[House Hearing, 108 Congress]
[From the U.S. Government Publishing Office]



 
 EMERGING THREATS: ASSESSING NUCLEAR WEAPONS COMPLEX FACILITY SECURITY
=======================================================================

                                HEARING

                               before the

                   SUBCOMMITTEE ON NATIONAL SECURITY,
                   EMERGING THREATS AND INTERNATIONAL
                               RELATIONS

                                 of the

                              COMMITTEE ON
                           GOVERNMENT REFORM

                        HOUSE OF REPRESENTATIVES

                      ONE HUNDRED EIGHTH CONGRESS

                             FIRST SESSION

                               __________

                             JUNE 24, 2003

                               __________

                           Serial No. 108-62

                               __________

       Printed for the use of the Committee on Government Reform


  Available via the World Wide Web: http://www.gpo.gov/congress/house
                      http://www.house.gov/reform













                       U.S. GOVERNMENT PRINTING OFFICE
89-848                     WASHINGTON : 2003
_____________________________________________________________________________
For Sale by the Superintendent of Documents, U.S. Government Printing Office
Internet: bookstore.gpo.gov  Phone: toll free (866) 512-1800; (202) 512-1800  
Fax: (202) 512-2250 Mail: Stop SSOP, Washington, DC 20402-0001















                     COMMITTEE ON GOVERNMENT REFORM

                     TOM DAVIS, Virginia, Chairman
DAN BURTON, Indiana                  HENRY A. WAXMAN, California
CHRISTOPHER SHAYS, Connecticut       TOM LANTOS, California
ILEANA ROS-LEHTINEN, Florida         MAJOR R. OWENS, New York
JOHN M. McHUGH, New York             EDOLPHUS TOWNS, New York
JOHN L. MICA, Florida                PAUL E. KANJORSKI, Pennsylvania
MARK E. SOUDER, Indiana              CAROLYN B. MALONEY, New York
STEVEN C. LaTOURETTE, Ohio           ELIJAH E. CUMMINGS, Maryland
DOUG OSE, California                 DENNIS J. KUCINICH, Ohio
RON LEWIS, Kentucky                  DANNY K. DAVIS, Illinois
JO ANN DAVIS, Virginia               JOHN F. TIERNEY, Massachusetts
TODD RUSSELL PLATTS, Pennsylvania    WM. LACY CLAY, Missouri
CHRIS CANNON, Utah                   DIANE E. WATSON, California
ADAM H. PUTNAM, Florida              STEPHEN F. LYNCH, Massachusetts
EDWARD L. SCHROCK, Virginia          CHRIS VAN HOLLEN, Maryland
JOHN J. DUNCAN, Jr., Tennessee       LINDA T. SANCHEZ, California
JOHN SULLIVAN, Oklahoma              C.A. ``DUTCH'' RUPPERSBERGER, 
NATHAN DEAL, Georgia                     Maryland
CANDICE S. MILLER, Michigan          ELEANOR HOLMES NORTON, District of 
TIM MURPHY, Pennsylvania                 Columbia
MICHAEL R. TURNER, Ohio              JIM COOPER, Tennessee
JOHN R. CARTER, Texas                CHRIS BELL, Texas
WILLIAM J. JANKLOW, South Dakota                 ------
MARSHA BLACKBURN, Tennessee          BERNARD SANDERS, Vermont 
                                         (Independent)

                       Peter Sirh, Staff Director
                 Melissa Wojciak, Deputy Staff Director
                      Rob Borden, Parliamentarian
                       Teresa Austin, Chief Clerk
              Philip M. Schiliro, Minority Staff Director

 Subcommittee on National Security, Emerging Threats and International 
                               Relations

                CHRISTOPHER SHAYS, Connecticut, Chairman

MICHAEL R. TURNER, Ohio
DAN BURTON, Indiana                  DENNIS J. KUCINICH, Ohio
STEVEN C. LaTOURETTE, Ohio           TOM LANTOS, California
RON LEWIS, Kentucky                  BERNARD SANDERS, Vermont
TODD RUSSELL PLATTS, Pennsylvania    STEPHEN F. LYNCH, Massachusetts
ADAM H. PUTNAM, Florida              CAROLYN B. MALONEY, New York
EDWARD L. SCHROCK, Virginia          LINDA T. SANCHEZ, California
JOHN J. DUNCAN, Jr., Tennessee       C.A. ``DUTCH'' RUPPERSBERGER, 
TIM MURPHY, Pennsylvania                 Maryland
WILLIAM J. JANKLOW, South Dakota     CHRIS BELL, Texas
                                     JOHN F. TIERNEY, Massachusetts

                               Ex Officio

TOM DAVIS, Virginia                  HENRY A. WAXMAN, California
            Lawrence J. Halloran, Staff Director and Counsel
              Kristine McElroy, Professional Staff Member
                        Robert A. Briggs, Clerk
           Michael Yeager, Minority Professional Staff Member

















                            C O N T E N T S

                              ----------                              
                                                                   Page
Hearing held on June 24, 2003....................................     1
Statement of:
    Brian, Danielle, executive director, Project on Government 
      Oversight; and Ronald E. Timm, president, Reta Security....    96
    Brooks, Linton F., Administrator, National Nuclear Security 
      Administration, Department of Energy; and Joseph S. 
      Mahaley, Director, Office of Security, Department of Energy    52
    Nazzaro, Robin M., Director, Natural Resources and 
      Environment, U.S. General Accounting Office, accompanied by 
      James Noel, Assistant Director, and Jonathan M. Gill, 
      Evaluator, Natural Resources and Environment; and Glenn S. 
      Podonsky, Director, Office of Oversight and Performance 
      Assurance, U.S. Department of Energy.......................     6
Letters, statements, etc., submitted for the record by:
    Brian, Danielle, executive director, Project on Government 
      Oversight:
        Report entitled, ``U.S. Nuclear Weapons Complex: Security 
          at Risk''..............................................    98
        Prepared statement of....................................   153
    Brooks, Linton F., Administrator, National Nuclear Security 
      Administration, prepared statement of......................    57
    Grassley, Hon. Charles, a Senator in Congress from the State 
      of Iowa, prepared statement of.............................    77
    Mahaley, Joseph S., Director, Office of Security, Department 
      of Energy, prepared statement of...........................    71
    Nazzaro, Robin M., Director, Natural Resources and 
      Environment, U.S. General Accounting Office, prepared 
      statement of...............................................     9
    Podonsky, Glenn S., Director, Office of Oversight and 
      Performance Assurance, U.S. Department of Energy, prepared 
      statement of...............................................    34
    Shays, Hon. Christopher, a Representative in Congress from 
      the State of Connecticut, prepared statement of............     3
    Timm, Ronald E., president, Reta Security, prepared statement 
      of.........................................................   163

















 EMERGING THREATS: ASSESSING NUCLEAR WEAPONS COMPLEX FACILITY SECURITY

                              ----------                              


                         TUESDAY, JUNE 24, 2003

                  House of Representatives,
Subcommittee on National Security, Emerging Threats 
                       and International Relations,
                            Committee on Government Reform,
                                                    Washington, DC.
    The subcommittee met, pursuant to notice, at 9:07 a.m., in 
room 2247, Rayburn House Office Building, Hon. Christopher 
Shays (chairman of the subcommittee) presiding.
    Present: Representatives Shays, Turner, Lewis, Platts, 
Duncan, Ruppersberger, and Tierney.
    Staff present: Lawrence Halloran, staff director and 
counsel; J. Vincent Chase, chief investiator; Kristine McElroy, 
professional staff member; Michael Yeager, minority deputy 
chief counsel; and Jean Gosa, minority assistant clerk.
    Mr. Shays. A quorum being present, the Subcommittee on 
National Security, Emerging Threats and International Relations 
hearing, entitled, ``Emerging Threats: Assessing Nuclear 
Weapons Complex Facility Security,'' is called to order.
    From its humble beginnings as the Manhattan Project in the 
distant New Mexico desert, the Nation's nuclear weapons program 
has always posed daunting security challenges. Today, the far-
flung complex of warhead production plants, research 
laboratories, test facilities, and former weapons sites stands 
as an undeniably attractive target for spies and terrorists 
bent on using their own technologies against us.
    Even before the attacks of September 11, 2001 forced a 
reevaluation of physical security standards and procedures, 
serious questions arose concerning lax management and a 
stubborn cultural antipathy to protective measures at sites 
housing plutonium and highly enriched uranium. In response, 
Congress established the National Nuclear Security 
Administration [NNSA], as a semi-autonomous agency within the 
Department of Energy [DOE], to focus resources and high-level 
management attention on security mandates.
    However, creation of the NNSA failed to stem persistent 
reports of security lapses and inattentiveness to lingering 
vulnerabilities throughout the weapons complex. So the 
subcommittee asked the General Accounting Office [GAO], to 
evaluate DOE and NNSA management of material safeguards and 
facility security programs. Of particular interest was how DOE 
assures contractor adherence to security policies.
    The GAO findings released today lead to this sobering 
conclusion: The stern new realities of the post-September 11 
world have been far too slow to penetrate the hardened 
bureaucratic maze of DOE offices, contractors and sites. It 
took 2 years for DOE to update the fundamental assessment 
governing nuclear weapons security. The design basis threat 
[DBT], formally adopted in May, the new, more stringent DBT 
will not be fully reflected in budget plans until 2005. More of 
concern, security enhancements demanded by the new DBT will not 
be completed before 2009, if then.
    Even the process of completing the GAO study under 
discussion today was needlessly delayed by DOE refusal to 
provide access to drafts of the DBT, drafts openly relied upon 
to justify earlier budget submissions. DOE eventually provided 
the documents to Congress' audit agency, and we hope that level 
of cooperation will continue as we pursue our investigation.
    GAO has found a lack of clear roles and responsibilities 
among NNSA security offices, inconsistent assessments of 
contractor performance, potentially critical staff shortfalls 
and a failure to address the root causes of security lapses. As 
a result, neither the Department of Energy nor the NNSA can yet 
provide reasonable assurance weapons grade material is 
protected against a determined, well-trained adversarial force 
willing to die in a nuclear detonation or radiological 
dispersion of their own making.
    This morning, we will hear testimony on the process of 
updating and administering security standards at the Nation's 
nuclear weapons complex. Classified elements of the security 
and safeguards program will be discussed at a closed session 
this afternoon.
    Our witnesses today all bring impressive experience and 
important expertise to our continuing oversight of nuclear 
security. They also share a dedication to improve national 
security and public safety, and we look forward to a 
constructive dialog on these important issues.
    Before recognizing Mr. Turner, let me just apologize for 
being a little late. I got in to Andrews Air Force Base at 
about 2:30 last night.
    [The prepared statement of Hon. Christopher Shays follows:]


    [GRAPHICS NOT AVAILABLE IN TIFF FORMAT]


    
    Mr. Turner. Thank you, Mr. Chairman. I want to thank you 
again for your efforts and leadership in addressing the issue 
of our national security and the threats that are posed by 
issues of possible targets of terrorist attacks.
    Our national labs and nuclear production facilities are 
appealing targets for terrorists. These sites are challenges to 
secure, spread over large parcels of land and containing some 
of the most deadly materials known to man. Terrorists now use 
once unimaginable tactics to cause death and destruction, and 
we must now account for the possibility that terrorists will 
sacrifice their own lives to carry out their missions. And the 
thought of terrorists attempting to steal plutonium or highly 
enriched uranium is no longer related to Tom Clancy novels, but 
is a real-life threat.
    I am particularly interested in hearing how we can make the 
NNSA more responsive and flexible to the threats facing our 
weapons complexes, and it should not take months and years to 
develop security procedures. The real world does not work this 
way, terrorists do not work this way, and the ground-level 
security personnel do not think this way.
    I look forward to hearing our witnesses' testimony.
    Mr. Shays. I thank the gentleman, and recognize Mr. Duncan.
    Mr. Duncan. Well, thank you very much, Mr. Chairman, for 
calling this very important hearing.
    I don't have a formal written statement or opening 
statement, but I do want to say that I don't represent the 
facility at Oak Ridge, TN, but slightly over half of the people 
who work there live in my district, and so this is a subject of 
great concern to me and my constituents; and I am particularly 
interested to know if there are any problems or shortcomings at 
the facility at Oak Ridge.
    But I will just--I have come here mainly to try to learn 
about this, what the problem is and what the extent of it is; 
and I thank you for calling this hearing.
    Mr. Shays. I thank the gentleman for participating and both 
gentlemen's good work on this committee.
    Just a few housekeeping before recognizing our panel. I ask 
unanimous consent that all members of the subcommittee be 
permitted to place an opening statement in the record and that 
the record remain open for 3 days for that purpose. Without 
objection, so ordered.
    I ask further unanimous consent that all witnesses be 
permitted to include their written statements in the record, 
and without objection, so ordered.
    I ask unanimous consent that the subcommittee meet in 
closed session at 2 p.m. today to hear testimony on classified 
aspects of the issues under discussion today. Without objection 
so ordered. We will do that at 2 today.
    I am going to call on the first panel, recognize them, and 
then have Mr. Turner take over and conduct this hearing.
    Our first panel is comprised of Ms. Robin M. Nazzaro, 
Director, National Resources and Environment, the U.S. General 
Accounting Office, accompanied from the same division by James 
Noel, Assistant Director, and also Jonathan M. Gill, Evaluator.
    The second testimony from this panel will be from Glenn 
Podonsky, Director of Office of Oversight and Performance 
Assurance, referred to as ``OA,'' from the Department of 
Energy.
    If you would please rise, we will swear you in and we will 
start the testimony.
    [Witnesses sworn.]
    Mr. Shays. Note for the record, our witnesses have 
responded in the affirmative. And we will start with Ms. 
Nazzaro.
    Ms. Nazzaro. Thank you, Mr. Chairman.
    Mr. Shays. Let me just say, we have 5 minutes, but we roll 
over for another 5 minutes, so you will have, technically, 10 
minutes, but we prefer you stop somewhere between the 5 and the 
10. It is important that we put your document on the record, so 
if you need the full 10, feel free to use it.
    Ms. Nazzaro. OK. Thank you.
    Mr. Shays. Thank you.

STATEMENTS OF ROBIN M. NAZZARO, DIRECTOR, NATURAL RESOURCES AND 
  ENVIRONMENT, U.S. GENERAL ACCOUNTING OFFICE, ACCOMPANIED BY 
     JAMES NOEL, ASSISTANT DIRECTOR, AND JONATHAN M. GILL, 
  EVALUATOR, NATURAL RESOURCES AND ENVIRONMENT; AND GLENN S. 
    PODONSKY, DIRECTOR, OFFICE OF OVERSIGHT AND PERFORMANCE 
              ASSURANCE, U.S. DEPARTMENT OF ENERGY

    Ms. Nazzaro. Thank you, Mr. Chairman and members of the 
subcommittee. I am pleased to be here today to discuss physical 
security of the nuclear weapons complex at the Department of 
Energy and the National Nuclear Security Administration within 
DOE.
    Currently, the nuclear complex includes four production 
sites, three national laboratories that design nuclear weapons 
and a number of former nuclear weapons sites that contain 
nuclear weapons materials. To ensure the physical security of 
the complex, DOE and NNSA rely on their safeguards and security 
program.
    A key component of the DOE's protective strategy is the 
design basis threat, which identifies the characteristics of 
the potential threats to DOE. To implement their safeguards and 
security program, DOE and NNSA rely on contractors to conduct 
day-to-day security activities subject to DOE and NNSA 
oversight.
    Over the past decade, we and others have raised concern 
about the adequacy of security at nuclear weapons facilities 
within the Department and NNSA. In addition, the terrorist 
attacks of September 11, 2001, highlighted the importance of 
effective physical security in response to a challenging and 
well-organized terrorist threat.
    In this context, my testimony today focuses on two issues: 
first, how NNSA manages its safeguards and security program; 
and second, DOE's response to the terrorist attacks of 
September 11, 2001.
    In summary, Mr. Chairman, we found that NNSA has not been 
fully effective in managing its safeguards and security program 
in the following four key areas.
    First, NNSA had not fully defined clear roles and 
responsibilities for its headquarters and site operations. 
Since its creation in March 2000, NNSA's management structure 
has been in a state of flux. As a result, NNSA site office 
officials said that each office is carrying out oversight 
activities as it deems appropriate.
    Second, as a result of the lack of clarity in NNSA's 
management structure, NNSA site offices have not been 
consistent in how they assess contractor safeguards and 
security activities. Consequently, NNSA cannot be assured that 
all facilities are subject to the comprehensive annual 
assessment that DOE policy requires.
    Third, once problems are identified, NNSA contractors do 
not consistently conduct the analysis DOE policy requires in 
preparing corrective action plans. The corrective actions are 
developed without fully considering the problems' root causes, 
the risks posed, or the cost versus benefit of taking 
corrective action. Thus, potential opportunities to improve 
physical security at the sites are not maximized.
    And last, NNSA site offices have shortfalls in the total 
number of staff and in the expertise for effectively overseeing 
contractors. This could make it more difficult for site offices 
to effectively oversee security activities.
    Site officials said that they will fill some vacancies 
through a virtual organization. However, it will take time to 
work through some of the difficulties associated with making 
the transition to this approach.
    As a result, NNSA cannot be assured that its contractors 
are working to a maximum advantage to protect critical 
facilities and materials from adversaries seeking to inflict 
damage.
    In our May report, we made four recommendations to address 
these problems, that are designed to improve NNSA's security 
management and oversight. Since the issuance of our report, 
NNSA has made progress in addressing the problems we 
identified, including publishing a Safeguards and Security 
Functions, Responsibilities, and Authorities Manual and 
developing and issuing guidance for corrective action plans. 
Beyond these changes sound safeguards and security management 
will have to play a key role in helping DOE and NNSA adjust to 
the post-September 11 security environment.
    Before I take the second issue on, do you want me to break? 
Then, here would be a good place.
    Mr. Turner [presiding]. No. Please continue.
    Ms. Nazzaro. Continue? OK.
    I would now like to discuss DOE and NNSA response to the 
terrorist attacks of September 11, 2001. In this regard, we 
examined three issues: DOE's and NNSA's immediate response to 
the attacks, DOE's efforts to develop the design basis threat 
document, and the challenges DOE and NNSA face in meeting the 
requirements of the new DBT.
    DOE and NNSA took immediate steps to improve security in 
the aftermath of the September 11 terrorist attacks. For 
example, DOE and NNSA moved to a higher level of security that 
required, among other things, more vehicle inspections and 
security patrols. DOE and NNSA also conducted a number of 
security-related reviews, studies and analysis and increased 
communication with Federal, State and local officials. While 
these steps are believed to have improved DOE's and NNSA's 
security posture, they have been expensive. These steps have 
required extensive overtime, which has had a considerable 
negative effect on DOE's and NNSA's protective force through 
fatigue, reduced readiness, retention, and reduced training. 
Furthermore, until fully evaluated, the effectiveness of these 
measures is uncertain.
    Based on the number and capabilities of the terrorists 
involved in the September 11 attacks, DOE and NNSA officials 
realized that the then-current DBT, which was issued in 1999 
and based on a 1998 Intelligence Community assessment, was 
obsolete. However, formally recognizing these new threats by 
updating the DBT has been difficult. DOE's effort to develop 
and issue a new DBT took almost 2 years; it was issued just 
last month. The effort to develop a new DBT was slowed by, 
among other things, disagreements over the size of the 
potential terrorist group that might attack a DOE or NNSA 
facility and how much it would cost to meet the new threat.
    Implementation of the new DBT will be challenging. 
Successfully addressing the increased threats will take time 
and resources as well as sound management, leadership, and new 
ways of doing business. Currently, DOE does not have a reliable 
estimate of the cost to fully protect DOE and NNSA facilities 
against the new DBT. Further, once funds become available, most 
sites estimate that it will take from 2 to 5 years to fully 
implement, test, validate, and refine strategies for meeting 
the new DBT requirements. Meeting these challenges will require 
DOE and NNSA to provide sustained sound management for their 
safeguards and security program. Given the materials DOE and 
NNSA possess, physical security at DOE and NNSA facilities 
cannot fail.
    Mr. Chairman, that concludes my statement. I would be happy 
to respond to any questions you or the Members may have.
    Mr. Turner. Thank you.
    [Note.--The GAO report entitled, ``Nuclear Security, NNSA 
Needs to Better Manage Its Safeguards and Security Program,'' 
may be found in subcommittee files.]
    [The prepared statement of Ms. Nazarro follows:]



