This is the accessible text file for GAO report number GAO-09-828 
entitled 'Homeland Defense: Greater Focus on Analysis of Alternatives 
and Threats Needed to Improve DOD's Strategic Nuclear Weapons Security' 
which was released on September 18, 2009. 

This text file was formatted by the U.S. Government Accountability 
Office (GAO) to be accessible to users with visual impairments, as part 
of a longer term project to improve GAO products' accessibility. Every 
attempt has been made to maintain the structural and data integrity of 
the original printed product. Accessibility features, such as text 
descriptions of tables, consecutively numbered footnotes placed at the 
end of the file, and the text of agency comment letters, are provided 
but may not exactly duplicate the presentation or format of the printed 
version. The portable document format (PDF) file is an exact electronic 
replica of the printed version. We welcome your feedback. Please E-mail 
your comments regarding the contents or accessibility features of this 
document to Webmaster@gao.gov. 

This is a work of the U.S. government and is not subject to copyright 
protection in the United States. It may be reproduced and distributed 
in its entirety without further permission from GAO. Because this work 
may contain copyrighted images or other material, permission from the 
copyright holder may be necessary if you wish to reproduce this 
material separately. 

Report to Congressional Requesters: 

United States Government Accountability Office: 
GAO: 

September 2009: 

Homeland Defense: 

Greater Focus on Analysis of Alternatives and Threats Needed to Improve 
DOD's Strategic Nuclear Weapons Security: 

Homeland Defense: 

GAO-09-828: 

GAO Highlights: 

Highlights of GAO-09-828, a report to Congressional Requesters. 

Why GAO Did This Study: 

A successful terrorist attack on a facility containing nuclear weapons 
could have devastating consequences. GAO was asked to compare the 
Department of Defense’s (DOD) and Department of Energy’s (DOE) efforts 
to protect the nation’s nuclear weapons where they are stored, 
maintained, or transported. This report (1) compares the nuclear 
weapons security policies and procedures at DOD and DOE, and the extent 
to which cost-benefit analyses are required; (2) compares DOD and DOE 
efforts to assess threats to nuclear weapons; and (3) identifies total 
current and projected funding requirements for securing nuclear 
weapons, including military construction costs. GAO analyzed DOD and 
DOE nuclear weapons security policies and procedures; visited sites 
that store, maintain, or transport nuclear weapons; and analyzed 
funding data for fiscal years 2006 through 2013. This report is an 
unclassified version of a classified report issued in May 2009. 

What GAO Found: 

DOD and DOE nuclear weapons security policies and guidance are similar 
in that both establish minimum security standards for nuclear weapons. 
However, DOD’s guidance does not emphasize or require a cost-benefit 
analysis when considering alternative security measures, and therefore 
the full costs of alternatives may not be considered in a comprehensive 
manner when choosing among security measures. For example, the Navy 
plans to spend about $1.1 billion on security improvements to protect 
ballistic missile submarines while in transit, but selected one 
alternative without considering the full life cycle costs of the 
available alternatives. In contrast, DOE’s policy for nuclear weapons 
security provides local officials greater flexibility than DOD’s in 
determining how to meet security standards, and has a greater emphasis 
on cost-benefit analysis as a part of the decision-making process. 

Although DOD and DOE assess threats to nuclear assets as part of their 
nuclear weapons security programs, DOD has not provided adequate 
guidance or capabilities to fully develop local threat assessments 
where nuclear weapons are stored, maintained, or transported. DOD 
policies require installation commanders to develop threat assessments 
using a national assessment as a starting point and tailor that 
assessment to their installations. However, GAO identified instances 
where the local threat assessment generally reflected all threats 
contained in the national assessment, with only minimal adjustments to 
reflect the local environment. Further, the individuals developing the 
local assessments had limited guidance, were not trained as 
intelligence analysts and often used different methodologies. Without 
clear guidance and necessary threat assessment capabilities, the 
military services may not be fully leveraging local, regional, and 
national threat information in preparing local assessments. In 
contrast, DOE provides guidance and, at the time of GAO’s review, was 
developing an approach to incorporate all available threat information 
more fully into its assessments, though GAO did not assess its 
effectiveness because this new approach had not been fully implemented. 

DOD and DOE have estimated the funds required to protect nuclear 
weapons to be approximately $11 billion for fiscal years 2006 through 
2013, but GAO identified shortfalls in the Air Force’s ability to 
centrally manage and track funding that limits the visibility of Air 
Force requirements. The Air Force and Navy make up over $8 billion of 
the total estimated requirement for securing nuclear weapons. The 
remaining $3 billion is incurred by the two DOE organizations that 
handle nuclear weapons. Across all four organizations, over half the 
$11 billion is devoted to funding security forces. Although 
accountability over funding data is critical to enabling decision 
makers to address nuclear weapons security funding requirements, GAO 
found that the Air Force lacked a consistent method to identify 
requirements specifically related to nuclear weapons security because 
of the decentralized method through which it manages this funding. 
Without a method to track these costs, the visibility of these 
requirements is limited, and the Air Force may not be able to 
effectively manage its nuclear weapons security funding. 

What GAO Recommends: 

GAO recommends that the Secretary of Defense improve DOD’s process for 
evaluating and selecting among alternative security measures, improve 
installation commanders’ ability to assess threats, and improve 
visibility and accountability over Air Force nuclear weapons security 
funding. DOD partially agreed with the recommendations in this report, 
noting several actions in process or needed to address the 
recommendations. 

View [hyperlink, http://www.gao.gov/products/GAO-09-828] or key 
components. For more information, contact Davi M. D'Agostino at (202) 
512-5431 or dagostinod@gao.gov. 

[End of section] 

Contents: 

Letter: 

Results in Brief: 

Background: 

DOD and DOE Nuclear Weapons Security Policies Implement NSPD-28, but 
DOD Policies Can Limit or Preclude Analysis of Alternatives: 

DOD and DOE Require Local Threat Assessments, but DOD Installations 
Lack Guidance and Capabilities to Prepare Them: 

DOD and DOE Have Identified Funding Requirements of Approximately $11 
Billion for Nuclear Weapons Security: 

Conclusions: 

Recommendations for Executive Action: 

Agency Comments and Our Evaluation: 

Appendix I: Scope and Methodology: 

Appendix II: DOD and DOE Policy Framework: 

Appendix III: Air Force and Navy Operating Environments for Nuclear 
Weapons: 

Appendix IV: Nuclear Weapons Security Funding for the Air Force, Navy, 
OST, and Pantex: 

Appendix V: Comments from the Department of Defense: 

Appendix VI: GAO Contact and Staff Acknowledgments: 

Related GAO Products: 

Tables: 

Table 1: Phases of the Risk Management Process: 

Table 2: DOD and DOE Estimated Funding for Nuclear Weapons Security, 
Fiscal Years 2006 through 2013: 

Table 3: List of Nuclear Security Policies, Procedures, and Guidance 
Documents Analyzed: 

Table 4: DOD's Nuclear Weapons Security Policy Framework: 

Table 5: DOE's Nuclear Weapons Security Policy Framework: 

Table 6: Total Estimated Air Force Nuclear Weapons Security Funding 
Requirements for Fiscal Years 2006 through 2013: 

Table 7: Total Estimated Navy Nuclear Weapons Security Funding 
Requirements for Fiscal Years 2006 through 2013: 

Table 8: Total Estimated OST Nuclear Weapons Security Funding 
Requirements for Fiscal Years 2006 through 2013: 

Table 9: Total Estimated Pantex Nuclear Weapons Security Funding 
Requirements for Fiscal Years 2006 through 2013: 

[End of section] 

United States Government Accountability Office: 
Washington, DC 20548: 

September 18, 2009: 

The Honorable Solomon Ortiz: 
Chairman: 
The Honorable Randy Forbes: 
Ranking Member: 
Subcommittee on Readiness: 
Committee on Armed Services: 
House of Representatives: 

The Honorable Jim Langevin: 
Chairman: 
The Honorable Michael Turner: 
Ranking Member: 
Subcommittee on Strategic Forces: 
Committee on Armed Services: 
House of Representatives: 

A successful terrorist attack on a facility containing nuclear weapons 
could have devastating consequences for the facility and its 
surrounding communities. As demonstrated by the terrorist attacks of 
September 11, 2001, the United States and other nations face 
increasingly diffuse threats. Terrorists have shown both the capability 
and willingness to attack high-value U.S. targets within the homeland 
and abroad. Accordingly, a recent presidential directive has noted that 
it must be assumed that U.S. nuclear weapons and the associated nuclear 
command and control system could be the target of a determined state or 
non-state adversary with access to substantial resources, intelligence, 
and advanced capabilities. 

Recent incidents related to the storage and transportation of nuclear 
weapons increased concerns about the adequacy of security measures for 
these assets. In 2006, critical, nuclear-related intercontinental 
ballistic missile (ICBM) parts, labeled as helicopter batteries, were 
mistakenly sent to Taiwan, and on August 30, 2007, a B-52 crew 
mistakenly flew nuclear weapons from Minot Air Force Base, North 
Dakota, to Barksdale Air Force Base, Louisiana. As a result, the 
Secretary of Defense and the Secretary of the Air Force requested a 
series of investigations and reviews that identified a serious erosion 
of senior-level attention, focus, expertise, mission readiness, 
resources, and discipline in the nuclear weapons mission area within 
the Air Force, which ultimately resulted in disciplinary actions and 
the resignation of Air Force personnel. We have also issued numerous 
reports over the past decade that Department of Energy (DOE) sites had 
not adequately addressed security-related issues, including delays in 
implementing security measures to address updated security 
requirements, challenges in developing a better-trained and better- 
organized security force in order to ensure that its sites were 
adequately prepared to defend themselves, and inconsistent 
implementation of protective force policies at DOE sites.[Footnote 1] 

To meet new and more varied threats against our national security, in 
June 2003, the President signed National Security Presidential 
Directive 28 (NSPD-28),[Footnote 2] which raised the importance of 
nuclear weapon command and control systems. This directive established 
a more stringent security requirement for nuclear weapons. It also 
directed the Department of Defense (DOD) and DOE, among other agencies, 
to implement policies, procedures, and systems to protect and control 
nuclear weapons. 

Both DOD and DOE play important roles in sustaining and protecting the 
United States' nuclear weapons capabilities. Within the DOD, the Air 
Force and the Navy operate and maintain the nation's strategic nuclear 
weapons arsenal. They also have the responsibility to provide for the 
security of those weapons in accordance with NSPD-28 and DOD 
implementing guidance. DOE is charged with maintaining, assembling, and 
disassembling nuclear weapons at its Pantex Plant (Pantex) in Amarillo, 
Texas, and providing secure transport of nuclear weapons and other 
material among and between DOD, DOE, and other sites within the 
continental United States by the Office of Secure Transportation (OST). 
[Footnote 3] DOE is also charged with the security of those materials 
when they are in its possession in accordance with NSPD-28 
requirements. 

