Category: Inspector General

OIG Audit Looks at Security for Decommissioning Reactors

Brett M. Baker
Assistant Inspector General for Audits

An Office of the Inspector General audit of the NRC’s oversight of security at decommissioning reactors is now available here. The audit set out to determine whether NRC’s oversight of security at decommissioning reactors provides for adequate protection of radioactive structures, systems and components.

oigThe NRC regulates the decommissioning of nuclear power plants, a process during which a plant is removed from service and the residual radioactivity is reduced to a level that permits release of the property and termination of its license. The NRC has rules governing power plant decommissioning that protect workers and the public during the process, and regulations for the management of worker fatigue.

The OIG found that the agency’s oversight of security at decommissioning reactors provides for adequate protection of radioactive structures, systems, and components. However, opportunities exist for program improvement.

The audit found that NRC regulations lack clarity on which elements of fitness-for-duty decommissioning licensees must implement. In addition, the NRC lacks regulatory requirements for a fatigue management program for decommissioning licensees.

The NRC is taking steps to address the issues. Presently, there are ongoing rulemaking efforts in the area of decommissioning. Additionally, the NRC recently finalized a report to document lessons learned associated with permanent power reactor shutdowns that occurred from 2013 – 2016.

The OIG audit report makes recommendations to clarify which fitness-for-duty elements licensees must implement to meet the requirements of the insider mitigation program; and to establish requirements for a fatigue management program.

NRC management stated their general agreement with the audit findings and recommendations.

Inspector General Audit Looks at NRC’s Employee Card Access System

Stephen D. Dingbaum
Assistant Inspector General for Audits

oigAn Office of the Inspector General audit of the NRC’s Personal Identity Verification card access system is now available. The audit set out to determine whether the NRC’s PIV card access system met its operational requirements, and to assess the effectiveness of coordination among offices with a role in securing NRC’s physical access.

The PIV card is an ID card issued by a federal agency. It contains information unique to each employee and contractor. The card’s main function is to protect and to strengthen the security of personnel information and physical access to secured areas. The NRC uses the card to control access at its headquarters and regional offices.

The OIG found that the agency’s PIV card access system met its requirements, and there is some coordination among offices with a role in securing NRC’s physical access.  However, opportunities exist to strengthen processes to ensure more PIV cards are retrieved when employees leave service. Opportunities also exist to establish a uniform and effective way for security officials to be notified of changes to contractor and employee access for restricted areas.

The audit found that PIV cards for terminated contractors and employees are not always retrieved, and that retrieval procedures have not been established. The OIG identified that of 1,452 terminated PIV cards over a 22-month period (January 2014 through November 2015), about one third were not collected from the personnel. As a result, there is a risk of unauthorized physical access to NRC and other federal facilities.

In addition, the OIG found, the NRC is not always notified of changes in staff/contractor access rights for restricted areas. Consequently, the potential exists for unauthorized access into a restricted area by personnel who should no longer have access.

The report makes seven recommendations to improve the system, reduce physical security risk across the agency, and ensure continued compliance with federal regulations and guidance.

NRC management stated their general agreement with the audit findings and recommendations.