    [GRAPHICS NOT AVAILABLE IN TIFF FORMAT]
    
    Mr. Turner. Mr. Noel. I am sorry. Mr. Podonsky.
    Mr. Podonsky. Thank you, Mr. Chairman, for inviting me to 
testify today.
    My Office of Independent Oversight and Performance 
Assurance is responsible for evaluating the Department's 
environment, safety, and health, safeguarding the security and 
cyber security programs at the Department. We report directly 
to the Secretary of Energy and have no responsibilities for 
either managing DOE sites or developing policy. Consequently, 
we perform assessments independent of the programs and provide 
unbiased information to the Secretary, the NNSA Administrator 
and other DOE line managers.
    My testimony today will focus on the current status of 
security programs at nuclear weapons production sites and the 
national weapons laboratories.
    It is important to note that some of the current problems 
in the DOE security program are driven by events that occurred 
in the mid-90's when budgets for security were cut 
significantly. These cuts resulted in reductions in protective 
forces and decisions not to upgrade or replace security 
hardware. In the 1998 timeframe, independent oversight reviews, 
and other external assessments revealed that the security cuts 
had gone too far at some sites; protection effectiveness was 
not where it needed to be. At DOE's direction, sites began 
rebuilding their protection programs.
    The tragic events of September 11 happened at a time when 
DOE was still rebuilding its protection programs. Since then, 
DOE has increased security through a number of measures and has 
reassessed the design basis threat. However, these represent 
only the first steps in enhancing DOE security.
    Historically, many roles and responsibilities for security 
have been unclear in some areas and too fragmented for 
effective operation in others. Secretary Abraham and Ambassador 
Brooks are addressing the overall management structure for 
security, but much remains to be done before DOE has a coherent 
management structure in place to support an effective corporate 
approach to security.
    Our assessment of the current security posture is based on 
inspections we have conducted during the past 2 years, which 
include most major NNSA sites and laboratories. Our inspections 
include extensive performance testing. For example, we have 
been conducting much more aggressive large-scale force-on-force 
performance tests of physical security using our own adversary 
team for years. The September 11 events prompted us to redouble 
our efforts. Since then we have substantially increased the 
number of tests we perform and strengthened our adversaries 
team by adding real-world experts and rigorous training.
    At the direction of Secretary Abraham, we are initiating a 
DOE-wide review of protective force operations to assess the 
current effectiveness of post-September 11 enhancements. Our 
inspections and performance tests have documented some positive 
aspects, as well as a number of weaknesses, some of which are 
long-standing and require substantially more attention.
    On the positive side, many improvements have resulted from 
the increased security measures put in place following 
September 11. DOE sites have hired more protective force 
personnel and increased the number of protective force members 
on duty at any given time. They have added additional barriers 
and hardened fighting positions. Classified cyber operations 
have also been made more secure.
    Additionally, Secretary Abraham personally directed that 
the design basis threat be further strengthened after it was 
submitted for his review. The final design basis threat, which 
was issued May 20, provides the basis for establishing and 
assessing protection effectiveness at DOE sites.
    Notwithstanding these positive aspects, our inspections 
have also documented a number of weaknesses. The recent hire of 
additional protective force personnel has been responsive to 
the heightened security levels. However, DOE sites continue to 
rely on the use of overtime until new hires are cleared and 
trained to perform their duties. As a result, protective force 
personnel testing and training have been reduced or deferred 
because existing manpower is stretched to the limit.
    DOE sites have primarily responded to the need to enhance 
security by using manpower-intensive measures. More effective 
solutions can be gained by enhancing the integration of 
manpower and technology through increased use of barriers and 
force multipliers, consolidating security assets, improving 
manpower deployment to protect vital assets, and making greater 
use of performance tests.
    It is clear that every site has increased its level of 
protection in response to the September 11 attacks. However, 
few of these enhanced protection schemes have been fully 
performance-tested or formally evaluated.
    Unclassified cyber security continues to be a challenge for 
many sites. There are recurring deficiencies regarding controls 
of foreign nationals on DOE computer systems. Additionally, 
some sites have not fully recognized or addressed the risk 
associated with the proliferation of wireless computer 
technology. Weakness in feedback, in improving the process and 
clarity of security roles and responsibilities are long-
standing concerns within both the DOE line and contractor 
organizations. Progress in these areas has been inconsistent 
and sporadic.
    The NNSA reorganization places increased responsibility 
onsite offices. However, at this time, not all sites have the 
staffing and expertise necessary to fully and effectively 
discharge their security oversight responsibility. The 
Secretary, Deputy Secretary and NNSA Administrator have placed 
significant emphasis on reorganizing the management structure 
to clarify responsibilities and increase accountability. They 
have demonstrated personal involvement in enhancing security 
after September 11 and in response to the very recent security 
lapses. The current efforts are promising, but need significant 
continued attention and evaluation to ensure that the intended 
improvements are realized at the field level.
    In closing, the Department is making some progress, but 
much more work is needed to upgrade and vigorously test site 
programs to meet the new design basis threat, to crystallize 
security-related roles and responsibilities throughout the 
Department, and to apply program and performance feedback in 
continuously improving our overall security posture. The strong 
and aggressive focus of the Secretary and the NNSA 
Administrator must be sustained in order to satisfy the 
increasingly complex and continually changing security 
challenges that face the DOE and our Nation.
    Thank you.
    Mr. Turner. Thank you.
    [The prepared statement of Mr. Podonsky follows:]


    [GRAPHICS NOT AVAILABLE IN TIFF FORMAT]
    