As we have previously reported, risk management is a systematic, 
analytical process to determine the likelihood that a threat will harm 
physical assets or individuals and then to identify actions to reduce 
risk and mitigate the consequences of an attack.[Footnote 4] The 
principles of risk management acknowledge that while risk generally 
cannot be eliminated, enhancing protection from known or potential 
threats can serve to reduce risk. Key elements of risk management 
include assessing threats, vulnerabilities, and criticality of assets 
and selecting between alternative courses of action to mitigate risk. 
Risk management can help policymakers make decisions about allocating 
resources and taking actions under conditions of uncertainty. 

Because of the importance of providing adequate security for our 
nation's nuclear weapons and the significant investments required to 
provide that security, you asked us to evaluate and compare DOD's and 
DOE's policies and procedures for protecting the nation's nuclear 
weapons and identify the resources being applied by both organizations 
to achieve that goal. Accordingly, this report (1) compares the nuclear 
weapons security policies, procedures, and guidance at DOD and DOE, and 
determines the extent to which alternatives and cost-benefit analyses 
are required; (2) compares DOD's and DOE's efforts to assess threats to 
nuclear weapons facilities and in-transit nuclear assets; and (3) 
identifies DOD's and DOE's total current and projected funding 
requirements for securing nuclear weapons, including military 
construction costs and the services' ability to track those costs. In 
May 2009, we reported to you on the results of our work in a classified 
report. This report is an unclassified version of that report. 

To compare DOD's and DOE's policies and procedures for protecting the 
nation's nuclear weapons and determine the extent to which they require 
alternatives and cost-benefit analyses, we analyzed DOD and DOE nuclear 
weapons security policies and procedures; visited 6 of 10 sites that 
store, maintain, or transport fully assembled nuclear weapons, 
including Air Force and Navy installations and the two DOE entities 
that handle fully assembled nuclear weapons--OST and Pantex; and 
interviewed DOD, DOE, Air Force, Navy, and other officials at 
headquarters and relevant field locations. We also compared DOD's and 
DOE's policies and guidance for weighing costs and benefits to GAO and 
OMB guidelines for analyzing costs and selecting among alternatives. We 
selected two Navy programs requiring significant investment of 
resources initiated after implementation of NSPD-28 as examples of how 
alternatives were evaluated and costs and benefits were weighed based 
on the existing policies. To evaluate the extent to which DOD and DOE 
apply risk management principles in their approach to establish nuclear 
security measures, we compared DOD, DOE, Air Force, and Navy policies, 
procedures, site security plans, and any related cost-benefit analyses 
to commonly accepted elements of risk management. Specifically, we 
assessed each organization's approach to identify the extent to which 
they address strategic goals and objectives, risk assessments (threat, 
vulnerability, and criticality assessments), evaluating and selecting 
alternative courses of action to mitigate risk, and management 
oversight. DOE updated its threat policy in August 2008 and is 
modifying related implementation manuals. Because the policy is new and 
had not been fully implemented, we were unable to fully assess the 
extent to which Pantex and OST are implementing new security 
requirements to address DOE's revised policy. To determine DOD's and 
DOE's total current and projected funding requirements for securing 
nuclear weapons, and the reliability of the data, we obtained and 
analyzed DOD and DOE funding data for fiscal years 2006 through 2013 
related to securing nuclear weapons and supporting documentation. We 
identified major cost drivers and military construction costs during 
those budget years for each organization. We determined the cost data 
obtained to be sufficiently reliable for our purposes. We conducted the 
work for the classified report from November 2007 to April 2009 in 
accordance with generally accepted government auditing standards. Those 
standards require that we plan and perform the audit to obtain 
sufficient, appropriate evidence to provide a reasonable basis for our 
findings and conclusions based on our audit objectives. We believe that 
the evidence obtained provides a reasonable basis for our findings and 
conclusions based on our audit objectives. A more detailed description 
of our scope and methodology can be found in appendix I. 

Results in Brief: 

DOD and DOE policies and guidance for nuclear weapons security are 
driven by NSPD-28, and both departments established minimum security 
standards for nuclear weapons, but DOD's guidance is more prescriptive 
in that, in some instances, it sets forth very specific physical 
security measures and does not require, or in some cases allow, the 
military services to consider all available alternatives or weigh the 
full costs and benefits of implementing them. On the other hand, DOE's 
guidance permits consideration of alternative security measures and 
life cycle costs. For example, DOD's nuclear weapons security manual 
specifies barrier type and height, which precludes the military 
services from identifying and considering alternative measures that may 
achieve a similar result.[Footnote 5] The manual also states that "all 
efforts must be made to build future storage and maintenance facilities 
underground." As a practical matter, according to officials from the 
Office of the Deputy Assistant to the Secretary of Defense for Nuclear 
Matters, this policy requires all new facilities to be constructed 
underground unless it is physically impossible to do so. Consequently, 
in one case we examined, the Navy is pursuing the construction of an 
underground facility for weapons storage and maintenance at one of its 
Strategic Weapons Facilities without having considered other options or 
the full cost of the project compared to other alternatives. Further, 
while DOD nuclear security guidance states that affordability and life 
cycle costs of a nuclear weapon system shall be considered, this 
requirement applies primarily to the research and development and 
acquisition process, not to the actual selection and implementation of 
nuclear physical security measures. In addition, the guidance does not 
specifically provide for cost-benefit analysis when considering and 
selecting between alternative security measures. As a result, according 
to DOD officials, security measures may be selected without full 
consideration of their total costs. In another case we examined, the 
Navy is planning to spend approximately $1.1 billion on security 
improvements to protect ballistic missile submarines while in transit 
between the wharf and the surface/dive point, but selected one 
alternative without considering the full life cycle costs of the 
alternative solutions that were available.[Footnote 6] Specifically, 
the Navy did not consider all associated costs, such as additional 
facilities and support needed for the blocking vessels that protect the 
in-transit submarines or the full life cycle costs of the various 
alternatives when making its decision. We are recommending DOD modify 
nuclear weapons security guidance to place greater emphasis on 
alternatives analysis and cost-benefit considerations, including life 
cycle costs, when selecting alternative security measures. 

Both DOD and DOE assess threats and vulnerabilities of facilities and 
in-transit nuclear assets as part of their risk management approaches 
to nuclear weapons security, but DOD has not provided adequate guidance 
or capabilities to fully develop local threat assessments where nuclear 
weapons are stored, maintained, or transported. DOD policies require 
installation commanders to develop threat assessments using a national- 
level threat assessment that discusses all known threats to nuclear 
weapons as a starting point and tailor that assessment to their 
respective installations. However, at the installations we visited, we 
identified instances where the local threat assessment generally 
reflected all of the threats contained in the national-level 
assessment, with minimal adjustments to reflect the local threat 
environment. Because of the uncertain and unpredictable nature of 
terrorist threats, installation officials were reluctant to eliminate 
any threat listed in the national assessment, and individuals 
developing local threat assessments had limited guidance and were not 
trained as intelligence analysts. Without clear guidance and the 
necessary capabilities to comprehensively assess threats at nuclear 
weapons facilities, DOD and the military services may not be fully 
leveraging all available threat information at the local, regional, and 
national levels as local threat assessments are being prepared. In 
addition, in the absence of detailed guidance, we found that Air Force 
and Navy officials prepare their local threat assessments using 
different methodologies. Throughout the course of our review, DOD 
officials agreed that local commanders lacked the necessary guidance 
and capabilities to comprehensively assess threats at the installation 
level. In contrast, DOE provides guidance on the process for 
identifying and analyzing threats to its sites that handle nuclear 
material, and at the time of our review, OST was developing an approach 
to assess and incorporate local, regional, and national threat 
information more fully into its threat assessments. Beginning in 2008, 
DOE's Office of Secure Transportation placed intelligence analysts at 
U.S. Northern Command and DOE's Office of Intelligence and 
Counterintelligence to collect available intelligence information from 
regional and national sources, and established an analysis center to 
fuse that information, assess local threats, and provide this 
information to appropriate security personnel. OST officials believed 
it was important to obtain all available information to enhance the 
local threat assessment process and provide that as a basis for 
training and preparing security forces. However, because the initiative 
has not been fully implemented, we did not assess its effectiveness in 
this review. We are recommending that DOD provide more specific 
guidance on the methodology to develop local threat assessments and 
provide installation commanders with the capabilities necessary to 
enhance the local threat assessment process. 

DOD and DOE have estimated the funds required to protect nuclear 
weapons to be approximately $11 billion for fiscal years 2006 through 
2013, but we identified shortfalls in the Air Force's ability to 
centrally manage and track this funding that limits its visibility. The 
Air Force and Navy make up over $8 billion (73 percent) of the total 
estimated requirement for securing nuclear weapons. The remaining $3 
billion (27 percent) of the requirement is incurred by the two DOE 
organizations that handle nuclear weapons, OST and Pantex. Across all 
four organizations, over half of the $11 billion associated with 
securing nuclear weapons is devoted to funding security forces. 
Although accountability over funding data is critical to enabling 
decision makers to address the funding requirements of the nuclear 
weapons security program, we found that the Air Force lacked a 
consistent method to identify funding requirements specifically related 
to nuclear weapons security because of the decentralized method through 
which it manages this funding. Therefore, it took the Air Force over 8 
months to provide us with details related to its costs associated with 
securing nuclear weapons. Without a method to track these costs, the 
visibility of these requirements is limited, and the Air Force may not 
be able to effectively manage its nuclear weapons security program as 
it moves to a new nuclear command structure.[Footnote 7] We are 
recommending that the Air Force establish a method to track funding 
associated with nuclear weapons security as it moves to a new nuclear 
command structure. Details related to major funding components for each 
organization are shown in appendix IV. 

DOD provided written comments on a draft of this report. DOD partially 
agreed with our recommendations and described actions in process or 
needed to implement them. DOD also provided technical comments, which 
we incorporated into the final report as appropriate. A summary of 
DOD's comments and a summary of our response to these comments follow 
the Recommendations for Executive Action section of this report. DOD's 
written comments are reprinted in appendix V. DOE also reviewed a draft 
of this report and had no comments. However, it provided technical 
comments, which we incorporated into the final report as appropriate. 

