prospect of natural disasters and terrorist threats. In addition, NRC must protect its infrastructure and take the necessary steps to ensure that its staff, facilities, and information technology assets are adequately protected against projected threats and provide for the maintenance of operations.

NRC has well-established inspection programs for evaluating the physical, information, and personnel security activities of nuclear power and materials licensees. However, the agency developed a cyber security directorate, and implemented an inspection program to evaluate the security of information technology used to operate nuclear power plants. This nascent cyber security program will face implementation challenges common to new inspection programs, such as communicating new requirements to licensees, conducting inspections in a consistent manner, and allocating sufficient resources to sustain the inspection program beyond its initial years. Cyber security also entails unique oversight challenges related to the mix of digital and analog systems at different nuclear power plants, as well as the need for NRC to understand in depth how digital equipment upgrades will impact plant operations and security. Lastly, the complexity of digital systems and possible interfaces with licensees administrative, security, and operations systems requires that NRC carefully test for 8

vulnerabilities without compromising licensees digital networks.

Strategy 2-1: Identify risk areas involved in effectively securing both new and operating nuclear reactors, nuclear fuel cycle facilities, and nuclear materials, and conduct audits and investigations that lead to NRC program improvements.

Actions:

a. Assess the adequacy of NRCs oversight activities with regard to the security of nuclear materials, operating reactors, and nuclear fuel cycle facilities.
b. Assess the comprehensiveness of NRCs threat assessment and the process for keeping it up to date.
c. Assess the adequacy of regulations to respond to an evolving threat environment and the extent to which NRC is making appropriate adjustments.
d. Assess the key issues affecting the secure management of civilian low-level waste disposal.
e. Assess NRCs coordination with other agencies.
f. Where appropriate, conduct investigations and event inquiries designed to address NRCs efforts in providing oversight of licensee security responsibilities.
g. Assess the adequacy of NRC oversight activities to ensure that security is incorporated into the design and construction of new facilities.
h. Assess the adequacy of NRC efforts to develop and implement a comprehensive cyber security program for nuclear power plants and fuel cycle facilities.
i. Assess NRC activities and their effectiveness in fostering an environment both internally and externally where security can be raised without fear of retaliation.
j. Through proactive initiatives, determine if NRC provided effective oversight against radiological sabotage and theft or diversion of materials.

9

Strategy 2-2: Identify risk areas associated with maintaining a secure infrastructure (i.e., physical security, personnel security, and information security), and conduct audits and investigations that lead to NRC program improvements.

Actions:

a. Assess how NRC manages threats to its facilities, personnel, and information systems.
b. Assess the extent to which NRC effectively implements physical, personnel, and information security controls and procedures.
c. As appropriate, conduct investigations into internal and external cyber breaches of NRCs infrastructure.
d. As appropriate, conduct investigations into misconduct involving physical and personnel security.

Strategy 2-3: Identify risks associated with emergency preparedness and incident response, and conduct audits and investigations that lead to NRC program improvements.

Actions:

a. Assess NRCs management of emergency preparedness guidelines, regulations, and programs Assess NRC's efforts to prepare for responding to nuclear incidents including training, system reliability and interoperability, personnel availability, and response team organization and coordination.
b. Assess NRCs management of coordination with Federal, State, and local governments and licensees.
c. As appropriate, conduct investigations related to NRCs addressing and responding to emergencies and nuclear incidents.

Strategy 2-4: Identify risks associated with international activities related to security, and conduct audits and investigations that lead to NRC program improvements.

Actions:

a. Assess NRCs management of controls on the import and export of nuclear materials.
b. Assess NRC involvement with international assistance including material control 10

and accountability and incident response.

c. As appropriate, conduct investigations concerning NRC activities and oversight of the proliferation, import, and export of nuclear materials.

Strategic Goal 3: Corporate Management Increase the economy, efficiency, and effectiveness with which NRC manages and exercises stewardship over its resources.

Discussion: NRC faces significant challenges to efficiently, effectively, and economically manage its corporate resources within the parameters of its budget. NRC must continue to provide infrastructure and support to accomplish its regulatory mission while responding to changes in the Nations spent fuel policy, reliance on nuclear energy, and security threat environment.

Addressing the corporate resource challenges of human capital, information management, and financial management will necessitate foresight and flexibility and a strategic approach to managing change during the strategic planning period. NRC must mitigate the loss of retiring senior experts and managers by enhancing its knowledge management, lessons learned, and training programs, along with attracting and retaining staff with the necessary competencies.