    Mr. Turner. I would acknowledge that Mr. Dennis Kucinich 
from Ohio and Mr. Ron Lewis from Kentucky have joined us. And 
we will begin our questions with the 5-minute round, and our 
first questions will be asked by Mr. John Duncan of Tennessee.
    Mr. Duncan. Well, thank you very much, Mr. Chairman. Just a 
little less than a month ago, the Knoxville News Sentinel had a 
story under the headline DOE ``Again Thumbs Nose at External 
Safety Regulation,'' and the story says--this is not a new 
story, of course--critics have skewered DOE's self-regulating 
status for years, and the GAO has issued regular reports 
showing how external regulations would improve safety 
accountability and, for God's sake, save money too.
    In its newest finding, they said shifting down regulation 
could save DOE as much as $41 million annually; and in its 
response, the DOE questioned cost estimates and the quality of 
GAO's research data.
    The GAO counters with this biting conclusion that at this 
point, with the analysis undertaken on this issue over the 
years, it seems to us that philosophical opposition rather than 
data limitations is the main stumbling block to the 
Department's shift to external regulation. Indeed, same song, 
slightly new verse.
    Is that an accurate story, Ms. Nazzaro, and would you care 
to comment on that? And then I will ask Mr. Podonsky if he 
wants to say something.
    Ms. Nazzaro. I would say, yes, it is an accurate story. I 
mean, GAO does stand by our analysis as far as the dollar 
savings, which was the only thing that was disputed.
    Mr. Turner. Ms. Nazzaro, could you please come a little 
closer to the mic so we can all hear you.
    Ms. Nazzaro. We have reported, as you said, for years on 
the benefits of external regulation. We continue to be 
supportive of that concept. And this was the first year that we 
had done some comparison as far as potential dollar savings, 
and have compared it against a pilot project actually that was 
done using data from another agency; and we stand by those 
numbers.
    Mr. Duncan. Mr. Podonsky.
    Mr. Podonsky. Congressman, I would have to defer that 
answer to the Department for a response. Since we do an 
independent oversight of the Department, we have not actually 
looked at what the effects would be if there was an external 
regulator.
    Mr. Duncan. Let me ask you this. The NNSA was created in 
March 2000, and that was 1\1/2\ years before the events of 
September 11. What was accomplished in that 1\1/2\ years? You 
said something about shifting management and so forth. Was 
nothing done?
    And then this DBT thing, design basis threat. I have to say 
whoever came up with that sure came up with a bureaucratic 
title. But it took 2 years to issue this DBT. Why did that take 
so long? And what were we not doing before in regard to 
security that we are doing now?
    Can either one of you answer some of these questions?
    Ms. Nazzaro.
    Ms. Nazzaro. I can start.
    There was a previous design basis threat document. This 
isn't a new document within the Department. There was a design 
basis threat document that was developed in 1999 based on a 
1998 assessment. This was an updated one based on the events of 
September 11.
    DOE decided it needed to update the prior design basis 
threat. What it addresses is----
    Mr. Duncan. Even though we had a report out in 1999, it 
took them 2 years to come up with a report after September 11?
    Ms. Nazzaro. Correct. There were disagreements on the 
course it was going to take, what level of risk DOE was willing 
to take, and what exactly the threat was.
    What the new design basis threat document lays out is the 
level of risk and the level of threat, what is the threat as 
far as an adversary; and there was disagreement within the 
Department on what that threat would be.
    Mr. Duncan. Well, I know from living near Oak Ridge there 
has always been security out there. And what I am wondering 
about is, you know, we have this report you said came out, this 
DBT report came out in 1999 and then now we have an updated 
one.
    What I am wondering about is, what are we doing now?
    Part of what I am wondering about is, what are we doing now 
that we weren't doing before all these reports have come out? 
What changes have been made?
    Mr. Podonsky. I might be able to answer that, Congressman.
    Mr. Duncan. OK, go ahead, Mr. Podonsky.
    Mr. Podonsky. The difference between the old design basis 
threat [DBT], and the new one, without going into classified, 
the numbers have changed, ``numbers'' meaning what the 
Department is protecting against, to be more realistic with 
real events today. It formalizes the----
    Mr. Duncan. When you say ``the numbers have changed,'' are 
you talking about the numbers of security personnel?
    Mr. Podonsky. No, sir. We are talking about the design 
basis threat as a tool by which security is focusing on what it 
is protecting against, so how many adversaries do you need to 
protect against?
    Mr. Duncan. I see.
    Mr. Podonsky. Because various threats would require 
different numbers. And part of this is truly for economics as 
well as security. You can make something so secure that you 
don't function any longer.
    Mr. Duncan. Right.
    Mr. Podonsky. So there has to be a balance between your 
mission as well as security. And what the new DBT did, it 
formalized increased numbers, considering what we all saw on 
September 11; and it also formalized protection requirements 
against radiological dispersal as well as dispersal of chemical 
agents. So it took a look at other threats that were not 
previously considered under old regimens.
    Mr. Duncan. All right.
    Well, I have some more questions, but my time is up for 
this round, so I yield back.
    Mr. Turner. Mr. Kucinich.
    Mr. Kucinich. Thank you very much. I have some questions 
for Mr. Podonsky.
    According to information from the Department of Energy, the 
National Nuclear Security Administration in 2003 estimates that 
they will spend $7.9 billion for their work. Is that correct?
    Mr. Podonsky. You would have to ask the NNSA. I have no 
knowledge of what they would be spending.
    Mr. Kucinich. OK. Do you want to tell me about the work of 
your department, specifically in relationship to this program?
    Mr. Podonsky. My office, Congressman, is responsible to the 
Secretary and the NNSA Administrator for evaluating 
environment, safety, and health, safeguards and security, the 
cyber security, the emergency management programs at the 
Department. We evaluate them against their requirements, but we 
performance test them to make sure that they are doing what 
they are funded to do.
    For example, in the security area, we test the security 
forces. We look at material control accountability. We look at 
classified and unclassified cyber security. We look at 
personnel security. We look at all the aspects of the 
performance of the DOE and the NNSA. And then we report on that 
to both the inside of the Department and also to interested 
committees up here on the Hill.
    Mr. Kucinich. Now, there are watchdog groups, such as the 
Project on Government Oversight, that has alleged that force-
on-force and simulated tests of nuclear facilities are dumbed 
down to show that security forces are adequately prepared to 
meet the threat. For instance, it's been alleged that security 
forces are given the time and, in one reported instance, even 
the plan of attack. Attackers are placed under artificial 
constraints to slow them down or otherwise limit their 
capabilities.
    As part of your work on this project or from your 
experience doing other work, have you seen this happen?
    Mr. Podonsky. The answer to that is, in some cases, yes, we 
have seen where it has been questionable--in the past, this 
past year--questionable whether scenarios were shared or not 
shared. The reality, however, is, today I would say that we 
have not seen dumbed-down tests. On the contrary, we have seen 
very aggressive, including our own very aggressive force-on-
force exercises.
    The thing that is important to realize----
    Mr. Kucinich. Can you say when you have seen those? Have 
you personally witnessed that or have you personally----
    Mr. Podonsky. I have only heard accounts of those back in 
the 1997-1998 timeframe.
    Mr. Kucinich. So you don't know from your own experience?
    Mr. Podonsky. In terms of dumbed-down testing?
    Mr. Kucinich. Right.
    Mr. Podonsky. No, sir.
    Mr. Kucinich. Do you know from your own experience about 
the quality of testing right now?
    Mr. Podonsky. Yes, I do.
    Mr. Kucinich. Do you think the DOE has determined the 
design basis threat based on actual threat to the facilities; 
or is it influenced by budgetary constraints?
    Mr. Podonsky. We believe that the design basis threat today 
is a very aggressive, robust threat statement. We do have two 
concerns that I will be happy to talk about under closed 
classified session. But overall we think, given today's threat 
in the world, the DOE has a very high mountain that it has 
created, and we think it is very appropriate.
    Mr. Kucinich. Thank you.
    Mr. Chairman, I have here a copy of an attachment that 
includes a Department of Energy budget. I think it would be 
interesting for the people of this country to know that nearly 
$8 billion is estimated to be spent on the National Nuclear 
Security Administration, and that environmental management, 
which doesn't include a certain amount of cleanup, is scheduled 
to be about $7 billion--nuclear waste disposal, about $591 
billion--or million.
    When you look at this overall budget, Mr. Chairman, there 
is a question that just needs to be raised in the context of 
this hearing, and that is the policy of our government with 
respect to building nuclear weapons in the first place. And 
while this is about the threat that derives from having 
produced such weapons, it appears that the weapons that we are 
producing, far from being a threat to other nations, end up 
being a threat to ourselves. Just a little thought for today.
    Thank you.
    Mr. Turner. Mr. Lewis.
    Mr. Lewis. Thank you Mr. Chairman. Ms. Nazzaro and Mr. 
Podonsky, how adequately staffed are DOE and NNSA for insurance 
safeguards and security at the nuclear weapons complex sites?
    Ms. Nazzaro. In regards to staffing, the issue we looked at 
was staffing as it relates to oversight, and that's where we 
found that there was a deficiency as far as capabilities to 
conduct oversight of the contractors. DOE's response has been 
that it will use this virtual organization whereby they would 
use individuals from other locations to conduct oversight.
    However, we do have concerns that the staffing certainly is 
inadequate, and they do have a number of vacancies that need to 
be filled. But we looked at it only in that aspect.
    Mr. Lewis. Thank you.
    Mr. Podonsky, what are DOE and NNSA doing about the 
staffing problem?
    Mr. Podonsky. To the NNSA and DOE's credit, they have 
increased the personnel in terms of security guard force, which 
was very important.
    Relative to staffing at the sites for, as Ms. Nazzaro was 
talking about the self-assessment oversight, the programmatic 
oversight, they are taking a very rigorous approach to try and 
find more staff.
    We fully agree with the GAO from an independent oversight 
perspective, that there is a need, a very serious need, at all 
the site offices to beef up the staffing with qualified, 
capable folks to oversee the contractors, as well as the 
contractors to oversee themselves.
    Mr. Lewis. And what's the problem in getting the staffing 
up to par, finding qualified people? Or what's the problem?
    Mr. Podonsky. Well, you would have to ask the NNSA or DOE 
directly. But I would give you our opinion from independent 
oversight which is, there are a lot of competing concerns for 
security in the country today and it is very difficult. I know 
in my own organization to maintain and keep very highly 
qualified national-level experts in the security business and 
to attract them into government service is quite difficult 
because the salaries are not necessarily as attractive as they 
are in the private sector.
    Mr. Lewis. OK. Thank you.
    I yield back my time. Thanks.
    Mr. Turner. Mr. Chairman.
    Mr. Shays. I thank you all for being here. Let me ask you, 
Ms. Nazzaro and Mr. Podonsky, how do you define adequate 
security? And let me just say, we are talking about security in 
our labs, our production facilities, our test sites, and the 
closed-down environmental sites.
    And how would you define adequate security?
    Mr. Podonsky. It's very----
    Mr. Shays. And maybe in your answer you can tell me the 
different kinds of security we're talking about.
    Mr. Podonsky. Well, at the Department of Energy, security 
has been a focus through various ebbs and flow in time. Back in 
the 1970's, it was heavily focused on security and there were 
changes that were made.
    In the 1980's, safety was focused on. In the 1990's, more 
safety. And then, of course, post-September 11, security was 
focused on again.
    And I would just tell you that adequate security really 
depends on what is being protected. And from our standpoint, 
the Department, now more than ever, is focusing on providing 
appropriate security while still trying to maintain its 
mission.
    If you talk to security professionals, they would give you 
an answer that may be unacceptable in terms of what type of 
budgets would have to be spent to provide the adequate security 
that they may need.
    It's similar to what TSA is going through at the airports. 
How many security screeners do you need? What's appropriate for 
what you're trying to do? And the airlines will tell you that 
they're trying to make sure the passengers make it to the 
airplanes on time.
    In the Department of Energy, we have different sites, 
different categories of protection, and the security and the 
design basis threat that we've talked about here is tailored to 
meet those needs. Again, I would say that the adequacy is 
difficult to pinpoint because it changes, dependent on what the 
target is and what you're trying to protect and what your 
mission is.
    Ms. Nazzaro. Without getting into any classified 
information, what we would look at are two levels: One, there 
are a number of assessments that are performed to look at the 
adequacy of security, both surveys and surveillance that DOE 
uses; and we would expect that those would be clean 
assessments, you know, and that any action plans that were 
identified as a result would be addressed.
    Second, they do identify a level of risk. And DOE does have 
various levels of risk, and we would expect those to be at the 
lowest level, as set out in DOE's policy.
    Mr. Shays. Tell me, if we don't have adequate security, 
what are the potentials that could be used by governments, 
their spy networks or by terrorists, to--I want to know why 
this matters.
    It may seem obvious, the question, but I want someone to 
articulate it. Why does all this matter?
    Ms. Nazzaro. Well, there are certainly a number of 
threats--I mean, one being theft of nuclear weapons and/or 
materials; also, sabotage at the sites themselves. Certainly, 
within a terrorist environment, you've got people who are 
willing to die to go and actually detonate these at the sites.
    Mr. Shays. But just going from your response, we're talking 
about the potential that someone could actually get a nuclear 
weapon; is that correct?
    Ms. Nazzaro. Correct.
    Mr. Shays. We're talking about the fact that they could get 
weapons grade material?
    Ms. Nazzaro. Correct.
    Mr. Shays. We're talking about the fact that they could 
come onsite and sabotage the sites?
    Ms. Nazzaro. Correct.
    Mr. Shays. And we're also talking about the fact that they 
could potentially cause a radioactive catastrophe or a nuclear 
explosion?
    Ms. Nazzaro. At the sites. Correct.
    Mr. Shays. Yes. So that's why we care about this?
    Ms. Nazzaro. Yes, sir.
    Mr. Shays. We're also concerned with countries, other 
countries getting the technology that, in many cases, they may 
not have at all, or that they may be 10 or 20 years behind us. 
Is that also a factor?
    Ms. Nazzaro. Yes.
    Mr. Shays. OK.
    When you did this report, I was--some of it seems--I don't 
want to say ``technical'' in that sense; I want to say that I 
was wondering if we were swallowing camels and straining out 
gnats. When DOE looks at this, do they--is their response to 
you that--you know what? I will come back. After you've had 
your round, I'll come back for my round. I want to followup on 
this question, and my time is up.
    Ms. Nazzaro. OK.
    Mr. Turner. Thank you, Mr. Chairman. I think it is very 
important that you were asking the question, why does this 
matter, because if you look at the report that we have in front 
of us, it certainly does not reflect the--I think, what people 
in our country would consider the severity of the issue or the 
attention level that this deserves not just as a threat to 
Americans, but the possibility of the threat to others of 
technology, of even other countries being threatened by 
materials that we have through individuals that might seek 
them.
    In looking at Ms. Nazzaro's statement, you have issues, 
such as stating that defining clear roles and responsibilities 
has not been effectively done; assessing the site security 
activities needs to be addressed; overseeing contractors; 
corrective actions; allocating staff--all issues or problems.
    When you look at issues of our nuclear materials, you would 
expect that we would be able to use words such as ``proactive'' 
and ``advanced.'' What we're clearly seeing in the materials in 
front of us are words such as ``slow'' and ``incomplete.''
    And I'm just wondering, if you look through there--and 
clearly it's unacceptable, so you have to ask yourself, is it 
an issue of structure? Is it an issue of people just don't 
understand the severity of the issue in front of them? Is it a 
performance issues?
    So I would like Ms. Nazzaro and Mr. Podonsky to tell us.
    I mean, I'm certain that it is not acceptable, that this--
reading this, you agree that this is not where we would want to 
be, and this is a concern for all of us.
    Where is the problem, other than just saying the problem 
needs to be fixed? Is it structure? Is it understanding the 
mission? Or is it just a straight-out performance issues and 
somebody needs to be held accountable there?
    Ms. Nazzaro. The report you have in front of you addressed 
management and oversight issues, as far as DOE and NNSA 
overseeing the activities of the contractors.
    Some of the things that you're getting into would be more 
contractor performance issues, which we have not yet addressed; 
and that will be the subject of followon work, actually, that 
Congressman Shays has asked us to do.
    As far as the issues, though, at hand, you're still talking 
about safeguarding and protecting the nuclear complex; and 
given the kinds of materials that they are in charge of 
protecting, you know, this is something that is critical to the 
country. I mean, if you don't have adequate management and 
oversight of the contractors, you're going to see problems with 
the contractors as well. So I don't think it minimizes it by 
saying, these are the kinds of problems we're seeing. It 
certainly is an overarching issue of whether you're even 
overseeing or managing what the contractors are doing.
    Mr. Turner. I take it from your answer, in looking at 
NNSA's management oversight, it's an agency performance issue 
at this point, you believe; or you're indicating that you think 
additional information has to be given for you to define why is 
this continuing to be a problem.
    Ms. Nazzaro. No. As far as DOE, certainly we have seen 
ongoing problems for some time, since the creation of NNSA. As 
we said, this has been an agency in flux, and we have seen 
problems as far as defining roles and responsibilities where 
it's not clear who is supposed to do what; and basically what 
we have heard from the site offices is that they're all doing 
the wrong thing.
    Mr. Turner. Mr. Podonsky.
    Mr. Podonsky. I would start out by saying, many items in 
the GAO report the independent oversight does, in fact, agree 
with. However, I think it's important to note that Secretary 
Abraham and Ambassador Brooks are aggressively taking steps 
that have never been taken before in the Department, as long as 
I've been there--which is going on, unfortunately, about 19 
years of overseeing this behemoth organization. And the step 
that they are taking is, they are--finally, somebody is being 
held accountable. We're seeing this at our national 
laboratories. We're seeing this at the sites.
    If you ask, Congressman, what's the root cause, I would 
tell you that--my organization, after observing and writing 
reports on these very issues for many years, would tell you 
that roles and responsibilities have not always been clear; and 
the accountability, which is a critical part, has not always 
been taken where people were held accountable for those jobs 
that they hold. So it is a performance aspect, as well as 
management.
    But I would again iterate, the Secretary and the Ambassador 
are taking steps which we're seeing firsthand. We have teams 
out at some of the NNSA sites right now at the request of the 
Ambassador. Now, how that trickles down to the other managers 
in the security profession, that's where the rubber meets the 
road; and we think that's where further accountability has to 
be made.
    Mr. Turner. Thank you.
    Going to a second round of questions then, Mr. Duncan.
    Mr. Duncan. Let me just ask this. You know, any time any 
government agency--I don't care what department or agency it 
is, any time they mess up, they always come in and say it's 
because of lack of funding or not enough money. And yet, we've 
had 10 or 15 years of very low inflation. In fact, the Federal 
Reserve is worried about deflation now. We've probably had 25 
or 30 percent inflation over these last 10 years, and yet 
whenever you look at these agencies and ask what they're 
spending, compared to 10 years ago, they're at 60 and 100 
percent over what they were 10 years ago.
    I remember when the INS was criticized because they let all 
the hijackers in. They said they didn't have enough money, and 
we checked and they'd gotten a 250 percent increase in funding 
over the previous 8 years, which--I mean, this just boggles my 
mind that we hear this over and over again.
    Now I hear that the NNSA, which was just started in 2000, 
March 2000, has a $7.9 billion budget. And I--you know, 
that's--I'm all for saving all the money we can, but you know, 
and now we're acting like we're not doing enough in security.
    And Mr. Podonsky just said that we're doing far more than 
at any time in his 19 years at the Department. And I'm just 
wondering--you know, I don't want to scare people and think 
that we're not doing enough at these nuclear weapons 
facilities, and I'm curious about several things.
    I've read several times, I've read different numbers, 
when--about the Iraqi war, and that there were 23 or 25 
countries that have weapons of mass destruction. Does anybody 
on this panel know how many countries have nuclear weapons? How 
many countries are there that have nuclear weapons facilities? 
Do any of you know that?
    Ms. Nazzaro. I wouldn't have a total number, no, sir.
    Mr. Podonsky. No, sir.
    Mr. Duncan. Well, what I'm getting at, is there any country 
in the world that's doing more in regard to nuclear weapons 
facilities security than we are? Or any country that's doing 
even close to as much as we are? Surely somebody knows that 
question.
    Mr. Podonsky. I would believe that this country is doing, 
probably, the most of any.
    Mr. Duncan. Probably by far?
    Mr. Podonsky. By far, yes, sir.
    Mr. Duncan. And I'm not really clear on this. The NNSA 
budget, which is $7.9 billion and is all pertaining, 
supposedly, to security--because, I mean, that's what it's set 
up for. But how much is the DOE spending on security in 
addition to this $7.9 billion? Do you have any idea on that?
    Mr. Podonsky. I don't have that figure, no, sir.
    Mr. Duncan. But I assume that's a very large figure also.
    Mr. Noel. Actually, out of the NNSA budget, $8 billion, 
about $580 million is devoted to security. The balance is for 
operating the complex, protecting nuclear materials in other 
countries like the former Soviet Union, and producing naval 
reactors that operate in our ships.
    Mr. Duncan. So we're providing the security for other 
countries, as well as ours?
    Mr. Noel. No, not in this way.
    Mr. Duncan. Or just the Soviet Union?
    Mr. Noel. We are helping the former Soviet Union secure 
plutonium and highly enriched uranium so that terrorist groups 
cannot get their hands on it.
    But providing the actual physical security or overall 
security at the NNSA facilities is about a $580-million-a-year 
operation.
    Mr. Duncan. One of the things I'm concerned about is that I 
remember just a few weeks after the events of September 11, 
2001, former Congressman Callahan, who was the senior member of 
the Appropriations Committee, said in a meeting that I was in 
that he--he said, and very sad about it, I guess--he said that 
he estimated roughly that we would spend $1.5 trillion over the 
next 5 years on security matters, all throughout the 
government, that we wouldn't have spent otherwise.
    And the Wall Street Journal had an editorial after we 
passed the farm bill that we called the Farm Security Act, and 
they said that every department and agency was requesting--was 
using the threat of the incidents of September 11 to greatly 
increase their funding; and they said, from now on any bill 
that has the word ``security'' in it should get four times the 
scrutiny.
    And, you know, when you think about it, if we go--Mr. 
Podonsky hit on this a few minutes ago when he said, we have to 
have some sort of balance here between some reasonable 
security, but not interfering with the overall mission of the 
agency. And I think this was--he may not have meant that to be 
one of his key points; but I think it was, because in some 
ways, we're going ridiculously overboard on security and 
wasting all kinds of money that could be being spent on many 
other really good things.
    And I just wonder, are we achieving the balance that we 
need here?
    Ms. Nazzaro. Well, I don't think DOE has gone through that 
whole process yet. The design basis threat was the first step 
to identify what is the threat.
    Mr. Duncan. Well, what's left that we have to do? You said 
that there was a Design Basis Report issued in 1999. Then they 
spent 2 years on a new design basis threat. I mean, are we just 
going to have report after report after report?
    Ms. Nazzaro. No. The next step now would be to look at what 
it would take. They've raised the bar as to what this threat 
is; now they need to look at what it will take, what will be 
the cost versus the benefit that they will get from improving 
their systems; and there will be a certain level of risk that 
they will just accept that cannot be addressed. It may be too 
cost prohibitive. But we have identified a number of things 
that the agency should be looking at including, you know, 
closing public access, either acquiring more land around the 
facilities, closing roads, public roads that go into the 
facilities.
    Another thing they could do is close facilities that are no 
longer needed. Certainly there will be the development of new 
facilities in the use of new technologies, in some cases which 
may be more costly than currently in place. But there are some 
other things that can be done that, you know, are more cost 
efficient.
    Mr. Duncan. Mr. Podonsky did touch on it when he said that, 
you know, you can have so much security that you just really 
shut down a facility or you stop what's going on. And that--I 
mean, I know it's a very difficult question.
    Mr. Podonsky, do you have any comments?
    Mr. Podonsky. Well, I think you're making the point of what 
I was saying in my opening remarks and that is, there has to be 
a balance and the Department is going through this assessment. 
Now that they have a design basis threat, they know what they 
are protecting against. They have the numbers. Now they have 
the data with strategies and use of technology, and we would 
agree that throwing or putting more money into the system is 
not necessarily the only solution to meet the security threats 
that you're trying to protect against.
    Mr. Duncan. We do have to take security very seriously, and 
I want to do that. On the other hand, I read 2 or 3 months ago 
an article, or column, that said we have forgotten the fact 
that we're wanting to protect so much against terrorism that 
people are still 99.99 percent more likely to be killed by 
something else like cancer, heart disease, car wrecks, things 
like that; and we're spending trillions or hundreds of billions 
on security against terrorism to the neglect of things like 
more safety on the roads and more research on cancer and heart 
disease.
    And, I mean, we've got to get a hold of ourselves at some 
point.
    Ms. Nazzaro. You made a good point, and I think that 
supports our finding where we said that the agency has not 
addressed the corrective action plans appropriately. They have 
not done cost-benefit analysis. They have not, you know, 
assessed the risk level. They have just gone forward without, 
you know, really looking at what was the root cause of the 
problem before they took corrective actions.
    Mr. Duncan. Well, we just not only--``balance'' is the key 
word, but also common sense is something else that we seem to 
be lacking on some of these things.
    Thank you, Mr. Chairman.
    Mr. Turner. Mr. Lewis, we are going to go to a 10-minute 
round of questions so if you'd like to take----
    Mr. Lewis. I have no questions.
    Mr. Turner. Mr. Chairman.
    Mr. Shays. Thank you.
    I know it's been asked and I know it's been responded to, 
but I want the four of you, to tell me why a design basis 
threat is an important document.
    Mr. Noel. Well, basically the design basis threat sets the 
minimum standard to which the facilities have to be protected; 
and it lays out----
    Mr. Shays. We're talking about all the facilities, the 
labs, the environmental cleanup sites, the production sites, 
all of them, the test site?
    Mr. Noel. Right. It applies to all of the department's 
facilities. Now, it will apply in different ways. Clearly, a 
facility that has a nuclear weapon or nuclear materials will be 
protected to a much higher standard than a facility that is 
being cleaned up and just has waste materials there. But it is 
the standard by which the facility is going to be evaluated. It 
is the standard to which the contractor has to operate. So it 
forms the minimum to which these facilities need to be 
protected.
    Mr. Shays. Plutonium, a weapons grade--enough weapons grade 
material of plutonium is the size of a large orange, and if 
it's sealed, you can touch it, but it's not all that large. 
Highly enriched uranium, I could touch. It is the size of a 
large grapefruit, weighs about 30 pounds, but neither give off 
any noticeable smell, you know, just dirty radioactive 
material, and so we're not talking about a truckload to cause 
the damage. We're talking about what someone could basically 
carry out. We are talking about facilities that have developed 
weapons that enable us to use small amounts of this material 
and cause horrific explosions.
    We have had testimony in this committee that terrorists 
could basically detonate a nuclear weapon, if they didn't mind 
going up with it, and not all that sophisticated equipment, a 
weapon. So if you were to--and so I'm kind of responding to Mr. 
Duncan. I happen to agree that we could protect our citizens on 
a whole host of different levels for a whole host of different 
things and go bankrupt and have the economy not move forward 
and have poverty, not have breakthroughs in medicine and so on, 
but when we're talking about these facilities, we're talking 
about a potentially catastrophic outcome if terrorists get 
weapons grade material, if terrorists get a weapon or if 
terrorists actually get into these sites and are able to cause 
some real danger.
    Did either of you come to any conclusion about which sites 
were more vulnerable--the labs, the production facilities, the 
test site, the old environmental cleanup sites? Have any of you 
tried to assess where we are most vulnerable? And if we have--
and if that is not for public consumption, we can deal with it 
later.
    Ms. Nazzaro. I would say we would want to discuss that this 
afternoon, sir.
    Mr. Shays. But this part you can say publicly. Do you all 
have a sense of what you consider most vulnerable within those 
four categories?
    Ms. Nazzaro. I would say we have some examples that we 
could provide.
    Mr. Podonsky. Congressman, for the Secretary's oversight, 
we do know what we believe are the more vulnerable sites and 
which are the more protected sites, and we would be happy to 
discuss that with you in closed session, but we do have that 
information.
    Mr. Shays. Now, do each of the sites--can you group the 
production sites together and say that you have the same basic 
problems in the four--I think we have four sites or the three 
labs. If you have a problem with one lab, is it somewhat 
consistent with another, or are we going to have testimony 
behind closed doors that particular sites may be more 
vulnerable?
    Mr. Podonsky. From our perspective, each site has its own 
unique characteristics.
    Mr. Shays. But do they have similarities if they are labs 
versus production facilities?
    Mr. Podonsky. There are similarities both within the labs 
and also crossing over into the production sites. So we may 
have a problem that we have identified at a lab and it may also 
be a shared problem at a production site, as you refer.
    Mr. Noel. Mr. Chairman, it really has to do with the 
materials and which facilities have which materials and how 
those materials might be used. So it's not a function of 
necessarily what the place does but the materials they use.
    Mr. Gill. And also, too, how the facility is configured.
    Mr. Noel. I think it's important to recognize that this 
concern extends beyond NNSA but to the department as a whole, 
including some of the facilities in the Office of Environmental 
Management.
    Mr. Shays. When I go through, I sometimes am told there are 
12 sites, there are 11 sites, there are 10 sites, depending on 
what document I look at, and so it does get to be a little 
frustrating. Why am I given different numbers?
    Mr. Noel. Maybe I could help you out with that. In the 
NNSA's nuclear weapons complex, there are basically three 
design labs and four production plants and the Nevada test 
site.
    Mr. Shays. OK. So those are the big eight.
    Mr. Noel. With their world. In the Office of Environmental 
Management, there's roughly about eight large cleanup sites. 
For the purpose of our----
    Mr. Shays. Let me ask you, are some of those cleanup sites 
on any of the eight that you mentioned, or are they eight 
additional sites?
    Mr. Noel. Unfortunately, they are. The Savannah River site 
is both a cleanup site and a weapons production site.
    Mr. Shays. So it's a double counting on my----
    Mr. Noel. Yes. For the purpose of our analysis, we went to 
all DOE sites that have what are called category I special 
nuclear materials, and that is basically plutonium and highly 
enriched uranium that are the materials of interest that you 
were discussing.
    Mr. Shays. And in those two instances, none of the cleanup 
sites would have those, correct?
    Mr. Noel. No, unfortunately, they do. Hanford, Rocky Flats, 
Idaho and Savannah River all possess Category I special 
materials.
    Mr. Gill. And also, too, Mr. Chairman, not all the NNSA 
sites possess category I materials. The ones that do have 
category I materials: Los Alamos, Sandia, Livermore, Y-12 and 
Pantex.
    Mr. Shays. The other thing that I was blown away by was 
that some of these facilities, they don't have 20 buildings, 
but if--I read this when I was in the plane last night at 2:30 
at night, but I think I read, 200 buildings, 300 buildings. I 
mean, why so many buildings at these sites?
    Mr. Noel. Well, these facilities have been built up over a 
long period of time; and, you know, if you go to some of them--
the first time I went, somebody said, well, think of like a 50-
year-old factory, and that's what you're going to see, and 
that's about what a lot of these places look like. But the 
facilities that actually have--within the site, the facilities 
actually contain the materials of interest, that is a much 
smaller number, and the materials tend to be consolidated in 
certain buildings and then----
    Mr. Shays. So I shouldn't be exercised by the number of 
buildings that----
    Mr. Noel. No, I don't think so.
    Mr. Shays. But Los Alamos, 43 square miles. The Hanford 
Site, 560 square miles. The Savannah River Site, if I'm reading 
this correctly, 300 square miles.
    Mr. Noel. Yes. The overall site is----
    Mr. Shays. Idaho, 888 square miles.
    Mr. Noel. Yes. And the issue there--and Mr. Podonsky can 
talk about this a little bit--is, you know, that provides an 
enlarged area in which an adversary might be able to come 
closer to the site and to the actual materials than you would--
of interest to him without potentially being detected till he 
was very nearby.
    Mr. Shays. Well, let me just ask, do the number of 
buildings and the size of these facilities create additional 
problems? Obviously, the more buildings you have, that creates 
problems, but--in terms of security and so on, but is the size 
something that is a benefit because then we can have a no-
man's-land area that--I mean----
    Mr. Podonsky. Congressman, it is a double-edged sword. In 
some cases, from a security posture, the size is helpful. The 
other side is you want to start consolidating the target, the 
nuclear materials, and that is what the department and the NNSA 
is starting to do.
    We saw an example of this, actually--the department doing 
this prior to September 11 at the Hanford Site where they 
consolidated their--what we call the target to just a few 
buildings, and they continue to do that.
    The same thing is going--is happening at the Y-12. People 
are looking to consolidate and to reduce the exposure, if you 
will, to hostile elements.
    Mr. Shays. We have some questions that the committee has 
written up that we need to ask, too, but maybe--pardon me? OK. 
We can submit them.
    Thank you, Mr. Chairman.
    Mr. Turner. I want to thank the panel. I don't have any 
other questions. I appreciate your participation today.
    We'll move on to our second panel.
    Our second panel will consist of Linton Brooks, the 
Administrator for the National Nuclear Security Administration, 
Department of Energy; and Joseph Mahaley, Director, Office of 
Security, Department of Energy.
    We're waiting for Mr. Mahaley to join us.
    Mr. Shays. We told him 11 o'clock, so he is not technically 
late.
    Mr. Turner. I'd like to also at this time acknowledge that 
Mr. Tierney has joined us, and Mr. Ruppersberger had also 
joined us for part of the hearing.
    He is here, Mr. Mahaley.
    If both of you would please stand, we'll administer the 
oath. Please raise your right hands.
    [Witnesses sworn.]
    Mr. Turner. Please note for the record that the witnesses 
responded in the affirmative.
    Mr. Brooks, Ambassador.