Background: 

In June 2003, the President signed NSPD-28. This directive emphasized 
the need to prevent the unauthorized or accidental use of U.S. nuclear 
weapons. In response to NSPD-28, DOD updated its entire family of 
nuclear weapons security policies and guidance to reflect the higher 
security requirements of the new presidential directive. DOE has also 
updated its family of nuclear weapons security policies and guidance 
since NSPD-28 was issued. Within DOD, the Air Force and Navy are 
responsible for implementing DOD's nuclear weapons security policies 
and securing the weapons under their control. Within the Air Force, 
four major commands have a role in the nuclear mission--Air Force Space 
Command, Air Combat Command, Air Force Materiel Command, and U.S. Air 
Force Europe. Air Force Space Command has authority over three Air 
Force installations responsible for maintaining the ICBM fields that 
are located in five states and span 23,500 square miles. Missile silos 
located throughout the ICBM fields can often be hundreds of miles from 
the main installation. Air Combat Command has authority over two 
installations that store and maintain the nuclear weapons used on B-2 
and B-52 aircraft. Air Force Materiel Command is responsible for one 
installation that is home to DOD's only underground storage and 
maintenance facility for nuclear weapons. U.S. Air Force Europe has 
responsibility for U.S. nuclear weapons located on both U.S. and host 
nation installations in Europe. 

The Navy has a single, centralized command and control system for its 
nuclear mission to oversee its two strategic weapons facilities that 
operate in four environments that are distinct from the Air Force's 
operating environments (see app. III for a detailed description of each 
nuclear weapon operating environment for the Air Force and the Navy). 
The Navy's installations are comparatively compact sites, unlike the 
Air Force's missile fields, and support nuclear-powered submarines 
(commonly referred to as SSBNs) equipped to launch Trident missiles. 

DOE and the National Nuclear Security Administration--a separately 
organized agency within DOE--are responsible for implementing DOE's 
nuclear security threat policy and overseeing the 10 entities in DOE 
that currently handle types and quantities of special nuclear materials 
that can be used in nuclear weapons. Of these entities that handle 
nuclear material, only 2 handle fully assembled nuclear weapons--OST 
and Pantex located in Amarillo, Texas. OST is responsible for securely 
transporting nuclear weapons, components, and other sensitive nuclear 
materials between authorized destinations in support of both DOD's and 
DOE's nuclear missions. OST is not responsible for any work related to 
maintaining or servicing the weapons or components--its purpose is 
solely to provide secure transport. In contrast, Pantex is a fixed site 
that carries out several missions related to maintaining and servicing 
nuclear weapons, including the development, testing, and fabrication of 
high explosive components; supporting the nuclear weapons life 
extension programs;[Footnote 8] and dismantling weapons after they are 
retired by the military. 

Risk Management Framework: 

Risk management is a widely accepted method within the federal 
government and the private sector for protecting important assets, 
identifying threats to those assets and vulnerabilities in protective 
measures, and prioritizing security needs. Risk management principles 
acknowledge that while risk generally cannot be eliminated, enhancing 
protection from known or potential threats can reduce it. Risk 
management includes a series of analytical and managerial steps that 
can be used to assess risk, evaluate alternatives for reducing risks, 
choose among those alternatives, implement the selected alternatives, 
monitor their implementation, and continually use new information to 
adjust and revise the assessments and actions, as needed. Table 1 
summarizes the five phases of risk management. 

Table 1: Phases of the Risk Management Process: 

Phase: Setting strategic goals and objectives, and determining 
constraints; 
Description: Decisions should align with corresponding strategic goals 
and objectives and should not go beyond the identified constraints of 
the organization. 

Phase: Assessing risks; 
Description: Risk assessment consists of identifying threats, 
vulnerabilities, and potential consequences. While threat assessments 
identify and evaluate potential threats against an identified asset or 
location, vulnerability assessments identify security weaknesses that 
may be exploited by identified threats. Consequence information for a 
terrorist attack or other hazard is combined with the threat 
information and known vulnerabilities to complete the risk assessment 
and help prioritize assets and allocate resources to protective 
actions. 

Phase: Evaluating alternatives for addressing risks; 
Description: A process should be in place for identifying and 
evaluating strategies to reduce risks through various measures designed 
to prevent or mitigate an attack. Cost-benefit analysis is critical in 
assessing alternatives because it links the benefits of alternative 
measures to the costs associated with implementing and maintaining 
them. 

Phase: Selecting alternatives; 
Description: Managers select the blend of options from the proposed 
alternatives that achieves the greatest expected reduction in risk in 
relation to cost for both the short and the long term. 

Phase: Implementation and monitoring; 
Description: Once the selected countermeasures are implemented, 
monitoring is essential in order to help ensure that the process 
remains current and relevant. 

Source: GAO, Risk Management: Further Refinements Needed to Assess 
Risks and Prioritize Protective Measures at Ports and Other Critical 
Infrastructure, [hyperlink, http://www.gao.gov/products/GAO-06-91] 
(Washington, D.C.: Dec. 15, 2005). 

[End of table] 

DOD and DOE Nuclear Weapons Security Policies Implement NSPD-28, but 
DOD Policies Can Limit or Preclude Analysis of Alternatives: 

Both DOD and DOE have established policies and guidance for nuclear 
weapons security that set minimum security standards for storing, 
maintaining, or transporting nuclear weapons, but DOD's guidance can 
limit or preclude analysis of alternatives and does not require or 
emphasize costs and benefits to be weighed when selecting among 
security alternatives to meet those standards. As a result, according 
to DOD officials, security measures may be selected without full 
consideration of their total costs. In the two cases we examined the 
Navy did not fully consider life cycle costs in making decisions about 
security investments, and it is unclear whether the most cost-effective 
measures were selected. 

DOD and DOE have similar nuclear weapons security responsibilities to 
address the requirements of NSPD-28 and each has established its own 
nuclear weapons security policy frameworks that seek to meet these 
requirements and spell out specific minimum standards for sites to 
implement. However, DOD's overarching policies and guidance are 
generally more prescriptive in their requirements for physical security 
measures than DOE's and in some cases this may limit the military 
services' abilities to consider all available security options. For 
example, DOD's Nuclear Weapons Security Manual requires installations 
to construct a barrier around their borders and specifies that the 
barrier must be a fence constructed of chain link material and stand 7 
feet tall.[Footnote 9] In contrast, DOE's Physical Protection Manual 
requires sites, such as Pantex, to construct a barrier around its area 
boundaries in order to control, impede, or deny access to the site. 
DOE's guidance provides local officials flexibility to meet the 
requirement by building a wall, fence, or other barrier, so long as the 
objectives of the barrier described in the manual are met. Other 
differences in DOD's and DOE's approaches to nuclear weapons security 
are primarily due to differences in their respective command 
structures, operating environments, and missions. Additional detail on 
the similarities and differences in DOD's and DOE's approaches to 
nuclear weapons security can be found in appendix II. 

DOD's Nuclear Weapons Security Guidance Does Not Emphasize Analysis of 
Alternatives or Cost-Benefit Analyses When Choosing New Security 
Measures: 

DOD's nuclear weapons security guidance does not emphasize or require a 
cost-benefit analysis when considering alternative security measures, 
and therefore the full costs of various alternatives may not be 
considered in a comprehensive manner when choosing among alternative 
security measures.[Footnote 10] DOD nuclear weapons security guidance 
states that affordability and life cycle costs of a nuclear weapon 
system[Footnote 11] shall be considered; however, this requirement 
applies primarily to the research and development and acquisition 
process for the system, not to the actual selection and implementation 
of nuclear security measures. In addition, the guidance does not 
specifically provide for cost-benefit analysis, although costs are 
occasionally cited as a criterion for deviations from security 
requirements. As a result, according to DOD officials from the Office 
of the Deputy Assistant to the Secretary of Defense for Nuclear 
Matters, as well as Navy officials, security measures can and have been 
selected without full consideration of their total life cycle costs. 

In one case we examined, the Navy is planning to spend over $1.1 
billion on a new program to enhance the security of its submarines 
carrying nuclear weapons in transit between the wharf and the surface/ 
dive point. The Navy's analysis used modeling, exercises, and 
simulations to evaluate 19 different alternatives, including 
maintaining the status quo. Based on the results of modeling the 19 
alternatives, Navy officials narrowed the candidate options to the ones 
they thought provided an acceptable level of effectiveness and began to 
compare the cost of those alternatives. Navy officials then selected 
one option that in their view provided the best balance between cost 
and effectiveness. The Navy's analysis included leasing, procurement, 
operations and maintenance, and staffing costs for only the first 6 
years of the program, however, which did not cover the entire life 
cycle for these security measures.[Footnote 12] Furthermore, the Navy 
did not consider the military construction costs of building new 
facilities to support the new security measures, including those 
required to berth the blocking vessels that protect the submarines 
during transit and new storage and administrative space. In another 
case, the Navy interpreted DOD's prescriptive nuclear weapons security 
standards as precluding the consideration of costs and benefits. 
Specifically, the Navy has undertaken a project at one of its nuclear 
facilities to build an underground maintenance and storage facility 
without conducting any comparative analysis of costs and benefits to 
examine alternatives. Navy officials told us that building underground 
facilities is the only alternative for replacing old, substandard 
facilities because DOD's manual establishes what they consider a 
requirement for new nuclear weapons storage and maintenance facilities 
to be built underground.The Navy has defined life cycle cost estimates 
as the total cost of a program over its full life from research and 
development to final disposal. Specifically, Naval Sea Systems 
Command's Cost Estimating Handbook[Footnote 13] identifies four phases 
that a life cycle cost estimate must address: 

* Research and development costs include those for development, design, 
start-up, testing, and changing facilities, among other similar costs. 

* Procurement and investment costs are those associated with production 
and deployment of the system and related support equipment and 
facilities. 

* Operations and support costs are all direct and indirect costs 
incurred when using the asset through its entire life, including fuel 
and maintenance costs, among others. 

* Disposal includes the costs of disposing or retiring the asset after 
its useful life. 

Analyzing costs and benefits is a critical component of risk management 
when choosing among alternative security measures because it links the 
benefits of alternatives to the costs associated with implementing and 
maintaining them. Additionally, GAO and the Office of Management and 
Budget have published guidelines for all agencies on analyzing costs 
that explain that life cycle costs should be analyzed to determine the 
most cost-effective alternative.[Footnote 14],[Footnote 15] Without 
calculating and comparing the full life cycle costs for alternatives to 
securing submarines, including supporting facilities, it is unclear 
whether the alternative selected was the most cost-effective option. 
Furthermore, DOD does not require costs and benefits of alternative 
security measures to be weighed and, in some cases, prescribes specific 
measures the services are required to implement without weighing their 
costs and benefits. 

