Nuclear Security DOE Should Take Actions to Fully Implement Insider Threat Program

The theft of nuclear material and the compromise of information could have devastating consequences. Threats can come from external adversaries or from “insiders,” including employees or visitors with trusted access. In 2014, DOE established its Insider Threat Program to integrate its policies, procedures, and resources. The program also coordinates analysis, response, and mitigation actions among DOE organizations.

The House report accompanying a bill for the National Defense Authorization Act for fiscal year 2022 includes a provision for GAO to review DOE’s efforts to address insider threats with respect to the nuclear security enterprise. This report examines the extent to which DOE has implemented the required standards to protect the nuclear security enterprise from insider threats and the factors that have affected DOE’s ability to fully implement its Insider Threat Program.