STATEMENTS OF LINTON F. BROOKS, ADMINISTRATOR, NATIONAL NUCLEAR 
 SECURITY ADMINISTRATION, DEPARTMENT OF ENERGY; AND JOSEPH S. 
  MAHALEY, DIRECTOR, OFFICE OF SECURITY, DEPARTMENT OF ENERGY

    Mr. Brooks. Thank you, sir. I appreciate the opportunity to 
appear today to discuss the NNSA's safeguards and security 
program.
    Before I move to my remarks, I want to say that, although 
I'm the one who is here, Secretary Abraham is deeply committed 
and deeply involved in ensuring that we have an effective 
safeguards and security program. I meet with him and the Deputy 
Secretary on these issues frequently.
    What I'd like to do, if I may, sir, is submit my written 
statement for the record and proceed with an oral statement.
    Mr. Turner. Please.
    Mr. Brooks. Mr. Shays was speaking of some of the confusing 
aspects of the National Nuclear Security Administration, so let 
me clarify what my administration includes and what I'm 
responsible for.
    We are a separately organized component within the 
Department of Energy created by the Congress in response to 
security concerns in the nuclear weapons complex. I'm 
responsible for the Sandia, Los Alamos and Livermore National 
Laboratories; for the production plants at Y-12 in Tennessee; 
the Pantex plant in Texas; the Kansas City plant, which does 
only nonnuclear work in Kansas City; for the Nevada test site; 
and I'm responsible for some portions of the Savannah River 
site where we process tritium. I'm also responsible for the 
Office of Secure Transportation, which moves all special 
nuclear material and all weapons.
    I am obviously part of the Department of Energy and bound 
by DOE orders, but the law provides that no official of the 
Department of Energy other than the Secretary and the Deputy 
can give me direction. I operate my own safeguards and security 
program following the policy that is developed by the 
department, by Mr. Mahaley.
    I have eight site offices at the eight facilities I just 
mentioned staffed by Federal employees, and they are supported 
by a service center which is being consolidated in Albuquerque. 
Our fiscal 2004 budget request is $8.8 billion, with over 2,400 
Federal employees and about 55,000 contractor employees; and 
from that you correctly deduce that most of what we're trying 
to do will in practice be done by nongovernment employees. We 
are, except for the Office of Secure Transportation, an 
oversight organization primarily.
    Although we are semiautonomous, we make very effective use 
of Mr. Podonsky and the Office of Independent Oversight and 
Performance Assurance. One of the good early decisions was not 
to try and have my own office like that but to use Mr. 
Podonsky. That gives me both the benefits of complete 
independence, since he doesn't work for me, and substantial 
experience.
    I share Mr. Podonsky's general perspective that we have 
made very good progress, but there's a good deal more to bring 
all elements of the complex to the level of effectiveness we 
desire.
    In that regard, in recent months we've had a series of 
specific problems with security. In each instance, I believe 
we've taken immediate and aggressive action. Either I or one of 
my top managers has been engaged directly with our site 
managers and with the appropriate laboratory director. In some 
cases, I've dispatched senior teams to laboratories.
    Nonetheless, I am concerned by the pattern. Although one 
can look at individual events and reach varying judgments about 
their severity, I'm concerned by the pattern, and therefore we 
will shortly announce--``shortly'' means sometime in the next 2 
days--a series of steps to improve security.
    First, we will augment Federal and contractor security 
experts to make sure that we are effectively responding to some 
of these problems.
    Second, we will direct our site managers to increase 
surveillance and to provide periodic reports personally to me 
to make sure that I understand what they're finding.
    Third, we've been the subject of a large number of external 
reviews. We think we've implemented most of the 
recommendations. We'll go back in a systematic way, look at 
every review, look at every recommendation, say did we 
implement it and, if we didn't ask, do we want to rethink that?
    Fourth and fifth, we will form two groups headed by senior 
outside individuals, one to look directly at physical security 
and see whether there are patterns to these problems and one to 
look at people.
    You heard in the last panel concern about staffing. I share 
that concern, and I particularly share the concern over the 
long term. I have some extremely confident people in safeguards 
and security, one of whom's common characteristic is they could 
retire very soon, and I need to look at what I do over the long 
term to make sure that 10 years from now my successor is not 
sitting here having to talk about the same problems.
    Retired Admiral Richard Mies will lead the panel that looks 
at physical security, and retired Admiral Hank Chiles will lead 
the panel that looks at personnel. Both of these retired four-
star officers are respected professionals in the nuclear 
business. Both of them have commanded the U.S. Strategic 
Command. In addition, Admiral Chiles led a congressionally 
mandated commission to look at weapons design personnel, and 
I'm looking for him to do the same thing in security personnel. 
The Secretary and I are very pleased that they have agreed to 
take on this challenge, and we think they will help us make 
sure we have the optimum safety and security system for the 
21st century.
    I'd now like to address the various points that you 
specifically asked that we cover in our testimony.
    First, you asked what did we do after September 11. Well, 
the most obvious things we did immediately were to execute our 
predetermined emergency operations plan, stop weapons 
shipments, and deploy emergency response assets. Then my 
predecessor directed a short 24-hour security review and then a 
longer 72-hour review of potential vulnerabilities.
    The results are classified, but we have used them to reduce 
our vulnerability. For example, in the last panel you heard 
comments about closing roads. We've closed roads, and we're in 
the process of closing other roads.
    And then over a somewhat longer term, we assembled a team 
of subject matter experts to look at a whole variety of things, 
and once again we are implementing on a systematic basis those 
recommendations.
    Since September 11th, we've continued to strengthen our 
capabilities. As was mentioned in the last panel, we've 
increased protective forces. In the year 2000, we had 1,780 
protective officers. Now we have 2,160. We've added barriers, 
we've closed roads, we've increased security patrols, we've 
increased access patrols, and we've increased employee 
awareness. And in addition we are, as you heard on the last 
panel, continuing to look at how to consolidate materials.
    Let me turn now to the report released this morning by the 
General Accounting Office on NNSA's Safeguards and Security 
Program.
    First, I believe that the GAO did concentrate on the right 
things. I believe most things in life are a question of 
management, and this is clearly a question of management. If we 
do not get the management of safeguards and security right, we 
will never fix the problem. So I believe the GAO was looking at 
the right issues. They made four broad recommendations, three 
of which I agreed with.
    First, the GAO suggested formalizing roles and 
responsibilities. Those on the panel with past experience with 
the Department of Energy will know that this has been a 
historic problem within the Department, and so I agree we have 
to make absolutely clear to headquarters for the field program, 
contractor personnel what the responsibilities of each are. To 
that end, in December 2002, I implemented a major 
reorganization. That reorganization eliminates an entire layer 
of management, puts the site office manager as the clear, 
responsible and accountable Federal official at each site and 
makes that officer report directly to me.
    In addition, as GAO recommended, last month we issued a 
specific functions responsibilities and authority manual for 
safeguards and security to clarify at a working level detail 
who does what.
    I think these steps address the first of GAO's 
recommendations, but I think that it is incumbent upon me and 
my subordinates to be vigorous to ensure that the lack of 
clarity in roles and responsibilities, that being one reason 
they created NNSA, doesn't recur.
    In particular, you heard a comment from GAO about site 
offices, saying that they all did things differently. The 
comment is based on 18-month-old data. I would be delighted 
with no advance notice to have anybody call my eight site 
office managers now and see if they believe it is still the 
case. I do not believe it is still the case.
    Second, the GAO suggested that we pay greater attention to 
contractor corrective action plans. This is one of those things 
that sounds mundane, but it's actually quite important. Finding 
problems is appallingly easy. Fixing problems requires 
sustained effort. While we may disagree slightly with the 
extent of the problem, to the extent that there are problems 
with contractor corrective action plans, we will redouble our 
efforts, and one of the reasons for trying to bring in 
additional personnel is to make sure that we are doing so.
    Finally, GAO expressed concern about Federal staffing for 
safeguards and security, and I agree that effective Federal 
oversight demands not just numbers but quality. We have 
reviewed with each of the site managers their allocation for 
safeguards and security. All believe that their current 
authorized staffing level is sufficient.
    One, however, of my site managers, although the authorized 
level is sufficient, has been facing severe recruiting 
problems, and that is the Los Alamos site. The Los Alamos site 
has less than half of the safeguards and security 
professionals. I'm looking at what I can do about it. It is an 
isolated but high-cost area, which means that recruiting 
historically has been difficult there.
    We're going to continue to monitor this, obviously, but, in 
addition, I believe that the initiatives that I mentioned 
earlier will help us understand how to make sure that we have 
the adequate work force.
    One area in which I disagree with the GAO sounds technical, 
but it actually has a fairly strong policy component. The 
General Accounting Office recommended that we use a technique 
called ``surveys'' rather than a technique called 
``surveillance'' in providing our oversight. Surveys involve a 
2-week, once-a-year, onsite visit, a very complex, very 
formal--there's an entry conference. There's data collection. 
There's outbriefings. There's a report. But it only happens 
once a year. Under surveillance, we spread out the work and do 
periodic surveillance throughout the year. We believe that the 
surveillance approach is equally effective.
    However, the GAO is correct that the current department 
order does not support the approach that we are using. The 
current department order does not make surveillance an 
acceptable alternative.
    Mr. Mahaley and I have discussed that issue. We are both in 
agreement that the department order should be changed to 
legitimize the practice. The practice is right, but it is very 
important in safeguards and security that you're following the 
rules, since, after all, that is what you're trying to do, is 
make sure the rules are being followed.
    Mr. Mahaley will speak this afternoon and briefly today on 
the design basis threat. Let me just say one or two words about 
it.
    As you heard in the last panel, the design basis threat 
characterizes potential adversary threats for facilities. A 
question was asked about why you need it, and the answer is 
simple. Otherwise, you will have eight different people 
deciding how much of a threat to guard against; and some of 
them will be wasting resources by overguarding; and some of 
them will be incurring risk by underguarding. So you need a 
standard.
    We worked closely with the Office of Security in developing 
the document that was produced last month. I believe it 
accurately portrays what the intelligence community is telling 
us about the threat, the nuclear weapons material and 
classified information.
    I have heard suggestions that the design basis threat was 
tailored to what we believe we can afford. As far as I know, 
that's completely untrue. Certainly at no time in NNSA 
deliberations was there any suggestion of, well, we can't 
accept this because we can't afford it.
    I don't know what the new design basis threat is going to 
cost. At some of my sites, I think I'm probably already there. 
At some of my sites, I'm going to have to spend some more 
money. The threat document provides for implementation over a 
2-year period, as is appropriate, and I don't fully know what 
the cost is, but, whatever it is, we're going to pay for it, 
because it's too important not to.
    In conclusion, Mr. Chairman, although I believe that the 
security posture of our complex is effective, I don't believe 
that we're an attractive target to those who would try to steal 
weapons or steal materials or steal classified material. There 
continue to be improvements that are required. Secretary 
Abraham and I are committed to making those improvements.
    Since I assumed this job last July, I've been focusing 
personally and have focused the attention of my headquarters 
and field officials on insuring that our protection against 
theft and diversion of nuclear weapons, classified and 
sensitive material is robust and effective. I don't think 
there's any room for failure in this program, simply because 
the consequences of a terrorist act against one of our nuclear 
weapons sites are almost incomprehensible. So I intend to 
continue to work this problem vigorously.
    Thank you for the opportunity to testify today, and I look 
forward to your questions.
    Mr. Turner. Thank you, Ambassador.
    [The prepared statement of Mr. Brooks follows:]


    [GRAPHICS NOT AVAILABLE IN TIFF FORMAT]
    