DOE, in contrast, provides its sites with specific guidance on 
analyzing alternative security measures, including steps to weigh costs 
and benefits. DOE's Vulnerability Assessment Process Guide describes a 
process for selecting and analyzing alternative security measures. 
[Footnote 16] Following this guidance, OST and Pantex both established 
their own respective processes for considering alternatives and 
weighing costs--OST's Concept to Capability Process and Pantex's 
Technology Integration Process. For example, officials at Pantex 
recently followed its process to weigh the alternatives for replacing 
armored security vehicles. Through this process, three alternative 
vehicles were identified and analyzed before one was selected. 

DOD and DOE Require Local Threat Assessments, but DOD Installations 
Lack Guidance and Capabilities to Prepare Them: 

Both DOD and DOE assess threats and vulnerabilities of facilities and 
in-transit nuclear assets as part of their risk management approaches 
to nuclear weapons security, but DOD has not provided adequate guidance 
or capabilities to fully develop local threat assessments where nuclear 
weapons are stored, maintained, or transported. DOD's nuclear weapons 
security policies require commanders to prepare local threat 
assessments for locations that store, maintain, or transport nuclear 
weapons based on the Nuclear Security Threat Capabilities Assessment 
(NSTCA),[Footnote 17] published in December 2005 by the Defense 
Intelligence Agency, which describes the threat to DOD's U.S. nuclear 
weapons based on historical precedents and plausible scenarios. 
Essentially, the NSTCA is a compilation of information from a variety 
of sources that attempts to identify all potential threats to the 
nuclear weapons under DOD's control. The NSTCA focuses primarily on 
threats from international terrorist groups, state actors, and domestic 
groups acting solely within the United States. DOD's antiterrorism 
standards also require installation commanders to conduct annual threat 
assessments at every installation, including those with nuclear 
weapons, and to assess threats using local, regional, and national 
sources of information.[Footnote 18] 

We reviewed the local threat assessments for Air Force and Navy 
installations and found that although there are some differences in how 
they incorporate information from the NSTCA, they all generally mirror 
its threat information. For example, the local threat assessment 
prepared by officials of the Navy Strategic Weapons Facility we visited 
draws heavily from the NSTCA and, to a limited extent, on the threat 
assessment prepared by the Naval Criminal Investigative Service (NCIS) 
for the local area surrounding the installation. In contrast, the local 
assessment for the other Navy Strategic Weapons Facility simply states 
that the threat to that location is "consistent with the threats 
documented" in the NSTCA. In fact, one senior Navy official with 
responsibility for nuclear security programs told us that strategic 
weapons facility commanders are reluctant to eliminate any of the 
threats in the NSTCA from their local threat assessments because of the 
uncertain and unpredictable nature of terrorist threats. Similarly, the 
local threat assessments for the Air Force installations we visited 
generally highlighted the same threats as those documented in the 
national assessment and contained the same information provided in the 
installation threat assessments prepared by the local Air Force Office 
of Special Investigations (OSI). 

Officials at both Air Force and Navy facilities lack the guidance and 
capabilities necessary to analyze available intelligence information 
from the local, regional, and national levels. Officials told us that 
the only guidance they have received is that contained in the March 
2006 cover memo to the NSTCA, which directs installation commanders to 
localize the NSTCA to each operating environment at each storage and 
operational location, but does not provide any detailed guidance on how 
the assessments should be prepared or the sources of information that 
should be used to develop the local threat assessments. Throughout the 
course of our review, DOD officials agreed that local commanders lacked 
the necessary guidance and capabilities to comprehensively assess 
threats at the installation level. 

In the absence of detailed guidance, we found that Air Force and Navy 
officials prepare their local threat assessments using different 
methodologies. For example, at two of the Air Force installations we 
visited, commanders relied on threat working groups comprising 
installation officials to develop the local nuclear security threat 
assessment.[Footnote 19] At the third Air Force installation we 
visited, the installation intelligence officer worked independently to 
identify and assess the threat and prepare the localized nuclear 
security threat assessment. At each of the Air Force installations, the 
officials charged with preparing the local nuclear threat assessment 
reviewed local defense threat assessments prepared by the Air Force's 
OSI in preparing their local assessments. At the Navy installation we 
visited, the deputy security director coordinated with local NCIS 
agents to obtain local threat information and compared the national- 
level threats and capabilities identified in the NSTCA to the local 
situation to develop a local threat assessment. 

In addition to limited guidance, at the local level installation 
commanders have limited capabilities to develop local threat 
assessments. Specifically, the Air Force and Navy rely heavily on 
assistance from their OSI and NCIS counterparts to provide local threat 
information, prepare local threat assessments, and serve as a conduit 
to local law enforcement agencies, the local Federal Bureau of 
Investigation (FBI) offices, and Joint Terrorism Task Forces (JTTF) or 
fusion centers in the area.[Footnote 20] However, at the installations 
we visited, these agents were field agents not intelligence analysts. 
These agents stated that, in their view, they did not believe they were 
in the best position to analyze and fuse intelligence information 
collected from local, regional, and national levels as the basis for 
the local NSTCA. Furthermore, at the installations we visited, the 
local threat assessments are not generally vetted through OSI and NCIS 
beyond the local office or any non-DOD organization, such as the FBI, 
and the agents involved may not even see the final product. For 
example, NCIS agents at the Navy installation we visited told us that 
they had not seen or read the local threat assessment for that 
installation. Also, an FBI official who was the principal liaison with 
an Air Force installation we visited had not seen and was not familiar 
with the local threat assessment for that installation, and he was not 
aware of any process through which the local threat assessment would be 
vetted through the local FBI office or intelligence analysts. Without 
clear guidance and capabilities to prepare the local threat 
assessments, DOD and the military services may not be fully leveraging 
all available threat information as local threat assessments are being 
prepared. 

The DOD Nuclear Weapons Security Manual[Footnote 21] also requires 
commanders at facilities that operate, maintain, store, or transport 
nuclear weapons to conduct annual vulnerability assessments and 
recommend actions to reduce or mitigate the identified vulnerabilities 
as part of the threat and risk assessment process.[Footnote 22] The 
manual states that a threat assessment, based on the postulated 
national threat as well as the local threat assessment, is to be used 
as the basis for the vulnerability assessment. However, if the local 
threat assessment does not fully identify the threats present in the 
area, that omission may also affect the installation commander's 
ability to identify all vulnerabilities. 

We reviewed the vulnerability assessments prepared by commanders of the 
Air Force and Navy installations that we visited. We found that each 
conducted annual vulnerability assessments based on the national-level 
threat postulated in the NSTCA and on the local threat assessment. At 
the two Navy installations, vulnerability assessment teams evaluated 
each of the environments in which they operate in terms of available 
security measures and the potential threats identified in the national- 
level and localized threat assessments. At the Air Force installations, 
we found that as for the Navy, vulnerability assessments were prepared 
using the postulated threats outlined in the NSTCA and the locally 
prepared threat assessments, as described above, and generally focus on 
the threats identified at the national level. However, because 
vulnerability assessments are based in part on threat assessments, an 
incomplete assessment of the local threats could result in an 
incomplete assessment of the installation's vulnerabilities. 

DOE Provides More Specific Guidance to Assess Threats, and an 
Assessment Approach That Allows Greater Access to Information Sources: 

In contrast to DOD's approach to threat assessments, DOE has provided 
its two sites that handle nuclear weapons more specific guidance and 
resources than DOD to identify and assess local threats. Like DOD, DOE 
requires that its two sites that handle nuclear weapons--OST and 
Pantex--incorporate local, regional, and national threat information 
into their annual assessments. DOE's guidance states that the Graded 
Security Protection (GSP) policy--DOE's national-level threat policy-- 
must be the baseline threat definition but that regional and local 
threats should be identified and considered in conducting site 
vulnerability assessments. In practice, OST and Pantex conduct their 
threat assessments in cooperation with the FBI and other federal 
agencies. At Pantex, for example, local FBI agents are stationed on- 
site to identify local and regional threats and provide a conduit to 
state and local law enforcement agencies. In addition, in 2008, OST 
established a new threat assessment approach that includes placing its 
intelligence analysts at U.S. Northern Command and DOE's Office of 
Intelligence and Counterintelligence. The approach also provides a 
capability to fuse threat information from these and other sources-- 
including the FBI, National Counter Terrorism Center, JTTF, and others-
-and includes intelligence analysts who process this information and 
provide threat assessments to DOE personnel involved in transporting 
nuclear materials. According to the OST Assistant Deputy Administrator 
with responsibility for security, OST's new approach was necessary 
because DOE's former threat policy, the Design Basis Threat (DBT), 
focused on the more severe but less likely threats.[Footnote 23] In his 
opinion, it was important for OST to obtain all available information 
to identify potentially less severe, but more likely threats as a basis 
for training and preparing security forces. According to DOE officials, 
these threats although less severe include events that may embarrass 
the United States, affect the entire continental United States-based 
nuclear weapons program, or both. In its technical comments on a draft 
of this report, DOE stated that its new threat policy, the GSP, will 
serve as a strategic-level planning document that addresses a range of 
assets, threats, and adversary types. DOE further commented that the 
security approach instituted by OST and other sites in the department 
represents a mechanism for implementing the GSP on a day-to-day basis 
that considers each site's specific mission. Because the new initiative 
has not been fully implemented, we did not assess its effectiveness in 
this review. 

DOD and DOE Have Identified Funding Requirements of Approximately $11 
Billion for Nuclear Weapons Security: 

DOD and DOE have estimated the funds required to protect nuclear 
weapons to be approximately $11 billion for fiscal years 2006 through 
2013.[Footnote 24] However, we identified shortfalls in the Air Force's 
ability to centrally manage and track funding that limit the visibility 
of Air Force requirements. DOD estimated nuclear weapons security 
funding to be $8.1 billion--approximately $4.7 billion for the Air 
Force and almost $3.4 billion for the Navy. Within DOE, the two 
organizations that handle fully assembled nuclear weapons, OST and 
Pantex, estimated the funding for nuclear weapons security to be 
approximately $1.9 billion and $1.1 billion, respectively. Personnel 
costs are the single largest driver in security costs across both DOD 
and DOE--representing approximately $6.2 billion, or 56 percent of the 
$11 billion total. Table 2 summarizes the nuclear weapons security 
funding requirements for the Air Force, Navy, OST, and Pantex. The 
funding categories used by DOD and DOE organizations differ somewhat 
because of differences in the departments and missions. Additional 
detail concerning the nuclear weapons security funding requirements of 
each of these organizations can be found in appendix IV. 

Table 2: DOD and DOE Estimated Funding for Nuclear Weapons Security, 
Fiscal Years 2006 through 2013: 

Organization: Air Force; 
Funding category[A]: Military personnel; 
FY 2006: $454.9 million; 
FY 2007: $462.3 million; 
FY 2008: $473.6 million; 
FY 2009: $417.4 million; 
FY 2010: $423.7 million; 
FY 2011: $439.0 million; 
FY 2012: $456.7 million; 
FY 2013: $471.4 million; 
Grand total: $3,599.0 million. 