NRC also needs to continue upgrading and modernizing its information technology resources for employees and to support public access to the regulatory process. Finally, the agency needs to continue to improve its management and control over financial resources and procurement practices.

NRC will need to address changes caused by internal and external factors that will challenge the agencys ability to achieve its goals efficiently and effectively.

OIG will target corporate management risk areas for audits and investigations, to fulfill its statutory responsibility to evaluate the agencys financial management, and work with NRC to identify and improve weaknesses.

Strategy: 3-1: Identify areas of corporate management risk within NRC and conduct audits and investigations that lead to NRC program improvements.

Actions:

a. Assess NRCs management of human capital to include training and development programs, knowledge management, and recruiting and retention activities.

11

b. Assess NRCs financial management practices to include development and collection of fees and budget processes.
c. Provide reasonable assurance that NRCs financial statements are presented fairly in all material aspects.
d. Assess NRCs development, implementation, and lifecycle management of information technology tools and systems.
e. Assess NRC management systems to ensure the agency effectively uses best practices for common business processes such as the systematic approach to training, project management , knowledge management, and process improvement.
f. Assess NRCs management of administrative functions to include procurements, property, and facilities.
g. Assess allegations and conduct criminal and administrative investigations of misuse of NRCs corporate resources pertaining to human resources, procurement, financial management, and information technology.
h. Assess the efficiency and effectiveness of NRC's management of changes caused by internal and external factors.
i. Reduce instances of fraud, waste, and abuse through criminal and administrative investigations or proactive initiatives.
j. Assess NRC activities and their effectiveness in fostering an environment where corporate management issues can be raised without fear of retaliation.

12

PERFORMANCE DATA The following tables include the strategic goals, measures, and targets for the current strategic plan. They also provide actual performance data for FY 2013-FY 2017.

OIG Strategic Goal 1: Strengthen NRCs Efforts To Protect Public Health and Safety and the Environment 2013 2014 2015 2016 2017 Measure 1. Percentage of OIG products and activities that have a high impact on improving the NRCs safety program.

1 Target 85% 85% 85% 85% 85%

Actual 63% 2 100% 100% 100% 100%

Measure 2. Percentage of audit recommendations agreed to by the agency.

Target 92% 92% 92% 92% 92%

Actual 100% 36% 3 86% 4 100% 95%

Measure 3. Percentage of final agency actions taken within 2 years on audit recommendations.

Target 70% 70% 70% 70% 70%

Actual 82% 33% 5 47% 6 76% 75%

Measure 4. Percentage of agency actions taken in response to investigative reports.

Target 90% 90% 90% 90% 90%

Actual 100% 100% 100% 100% 0% 7 Measure 5. Percentage of active cases completed in less than 18 months on average.

Target 90% 8 90% 90% 90% 90%

Actual 100% 50% 9 50% 10 60% 11 0% 12 Measure 6. Percentage of closed investigations referred to DOJ or other relevant authorities.

Target 20% 13 20% 20% 20%

Actual N/A N/A N/A N/A Measure 7. Percentage of closed investigations resulting in indictments, convictions, civil suits or settlements, judgments, administrative actions, monetary results or IG clearance letters. 14 Target 60% 60% 60% 60%

Actual 100% 50% 100% 0% 15 OIG Strategic Goal 2: Enhance NRCs Efforts To Increase Security in Response To an Evolving Threat Environment 2013 2014 2015 2016 2017 Measure 1. Percentage of OIG products and activities that have a high impact on improving the NRCs security program.

Target 85% 85% 85% 85% 85%

Actual 100% 100% 100% 91% 100%

Measure 2. Percentage of audit recommendations agreed to by the agency.

Target 92% 92% 92% 92% 92%

Actual 100% 100% 100% 100% 100%

Measure 3. Percentage of final agency actions taken within 2 years on audit recommendations.

Target 70% 70% 70% 70% 70%

Actual 93% 70% 82% 64% 16 55% 17 Measure 4. Percentage of agency actions taken in response to investigative reports.

Target 90% 90% 90% 90% 90%

Actual 100% 100% 100% 100% N/A Measure 5. Percentage of active cases completed in less than 18 months on average.

Target 90% 90% 90% 90% 90%

Actual 33% 18 75% 19 100% 80% 20 100%

Measure 6. Percentage of closed investigations referred to DOJ or other relevant authorities.