    Mr. Turner. Mr. Mahaley.
    Mr. Mahaley. Thank you.
    Mr. Chairman, I appreciate this opportunity to provide the 
committee with information concerning the Department of 
Energy's recently completed efforts to update its design basis 
threat.
    DOE recently revised its design basis threat policy to 
reflect changes in perceived threats to U.S. Government assets 
and operations. The new design basis threat policy, approved in 
May 2003, is designed to reflect the most credible threats to 
departmental assets and operations and provide a baseline for 
operational and budgetary planning purposes. The DOE design 
basis threat policy is derived from and associated with 
national intelligence threat information and other government 
agencies' threat policy statements.
    The 2003 DOE policy is predicated on the information 
contained in the Defense Intelligence Agency, Postulated 
Threat: to U.S. Nuclear Weapons Facilities and Other Selected 
Strategic Facilities, dated January 2003, also referred to as 
the Postulated Threat Statement. The Postulated Threat 
Statement details relevant threat information about postulated 
adversary team sizes, characteristics, capabilities and 
applicability to national security assets. The Postulated 
Threat Statement is based on intelligence information detailing 
actual terrorist attacks and the equipment and tactics utilized 
in the attacks, expert judgments regarding stated terrorist 
intentions and their ability to execute the stated objectives 
and postulated capabilities based on the latest knowledge 
concerning terrorist activities.
    Prior to September 11, prior to those attacks in New York 
and Washington, the Department of Energy in August 2001, 
requested that the intelligence community prepare an update to 
the 1994 Postulated Threat Statement. Although the 1994 
Postulated Threat Statement was designed to be a 10-year 
document, we believed at that time the changes in international 
politics, emerging technologies and increases in worldwide 
terrorism required a reassessment. The National Intelligence 
Coordinating Committee assigned the primary responsibility for 
updating the Postulated Threat Statement to the Defense 
Intelligence Agency.
    The events of September 11 delayed the Postulated Threat 
Statement update effort due to reallocation of critical assets. 
However, the requested Postulated Threat Statement update was 
fully underway by January 2002. The primary entities 
collaborating on the revision to the Postulated Threat 
Statement were the Defense Intelligence Agency, the Department 
of the Navy, Department of the Army, Department of the Air 
Force, Nuclear Regulatory Commission, the Federal Bureau of 
Investigation, the Central Intelligence Agency and the 
Department of Energy.
    The Department of Energy's Office of Security, which I 
direct, began revising the DOE design basis threat policy in 
October 2001. Our work on the revised DOE design basis threat 
policy was carried out in parallel with the work on the updated 
Postulated Threat Statement to reduce the amount of time that 
would be required to issue a final DOE design basis threat upon 
completion of the Postulated Threat Statement.
    After the release of the Postulated Threat Statement in 
January of this year, we made final revisions to the 
departmental design basis threat policy; and the policy was 
then coordinated with the Department of Energy, including what 
Mr. Brooks has just pointed out, the National Nuclear Security 
Administration; and that revised policy was approved by Deputy 
Secretary of Energy Kyle McSlarrow on May 20.
    The new design basis threat policy will provide managers an 
improved threat policy document to plan, resource and execute 
vital safeguards and security programs. In addition to updated 
threat information, the revised threat policy includes a 
significant enhancement over prior policies. We call it the use 
of a ``graded threat concept.'' The graded threat concept 
considers and accounts for factors such as the consequences of 
a malevolent event, the attractiveness of the assets sought by 
the terrorists, the ability of an adversary to accomplish a 
given objective with an asset, and the resources required by an 
adversary to accomplish a given objective.
    The graded threat approach includes the establishment of 
threat levels for departmental facilities and associated 
protection strategies based on the assets located at a given 
facility. The DBT, or design basis threat, policy separates the 
threat levels into two distinct categories. One category of 
threat levels covers threat, disruption of mission, espionage 
and foreign intelligence collection; and the second category of 
sabotage threat levels covers radiological, chemical and 
biological sabotage.
    Five threat levels are established for theft, disruption of 
mission and espionage and foreign intelligence. Threat level 
one, which is the highest, are used to describe facilities that 
receive, use, process or transport or test what we call 
category IA assets. Those are nuclear weapons, nuclear test 
devices or completed nuclear assemblies.
    The threat levels run through threat level 5, which is the 
lowest, for facilities that are only required to maintain 
minimum safeguards, accountability or security operations; and 
that is--an example would be a small office activity, a tenant 
in a larger office building or a small isolated research or 
test facility, facilities that don't possess quantities of 
special nuclear material.
    Four sabotage threat levels are established for 
radiological, chemical and biological sabotage. Sabotage threat 
level 1--that is the highest level--through level 4, the 
lowest, are set for those facilities, buildings or operations 
that process, store or transport radiological, chemical and 
biological materials by the degree to which these materials, if 
dispersed, would result in acute dose effects at the site 
boundary.
    Immediately following the events of September 11, the 
Department implemented measures to augment safeguards and 
security for the most critical Departmental assets. Ambassador 
Brooks described what happened in the NNSA. That was pretty 
much mirrored throughout the rest of the Department. Even our 
non-NNSA activities are sometimes involved in transporting 
nuclear materiel. Those shipments were suspended. We went to 
our highest possible security condition, absent--we went to 
SECON 2, is what we call it. SECON 1 is reserved for a 
situation where an actual attack is directed at a DOE facility. 
We went to our highest security levels, suspended shipments, 
and that was pretty much uniform throughout the Department.
    The revised design basis threat policy is effective 
immediately and will be implemented over the next several 
years. Actions to augment existing safeguards and security 
programs for those facilities and assets that are considered 
the highest security priority will be undertaken as soon as 
practicable.
    Mr. Chairman, that concludes my prepared testimony. Thanks 
for the opportunity to appear before the committee, and I'll be 
happy to answer questions.
    Mr. Turner. Thank you, Mr. Mahaley.
    [The prepared statement of Mr. Mahaley follows:]


    [GRAPHICS NOT AVAILABLE IN TIFF FORMAT]
    
    Mr. Turner. We want to recognize Mr. Todd Platts from 
Pennsylvania has joined us for the hearing, and welcome.
    Also, I ask unanimous consent to insert into the hearing 
record at this point a statement from Senator Charles Grassley 
of Iowa. Senator Grassley is a co-requester with the 
subcommittee on related GAO work that will be the subject of a 
future hearing.
    [The prepared statement of Senator Grassley follows:]




    [GRAPHICS NOT AVAILABLE IN TIFF FORMAT]
    