Organization: Air Force; 
Funding category[A]: Weapons procurement; 
FY 2006: $40.8 million; 
FY 2007: $79.1 million; 
FY 2008: $98.9 million; 
FY 2009: $93.7 million; 
FY 2010: $80.8 million; 
FY 2011: $27.4 million; 
FY 2012: $24.5 million; 
FY 2013: $19.2 million; 
Grand total: $464.4 million. 

Organization: Air Force; 
Funding category[A]: Operations and maintenance (equipment); 
FY 2006: $42.0 million; 
FY 2007: $48.4 million; 
FY 2008: $71.9 million; 
FY 2009: $51.7 million; 
FY 2010: $43.7 million; 
FY 2011: $51.0 million; 
FY 2012: $44.7 million; 
FY 2013: $45.4 million; 
Grand total: $398.8 million. 

Organization: Air Force; 
Funding category[A]: Military construction; 
FY 2006: 0.0; 
FY 2007: 0.0; 
FY 2008: 0.0; 
FY 2009: 0.0; 
FY 2010: 0.0; 
FY 2011: 0.0; 
FY 2012: $4.6 million; 
FY 2013: 0.0; 
Grand total: $4.6 million. 

Organization: Air Force; 
Funding category[A]: Other appropriations; 
FY 2006: $32.6 million; 
FY 2007: $27.2 million; 
FY 2008: $16.4 million; 
FY 2009: $30.3 million; 
FY 2010: $34.2 million; 
FY 2011: $30.4 million; 
FY 2012: $24.4 million; 
FY 2013: $18.8 million; 
Grand total: $214.3 million. 

Organization: Air Force; 
Funding category[A]: Total Air Force funding requirement; 
FY 2006: $570.3 million; 
FY 2007: $617.0 million; 
FY 2008: $660.8 million; 
FY 2009: $593.1 million; 
FY 2010: $582.4 million; 
FY 2011: $547.8 million; 
FY 2012: $554.9 million; 
FY 2013: $554.8 million; 
Grand total: $4,681.1 million. 

Organization: Navy; 
Funding category[A]: Operations and maintenance; 
FY 2006: $99.7 million; 
FY 2007: $150.1 million; 
FY 2008: $150.5 million; 
FY 2009: $171.9 million; 
FY 2010: $167.1 million; 
FY 2011: $166.5 million; 
FY 2012: $169.8 million; 
FY 2013: $173.3 million; 
Grand total: $1,248.9 million. 

Organization: Navy; 
Funding category[A]: Military construction; 
FY 2006: $94.3 million; 
FY 2007: $48.1 million; 
FY 2008: $39.8 million; 
FY 2009: $50.7 million; 
FY 2010: $133.7 million; 
FY 2011: $309.0 million; 
FY 2012: $44.6 million; 
FY 2013: $56.0 million; 
Grand total: $776.2 million. 

Organization: Navy; 
Funding category[A]: Navy and Marine Corps manpower; 
FY 2006: $62.9 million; 
FY 2007: $70.0 million; 
FY 2008: $72.2 million; 
FY 2009: $85.7 million; 
FY 2010: $88.3 million; 
FY 2011: $90.9 million; 
FY 2012: $93.6 million; 
FY 2013: $96.4 million; 
Grand total: $660.0 million. 

Organization: Navy; 
Funding category[A]: Other procurement; 
FY 2006: $112.7 million; 
FY 2007: $41.1 million; 
FY 2008: $53.1 million; 
FY 2009: $52.9 million; 
FY 2010: $33.9 million; 
FY 2011: $27.3 million; 
FY 2012: $95.9 million; 
FY 2013: $97.8 million; 
Grand total: $514.7 million. 

Organization: Navy; 
Funding category[A]: Weapons procurement; 
FY 2006: $5.1 million; 
FY 2007: 0.0; 
FY 2008: $7.0 million; 
FY 2009: $45.4 million; 
FY 2010: $44.3 million; 
FY 2011: $31.2 million; 
FY 2012: 0.0; 
FY 2013: 0.0; 
Grand total: $133.0 million. 

Organization: Navy; 
Funding category[A]: Other appropriations; 
FY 2006: 0.0; 
FY 2007: $41.9 million; 
FY 2008: $5.8 million; 
FY 2009: $0.9 million; 
FY 2010: $0.9 million; 
FY 2011: 0.0; 
FY 2012: 0.0; 
FY 2013: 0.0; 
Grand total: $49.5 million. 

Organization: Navy; 
Funding category[A]: Total Navy funding requirement; 
FY 2006: $374.7 million; 
FY 2007: $351.2 million; 
FY 2008: $328.4 million; 
FY 2009: $407.5 million; 
FY 2010: $468.2 million; 
FY 2011: $624.9 million; 
FY 2012: $403.9 million; 
FY 2013: $423.5 million; 
Grand total: $3,382.3 million. 

Total DOD funding requirement; 
Grand total: $8,063.4 million. 

Organization: OST; 
Funding category[A]: Mission capacity; 
FY 2006: $121.0 million; 
FY 2007: $117.0 million; 
FY 2008: $122.7 million; 
FY 2009: $123.0 million; 
FY 2010: $149.8 million; 
FY 2011: $160.0 million; 
FY 2012: $165.2 million; 
FY 2013: $166.1 million; 
Grand total: $1,124.8 million. 

Organization: OST; 
Funding category[A]: Program management; 
FY 2006: $39.7 million; 
FY 2007: $47.0 million; 
FY 2008: $46.6 million; 
FY 2009: $48.2 million; 
FY 2010: $52.6 million; 
FY 2011: $54.1 million; 
FY 2012: $56.9 million; 
FY 2013: $58.0 million; 
Grand total: $403.1 million. 

Organization: OST; 
Funding category[A]: Infrastructure; 
FY 2006: $26.1 million; 
FY 2007: $28.7 million; 
FY 2008: $24.0 million; 
FY 2009: $28.0 million; 
FY 2010: $25.1 million; 
FY 2011: $30.2 million; 
FY 2012: $30.7 million; 
FY 2013: $30.5 million; 
Grand total: $223.3 million. 

Organization: OST; 
Funding category[A]: Security/safety capability; 
FY 2006: $23.1 million; 
FY 2007: $16.5 million; 
FY 2008: $23.6 million; 
FY 2009: $21.8 million; 
FY 2010: $23.8 million; 
FY 2011: $21.8 million; 
FY 2012: $22.1 million; 
FY 2013: $22.1 million; 
Grand total: $174.8 million. 

Organization: OST; 
Funding category[A]: Total OST funding requirement; 
FY 2006: $209.9 million; 
FY 2007: $209.2 million; 
FY 2008: $216.9 million; 
FY 2009: $221.0 million; 
FY 2010: $251.3 million; 
FY 2011: $266.1 million; 
FY 2012: $274.9 million; 
FY 2013: $276.7 million; 
Grand total: $1,926.0 million. 

Organization: Pantex; 
Funding category[A]: Protective forces; 
FY 2006: $90.3 million; 
FY 2007: $92.5 million; 
FY 2008: $100.3 million; 
FY 2009: $105.5 million; 
FY 2010: $117.6 million; 
FY 2011: $117.6 million; 
FY 2012: $123.5 million; 
FY 2013: $117.0 million; 
Grand total: $864.3 million. 

Organization: Pantex; 
Funding category[A]: Physical security systems; 
FY 2006: $6.9 million; 
FY 2007: $7.3 million; 
FY 2008: $10.3 million; 
FY 2009: $4.8 million; 
FY 2010: $8.7 million; 
FY 2011: $10.2 million; 
FY 2012: $9.7 million; 
FY 2013: $20.0 million; 
Grand total: $77.9 million. 

Organization: Pantex; 
Funding category[A]: DBT security enhancements; 
FY 2006: $14.7 million; 
FY 2007: $9.1 million; 
FY 2008: $25.5 million; 
FY 2009: 0.0; 
FY 2010: 0.0; 
FY 2011: 0.0; 
FY 2012: 0.0; 
FY 2013: 0.0; 
Grand total: $49.3 million. 

Organization: Pantex; 
Funding category[A]: All other programs; 
FY 2006: $11.1 million; 
FY 2007: $13.1 million; 
FY 2008: $14.7 million; 
FY 2009: $15.1 million; 
FY 2010: $8.8 million; 
FY 2011: $15.0 million; 
FY 2012: $14.6 million; 
FY 2013: $15.0 million; 
Grand total: $107.4 million. 

Organization: Pantex; 
Funding category[A]: Total Pantex funding requirement; 
FY 2006: $123.0 million; 
FY 2007: $122.0 million; 
FY 2008: $150.8 million; 
FY 2009: $125.4 million; 
FY 2010: $135.1 million; 
FY 2011: $142.8 million; 
FY 2012: $147.8 million; 
FY 2013: $152.0 million; 
Grand total: $1,098.9 million. 

Total DOE funding requirement: 
Grand total: $3,024.9 million. 

Total DOD and DOE nuclear security funding requirement: 
Grand total: $11,088.3 million. 

Source: GAO analysis of DOD (Air Force and Navy) and DOE (OST and 
Pantex) data. 

[A] Funding categories include appropriation accounts for the Air Force 
and Navy, subprograms for OST, and programs for Pantex. 

[End of table] 

DOD has estimated the funds required to protect the Air Force arsenal 
of nuclear weapons to be approximately $ 4.7 billion for fiscal years 
2006 through 2013. The most significant component of this estimate is 
the funding for security forces. Air Force personnel who protect the 
nuclear weapons account for over three-fourths--$3.6 billion (over 76 
percent)--of the Air Force's total estimated funding. Safeguarding the 
Air Force nuclear weapons arsenal is a labor-intensive mission because 
of the vast geographic areas that its security forces must operate in 
and the specific response times required by DOD's nuclear weapons 
security policies. The Air Force's funding estimate also includes $4.6 
million in military construction funds to construct a weapons storage 
area security control facility for the Air Combat Command in fiscal 
year 2012. The Air Force's military construction requirement is small 
in comparison to the Navy's investment in military construction 
projects for fiscal years 2006 through 2013, because, according to Air 
Force officials, many of the Air Force facilities that store and 
process nuclear assets were constructed prior to fiscal year 2006. 