Target 20% 20% 20% 20%

Actual N/A N/A 100% 50%

Measure 7. Percentage of closed investigations resulting in indictments, convictions, civil suits or settlements, judgments, administrative actions, monetary results or IG clearance letters. 21 Target 60% 60% 60% 60%

Actual 100% 100% 100% 33% 22 13

OIG Strategic Goal 3: Improve the Economy, Efficiency, and Effectiveness With Which NRC Manages and Exercises Stewardship Over Its Resources 2013 2014 2015 2016 2017 Measure 1. Percentage of OIG products and activities that have a high impact on improving the NRCs corporate management program.

Target 85% 85% 85% 85% 85%

Actual 83% 23 74% 24 87% 85% 93%

Measure 2. Percentage of audit recommendations agreed to by the agency.

Target 92% 92% 92% 92% 92%

Actual 88% 25 100% 100% 100% 100%

Measure 3. Percentage of final agency actions taken within 2 years on audit recommendations.

Target 70% 70% 70% 70% 70%

Actual 73% 90% 90% 80% 81%

Measure 4. Percentage of agency actions taken in response to investigative reports.

Target 90% 90% 90% 90% 90%

Actual 100% 100% 100% 100% 89% 26 Measure 5. Percentage of active cases completed in less than 18 months on average.

Target 90% 27 90% 90% 90% 90%

Actual 95% 91% 58% 28 78% 29 85% 30 Measure 6. Percentage of closed investigations referred to DOJ or other relevant authorities.

Target 20% 31 20% 20% 20%

Actual 27% 28% 45% 44%

Measure 7. Percentage of closed investigations resulting in indictments, convictions, civil suits or settlements, judgments, administrative actions, monetary results or IG clearance letters.

Target 60% 32 60% 60% 60%

Actual 100% 73% 71% 70%

FY 2017 BUDGET RESOURCES The following table depicts the relationship of the Inspector General program and associated FY 2017 budget resources to the OIGs strategic and general goals.

Program Links to OIG Strategic and General Goals Strategic and General Goals

($K) Advance NRCs Enhance NRCs Improve NRCs Safety Efforts ($K) Security Efforts ($K) Corporate Management ($K)

FY 2017 Programs ($11,160; 58 FTE)

Audits $3,144 $1,162 $3,026

($7,332; 37 FTE) 18.5 FTE 6.5 FTE 12.0 FTE Investigations $1,485 $637 $1,706

($3,828; 21 FTE) 8.0 FTE 3.5 FTE 9.5 FTE Verification and Validation of Measured Values and Performance OIG uses an automated management information system to capture program performance data for the Audits and Investigations Programs. The integrity of the system was thoroughly tested and validated prior to implementation. Reports generated by the system provide both detailed information and summary data. All system data are deemed reliable.

14

CROSS-CUTTING FUNCTIONS WITH OTHER GOVERNMENT AGENCIES NRC OIG has cross-cutting functions with other law enforcement agencies. For example, OIG provides investigatory case referrals to the Department of Justice (DOJ). It also coordinates investigative activities with U.S. Attorneys offices, as well as with other agencies as required.

PEER REVIEWS An independent audit peer review performed in September 2015 by the Federal Communications Commission OIG found that the Audits Programs system of quality control provided reasonable assurance that audits were conducted in accordance with applicable professional standards.

In addition, an independent investigative peer review was conducted in October 2016 by the Tennessee Valley Authority OIG. The program was found to be in full compliance with quality standards established by the Council of the Inspectors General on Integrity and Efficiency and the Attorney General Guidelines for Offices of Inspectors General with Statutory Law Enforcement Authority.

CONCLUSION OIG met the majority (63 percent) of its audit and investigative program goals for FY 2017 by meeting 12 of 19 measurable items (2 investigative items were not measurable because there were no investigations applicable to the measure during FY 17). Of the seven goals that were not met, three were not met because there was only one investigative case applicable to each measure and the one case did not meet the measure. In addition, a fourth goal was missed by 1 percent (goal was 90 percent, and 89 percent was achieved). OIG continuously reviews its Strategic Plan to ensure that its goals and work strategies continue to add value to the NRC in carrying out its important safety and security mission.

1 High impact is the effect of an issued report or activity undertaken that results in: a) confirming risk areas or management challenges that caused the agency to take corrective action, b) real dollar savings or reduced regulatory burden, c) identifying significant wrongdoing by individuals that results in criminal or administrative action, d) clearing an individual wrongly accused, or e) identifying regulatory actions or oversight that may have contributed to the occurrence of a specific event or incident or resulted in a potential adverse impact on public health or safety.