    Mr. Turner. Mr. Ambassador, I appreciate your comments and 
the confidence in which you describe the actions that you're 
taking. This is obviously--when you start hearing some of the 
testimony about procedures and processes, it certainly loses 
some of the excitement I think we all would expect in the 
severity of the issue that we're dealing with, which is the 
security of our nuclear facilities and really the catastrophic 
consequences if you don't succeed.
    We've had testimony from the General Accounting Office; and 
we know that even the NNSA has indicated that they're--you are 
concerned that, at times, that managing the safeguards and the 
security programs have not been fully effective and the 
concerns as to the security of the complex.
    In listening, Ambassador, to the actions that you're 
taking, clearly you've acknowledged some problems that have 
occurred in the past, that you've not been fully satisfied. I'm 
assuming that you're not fully satisfied still as to where you 
are as a result of your actions, but I guess the big question 
that I have is, you know, what do you need? In addition to the 
authority that you have and the actions that you're taking, 
what do you see as you survey what the problem is in front of 
you that you currently don't have, either in authority or 
resources?
    Mr. Brooks. I believe that I largely have the authority and 
the resources I need.
    There are specific, once again, lower-level issues. For 
example, we have asked the Congress to change the law to allow 
investigations of some of our people to be conducted by the 
Office of Personnel Management rather than the FBI. If you 
look--we are not able to discern any difference in the quality 
of the OPM/FBI investigations, but we have to have them done 
before we can give them the appropriate clearance to be in 
sensitive facilities, and that includes guard force.
    What we are able to discern is that the waiting period for 
the FBI is sort of in the mid-200 days, and the waiting period 
for OPM investigations is in the range of 180 days. So we have 
asked the Congress to give the Secretary the flexibility to 
direct our investigations to the OPM.
    Now, this sounds like a very technical point, but it's not. 
It's not because the first line of defense is the guard force, 
but you can only use guards where appropriately cleared, and 
nobody wants to change that. And so, as you try to expand your 
guard force, you--it is important to be able to move rapidly to 
get them cleared. That is particularly true since one of the 
problems that we are working on is that our guard forces 
generally are doing a lot of overtime.
    Now, if you talk privately to the guards, they tend to like 
overtime, at least some of it, because they actually base their 
standard of living on the assumption that they're going to get 
some overtime. But we're doing more of it than we'd like to do.
    One problem, for example, has been each time the Nation 
goes to Homeland Security level orange, Mr. Mahaley and I tell 
the Secretary he should go to SECON 2, and he does. What that 
does is put more guards around things; and since there aren't 
any more guards, what it means is people work longer hours.
    So anything I can do to speed up the process of bringing on 
new guards at these plants is a useful thing, but that's not a 
very profound thing. It's illustrative in my view of the fact 
that security is a whole lot of individually not very glamorous 
things carried out day in and day out. But I'm not here saying, 
oh, if only the Congress would give me more money. I could 
certainly think of things to do with more money. This is not 
primarily a money problem. This is a roles-responsibilities-
oversight culture problem that we're trying to solve right now.
    Mr. Turner. I take it, though, that you do remain concerned 
as to the performance level. The initial question is your level 
of satisfaction--you're saying that you have the authority and 
the resources, which is a great the-buck-stops-here answer, and 
I wanted to get a sense from you that you do have some concern 
and that this is not----
    Mr. Brooks. I do have some.
    Mr. Turner [continuing]. Happening in a timely manner and 
it is not happening as effectively as it should.
    Mr. Brooks. Sir, we're dealing with nuclear weapons. You've 
got to be concerned at anything less than perfection. So of 
course I'm concerned.
    On the other hand, I think that we are moving in the right 
direction. I think that the--as you heard from Mr. Podonsky, 
there have been some substantial improvements.
    I think that where I have, for example, cultural problems, 
cultures don't change overnight. All right? If you have 
problems of being lax in enforcing rules, if you have problems 
of not being prompt in reporting problems, those are cultural 
problems and training problems, and you change them, but it 
takes time.
    So I don't want to mislead the committee. I think I'm 
headed in the right direction. I think I'm seized with a 
problem, but I don't think if you invite me back in 2 weeks I'm 
going to be able to walk in and say look at the wonderful 
things we've done in the last 2 weeks. I don't think that is 
the way this problem works.
    Mr. Turner. Thank you, Ambassador.
    Mr. Tierney.
    Mr. Tierney. Thank you, Mr. Chairman. Mr. Ambassador, Mr. 
Mahaley, thanks for joining us.
    Mr. Ambassador, I think you were correct in saying that 
most of these things go back to management. I know the 
Secretary had made a statement that he was going to take the 
University of California--the contract, put it up for review. 
It expires in 2005. Are you mindful that is the correct way to 
proceed? And if you are, should something be done between now 
and 2005 to enhance the job that we think they're doing?
    Mr. Brooks. Well, since the Secretary made that decision 
based on a recommendation from the Deputy Secretary and me, I 
certainly support it. We are doing things, not so much pointed 
in 2005, because we're doing things to continue to improve. The 
problems at Los Alamos that led to that decision did not spill 
over into security. They were primarily in business services, 
although you've recently seen one example that may spill over 
into security. There was what appears to have been a 
bookkeeping problem associated with a very small amount of 
plutonium. The best I can tell, that problem, which happened 2 
years ago but was only recently discovered, is another example 
of a general lax approach to business processes and the first 
one that actually spills over and has security things.
    One of the reasons that we were so concerned was the fear 
that poor discipline in processes in one area sooner or later 
spreads. So while I don't mean to minimize the importance of 
control of term and wise stewardship of the public money, you 
want to stomp out the problems in that area before they get to 
things like classified material control or physical security.
    What is being done in Los Alamos is the new laboratory 
director, who was put in with our approval by the University 
following the problems, is doing a major top-to-bottom overhaul 
of his business processes. So I don't think there's anything 
that needs to be done between now and 2005 that is not being 
done.
    Mr. Tierney. On the oversight issue--either of you 
gentlemen or both of you might want to respond to this--the 
assertion is made that some of the reviews of the test of the 
performance of the security were being dumbed down. Can you 
talk about that a little bit, give us some assurances to----
    Mr. Brooks. I think you--Mr. Podonsky, in the previous 
panel said that he believes that is an accurate description of 
the way it was in the 1990's, and he doesn't believe it is an 
accurate description of the way it is now.
    Mr. Tierney. Are you comfortable that it's not?
    Mr. Brooks. I am comfortable with that.
    Mr. Tierney. The fact of the matter is that terrorists now 
appear ready to give up their own lives in order to accomplish 
their purpose. So it becomes pretty important for us not just 
to worry about containing them once they get to site but 
keeping them out of that site. Are you mindful of the fact or 
do you feel confident of the fact that all NNSA facilities are 
able to do that at this time?
    Mr. Brooks. Yes.
    Mr. Tierney. And what do you base that on?
    Mr. Brooks. I base that on a series of reviews by Mr. 
Podonsky, a series of reviews by me and then an approach that 
my predecessor started called ``Iterative Site Analyses,'' 
which is another way of looking at the design basis threat that 
Mr. Mahaley was talking about as the standard against which we 
try and make that assessment.
    I don't yet know whether or not I can make that statement 
about the May 30th design basis threat or what I have to do to 
be able to make that statement. I don't mean to get into 
details in an open session. At most of my sites, I'm pretty 
comfortable that I was ahead of the new design basis threat at. 
At one or two sites, there may be one or two things we're going 
to need to do; and we're still looking at that.
    Mr. Tierney. Well, I'm going to let you go with that, 
because my next question I think will take us into the closed 
session this afternoon about what level of comfort Americans 
should have generally about all of these sites. But given the 
fact that the design basis threat is just evolving and you've 
got to make some assessments on that, I'll yield back the 
balance of my time. Thank you for your answers.
    Mr. Turner. Mr. Chairman.
    Mr. Shays. Thank you.
    Mr. Brooks, I found both your testimonies helpful, but I 
was particularly interested in your testimony given that it--
your oral testimony had an action plan that was not part of 
your written testimony. I inquired if maybe that was written 
down, and it wasn't. Could you go through your action plan.
    Mr. Brooks. Sure. I actually had hoped to be able to hand 
you a press release today. I actually think I'll now be able to 
hand you a press release tomorrow because of a teeny, tiny 
internal----
    Mr. Shays. It's not a criticism. I'm delighted to----
    Mr. Brooks. But what I'm doing first, we are going to 
augment drawing from a number of things. We're going to make 
use of some of Mr. Mahaley's people. I'm going to make use of 
some contractor people. I'm going to make use of other people. 
I'm going to at least temporarily beef up the number of people 
that I have working on this issue.
    Second, I'm going to use those beefed-up people and use my 
sites to be more vigorous on safety and--safeguards and 
security, but also to be reporting more directly to me. And, 
frankly, that's symbolic. I don't want to pretend that I know 
as much about safeguards and security as the superb people I 
have working for me or the superb people Mr. Mahaley has 
working for him, but it is my experience that when you have to 
report to the senior person then there could be no question 
that this is something that you take seriously.
    Third, we have been the subject of a number of external 
reviews, most of them critical. By ``we,'' here I mean the 
whole Department as well as the NNSA over the past several 
years. We're in the process of systematically going through all 
of those, looking at their recommendations, seeing whether we 
implemented them and then, if we didn't, looking again to see 
whether or not we should. I don't want to have a situation in 
which people thought that a problem was going to be solved 
without X or Y.
    And, fourth, I'm asking Admiral Rich Mies to look 
specifically at physical security throughout my complex, and 
I'm going to--while not limiting him, I'm going to ask him to 
be very specific about one or two ideas that periodically 
flowed around about better management.
    And, finally, as we have in the last month or two been 
looking at this problem, I have become concerned about people. 
I'm not sure I completely agree with the GAO that I'm short 
now, but I'm real sure that if I don't take aggressive action 
now, I will be short in terms of quality and experience in the 
future. The last time we had that problem was on weapons 
designers, and we got Admiral Chiles to run a commission to 
look at how we ensured that we had a stable corps of weapons 
designers. I'm asking him to do the same thing for safeguards 
and security professionals.
    So that's the five things I'm doing.
    Mr. Shays. I know I'm being redundant, but--before I'm 
redundant, let me ask another question. You said you agreed 
with all but one of the four major----
    Mr. Brooks. Yes, sir.
    Mr. Shays [continuing]. Categories. And the one--defining 
clear roles and responsibilities, there was assessment, site 
security activities. That is the one you disagreed with.
    Mr. Brooks. The method of surveillance versus surveys is 
the method--it's actually their second or third. I can't 
remember. I'll have to look at the--I don't have the--let me 
just look at the----
    Mr. Shays. But the other one, overseeing contractor, 
corrective actions and the others, allocating staff. But the 
thing I thought was interesting, though, was you seem to 
disagree with defining clear roles and responsibilities 
because----
    Mr. Brooks. Well, no, sir. I didn't mean to say that. I'm 
sorry. The defining clear roles and responsibilities is the 
precursor to everything.
    Mr. Shays. I think you jumped in too quick. You may want to 
let me finish.
    I was very impressed with your testimony, and I was 
encouraged by it, but I was--you said you would challenge 
anyone to check with people along the chain about their not 
knowing what their roles and responsibilities were, and so I 
think that's what you said, and that seemed to be suggesting 
that you were disagreeing with the GAO's findings that there 
wasn't this--so I must have missed something here.
    Mr. Brooks. I wasn't precise. Let me try again.
    The GAO conducted their audit over a very lengthy period of 
time. Many of their interviews with individual sites were 
conducted 18 months ago. In response to a question I think from 
you, the GAO used the illustration that, when they went to 
individual sites, they said we don't quite know who's supposed 
to do what, so we're deciding on our own.
    I believe that part of the problem I have corrected with 
the reorganization announced in December and the promulgation 
of formal roles and responsibilities. And I agree completely 
with the GAO's assessment that the problem is important. I 
believe I have done a great deal to correct it, and I'm going 
to continue to push that. That's what I was trying to convey, 
sir.
    Mr. Shays. Thank you.
    Mr. Turner. Mr. Ruppersberger.
    Mr. Ruppersberger. I'm glad the issue has been raised about 
it starts at the top in management; and, again, I was impressed 
with where you're going.
    Now, the one thing is to have a plan. The other thing is to 
implement a plan.
    No. 1, how is your relationship and working relationship 
with the intelligence agencies--the CIA, FBI, whatever--as it 
relates to the security of the plants? I mean, are you working 
closely with them? Could you just--what you can say in this 
open hearing? Where are you with respect to that relationship? 
Because it seems to me one of the--the No. 1 component to deal 
with the issue of terrorism is the issue of intelligence.
    Mr. Brooks. Sure. The Department of Energy's Office of 
Intelligence reports to the Secretary, but I am, if not their 
largest customer, certainly their most eager customer. I am 
briefed by the intelligence agencies daily. I look at specific 
details of threats daily. As you know from the open-source 
accounts, there's a lot of chaff in that wheat, but we look 
carefully daily. When I see something that I believe requires 
us to pay attention, I make sure that it gets to my site 
managers and my contractors.
    My sites also have field intelligence elements. They focus 
in two directions. One is the national labs, actually which is 
where a good deal of our technical intelligence on nuclear 
weapons is done; but, second, they provide another mechanism 
for disseminating things out.
    There's probably no area in which I am more comfortable 
than that I'm fully plugged into the intelligence community and 
getting what I need. The problem of course, as September 11 
taught us, is that we cannot depend solely on the hope that the 
intelligence community will discover problems.
    But I know what the intelligence community knows. I'm fully 
comfortable. I suspect that's true for Mr. Mahaley also, but he 
should speak on that.
    Mr. Mahaley. Sir, I've seen a big change since September 
11. DOE's Office of Intelligence has been--in the past--I've 
been there awhile. This is my 7th year as head of security, and 
the Office of Intelligence was traditionally directed at 
nonproliferation, looking at information collected around the 
world and advising, sort of being the government's lead 
analysis center on that intelligence as it regards 
nonproliferation and nuclear weapons development.
    Since September 11, the Office of Intelligence has 
focused--and it was at my request in terms of I wanted a 
counterterrorism focus to try to pull together the information 
from all the agencies. Because, you know, we can beat these 
people. It's just what we've got to talk to each other and 
share the information. So the new director of intelligence has 
elevated the counterterrorism section to a division, and the 
director of that division reports to me at least once a week 
with a detailed analysis of everything he's covered in the 
previous week. Some days I get briefed two or three times a 
day.
    Mr. Ruppersberger. Well, that's good. And the teamwork--I 
think if you look at what's happened since September 11, the 
teamwork with all of our agencies, which in the past hasn't 
been as good, has helped to deter another incident.
    Let me get to the issue of your security now with respect 
to your contractors. You have a large amount of contractors 
that deal with your security. Do you feel secure that your 
oversight of these contractors--that they are doing the job, 
that they're assessing themselves? I mean, are there any checks 
and balances there to make sure that there's consistency 
because you have different sites throughout the country? My 
concern would be, is--and another issue, you have three 
different components, I guess, in your operation. Is that too 
much bureaucracy, or would you feel more comfortable probably 
not to Federalize as it relates to this entire issue instead of 
the contractors that we have right now?
    Mr. Brooks. Let me--first, one reason that I'm comfortable 
that I know across the organization what is going on is the 
ability to use Mr. Podonsky's organization, the Office of 
Independent Oversight Performance Assurance. They look at all 
the sites, and therefore they are able both in a formal and--
what's even more important--in an informal way to tell me 
whether there is consistency in approach.
    An example is the Secretary and I have asked him to look at 
protective forces throughout the complex, because we've had 
problems now at two of our sites in which individual protective 
force officers found problems and they weren't promptly 
reported. We're trying to understand whether those are unique 
problems or broad problems, and so we're going to look at 
protective forces throughout the sites.
    With regard to Federalization of security, the problem 
there is I think manpower and whether or not you are likely to 
be able to come up with a sufficient Federal force and have the 
needed flexibility. It's one of the things I want these two 
groups I've chartered to look at, but my biases are that the 
problems that we are having is not because the force is not 
Federalized.
    Now, there is one component that is. The Office of Secure 
Transportation, the people who actually move plutonium from 
here to there or weapons from here to there, that's an 
entirely--those are all Federal agents.
    As far as Federalizing the entire contractor--the force--I 
think the country made a decision a long time ago that the 
national labs in particular but the plants, too, weren't the 
sort of thing that the Federal Government ought to be directly 
operating. I tend to agree with that. I can go into more detail 
if you need, but I certainly would not think that Federal 
control of the internal workings of the labs and plants will 
make anything better. Federal control of security is an idea 
that comes up and needs to be taken seriously. I personally 
think it will just change the problem. I don't think it will 
improve it.
    Mr. Ruppersberger. All right. Thank you.
    Mr. Turner. Mr. Platts.
    Mr. Platts. Thank you, Mr. Chairman.
    I apologize. I need to run off, but I do appreciate your 
testimony and the written testimonies you provided.
    Just one question before I go is the--appreciating the 
focus on the management and the defined roles and increased 
security staff numbers, but one of the things that jumps out to 
me in the GAO report is that, in relation to the new design 
basis threat, that the GAO estimates that it will probably be 
the 2006 fiscal year before we really get a full picture of 
what the cost of the changes are going to be required in 
relation to meeting this new design basis threat and anywhere 
from 2 to 5 years till we fully implement and have these new 
procedures in place and really do what we want them to do.
    My question is, do you agree with this general timeframe 
that GAO predicts? And, if so, what is the greatest reason for 
that time--that delay, given the seriousness of the threats 
we're talking about? This is saying really anywhere from maybe 
another 6 to 8 years, and you reference in your opening 
statement about not wanting a successor to be sitting here in 
10 years having to answer similar questions. My worry is that, 
you know, 6 to 8 years from now the threat again will be 
different and we'll be always playing catch-up. So do you agree 
with it? And why is it going to take so long to get 
implemented? What is the greatest challenge in getting this 
done?
    Mr. Brooks. I agree that we're going to phase things in. I 
think the time lines that you cite are probably wrong. I expect 
to know what this is going to cost by early fall so that we can 
adjust the fiscal year 2005 budget, which is the next one we 
get to prepare, as necessary.
    The design basis threat document--and we'll have Mr. 
Mahaley comment further, if he would--is in fact--if you have 
something that you can meet in a day and a half, you haven't 
looked rigorously enough. We have looked--Mr. Mahaley in 
particular has looked at the changes that we have to think 
about because of the changed realization of the degree of 
organization that terrorists might have, and so we're basically 
taking a step to improve, and that takes time.
    I am not quite sure where 6 to 8 years comes from. That's 
certainly not my understanding of my guidance from the 
Secretary, and I don't believe that's what the promulgation for 
the new document says.
    Mr. Platts. If you have a good handle on the costs 
associated with the changes necessary by this fall, you're into 
the beginning of the 2004 although we may not, depending on how 
fast the appropriations bill--we may not yet have an 2004 
appropriations done.
    Is there consideration being given at this point to coming 
forward with a supplemental request because of the seriousness 
of the issues we're talking about, and that rather than waiting 
for the 2005 budget, to get it in there and have to go through 
the process, that we look at 2004 and say, here's what we now 
know we need; we don't want to wait a year because of the 
threat that we're talking about? Is that something under 
consideration?
    Mr. Brooks. I think it's premature to know the answer to 
that. I mean, my initial impression is that I'm not talking--on 
my side of the house; I can't speak for the rest of the 
Department--that I'm not talking, at most of my sites, about 
significant funding and that I--that a supplemental would not 
be appropriate. The decision to submit supplementals is not one 
that Mr. Mahaley and I get to make.
    I will simply say that if----
    Mr. Platts. But recommendations as to----
    Mr. Brooks. If I believe that I have a problem, the 
Secretary has made it fairly clear that he wants to hear about 
it. But at the moment I don't know--I do not anticipate that I 
will see problems that cannot be dealt with through 
reallocation in 2004; but if I do, I'll talk to the Secretary 
and he'll talk within the administration, and we'll do what's 
right because this is very important to us.
    Mr. Platts. And that's my focus, that we don't allow a--you 
know, a paper, a bureaucratic timeframe for submitting a budget 
request, having to go through the process, being approved; if 
it is a serious national security issue, that we look at doing 
whatever we need to do immediately, not when the next budget 
comes forward.
    So I appreciate again your testimonies and your efforts 
respectively in your offices.
    Mr. Mahaley. Can I add something, Mr. Platts?
    Mr. Platts. Yes.
    Mr. Mahaley. One thing I notice a lot of concern about, the 
timing that people should appreciate--and we'll probably get 
into this in more detail this afternoon--that when you issue a 
new threat policy, it's essentially a requirements driver. It 
is analogous in a very rough way to the Pentagon saying, we are 
going to plan to fight 2.4 wars or something, and then the Navy 
and the Air Force resource to meet that requirement.
    We've raised a new requirement, OK, for our department. We 
have superb security police officers deployed throughout the 
complex, OK--probably not enough of them because of the 
overtime requirements and everything else, but you just don't 
snap your fingers and hire those people and do it. It takes a 
year.
    And I'm not talking about the security clearances to get 
these people on board, train them. We have a minimum 320-hour 
basic training for our security police officers before they get 
the site-specific training, and that's just at the basic level. 
When you get up to your, what we would call the SRT, or SWAT-
qualified officers, these are super professionals and it takes 
time to build officers for that force.
    The other point I want to make is that no responsible 
manager out there should just throw troops at this, OK? They're 
going to have to take a look and say, I have SNM in that 
facility. Does it really need to be there? Do I need all of 
these points of access and egress in this facility? How is this 
facility designed? Is this facility old?
    Are we going to replace it in 2 or 3 years? Build that into 
the design. There are so many factors. That's a responsible 
period to bring this in.
    Mr. Platts. And certainly all valid points. But the fact is 
that we are approaching 2 years since September 11 now, and now 
we're just saying, all right, now we have a new design basis 
threat.
    Mr. Brooks. But please, sir, don't believe we've been 
sitting around since September 11. I think both of us tried to 
make clear we----
    Mr. Platts. I don't believe you are. But we still are 
almost 2 years since September 11, and that's my point; every 
day that passes, there's a terrorist individual or group out 
there that's looking for weaknesses.
    And I certainly commend your efforts. I know you take them 
seriously, your responsibilities and----
    Mr. Mahaley. Mr. Platts, we just finalized an effort. We 
did issue interim guidance throughout this period. Our people 
out in the field have been anticipating this.
    Mr. Platts. I know my time is well expired, so thank you, 
Mr. Chairman.
    Mr. Turner. Thank you, Mr. Platts.
    We will go into a second round of questions.
    Mr. Chairman.
    Mr. Shays. Thank you.
    Right now the law requires surveys or the regulations.
    Mr. Mahaley. Regulation. Policy.
    Mr. Shays. I'm hearing you, Ambassador Brooks, say you want 
surveillance.
    Mr. Brooks. Correct.
    Mr. Shays. That we're doing surveillance without the policy 
saying we are; that's kind of what I'm hearing. So I am a 
little confused by that.
    Mr. Mahaley, maybe you can tell me how that happens and 
whether it should.
    Mr. Brooks. That's not a fair question to ask him, sir, 
because he's prohibited by law from telling me what to do. I 
did it.
    Mr. Shays. Why don't we have him tell me that?
    Mr. Brooks. I'm sorry, sir.
    Mr. Shays. Yes, you have a good nature. You want to protect 
everyone.
    Mr. Mahaley. Essentially what has happened here is, some 
people think they have a good idea in the NNSA. They have 
gotten ahead of their headlights, OK? Our policies written in 
DOE safeguard and security orders call for surveys.
    A survey is essentially a very comprehensive checkoff list 
done by the Federal manager, OK? Surveillance is not this once 
a year checkoff list; it's a continual monitoring process, if 
that's fair to say, that's just not contemplated by our policy 
right now. I don't have any problems with it in theory, but we 
don't have detailed guidelines for our field offices to use 
right now. And that's what Linton is talking about in terms of 
us having developed the policy.
    Mr. Shays. Right. But intuitively it seems to me it makes 
sense that you would do that.
    But, Ambassador Brooks, you wanted to say----
    Mr. Brooks. I simply wanted to make it clear that if you 
disagree with what I'm doing, it's not Joe Mahaley's because--
no, I think what we have here, we've been trying very hard to 
move the NNSA in the direction we think it needs to go, and we 
have occasionally pushed a little bit ahead of the paperwork.
    And I'm trying to fix that and get--for example, I made it 
clear to the site managers what they were responsible for last 
fall. But we didn't get this formal manual out clarifying that 
until last month. So we're trying--we're--we are trying to push 
to improve things as fast as we can while still documenting 
them accurately.
    Mr. Shays. OK. The bottom line is, you think it is a good 
idea. You started to act on it. Mr. Mahaley, you would describe 
it as getting in front of the headlights. I don't know if I 
would describe it that way. But, you know, I'll think about it.
    I don't quite understand force-on-force exercises. I was 
looking at a picture in the GAO report of the helicopter. I'm 
assuming this is, you know, bad guys landing over the line. But 
what I don't understand is how you can do them and how they 
work. You would want to tell someone that when five helicopters 
fly into your site, you don't want to knock them out of the 
sky, because they happen to be your people just testing the 
concept.
    So I'm asking you a question about the value of force-on-
force exercise. How does it work and how do you both respond to 
it?
    Mr. Mahaley. Well, I actually believe that's a picture of 
one of our security helicopters at the Savannah River site, 
deploying a special response team. So they're on our side.
    Mr. Shays. OK. I have a much greater imagination. I saw 
them with masks on. But at any rate, let's just say that 
helicopters are flying in. I don't understand how an exercise 
works. If you tell people you're going to do it, they're 
prepared for it.
    Mr. Mahaley. Within programs, they are prepared for it.
    Mr. Shays. You just tell them a second before, or 5 minutes 
before?
    Mr. Mahaley. No, sir. You set it up. You have to set up 
safety briefings.
    Mr. Shays. Do you tell ground sites?
    Mr. Mahaley. Yes, sir. And within--and there's parameters 
of when they can attack, what their target is. These are 
operational sites, and when you do force-on-force, they have to 
be carefully planned and executed and evaluated.
    Mr. Shays. OK. So what I'm gathering is, a force-on-force 
exercise doesn't indicate whether or not you can defend them. 
They are just really a practice that enables them to go through 
the process. In other words, you're warning them--let me say it 
this way.
    It would be wrong--would it be wrong for me to interpret 
that a force-on-force exercise will determine the capability to 
protect the site? Or are they really nothing more than an 
exercise?
    Mr. Mahaley. No, I think the--your former summary is 
probably more correct. And let me explain the process.
    Mr. Shays. I'm forgetting which was my former summary.
    Mr. Mahaley. That they do have a bearing in determining 
whether or not the site is satisfactorily protected. They're 
part of a process that we go through.
    Let's look at this this way. We issued a design basis 
threat. You really can't get down to brass tacks until you 
apply that design basis threat to a given site, all right? Once 
you apply that design basis threat, this requirement that the 
Secretary has set for the site, they then have to analyze how 
they're going to implement that; and this involves 
vulnerability assessments of the site, and the goal is going to 
be to develop a site safeguard and security plan.
    In the course of vulnerability assessments and all the 
models and simulation and the other tools we use, there are 
going to be hard points that surface. In other words, in some 
situations, your security forces are going to prevail. It's 
going to be clear there's not going to be any question.
    The areas you want to test on force-on-force are those 
areas where it's close. And you want to see how your actual 
forces perform and see if your assumptions about the reaction 
times and their capabilities are borne out in actual testing.
    Now, I would never want to suggest, and I think anybody 
who's ever seen one or planned one or participated in one would 
never suggest, that there aren't artificialities, that, you 
know, they don't necessarily represent what's going to happen, 
but it's a very effective tool that we use to basically look at 
the finer points of that site safeguard and security plan.
    Mr. Shays. I have a red light here. I realize it is a finer 
tool. I mean, I realize it's a tool to be used. I guess I'm 
just trying to determine how much we should, on the outside, 
assess, or you on the inside should assess, your capability to 
defend. If, in fact, you had to warn people, prepare them, 
there's not an element of surprise.
    Do you ever do the following? Do you ever, all of us, 
announce that in the next month there will be an attempt to 
breach the facility and that you will be given a 5-minute 
warning and go from there and do that?
    Mr. Mahaley. No.
    Mr. Shays. OK.
    Mr. Mahaley. That's a good way to get people killed, Mr. 
Chairman. I mean, these are guards who are authorized to use 
deadly force and armed very well, very well trained. And that's 
just my personal opinion; I don't think that's the right way to 
go, not at a nuclear weapons facility.
    Mr. Shays. I don't want to get people killed.
    Mr. Mahaley. Right, sir.
    Mr. Shays. However, I don't want to then say that when you 
have an attempt, when everybody has been briefed thoroughly 
about it, that it is going to describe to us how easily or well 
we'll be able to defend a facility, because it does have clear 
limits.
    Mr. Mahaley. Well, it answers questions, sir. And I think 
you have to kind of take a whole series of these force-on-force 
exercises in toto----
    Mr. Shays. What I am confused about, I am confused why you 
would be disagreeing with me. Not because I am up here and 
you're there. It would seem to me the answer would be, yes, 
sir, it has its limits.
    I mean, tell me if you disagree with this: It is a 
wonderful practice. You're going to see where you have 
weaknesses, but it isn't going to be able to give us an 
assessment that we can protect the facility in the way that we 
might think we can. It's not going to provide all the answers, 
I guess.
    Mr. Mahaley. That's absolutely correct, sir, absolutely 
correct.
    Mr. Shays. But it is an exercise that is helpful.
    Mr. Mahaley. I believe so.
    Mr. Shays. OK. Thank you.
    Mr. Turner. Mr. Tierney.
    Mr. Tierney. I have no questions of the witness at this 
time.
    Mr. Turner. Mr. Ruppersberger.
    Mr. Ruppersberger. Yeah, getting back on the oversights, 
the contractors and, you know, the--there is a problem 
sometimes with inconsistency.
    One of my concerns, you have different levels, level 1, 
level 2; and could you describe that, please, as far as the 
type of facility? And yet, any nuclear components getting in 
the hands of terrorists, wherever they may be, will make a 
difference. And is there a procedure in place to identify all--
a consistent security procedure for both of your levels of 
plants or operations or sites?
    Mr. Mahaley. I don't want to get into specifics. I'd like 
to hold that for the closed session this afternoon.
    Mr. Ruppersberger. OK. That's fine. Let's get on another 
issue then.
    In order to be able--in management, it starts at the top, 
but I think good managers listen to the front line. Has there 
been an assessment from people who are working on the front 
line that might not have the access to upper-level management, 
a plan to make a survey, ask questions on what they feel needs 
to be done as it relates to security?
    Mr. Mahaley. It's kind of funny you ask that, sir. My 
predecessor, General Gene Habiger, who was the security czar in 
the last administration, tried to do a survey, and we ran afoul 
of the Paperwork Reduction Act and the need to get--you know, 
we have this funny relationship where we're a Federal agency 
with 14,000 Feds and 130,000 contractors and we were not able 
to do that security survey.
    But we do get feedback. I get feedback. I just went out to 
Albuquerque for a national competition. I met with all the site 
safeguard and security directors. I met with probably about 200 
officers. I met the Feds and the contractors, and we encourage 
that sort of feedback. And by the way, it was a classified 
session with the site safeguard and security managers and 
contractors, and we discussed the design basis threat 
implementation.
    Mr. Ruppersberger. Have there been many instances of 
whistle-blower cases where frontline individuals were trying to 
get information out?
    Mr. Mahaley. I'm sure there are, and the Department has 
investigated them.
    Mr. Ruppersberger. In my opinion, the front line needs to 
be heard, to be analyzed to make sure that we are dealing with 
this type of security. And it is so important that we--part of 
the analysis of your security must be dealing with that front 
line.
    Mr. Brooks. I'm concerned with that. We also try in 
informal ways to sample.
    For example, I had some people out looking at an 
investigation, but just as they were walking, they would talk 
to protective force officers, get their ideas. I meet with the 
working level of my site office when I travel; we try and get 
that feedback.
    With respect to whistle-blowers, I want to be very careful 
here. I don't want to suggest that I am discouraging anybody 
from communicating with the Congress or the Office of Special 
Counsel, or within the limits of security, the press.
    I am bothered whenever I see somebody who is apparently 
sincere in wanting to fix things and believes he or she has to 
go outside the system to do it. There is a cultural--I 
mentioned earlier that there are cultural issues.
    There's a cultural problem at some of my facilities. It's 
not retaliation. It's not even disinterest in the subject. It's 
oh, I'm busy, don't bother me. I don't know what it is, but I'm 
trying to work on that.
    Mr. Ruppersberger. And I'm not trying to go there with 
respect to the issues of whistle-blowers. I'm looking at the 
total assessment. When you have partnerships between business 
and government and you're dealing with national security, there 
needs to be an assessment of what's happening. And a lot of 
times we, up top at the highest level, don't get the 
information. And sometimes the front line gets it.
    I just want to make sure, or that's why I'm asking the 
questions, the consistency of your security programs, 
consistency between level 1 and level 2.
    Let me get into another level. We talked about physical 
security. How about the computer networks, I mean, which is an 
important part also? Where are we with respect to that?
    Mr. Brooks. I think I'd refer you to Mr. Podonsky's 
prepared statement, and what he will tell you is, we're in good 
shape on the classified networks; that we are--we don't have 
any--I mean, cyber security is an infinite ladder; you can 
always make it better. But we don't have significant problems 
on the classified networks.
    On the unclassified networks, there are some problems that 
have been identified that we're trying to work on. And those 
problems are whether or not we are strong enough not just to 
defeat the external hacker sitting in a basement somewhere, but 
for example, in one of our facilities where we have--because 
these are scientific laboratories, we have foreign nationals, 
whether we are segmenting the unclassified network as 
thoroughly as we might.
    We've had another problem recently in which someone was 
obtaining salary data on an unclassified network. You're not 
supposed to be able to do that.
    So I don't think that it is serious in terms of national 
security because, by definition, unclassified information is 
unclassified. In terms of sound management, we've got a ways to 
go on the unclassified side in our cyber security, at least at 
my sites.
    Mr. Ruppersberger. OK.
    Mr. Turner. Gentlemen, I want to thank you for your 
testimony here today and certainly for your efforts. As you're 
aware and as has been said earlier in the hearing, we're having 
a closed session this afternoon so that we can have a greater 
discussion of issues surrounding this that are classified; and 
in recognition that we have the closed session, I wonder if 
either of you have anything else you wanted to add to the 
record in this public session.
    Mr. Brooks. No.
    Mr. Mahaley. No, thank you.
    Mr. Turner. OK. Thank you very much.
    Mr. Shays. If I could, Mr. Chairman.
    Mr. Turner. Yes.
    Mr. Shays. What we'd like you to think about, you have the 
prerogative to testify separately when we go into the closed 
session. We might be able to cover the issues if we do it in a 
larger panel. That'll be your decision.
    You can talk to us later, but if you let my staff know 
whether you would want to go separately and have to wait, or 
whether we all go at once and try to cover it that way, OK?
    Thank you. Thank you all very much.
    Mr. Mahaley. Thank you sir.
    Mr. Shays. Thank you, Mr. Chairman.
    Mr. Turner. Turning to our third panel, which will include 
Danielle Brian, executive director, Project on Government 
Oversight, and Ronald Timm, president of RETA Security, if you 
would both stand----
    [Witnesses sworn.]
    Mr. Turner. Please let the record note that the witnesses 
responded in the affirmative.
    Ms. Brian.