DOD has estimated the funds required to protect the Navy stockpile of 
nuclear weapons to be approximately $3.4 billion for fiscal years 2006 
through 2013.[Footnote 25] Operations and maintenance is the major 
component of this estimate, encompassing about $1.2 billion (36.9 
percent) of the total. The majority of the operations and maintenance 
funding--$633.5 million (50.7 percent)--is borne by one program, the 
Transit Protection System, which is a group of vessels, personnel, and 
weapons systems intended to protect SSBNs transiting between a homeport 
and a safe surface/dive location. However, the total cost of the 
Transit Protection System project is estimated to be about $1.1 
billion. Over $776.2 million (22.9 percent) of the Navy's funding 
estimate includes military construction projects. The Navy's largest 
building project is the construction of a secure production and storage 
complex at both Strategic Weapons Facility locations. These complexes 
provide a secure, hardened location for storage and processing 
facilities at an estimated cost of $459.7 million. 

DOE has estimated the funds required to protect fully assembled nuclear 
weapons and other nuclear material and components that OST transports 
from one location to another, for fiscal years 2006 through 2013, to be 
over $1.9 billion. OST organizes its work into four subprograms: 
mission capacity, program management, infrastructure, and security/ 
safety capability. Each of the subprograms is further described below: 

* Mission capacity ($1.1 billon) consists of raising and maintaining 
its capacity to meet projected workloads, including annual training 
classes; recruiting, equipping, and training federal agent candidates; 
and maintaining vehicles, among other things. 

* Program management ($403.1 million) includes business supplies and 
operations and evaluation of work functions and processes. 

* Infrastructure ($223.3 million) covers the maintenance and 
modernization of communications systems at OST, among other things, 
including maintaining classified command, control, and communications 
systems for oversight of nuclear convoys. 

* Security/safety capability ($174.8 million) encompasses security and 
safety programs--such as liaison with local law enforcement--and the 
identification, design, and testing of new technologies, among other 
things. 

DOE has estimated the funds required to protect the fully assembled 
nuclear weapons and other nuclear material and components at Pantex to 
be about $1.1 billion for fiscal years 2006 through 2013. Pantex 
organizes its funding information in the following categories: 

* Protective forces program ($864.3 million) pays for an armed, 
contracted security force and equipment, facilities, training, 
management, and administrative support. 

* Physical security systems program ($77.9 million) provides intrusion 
detection and assessment capabilities, access controls, and maintenance 
of security systems at Pantex. 

* The DBT Security Enhancements program ($49.3 million) pays for 
upgrades associated with implementation of DOE's 2005 DBT policy, 
including hiring and training of additional officers, deploying new 
weapons and ammunition, and upgrading physical security systems. 
[Footnote 26] 

* All other programs ($107.4 million) include program management and 
support, information protection, materials control and accountability, 
and the personnel security program. 

Air Force Lacks a Centralized Approach to Manage and Track Funding: 

Although accountability over funding data is critical to enabling 
decision makers to address the funding requirements of the nuclear 
weapons security program, we found that the Air Force lacked a 
consistent method to identify nuclear weapons security funding because 
of the decentralized method through which it manages this funding. As a 
result, Air Staff officials made data calls to all commands with 
nuclear weapons security responsibility to obtain and assimilate the 
funding information before forwarding it to us. With this process, it 
took Air Force personnel over 8 months to provide us with the 
information and supporting documentation. In the course of our work, 
Air Force officials indicated that they recognize the limitations of 
the current decentralized approach to managing and tracking nuclear 
security funding. In contrast, the Navy and the two DOE organizations--
OST and Pantex--have a more centralized approach to managing nuclear 
weapons security funding and were therefore able to provide their 
respective nuclear weapons security funding estimates and supporting 
documentation in a more timely manner. In October 2008, the Air Force 
announced plans to reorganize its nuclear command and control system 
and will consolidate the management of nuclear weapons under one major 
command to oversee its nuclear mission--Global Strike Command--that is 
scheduled to reach initial operating capability in September 2009. 
According to Air Force officials this reorganization has the potential 
to provide them with different methods to manage and track funding 
associated with nuclear weapons. 

We have previously reported that producing timely, useful, and reliable 
performance information, including related cost data, is critical for 
achieving the goals that Congress established in the Government 
Performance and Results Act of 1993 and other federal financial 
management reform legislation.[Footnote 27] Further, the Air Force 
recently reported that any nuclear enterprise funding decisions should 
be based upon relevant, accurate, consistent, defendable, repeatable, 
and transparent data and analysis.[Footnote 28] In light of the 
significance of nuclear assets and two well-publicized events in which 
control of nuclear weapons was lost, there is now a renewed emphasis on 
nuclear security, including the allocation of additional resources. 
However, without a more systematic approach to providing timely, 
reliable funding data--and therefore visibility and accountability over 
funding--the Air Force cannot effectively prioritize its nuclear 
security resources and requirements to develop a sound investment 
strategy. 

Conclusions: 

In an era of scarce resources and competing demands, a risk management 
approach to nuclear weapons security can provide DOD and DOE managers 
with necessary tools to help identify and prioritize necessary 
investments and optimize the security provided to these critical 
assets. We have identified several areas where DOD can broaden its 
application of risk management principles and improve its approach to 
nuclear weapons security. First, the prescriptive nature of DOD's 
nuclear security policies and guidance combined with a limited emphasis 
on cost-benefit analysis can result in expenditure of funds on security 
measures that have not been fully analyzed. Without a requirement to 
perform cost-benefit analyses and fully consider life cycle costs for 
alternative nuclear weapons security measures, DOD organizations may 
not consider the full range of alternatives or may not select the most 
cost-effective option available. In contrast, we found that DOE's 
policy for nuclear weapons security provides local officials greater 
flexibility than DOD's in determining how to meet security standards, 
and has a greater emphasis on cost-benefit analysis as a part of the 
decision-making process. 

Second, the foundation of risk assessment is a comprehensive and 
current assessment of potential threats, but DOD has not provided 
installation commanders with clear guidance or the necessary 
capabilities to develop local threat assessments where nuclear weapons 
are stored, maintained, or transported. A more comprehensive approach 
for assessing threats at the local level could enhance DOD security 
forces' awareness and preparedness. While DOE has recently adopted the 
new GSP policy, it is too soon to determine whether it will be 
effective. OST has identified limitations in its threat assessment 
process and is taking steps to improve its access to available threat 
information at all levels--local, regional, and national--and the 
ability to analyze it and how it is used to prepare security measures. 
OST officials believe that this approach will improve the training and 
readiness of its security forces. 

Finally, the Air Force has difficulty effectively managing and 
overseeing the significant resources planned to improve nuclear weapons 
security because it lacks sufficient visibility into its nuclear 
security spending. The establishment of a new major command that will 
centralize the nuclear enterprise in the Air Force provides an 
opportunity to enhance the visibility of funding to sustain and improve 
security. 

Recommendations for Executive Action: 

We recommend the Secretary of Defense take the following five actions. 

To improve DOD's process for evaluating and selecting among alternative 
security measures, we recommend that the Secretary of Defense direct 
the: 

* Deputy Secretary of Defense for Acquisition, Technology and Logistics 
to modify DOD Directive 5210.41, Security Policy for Protecting Nuclear 
Weapons, to require alternatives and cost-benefit analyses of nuclear 
security measures as appropriate and: 

* Assistant to the Secretary of Defense for Nuclear and Chemical and 
Biological Defense to modify DOD S-5210.41-M, Nuclear Weapons Security 
Manual, to provide appropriate guidance to the military services for 
weighing costs, including life cycle costs, and benefits when 
considering alternative security measures for nuclear weapons. 

To improve installation commanders' ability to assess threats where 
nuclear weapons are stored, maintained, or transported, we recommend 
that the Secretary of Defense direct the: 

* Deputy Assistant to the Secretary of Defense for Nuclear Matters to 
provide more specific guidance on the methodology to develop local 
threat assessments and: 

* Secretaries of the Air Force and Navy to provide installation 
commanders with the capabilities necessary to more fully collect and 
assess local, regional, and national intelligence information. 

To more effectively manage its nuclear weapons security program and 
provide visibility and accountability as the Air Force moves to a new 
nuclear command structure, we recommend that the Secretary of Defense 
direct the Secretary of the Air Force to establish a method to 
centrally manage and track funding associated with nuclear weapons 
security. 

Agency Comments and Our Evaluation: 

In written comments on a draft of this report, DOD partially agreed 
with four of our recommendations and agreed with one, stating that in 
some cases, actions were already underway that would address the issues 
identified in this report. DOD's comments appear in their entirety in 
appendix V. DOD also provided technical comments, which we have 
incorporated into the draft as appropriate. DOE also reviewed a draft 
of this report and had no comments, but provided technical comments, 
which we have incorporated as appropriate. 

In response to our recommendation that the Secretary of Defense direct 
the Under Secretary of Defense (Acquisition, Technology, and Logistics) 
to modify DOD Directive 5210.41, Security Policy for Protecting Nuclear 
Weapons, to require alternatives and cost benefit analysis of nuclear 
security measures, DOD partially agreed. DOD stated that the policy 
already provides guidance which meets the recommendation's intent and 
inherently requires the department to examine alternatives in regard to 
cost benefit. Specifically, DOD noted that the policy states that 
"physical security requirements associated with nuclear weapons shall 
take into consideration the affordability and life-cycle costs of a 
nuclear weapon system." However, as discussed in this report, our 
review of the policy indicates that, as implemented by the Nuclear 
Weapons Security Manual (DOD S-5210.41-M), it primarily applies to the 
research, development, and acquisition process for nuclear weapons 
systems. It is unclear if or how this requirement applies to the 
procurement of security systems or equipment. Therefore, we believe 
that DOD should take additional steps to modify guidance in order to 
strengthen the requirement for cost-benefit analysis when considering 
and selecting among alternative nuclear security measures. 