2 Starting in FY 2010, a more rigorous standard was applied for the impact of investigations in the safety arena.

3 The agency required more than 90 days to resolve two of the five recommendations in the Audit of NRCs Management of Licensee Commitments prior to resolution. Subsequently, all five recommendations were resolved.

15

4 The agency required more than 90 days to resolve two of two recommendations in the Audit of NRCs Oversight of Active Component Aging. Subsequently, all two recommendations were resolved.

5 The agency required more than 2 years for final action on one of four recommendations in the Audit of NRCs Issuance of General Licenses. Final action was completed in October 2014.

6 The agency required more than 2 years for final action on six of six recommendations in the Audit of NRCs Oversight of Industrial Radiography. Final action was completed in October 2015.

7 Only one case was applicable to this measure and the agency did not take action in response to the report.

8 In FY 2012, OIG began to measure the percentage of active cases completed in less than 18 months on average.

9 Of four active investigation cases measured in the safety arena for the year, two cases were closed in less than 18 months, which resulted in an achievement rate of 50 percent.

10 Of two active investigative cases measured in the safety arena for the year, one case was closed in less than 18 months, which resulted in an achievement rate of 50 percent.

11 The complexity of two investigations required additional time to close these investigations.

12 There was only one case applicable to this measure; the case was not closed within 18 months, resulting in a measure of 0 percent.

13 In FY 2014, OIG began to measure closed investigations that resulted in a referral to the Department of Justice, State or local law enforcement officials, or relevant administrative authority.

14 Starting in FY 2014, OIG began measuring the percentage of closed investigations that resulted in an indictment, conviction, civil suit or settlement, judgment, administrative action, or monetary result. Starting in FY 2017, OIG added closed investigations that resulted in IG clearance letters to this measure. A clearance letter is a document provided to an employee in cases where an investigation is initiated in response to an allegation of employee misconduct and the misconduct is not substantiated.

15 Only one case was applicable to this measure and it did not result in any of the listed outcomes.

16 One audit recommendation required additional time to close. This recommendation has since been closed.

17 Four of eight recommendations on the Independent Evaluation of NRCs Implementation of the Federal Information Security Management Act (FISMA) for Fiscal Year 2012 required additional time to close. These four recommendations have since been closed.

18 In the security arena, the complexity of the investigative cases resulted in several cases exceeding 18 months on average.

19 Of the four active investigative cases measured in the security arena for the year, three cases were closed in less than 18 months, which resulted in an achievement rate of 75 percent.

20 The complexity of one investigation required additional time to close this investigation.

21 Starting in FY 2014, OIG began measuring the percentage of closed investigations that resulted in an indictment, conviction, civil suit or settlement, judgment, administrative action, or monetary result. Starting in FY 2017, OIG added closed investigations that resulted in IG clearance letters to this measure. A clearance letter is a document provided to an employee in cases where an investigation is initiated in response to an allegation of employee 16

misconduct and the misconduct is not substantiated.

22 Only one of three closed investigations resulted in an indictment, conviction, civil suit or settlement, judgment, administrative action, or monetary result which resulted in an achievement rate of 33 percent.

23 Starting in FY 2010, a more rigorous standard was applied for the impact of investigations in the corporate management arena.

24 Starting in FY 2010, a more rigorous standard was applied for the impact of investigations in the corporate management arena.

25 The agency needed more than 90 days to review the recommendations in the Audit of NRCs Contract Administration of the Enterprise Project Management (EPM). The agency agreed to all recommendations.

26 One of nine investigative cases resulted in no action taken in response to an investigative report which resulted in an 89 percent achievement rate.

27 In FY 2012, OIG began to measure the percentage of active cases completed in less than 18 months on average.

28 In the corporate management arena, OIG needed more than 18 months to complete active cases on average for 18 of 31 cases.

29 The complexity of several investigations required additional time to close these investigations.

30 The complexity of several investigations required additional time to close these investigations.

31 In FY 2014, OIG began to measure the percentage that resulted in a referral for action to the Department of Justice, State or local law enforcement officials or relevant administrative authority.

32 Starting in FY 2014, OIG began measuring the percentage of closed investigations that resulted in an indictment, conviction, civil suit or settlement, judgment, administrative action, or monetary result. Starting in FY 2017, OIG added closed investigations that resulted in IG clearance letters to this measure. A clearance letter is a document provided to an employee in cases where an investigation is initiated in response to an allegation of employee misconduct and the misconduct is not substantiated.

17