 STATEMENTS OF DANIELLE BRIAN, EXECUTIVE DIRECTOR, PROJECT ON 
   GOVERNMENT OVERSIGHT; AND RONALD E. TIMM, PRESIDENT, RETA 
                            SECURITY

    Ms. Brian. Mr. Chairman, I commend you for holding these 
important hearings.
    The Project on Government Oversight is an investigative 
organization that works with inside sources to improve public 
policy. We are a politically independent nonprofit watchdog 
that strives to promote a government that's accountable to the 
citizenry.
    In early 2001, POGO began its investigation into nuclear 
security at the Department of Energy after more than a dozen 
high-level departmental security experts came forward with 
their concerns. We interviewed, after that, current and former 
DOE security officials, Special Forces personnel who test 
security at nuclear facilities and DOE contractors, such as Mr. 
Timm, who coauthored the report. We now have people contacting 
us from all over the complex and headquarters.
    Just prior to September 11, 2001, POGO issued our report; 
and I ask that it be included in the record, but maybe just the 
text, because the attachments make it really fat.
    [The information referred to follows:]



    [GRAPHICS NOT AVAILABLE IN TIFF FORMAT]
    
    Ms. Brian. We concluded that the Nation's 10 nuclear 
weapons facilities, which house nearly 1,000 tons of weapons-
grade plutonium and highly enriched uranium, regularly fail to 
protect this material during mock terrorist attacks. Many of 
these sites are located near metropolitan areas, including the 
San Francisco Bay area, Denver, Albuquerque and Knoxville.
    There are three major threats to these facilities, and only 
two were really discussed in the previous testimony--theft, 
radiological sabotage, or a dirty bomb, and as Mr. Shays has 
made reference to, the possibility of terrorists creating an 
improvised nuclear device, a sizable nuclear detonation within 
minutes.
    In full-scope mock terror attack tests performed by the 
government at DOE facilities, half the time mock terrorists are 
successful in breaking in, stealing significant quantities of 
special nuclear material and leaving the site. Theft, however, 
requires that the terrorists get into the facility and back out 
with the material. A suicidal terrorist would not have to work 
that hard. Instead, a successful suicidal terrorist attack 
doesn't require getting out again and could create a dirty bomb 
or a sizable nuclear detonation at the facility itself.
    For example, in October 2000, there was a mock attack test 
of security at technical area 18, a facility at Los Alamos. The 
mock terrorists successfully entered the facility and the guard 
force could not get them out. The mock terrorists had enough 
time to have been able to create a sizable nuclear detonation. 
A recent CIA pamphlet summarizing devices of interest to al 
Qaeda and other terrorist groups highlighted both dirty bombs 
and improvised nuclear devices as two of their greatest 
concerns.
    We believe the single most important element to improve 
security at the nuclear weapons facilities is a realistic 
design basis threat. Twenty months after September 11, DOE 
finally substantially increased the design basis threat at 
level 1 sites. Unfortunately, the upgrades will not be fully 
implemented until 2009, which is 8 years after September 11.
    The other nuclear weapons sites, however, still have a long 
way to go, and the new design basis threat for them is wholly 
inadequate. Special operations personnel expect the terrorist 
attack on one of these facilities to be with a squad-sized 
unit. The Army Special Forces sizes a squad at 12 people and 
the Navy SEALS size a squad at 14 attackers. The way we 
understand it, even under the new design basis threat for these 
level 2 facilities, which have improvised nuclear device 
vulnerabilities, DOE will only be protecting against far fewer 
attackers.
    Currently, DOE is determining its security requirements 
based on how much money it is willing to spend on security, and 
this is backward. Now, I heard Ambassador Brooks saying that 
wasn't true, but I would bring your attention to the testimony 
of the GAO on page 14, where they said, ``The DOE and NNSA 
officials from all levels told us that concern over resources 
played a large role in developing the 2003 DBT, with some 
officials calling the DBT the `funding basis threat,' or the 
maximum threat the Department could afford. This tension 
between threat size and resources is not a new development.'' 
Hopefully, the committee can encourage DOE to determine its 
security needs based on the Intelligence Community's postulated 
threat in your closed session.
    We keep seeing evidence of security failures even without 
an attack on these facilities. All three of the weapons labs 
have had serious management and security problems in just the 
last few months. Again, Ambassador Brooks suggested these were 
not security problems. But let me describe some of them.
    Top security officials at both Los Alamos and Livermore 
have been replaced. Only 6 months ago what began as a 
management scandal involved security issues including over 300 
stolen or missing computers that the IG testified before 
Congress may have contained classified information. Now we have 
missing plutonium there.
    At Livermore, a set of keys and a security card to access-
sensitive areas were missing for weeks without being reported. 
And that is not a security problem?
    In addition, members of the Livermore SWAT team claimed 
they could not defend the lab in the event of a terrorist 
attack. At Sandia, there has also been a series of security 
lapses, including guards sleeping and keys missing that are 
being investigated by Senator Grassley. These scandals, I'd 
like to point out, have never been discovered by DOE; they've 
only been brought forward by outsiders.
    And with reference to there not being retaliation, when 
you're talking about these particular instances, you can look 
at the Los Alamos investigators, who were fired after their 
findings were revealed internally, not to the press, as an 
example of retaliation that does happen.
    The scattering of special nuclear materials across the 
country is left over from the cold war.
    Now, a number of sites have virtually no national security 
mission; however, they continue to store and try to protect 
tons of nuclear material at great cost. However, DOE has 
resisted many consolidation opportunities, as it would threaten 
fiefdoms and potentially even lead to the closing down of 
facilities.
    In addition to requiring the design basis threat that will 
address improvised nuclear device vulnerabilities, POGO makes 
the following recommendations.
    Consolidation of nuclear materials: The Base Realignment 
and Closure Commission should be empowered to recommend closing 
the unneeded and redundant DOE sites, as well as those sites 
that have no national defense mission. Another solution would 
be to consolidate nuclear materials to fewer, more easily 
protected sites. These solutions save money and reduce the risk 
to the public.
    Under Secretary Robert Card himself recently advised that 
the first question for a site to consider is ``Is there a way 
to reduce the targets by consolidating material or, even 
better, exporting material to other more permanent or hardened 
sites?'' And I have the letter if you need that. This is 
certainly commendable language. However, these same directions 
have been issued to the field for more than 20 years with 
little or no impact.
    A case in point, again, is Los Alamos' technical area 18. 
In 2000, Secretary Richardson directed the site to be 
deinventoried of its special nuclear materials by 2003. It was 
to be moved underground to a currently empty and hardened 
underground facility at the Nevada Test Site. Here we are and 
not one gram has moved in that direction.
    Ambassador Brooks's recent predecessor has also pushed to 
expedite moving the materials out of TA 18, apparently to no 
avail. I believe Los Alamos is betting on turnover at DOE 
headquarters and the inattention of the Congress.
    I would also like to challenge earlier testimony that the 
security tests are no longer seriously dumbed down. I have 
examples from last month. Last month, during a mock theft 
scenario, terrorists were not allowed to go out the same hole 
in the fence they came in, requiring them to run all the way 
around the fence line to leave the facility. If they had been 
allowed to use the hole, they would have been able to leave the 
facility without even having engaged any of the protective 
forces.
    In another recent example, the mock terrorists were 
required to stay on the road in order to leave the facility.
    In addition, as was pointed out, advance warning is given 
to sites, often months in advance, that a test is scheduled and 
the test, as we've mentioned, follows scripts of what the 
terrorists can and can't do.
    The three advantages a terrorist has are surprise, speed 
and violence of action, elements that are not factors in these 
dumbed-down tests. Yet the mock terrorists still accomplish 
their mission all too often.
    Immobilized excess plutonium: Over 50 tons of our plutonium 
have already been declared excess and could be immobilized, 
making it less attractive for theft.
    One way to counter DOE's antisecurity culture is to move 
security oversight out of DOE. One suggestion is to move the 
independent oversight office to model something like the 
Defense Nuclear Safety Facility Board where he's not having to 
report directly to the Secretary. Another option would be to 
make security oversight at DOE facilities a DOD responsibility, 
perhaps under the Nuclear Command and Control staff.
    Increase security funding, but spend resources more 
efficiently: The United States spends over $1 billion annually 
on security at DOE sites. We are not getting our money's worth. 
We are spreading our resources inefficiently by protecting 
sites we should not have to protect, either because special 
nuclear materials are not needed there or it's not needed there 
in massive quantities. Clearly, the new DBT will require more 
money, but money should not be thrown at the problem without 
evidence that a real plan to implement security upgrades 
efficiently is in place.
    I'd like to point out that, in the past, DOE security has 
hit obstacles obtaining increased budgets from within the 
Department, OMB and from Congress, in large part because 
they've simply lied about the status of security.
    For example, in early 2002, then-NNSA Administrator Gordon 
wrote a letter to the Washington Post denying POGO's findings 
and assuring the public that security was adequate at the 
nuclear sites. One month later DOE was talking out of the other 
side of their mouth, begging OMB and the Congress for a half-
billion dollar increase in funding because of dire security 
problems.
    Finally, more congressional oversight: Without sustained 
and intensive scrutiny and oversight, DOE briefings and 
testimony will not reveal the actual status of security. It is 
ultimately up to Congress to keep at this, and I believe it is 
some of the most important work that you'll do.
    Here's a suggestion for a next step: In mid-2002, the 
Scowcroft Commission finally issued their end-to-end review of 
security at DOD and DOE nuclear weapons facilities. We 
encourage the committee to obtain copies of the draft of that 
report and interview the authors.
    If I could--because I am not going to be in the closed 
session, if I could just make two more----
    Mr. Turner. Your time is running out, so if you could 
conclude quickly.
    Ms. Brian. Yes, I just wanted to say we already know what's 
wrong.
    Ambassador Brooks had said we need more review, but the 
last administration, for example, created the position of 
security czar headed by an Air Force general with no obvious 
improvement. I would humbly suggest that roles and 
responsibilities are periodically rearranged, but we still 
aren't protecting our nuclear materials against the real 
terrorist threat; and it is going to take serious congressional 
oversight to make sure it happens.
    Thank you for your inviting me to testify.
    Mr. Turner. Thank you.
    [The prepared statement of Ms. Brian follows:]



    [GRAPHICS NOT AVAILABLE IN TIFF FORMAT]
    
    Mr. Turner. Mr. Timm.
    Mr. Timm. Thank you. Good morning Mr. Chairman. I would 
like to thank you and the subcommittee for inviting me to give 
my professional opinion on the state of security at the nuclear 
weapons facilities in the Department of Energy. I look forward 
to presenting you to a national security problem that only 
Congress can solve and that has potential consequences 
equivalent to that of September 11.
    I prepared some slides since we were in a different room 
before, but you can read along with those, which may be of help 
when I go through mine, because there are technical things I'll 
refer to.
    According to the committee's letter of invitation sent to 
me, you said the purpose of the hearing was to determine the 
adequacy of security in the Department of Energy. In fact, this 
morning a couple of times you've asked the question about 
adequate security.
    The expression ``adequate'' is a layperson's term. The 
Department has very prescriptive definitions of risk, or the 
consequence of loss of nuclear materials and risk to the health 
and safety of the public. Risk in a vulnerability analysis 
report is developed as a quantitative value that has, in turn, 
provided adjectival designations of high, moderate or low. When 
a site is determined to be at high risk, compensatory measures 
must be implemented by orders within 24 hours. A simple red 
flag we should look for in a description of risk is 
``adequate'' which is in fact an obfuscation of the risk state.
    Based on past Department of Energy policy and management 
and my current activities in the Department, I fear that we 
remain at high risk today. I urge to you look into this 
critical concern. I further urge you not to accept the canned 
response of ``we fixed it'' without clear verification. In 
fact, I heard a typical of that this morning by saying they had 
18-month-old data. People who long tolerated and even abetted 
the failings in the Department are still there, with no one 
else to oversee their action.
    You have asked what have the assessments shown. The 
assessment, particularly the headquarters quality assurance 
team's efforts, documented high risk at certain sites. For 
example, from 1997 to 2000, I was principal author of over 200 
classified and unclassified letters and reports prepared by the 
quality assurance team that identified high risk to three major 
DOE facilities with tons of highly enriched uranium and 
plutonium holdings. And if you'd look at slide 2, you will see 
that QA group was made up of headquarters personnel. It was 
made up of senior personnel from my company, the Sandia 
National Laboratory simulation personnel and the Army Special 
Forces testing people that do force-on-force testing. All 
together there were something like 20 people involved with 
that.
    The assessments included the theft of special nuclear 
materials and sabotage resulting in either an improvised 
nuclear device or a radiological dispersal device.
    At that time, I personally briefed the findings of high 
risk to Department of Energy Directors Joe Mahaley and Toby 
Johnson. Neither one acted in accordance with Department of 
Energy orders. Some of these same issues were briefed to 
Secretary Richardson, and they were staffed down to the same 
two persons and nothing was done to address the 
vulnerabilities.
    Members of the quality assurance team surmised that what 
happened in these instances was that OSS, now the Office of 
Security, voted the issues to the two responsible program 
offices, Defense Programs and Environmental Management, where 
there was immediate reluctance to address the issue. There was 
continuous foot-dragging by each of these programs' offices in 
regards to evaluating the consequences of loss of nuclear 
materials or the definitions and characteristics of a design 
basis threat.
    For example, when developing a worse case scenario, the 
quality assurance team would often assume to arm the terrorists 
with 50-caliber sniper rifles with armor-piercing incendiary 
rounds. The program offices argued that this was unfair to the 
protective forces. Regularly, the program officer would balk at 
the high-risk determination at a site because if they were to 
acknowledge the state of risk, they would have to fix it while 
immediately instituting compensatory measures that would divert 
funds from programmatic efforts.
    To paraphrase a recent quote from Steve Wallace at the 
Columbia Accident Investigation Board, what seems to have 
evolved is that higher-level decisionmakers came to the 
conclusion that there isn't a security issue, in part based on 
analysis done by analysts who sort of wanted low risk.
    How is risk assessed? And this where you are not going to 
want to follow me a lot because you have seen an equation on 
that one. But, basically, risk is assessed by a simple equation 
called R = C x T x (1--PE), and the term ``consequence'' is the 
value of the consequence of loss of theft or sabotage of 
nuclear materials and danger to the health and safety of the 
public.
    The ``T'' value is, in fact, the design basis threat and 
describes what all the attributes and characteristics of the 
terrorists are.
    ``PE'' is a value that basically is the protection elements 
that you're talking about on a site. It's made up of protection 
delay and response.
    And if you look at that, there are some funny arrows on it. 
If you remember from your days back in algebra, when one side 
of the equation goes up, the other side of the equation has to 
go up in order to remain balanced--with the exception that 
``1--PE,'' in order to get better protection to reduce risk, 
you have to get better protection coming up. And that's what 
we're here talking about, protection adequate to keep the risk 
low in the Department.
    In and of itself, the equation for risk is algebraically 
perhaps deceptively so. For example, in physics the equations 
developed by Newton and Einstein, F = ma and E = mc2 are also 
simple. However, one determines space flight and one develops 
nuclear weapons. The risk equation in the Department of Energy 
is used in terms of the protection required for the assets of 
societal importance, that is, the theft or sabotage of nuclear 
materials from national inventory under the stewardship of the 
Department of Energy.
    Nineteen months after the September 11 attack, a new design 
basis threat was finally issued at the end of May. A draft 
version had been circulated on December 31 that included an 
increase in the number of terrorists and a lowering of the 
numerical value for risk. The draft design basis statements 
would have approved one failure in every 20 attacks at the low 
risk. That means every time they tried 20 times, they would 
have succeeded once and that was the standard they wanted to 
move to.
    Today's new design basis threat that was approved less than 
3 weeks ago has a much higher rate of loss. It is the same rate 
of loss used before September 11 attacks. On September 11, the 
terrorists succeeded in three out of four attempts. Either an 
addition to the number of terrorists or a decrease in the 
approved low risk would result in a linear increase in the size 
of protective force for a given site. By making just one change 
in the design basis threat, the security improvements are 
simplified. Even with the new and simple changes to the design 
basis threat, the necessary improvements in security are not 
required to be completed until 2009, with the actual 
improvements to be sometimes later.
    Sometimes on physical security you will approve the money 
and it will not be turnkeyed until 3 years later. So the 
question I was asked before about, are we going to still be 
talking about this in 2008 and 2010, there's an extremely high 
likelihood, based upon what we've had in past track records.
    I have talked about the risk of nuclear weapons complex and 
the Department and the risk of health and safety to the public, 
as well as the corrective actions for approved design basis 
threat. But how do we fix it? There is no quick fix in the 
Department that has been dysfunctional as long as this 
department has, but there are corrective systems to improve 
process, and they are: You must hold senior managers in the 
Department accountable for their actions. Many of the current 
managers in the Department knew and know about high risk and 
nuclear inventory and theft or sabotage, and they were given 
thousands of pages of classified reports documenting the high 
risk. To date, reorganization of the Department to include NNSA 
has only rearranged the deck chairs. We need to replace these 
people with qualified personnel.
    The bureaucrats in place protect one another. You can't 
expect friends to fire one another. In this case, only the 
Congress can effect that change.
    Top leaders should be held accountable. Their actions 
should put their careers on the line. Today, one of the 
aforementioned Department of Energy Directors has been given an 
award and the other is at Lawrence Livermore Laboratory looking 
at a security failure of the lost keys. What we need are 
qualified personnel with experience in loss prevention, not 
simply retired military personnel whose experience is in 
national defense or law enforcement.
    In fact, I viewed with some amusement Secretary Brooks 
saying that I am bringing in ``admiral this'' and ``admiral 
that.'' We have had Air Force generals come in. They are 
national defense experts or they are law enforcement experts; 
they are not loss prevention experts. And so that in itself--
they have--in fact, we have seen them walk out to the site and 
say they've got big guns at this site. You walk out with a 
dirt-faced Special Forces guy, and he will show you what a big 
gun can do to some of those people that are walking around out 
there.
    The second recommendation is to consolidate the nuclear 
materials, and that was pretty much what Danielle had, and I 
agree with that. We have seen plans put in place by the 
previous--to have Decision Directives to move materials. 
Malicious compliance is being done by the Department that says 
we still haven't moved it to date.
    The other last item that is most important from your 
perspective is providing the line item funding for physical 
security at the level of a program office to include the 
operating dollars designated for increased protective force 
size and capabilities.
    Today, the Department of Homeland Security has a budget 
greater than $30 billion. However, Department of Energy 
management resists spending money on security. If they 
establish a new 24/7 post or patrol for the protective force at 
any of the 10 Class A sites, this is equal to about five full-
time protective force personnel, which is the same cost as two 
or three scientists. Therefore, the scientists must be laid off 
to hire the security personnel, not a popular option. The 
program offices have an inherent conflict of interest when 
deciding to improve security and lower risk or lay off 
scientists.
    In conclusion, let me summarize my testimony. Many of the 
nuclear weapon facilities in the Department of Energy are at 
risk, which endangers the health and safety of the public. This 
has been documented continuously since March 1997. The security 
of the Nation's nuclear stockpile has been mischaracterized as 
adequate by senior career personnel within the Department. The 
corrections and remedies for the existing problems fall to 
Congress for action.
    Thank you very much.
    [The prepared statement of Mr. Timm follows:]