Regarding our recommendation that the Secretary of Defense direct the 
Assistant to the Secretary of Defense for Nuclear and Chemical and 
Biological Defense Programs to modify the Nuclear Weapons Security 
Manual, DOD S-5210.41-M, to provide appropriate guidance to the 
Services for weighing costs, including life-cycle costs, and benefits 
when considering alternative security measures for nuclear weapons, DOD 
partially agreed. DOD agreed that greater emphasis on costs and 
benefits and security effectiveness in selecting and implementing 
nuclear physical security measures is appropriate and stated that this 
issue is addressed in its proposed revision of the Nuclear Weapons 
Security Manual. If the changes made to the manual provide clearer 
guidance for weighing costs and benefits that applies directly to 
nuclear weapons security, we believe it will address the intent of our 
recommendation. In its response, DOD further states that this report 
implies that the Navy relied solely on Nuclear Weapons Security Manual 
requirements in deciding to replace existing maintenance and storage 
facilities by building new facilities underground. DOD asserts that the 
Navy assessed a variety of options and determined that the most cost- 
effective approach that would meet performance requirements was a 
hardened, underground structure. However, when we discussed this 
example with Navy officials during the course of our work, they told us 
that they made the decision to build the new facility underground 
because they believe that the Nuclear Weapons Security Manual requires 
new storage and maintenance facilities to be constructed underground. 
Further, we asked for documentation supporting any cost benefit 
analysis that was performed prior to making the decision and Navy 
officials were unable to provide such documentation. Without any 
documentation we were unable to verify or evaluate the Navy's claim 
that it assessed a variety of options or any cost and benefit analysis 
that may have been completed. Additionally, DOD states that this report 
notes that the Navy did not include the full life cycle costs in its 
analysis of alternatives prior to selecting its new Transit Protection 
System for in-transit SSBNs. DOD states that a 2006 Program Analysis 
and Evaluation (PA&E) review of the Navy's analysis of alternatives 
concluded that the system selected provided the most significant 
benefit when evaluated in terms of deployment time, effectiveness, 
ability to evolve, impact to SSBN operations and cost. However, PA&E 
only reviewed the costs the Navy used in making its decision and, as 
discussed in this report, the Navy's methodology excluded life-cycle 
costs beyond the Future Years Defense Program and military construction 
costs for building new facilities to support the new security measures. 

DOD also partially agreed with our recommendation that the Secretary of 
Defense direct the Deputy Assistant to the Secretary of Defense for 
Nuclear Matters to provide more specific guidance on the methodology 
for developing local threat assessments. While DOD notes that DOD 
Instruction 2000.16, DOD Antiterrorism Standards, prescribes procedures 
for conducting annual local threat assessments, it also states that the 
proposed revision to the Nuclear Weapons Security Manual provides more 
detailed guidance on preparing local threat assessments at nuclear 
installations. We believe that if the revision to the manual provides 
such guidance for installation commanders when published, it will 
address the intent of our recommendation. 

The Department also partially agreed with our recommendation that the 
Secretary of Defense direct the Secretaries of the Air Force and Navy 
to provide installation commanders with the capabilities necessary to 
more fully collect and assess local, regional, and national 
intelligence information. DOD states that a comprehensive study by the 
Services to determine capability gaps in intelligence collection is 
needed to determine if installation commanders lack the resources and 
personnel to meet the requirements or if better, more efficient use of 
existing resources and personnel is needed. We continue to believe that 
the capability to fully collect and assess intelligence information 
from all levels is critical to the installation commanders' ability to 
assess the threat and localize the threat assessment to his or her 
installation. While DOD's proposed study is a good first step, we are 
unable to assess the extent to which such a study addresses our 
recommendation until it is completed and actions identified. Therefore, 
we believe that our recommendation is still warranted. 

Finally, DOD agreed with our recommendation that the Secretary of 
Defense direct the Secretary of the Air Force to establish a method to 
centrally manage and track funding associated with nuclear weapons 
security. However, the department did not specify any actions that it 
plans to take to address this recommendation. As a result, we have no 
basis for determining whether it will take steps to address the intent 
of our recommendation. We believe our recommendation is still 
warranted. 

We are sending copies of this report to the Secretary of Defense and 
interested congressional committees. In addition, the report will be 
available at no charge on GAO's Web site at [hyperlink, 
http://www.gao.gov]. 

If you or your staffs have any questions about this report, please 
contact Davi M. D'Agostino at (202) 512-5431 or dagostinod@gao.gov or 
Gene Aloise at (202) 512-6870 or aloisee@gao.gov. Contact points for 
our Offices of Congressional Relations and Public Affairs may be found 
on the last page of this report. Other major contributors to this 
product are listed in appendix VI. 

Signed by: 

Davi M. D'Agostino: 
Director, Defense Capabilities and Management: 

Signed by: 

Gene Aloise: 
Director, Natural Resources and Environment: 

[End of section] 

Appendix I: Scope and Methodology: 

To evaluate and compare the Department of Defense's (DOD) and 
Department of Energy's (DOE) policies and procedures and guidance 
including how they are interpreted and applied by the major 
organizations within each department that handle nuclear weapons and 
the extent to which each department requires alternatives and cost- 
benefit analyses, we obtained and compared DOD's and DOE's nuclear 
security policies and procedures; visited several sites that store, 
maintain, or transport fully assembled nuclear weapons; and interviewed 
DOD, DOE, Air Force, and Navy officials at headquarters and relevant 
field locations. We analyzed policies, guidance, and implementation 
manuals that instruct DOD installations and DOE sites in their nuclear 
security practices. (Table 3 lists the specific polices, procedures, 
and guidance that we analyzed.) 

Table 3: List of Nuclear Security Policies, Procedures, and Guidance 
Documents Analyzed: 

Department: Office of the President; 
Number (date): NSPD-28 (June 20, 2003); 
Title: National Security Presidential Directive 28. 

Department: Department of Defense; 
Number (date): DODD 2000.12 (Aug. 18, 2003); 
Title: DOD Antiterrorism Program. 

Department: Department of Defense; 
Number (date): DOD O 2000.12-H (February 2004); 
Title: DOD Antiterrorism Handbook. 

Department: Department of Defense; 
Number (date): DODI 2000.16 (Oct. 2, 2006); 
Title: DOD Antiterrorism Standards. 

Department: Department of Defense; 
Number (date): DODD 5210.41 (Nov. 1, 2004); 
Title: Security Policy for Protecting Nuclear Weapons. 

Department: Department of Defense; 
Number (date): DOD S-5210.41-M (Nov. 22, 2004); 
Title: Nuclear Weapons Security Manual. 

Department: Department of Defense; 
Number (date): (July 30, 2008);
Title: Nuclear Weapons Physical Security Roadmap, 2008-2018. 

Department: Department of Defense; 
Number (date): (December 2005); 
Title: Nuclear Security Threat Capability Assessment 2005 to 2015 
(NSTCA). 

Department: Department of Defense; 
Number (date): (Mar. 17, 2006); 
Title: NSTCA Transmittal Memorandum. 

Department: Department of the Air Force; 
Number (date): Air Force Manual 31-108 (Feb. 1, 2007); 
Title: Nuclear Weapon Security Manual. 

Department: Department of the Air Force; 
Number (date): [Empty]; 
Title: Analysis of Alternatives for U.S. Air Force/A7S Program 
Objective Memorandum Fiscal Year 10 Submission. 

Department: Air Combat Command; 
Number (date): Air Force Manual 31-108, Air Combat Command Supplement; 
Title: Nuclear Weapon Security Manual. 

Department: Air Force Materiel Command; 
Number (date): Air Force Manual 31-108, Air Force Materiel Command 
Supplement; 
Title: Nuclear Weapon Security Manual. 

Department: Air Force Space Command; 
Number (date): Air Force Space Command Instruction 31-1101; 
Title: Intercontinental Ballistic Missile (ICBM) Systems Security 
Standard. 

Department: Navy; 
Number (date): Secretary of the Navy Instruction S8126.1 (Apr. 4, 
2006); 
Title: Naval Nuclear Security Policy. 

Department: Department of Energy; 
Number (date): DOE P 226.1 (May 25, 2007); 
Title: DOE Oversight Policy. 

Department: Department of Energy; 
Number (date): DOE 470.3A (Nov. 29, 2005); 
Title: Design Basis Threat Policy. 

Department: Department of Energy; 
Number (date): DOE M 413.3-1 (Mar. 28, 2003); 
Title: Project Management for the Acquisition of Capital Assets. 

Department: Department of Energy; 
Number (date): DOE P 470.1 (May 8, 2001); 
Title: Integrated Safeguards and Security Management Policy. 

Department: Department of Energy; 
Number (date): DOE M 470.4-1 (Aug. 26, 2005); 
Title: Safeguards and Security Planning and Management Manual. 

Department: Department of Energy; 
Number (date): DOE M 470.4-2 (Aug. 26, 2005); 
Title: Physical Protection. 

Department: Department of Energy; 
Number (date): DOE O 470.2 B (Oct. 31, 2002); 
Title: Independent Oversight & Performance Assurance Program. 

Department: Department of Energy; 
Number (date): DOE M 470.4-3 (Aug. 26, 2005); 
Title: Protective Force. 

Department: Department of Energy; 
Number (date): DOE M 470.4-5 (Aug. 26, 2005); 
Title: Personnel Security. 

Department: Department of Energy; 
Number (date): DOE M 470.4-6 (Aug. 26, 2005); 
Title: Nuclear Material Control and Accountability. 

Department: Department of Energy; 
Number (date): DOE O 470.3B (Aug. 12, 2008); 
Title: Graded Security Protection Policy. 

Department: Department of Energy; 
Number (date): (Sept. 30, 2004); 
Title: Vulnerability Assessment Process Guide. 

Department: National Nuclear Security Administration; 
Number (date): (Oct. 2006); 
Title: Defense Nuclear Security Strategic Plan. 

Department: National Nuclear Security Administration; 
Number (date): (Apr. 2008); 
Title: Strategic Planning Guidance. 

Department: National Nuclear Security Administration; 
Number (date): (Dec. 2007); 
Title: Draft Complex Transformation Supplemental Programmatic 
Environmental Impact Statement. 

Department: National Nuclear Security Administration; 
Number (date): (Mar. 21, 2009); 
Title: Defense Nuclear Security Program Executing Guidance. 

Source: GAO analysis. 

[End of table] 

We reviewed DOD and DOE's policies, procedures, and guidance to 
identify differences in their approaches to achieve desired security 
levels for nuclear weapons. We also visited four DOD installations and 
two DOE sites to meet with knowledgeable officials and discuss and 
observe the nuclear security procedures and practices in place at each 
facility. For security reasons, we do not discuss location-specific 
information in this report. In addition, we met with headquarters DOD 
and DOE officials to obtain their perspectives on how nuclear security 
policies and procedures are applied. Specifically, we met with 
officials from the following DOD organizations: Office of the Deputy 
Assistant to the Secretary of Defense for Nuclear Matters; Office of 
the Under Secretary of Defense for Intelligence; Office of Assistant 
Secretary of Defense for Special Operations and Low-Intensity Conflict; 
Defense Threat Reduction Agency; Defense Intelligence Agency; Navy 
Strategic Systems Program Office; Office of Naval Intelligence; Naval 
Criminal Investigative Service; Air Force Intelligence Directorate; Air 
Force Office of Special Investigation; Air Force Operations and Force 
Protection Division; and Air Force Space Command. We also met with DOE 
officials from the Office of Intelligence and Counterintelligence and 
three offices within the Office of Health, Safety, and Security: Office 
of Security Technology and Assistance, Office of Security Assistance, 
and Office of Security Policy. 