    [GRAPHICS NOT AVAILABLE IN TIFF FORMAT]
    
    Mr. Turner. We thank both of you.
    We will have a 5-minute round of questions beginning with 
Chairman Shays.
    Mr. Shays. Thank you very much.
    Ms. Brian, I appreciated both your testimonies. I 
appreciated your testimony in terms of helping us raise some 
questions behind the closed door. Some of them, frankly, could 
have been raised not behind closed doors, and we should have 
asked about the issue of intimidation and so on. So it will be 
on the record behind the closed doors, but it is not really 
confidential information.
    I wrote down that what I was trying to wrestle with, a 
breach in terms of the force-on-force exercise, a breach 
success, a facility is vulnerable. We can know that if you are 
going to tell them that you're going to attack and you allow 
both sides to plan for the offense and defense and you still 
succeed in getting through, you've got a big problem.
    Ms. Brian. That's how we see it.
    Mr. Shays. A nonbreach does not suggest the facility is not 
vulnerable because they have been warned. That was kind of what 
I was wrestling with and suggesting.
    Ms. Brian. I thought that was a great point you were 
making, and I thought you----
    Mr. Shays. I didn't make it well though.
    Ms. Brian. Well, make it again in the closed session. But I 
think that actually what you were encountering is important. 
You saw the defense of the status quo on the part of Mr. 
Mahaley in not wanting to--when you said, ``Why are you 
disagreeing with me?'' I mean, I thought that was a very 
important dialog that you had with him, that at DOE they don't 
want to acknowledge weaknesses in the way the system works.
    Mr. Shays. In terms of your information, how many times in 
the last few years have we been able to breach a facility?
    Ms. Brian. Our understanding is that over 50 percent of the 
time the mock terrorists in ``full up''--this means the 
independent, full DOE assessments, not the self-assessments 
that are done by the labs for themselves, the facilities for 
themselves, but in the big, ``full up'' ones--more than 50 
percent of the time the mock terrorists are successful at 
achieving their mission, whether it be theft or creating, as we 
discussed before, you know, the improvised nuclear device, 
whatever their mission is.
    Mr. Shays. Both of you can respond to this. Based on your 
work and research and knowledge, what facilities do you think 
are the most vulnerable?
    Ms. Brian. I can't know that because I don't have a 
clearance. And the only examples that I know of are those that 
have been--the security failures that have been fixed, and 
that's the way I'm able to know those.
    But I can specifically speak to one facility, TA 18, which 
has been identified by the last two administrations as being 
the most vulnerable. It's at Los Alamos; and as I mentioned, 
Secretary Richardson ordered that it be deinventoried of all of 
its special nuclear materials by now, and none of it has moved 
out yet.
    And there's all kinds of excuses coming from Los Alamos--
we're not ready yet. And this administration actually issued a 
stern warning that they needed to get the stuff out. It's in a 
canyon. So the high ground--the bad guys can have the high 
ground and we all know from, you know, cowboys and Indians, 
that's not the way you want to be storing special nuclear 
materials.
    Mr. Timm. In fact, one of the characteristic stories of 
that site was the fact that they dumbed down the tests and told 
the Special Forces people when they were stealing material--I 
think it was in 1997--that they couldn't use a vehicle, and 
they went and brought in a garden cart, because that wasn't 
prohibited; and then they were able to steal the material. And 
they yelled, ``Foul,'' that it was not a reasonable test 
because they used a garden cart to drag away the SNM. So that's 
some of the artificiality that you see going into those force-
on-force tests.
    Force-on-force tests are not cheap, sir. They run anywhere 
between $100,000 and a quarter of a million dollars to pull one 
up and run it; and labs are very reluctant to go ahead and put 
that kind of money into it.
    Mr. Shays. I happen to think they are tremendously 
important--but not to enable the Department to say that ``We've 
done this, so we know this facility is safe.'' It's a wonderful 
tool for everyone to know the vulnerabilities and how they can 
then try to prevent them in the future.
    If you were to ask any of the participants in the closed-
door session a question, give me your top few, both of you.
    Ms. Brian. Well, one that I wrote down, that I wish I 
could, is when you were asking--I think it was maybe you, Mr. 
Tierney, who asked Ambassador Brooks, ``Do you believe that you 
have been able to reach denial--in other words, the ability to 
stop the terrorists from coming in the site''--and he said, 
``Absolutely, yes, we've reached that capacity.'' And you 
asked, ``Well, how do you know that?'' And he said, ``Well, 
because of this force-on-force test.''
    I would encourage you to ask Mr. Podonsky or the GAO 
whether force-on-force tests of denial have been run at all of 
these facilities and whether it has been successful in 
preventing the terrorists from getting in.
    I don't believe the answer would support Mr. Brooks's, 
Ambassador Brooks's testimony.
    Mr. Shays. Thank you.
    Mr. Timm.
    Mr. Timm. I think I would ask the question about how much 
have they actually done, performance testing, against the RDD. 
In that when you take a weapon of mass destruction, a truck--
and, in fact, there are trucks--bomb size is classified, but if 
you talk to the Technical Security Working Group for the 
Department of Defense, they classify it as a 60,000-pound 
vehicle. If you parked it next to a building, which we 
postulated, outside of Denver and blew that up, you would 
basically have taken that plutonium and wafted it over the city 
of Denver.
    And so the question is, do they really test weapons of mass 
destruction to, in fact, implement an RDD at those specific 
sites.
    We didn't find vehicle barriers along fences, so in fact 
the bad guy could cut them without anyone even watching them 
and then drive that 18-wheeler right up alongside of a 
building. That's all you'd have to----
    Mr. Shays. I missed what you said. Please say that more 
slowly. You did what?
    Mr. Timm. We postulated driving an 18-wheeler right up next 
to a building and exploding it with whatever poundage of high 
explosives in it, which would then waft the plutonium in this 
particular site up into the air and it would have blown over 
the city of Denver, and did not test against the RDD, as to my 
best knowledge, and I work with the Department actively.
    Mr. Shays. We'll check that out as well.
    Any other questions that you think would be wise to ask, if 
you'd submit them to our staff before 2 today, I think we'll do 
that.
    Mr. Timm. OK.
    Mr. Shays. Thank you both very much. Appreciate your work 
and appreciate your testimony, and my only disappointment was 
that you pointed out a question, too, that we could have asked 
in public that I wish we had.
    Thank you, Mr. Chairman.
    Mr. Turner. Thank you, Mr. Chairman.
    Mr. Tierney.
    Mr. Tierney. Thank you, Mr. Chairman.
    And I thank both of you for your testimony. My only regret 
is that we didn't arrange this testimony differently and have 
you folks testify first so that we would have been able to see 
the reaction and the commentary from the others in a public 
session, at least as much as we could. And I might recommend to 
my colleagues on the other side that we all go back and think 
about the way we structure these witnesses from time to time, 
because that might be helpful; and hopefully that's something 
we'll consider.
    I get concerned because when we had the hearings on the 
Nuclear Regulatory Commission and the protection of nuclear 
power plants, we heard the same stuff--you know, the inadequate 
force-to-force test, the inadequate threat design, and it goes 
on and on. And I know I get criticized in my area from the 
people in the nuclear industry, who keep thinking that we're 
being overly aggressive in our research of them, and that they 
think they're all safe. But when you visit those plants, you 
see all the things that the tests show.
    We hear port security commentary. We still haven't even set 
the idea of what we need to do to prioritize what can be done, 
although we all know from other independents that have done 
that, that we could do things. We know, still, that like 42 
percent of the cargo in passenger planes is not screened, and--
it's incredible. And we still know that we don't have a proper 
communications coordination system going around here with all 
those things that are available.
    And I know that others, and I, are putting together a 
system of where we should be on all of those points at a 
certain time; and hopefully, we can hold this administration to 
that point, because it really gets to the point of 
ridiculousness when we see what's going on.
    Ms. Brian, you mentioned that we ought to think possibly 
about putting the Department of Defense in charge of security 
at these facilities. The current security obviously is private 
individuals, and they're either inept or there's some other 
explanation for why they're not doing the job.
    But is the Department of Defense going to have the kind of 
expertise, as Mr. Timm mentioned, that sometimes just bringing 
in the brass doesn't resolve it? Or should we go to a wholly 
separate group of real specialists and establish them to do it?
    Ms. Brian. Well, actually what I was suggesting--and 
perhaps I wasn't clear--was not to have the security itself run 
by DOD. I think actually NM posse comitatus may prevent us from 
doing that. But I meant the oversight of the security.
    And one way of doing that is--well, there are parts of DOD, 
not just people who have things on their shoulders, but who are 
actually trained. And one of the many places that we actually 
briefed with our findings was the Nuclear Control and Command 
staff, and it struck me that their job is the security and 
oversight of the security of the DOD nuclear weapons 
themselves, and so they already have that level of training and 
expertise.
    And they are tremendously critical of DOE, and frankly, I 
thought that perhaps by taking advantage to some extent of the 
interagency rivalries, if you had someone who really was trying 
to find where the problems are, we would actually improve 
security.
    Mr. Tierney. Is this a question of the Department of Energy 
knowing what they should have to do and not being willing to 
spend the money or appropriate the resources to it, or is this 
just a question of flat-out incompetence?
    Ms. Brian. I think maybe it's both of those, plus a level 
of bureaucratic inertia that people don't want to change the 
way they have done things, and they certainly don't want to 
admit that they have been wrong.
    You have a lot of the same people in place, as Mr. Timm 
mentioned. When the NNSA was created, we actually had as an 
attachment to our report the press release announcing the new 
NNSA and the people who were going to be in this new job. Well, 
they were all the same people who had been at the DOE defense 
programs, and they just changed their title. So I think a lot 
of it is, frankly, people who are still there and don't want 
to--you know, who sort of dig in their heels and say, no, the 
outside critics are wrong; we know what we are doing. So I 
think that's a lot of it.
    Mr. Tierney. Thank you.
    Mr. Chairman, can we have that POGO report made a part of 
the record, unanimous consent?
    Mr. Turner. Sure, without objection.
    Mr. Tierney. Thank you.
    And last, just the design basis threat, Mr. Timm, you 
started to talk about that a little bit. Can you give me your 
evaluation of that most recent document?
    Mr. Timm. I think there was a characterization that it was 
what money could buy. The one they had on December 31, the 
draft one, in fact, I thought was aggressive. I thought it was 
responsive and I thought it did meet the mark on that. And I 
was surprised at the robustness of it, because they increased 
not only the number of terrorists coming, but also said, we're 
going to accept less risk at the site. And that was an 
important element that they added to that.
    It was going to have--people have to change a lot of ways 
they think as with regards to, you can't just throw people at 
the problem anymore. You've got to get a lot smarter than what 
they do. And so they basically--again, we have beaten to death 
the words ``dumbed down,'' but they basically dialed it down to 
where it was an acceptable function.
    Mr. Tierney. And you think they did that for financial 
reasons?
    Mr. Timm. Absolutely. Absolutely. It's no question that 
they had to because of the amount of manpower you would have to 
bring to bear, or even changes in tactics that you would have 
had to accomplish within that function.
    Mr. Tierney. Thank you both for your testimony. It's 
valuable to us.
    Ms. Brian. Thank you, sir.
    Mr. Turner. Looking at your testimony, Ms. Brian, when you 
indicated the options that could be pursued, the one obviously 
with the Department of Defense having responsibility is the one 
I think that intuitively most people would arrive at, and maybe 
even begin there.
    If you ask people, who is guarding these facilities, I 
think most people's perception would be that the military is 
not, and not that we have Department of Energy or even 
contractors that are participating in that.
    Mr. Timm, in looking at your testimony, you state that one 
of the concerns that you have is that what we need are 
qualified persons with experience within loss prevention, not 
simply retired military personnel whose experience is in 
national defense or law enforcement. I mean, that obviously 
seems like a conflict, and I would just like you guys to 
discuss that for a moment, because it would seem to me, Ms. 
Brian, that your statement is one that is--as you went through 
what the Department of Defense does in security and other 
facilities, it seems like this would be a natural fit--and if 
you both would discuss that issue.
    Mr. Timm. I don't think we are in disagreement at all. It 
may have been the wording that we chose on this.
    The Department of Defense, as far as command structure, 
ability to train and have people available to do that, is 
obviously a ready source of manpower. At Livermore Laboratory 
it took them a year and a half to reconstitute their SRT after 
they had disbanded it in 1995. And so I don't see a problem 
with that.
    The problem you have, when I talked about bringing command 
structure people in here is, they bring in the military aspect 
of how they look at it, and it is a national defense 
perspective rather than loss prevention.
    I have worked with many competent people out of the Defense 
Department that are perfectly capable of doing this within the 
construct of what you're trying to put together.
    And so I don't believe we are there. It's just a matter of 
the devil's in the details as far as pulling these two 
together.
    Ms. Brian. And I think also the distinction is rather than 
having someone at the top who has not had experience actually 
protecting assets but has another entirely different--as was 
suggested there, admirals who I think have strategic command 
experience; it's not the same kind of military experience that 
many of the Special Forces--for example, there's a unit out of 
Fort Bragg that is trained of special operations--that is 
trained specifically as adversaries. And that's what they do. 
And they go to different sites and train and try to breach 
security.
    And those are the kinds of people that we're talking about 
being involved rather than people who have a military career 
but have nothing to do with actual, you know, entering--being 
pretend terrorists, mock terrorists or, you know, protecting 
assets.
    Mr. Timm. In fact, the experience I had personally was with 
a one-star general who was head of MPs, that retired and went 
to the Department of Energy at Oak Ridge, and I spent quite 
some time explaining our equation to him so that he understood. 
We would walk out there and test up. He would say, well, show 
me what you mean, Ron, by doing X, Y and Z. We would cross 
fence lines and find out that the fence line didn't work the 
way it was supposed to, and he would immediately stop and go 
into compensatory modes. We one time stole some materiel out. 
It was gone over the fence in 34 seconds, but that command 
general was capable of dropping back and saying, this is what I 
don't know, and this is what I need to know about loss 
prevention.
    So it's not to say they're dumb at all. It's to say their 
experience is not in the area of loss prevention. It's in 
national defense.
    Mr. Turner. Very good. As you know, we're going to be 
adjourning to a closed session at 2 p.m. Do you have anything 
else that you would like to add at----
    Mr. Timm. No. As far as I understand it, I'm invited to the 
2 o'clock session because I have a clearance.
    Mr. Turner. Yes. My statement was do you have anything else 
that you want to add in this public portion of the hearing.
    Mr. Timm. No.
    Mr. Turner. I ask for unanimous consent that the 
subcommittee meet in closed session at 2 p.m. today to hear 
testimony on classified aspects of issues under discussion 
today. And, without objection, it is so ordered. Thank you.
    [Whereupon, at 12:10 p.m., the subcommittee proceeded in 
Closed Session.]
    [Additional information submitted for the hearing record 
follows:]



    [GRAPHICS NOT AVAILABLE IN TIFF FORMAT]

                                   - 