To evaluate the extent to which DOD and DOE apply risk management 
principles in their approach to establishing nuclear security measures, 
we compared DOD, DOE, Air Force, and Navy policies, procedures, site 
security plans, and any related cost-benefit analyses to commonly 
accepted elements of risk management. Specifically, we assessed each 
organization's approach to identify the extent to which it addresses 
strategic goals and objectives, risk assessments (threat, 
vulnerability, and criticality assessments), evaluating and selecting 
alternative courses of actions to mitigate risk, and management 
oversight. We also met with DOD and DOE officials to discuss how they 
implemented the risk management principles to protect nuclear assets 
from terrorist attack. Specifically, we met with officials from the 
following DOD organizations: Office of the Deputy Assistant to the 
Secretary of Defense for Nuclear Matters; Office of the Under Secretary 
of Defense for Intelligence; Office of Assistant Secretary of Defense 
for Special Operations and Low-Intensity Conflict; and Air Force 
Operations and Force Protection Division. We also discussed the 
application of risk management principles with officials at Air Force 
Space Command, and at two Air Force installations we visited. In 
addition, we met with DOE officials from the OST and three offices 
within the Office of Health, Safety, and Security: Office of Security 
Technology and Assistance, Office of Security Assistance, and Office of 
Security Policy. 

To determine DOD and DOE's total funding requirements for securing 
nuclear weapons, we obtained and analyzed funding data related to 
nuclear weapons security from DOD and DOE for fiscal years 2006 through 
2013. Specifically, we obtained information relating to the amount of 
funds received for fiscal years 2006 through 2008 and the amount 
programmed for fiscal years 2009 to 2013, as of the President's fiscal 
year 2008 budget. To assess the reliability of this information, we 
obtained and analyzed funding information by funding category for each 
of the four organizations in our review.[Footnote 29] We also met with 
budget officials from the Air Force, Navy, OST, and Pantex to discuss 
the reliability of the data. Using the 2008 funding information 
obtained from the four organizations, we selected a nonprobability 
sample of three estimated funding requirements for each of the 
organizations, obtained source documentation for each funding 
requirement, and compared it to each of the sample funding estimates. 
Both the Navy and OST provided source documentation supporting the 
funding requirement represented by each sample item to within 97 
percent. Pantex provided source documentation supporting the funding 
requirement represented by one sample item to within 95 percent. 
Although Pantex officials did not provide detailed documentation 
supporting the other two sample items selected, they were able to 
provide reports of independent reviews of the systems used to produce 
the estimated funding requirements, to include reviews by the National 
Nuclear Security Administration. The reports supported the reliability 
of the Pantex systems used to produce the funding requirements 
information. Conversely, the Air Force was unable to provide supporting 
documentation for three selected funding requirements from the 
President's fiscal year 2008 budget or any independent reviews of the 
systems used to produce the funding estimate. We updated our analysis 
with data from the President's fiscal year 2009 budget, which are used 
throughout this report for all four organizations. Therefore, we 
selected another nonprobability sample of four funding requirements 
from the Air Force's fiscal year 2009 estimate. The Air Force provided 
source documentation supporting the funding requirement for three 
sample items to within 96 percent of the estimate. It was unable to 
provide source documentation for one item. The Air Force's inability to 
provide source documentation for the 2008 funding requirements and one 
of the four requested 2009 funding requirements raised questions for us 
regarding the reliability of the Air Force data reporting process, 
though we found only minor discrepancies with the three 2009 funding 
requirements where we were able to examine source documentation. 
Overall, we found the funding requirements data obtained from each of 
the four organizations in our review to be sufficiently reliable for 
our purposes. 

We conducted this performance audit from November 2007 to April 2009 in 
accordance with generally accepted government auditing standards. Those 
standards require that we plan and perform the audit to obtain 
sufficient, appropriate evidence to provide a reasonable basis for our 
findings and conclusions based on our audit objectives. We believe that 
the evidence obtained provides a reasonable basis for our findings and 
conclusions based on our audit objectives. 

[End of section] 

Appendix II: DOD and DOE Policy Framework: 

DOD and DOE have each established their own nuclear weapons security 
policy framework that seeks to meet national requirements and spells 
out specific minimum standards for sites to implement. National 
Security Presidential Directive 28 requires DOD and DOE to establish 
policies, procedures, and systems to deny access by unauthorized 
personnel to nuclear weapons and warheads. Tables 4 and 5 outline DOD's 
and DOE's frameworks for nuclear weapons security, respectively, from 
high-level policies to implementation manuals. 

Table 4: DOD's Nuclear Weapons Security Policy Framework: 

Issuing organization: DOD (Defense Intelligence Agency); 
Document: Nuclear Security Threat Capabilities Assessment; 
Description: DOD's national-level threat assessment that establishes 
security objectives and seeks to identify the greatest threats to DOD 
installations. 

Issuing organization: DOD; 
Document: Security Policy for Protecting Nuclear Weapons (Directive 
5210.41); 
Description: Establishes DOD's policy for nuclear weapons security. 

Issuing organization: DOD; 
Document: Nuclear Weapons Security Manual (5210.41-M); 
Description: DOD's implementing guidance that sets minimum standards 
for nuclear weapons security at DOD installations. 

Issuing organization: Air Force; 
Document: Air Force Manual 31-108; 
Description: Air Force's supplemental guidance that instructs its 
installations on meeting standards set in DOD's 5210.41-M. 

Issuing organization: Air Force; 
Document: Major command guidance; 
Description: Each of Air Force's major commands published guidance that 
provides its respective installations with additional instruction AFMAN 
31-108 and 5210.41-M. 

Issuing organization: Navy; 
Document: Naval Nuclear Security Policy (Secretary of the Navy 
Instruction 8126.1); 
Description: Navy's supplemental guidance that instructs its 
installations on meeting standards set in DOD's 5210.41-M. 

Source: GAO analysis of DOD information. 

[End of table] 

Table 5: DOE's Nuclear Weapons Security Policy Framework: 

Issuing organization: DOE; 
Document: Graded Security Protection (DOE O 470.3B); 
Description: DOE's national-level threat policy that identifies the 
threats and their capabilities to DOE's entities that store, maintain, 
or transport nuclear material or components. OST's and Pantex's 
security systems must meet the threats defined in the GSP, at a 
minimum. 

Issuing organization: DOE; 
Document: Integrated Safeguards and Security Management Policy 
(P470.1); 
Description: DOE's policy that establishes a framework of requirements 
and guidance for implementing safety and security standards, including 
those for nuclear weapons. 

Issuing organization: DOE; 
Document: M 470 series of implementation manuals; 
Description: A series of manuals that provide specific requirements and 
guidance for implementing security standards. 

Source: GAO analysis of DOE information. 

[End of table] 

To address the requirements of NSPD-28 and provide implementation 
guidance, DOD and DOE have issued policies and guidance for their 
respective sites to follow when securing nuclear weapons. To respond to 
NSPD-28, DOD updated its security policy and provided implementation 
guidance to the services by revising the Security Policy for Protecting 
Nuclear Weapons (Directive 5210.41) and the Nuclear Weapons Security 
Manual (5210.41-M) in November 2004. In addition, DOD, in cooperation 
with the Defense Intelligence Agency, published a new assessment of the 
threats to nuclear weapons in the Nuclear Security Threat Capabilities 
Assessment (NSTCA) in December 2005. To supplement DOD's Nuclear 
Weapons Security Manual, both Air Force and Navy published additional 
guidance for installations under their command. Additionally, Air 
Force's major commands published implementing instructions for their 
respective sites that handle nuclear weapons. Together, these documents 
establish DOD's security policy and an implementation framework for 
securing nuclear weapons; describe nuclear security policy, objectives, 
and concepts; and prescribe minimum security standards for protecting 
nuclear weapons. For example, DOD's manual prescribes specific minimum 
security standards that must be met at each installation that stores, 
maintains, or transports nuclear weapons. 

DOE's recently updated nuclear weapons threat policy--the Graded 
Security Protection (GSP) policy--and the safeguards and security 
policy establish DOE's framework for securing nuclear weapons and other 
materials.[Footnote 30] These policies are further detailed in a series 
of DOE implementation manuals that provide specific requirements and 
guidance, including the Safeguards and Security Program Planning and 
Management Manual (M 470.4-1), the Physical Protection Manual (M 470.4- 
2), and the Protective Force Manual (M 470.4-3). For example, the 
Safeguards and Security Program and Planning Management Manual 
establishes standards for documenting a site's security plan. According 
to DOE officials, they are reviewing security requirements to provide a 
more consistent and integrated set of policies. OST and Pantex are also 
currently developing implementation plans and finalizing the updates of 
their security plans. 

[End of section] 

Appendix III: Air Force and Navy Operating Environments for Nuclear 
Weapons: 

Air Force operating environments: Launch facility; 
Operating environment definitions: These facilities consist of 
underground missile silos and associated support facilities. 

Air Force operating environments: Off-base convoy; 
Operating environment definitions: Off-base convoys are conducted to 
move reentry vehicles from weapons storage areas to launch facilities 
and vice versa. Convoys transit base, local, state, and federal 
interstate routes, both paved and dirt/gravel. 

Air Force operating environments: On-base convoy; 
Operating environment definitions: On-base convoys are conducted to 
move nuclear weapons from weapons storage areas to aircraft. These 
movements transit paved roads, and distances traveled are generally 
limited to a few miles or shorter. 

Air Force operating environments: Prime nuclear airlift force (PNAF); 
Operating environment definitions: PNAFs take place in conjunction with 
on-base convoys and may deliver nuclear weapons to or remove them from 
aircraft. 

Air Force operating environments: Aircraft (bomber) generation; 
Operating environment definitions: Aircraft generation[A] takes place 
in conjunction with on-base convoys and may deliver or remove nuclear 
weapons. 

Air Force operating environments: Weapons storage area; 
Operating environment definitions: This kind of above-ground weapons 
storage area is located on select Air Force bases and contains 
hardened, alarmed storage bunkers, called igloos, for storing nuclear 
weapons. 

Air Force operating environments: Underground storage area; 
Operating environment definitions: The underground storage area stores 
weapons in hardened, alarmed underground storage bunkers. 

Air Force operating environments: Weapons storage and security 
(WS3)/MUNS; 
Operating environment definitions: The WS3/MUNS systems are a series of 
underground vaults located within hardened/protective aircraft shelters 
in a foreign country; this environment does not exist in the United 
States. Host nations provide security within the MUNS environment. 

Navy operating environments: Limited area; 
Operating environment definitions: The limited area is a heavily 
guarded area away from the waterfront where nuclear weapons are 
received, processed, maintained, stored, and shipped. 

Navy operating environments: Convoy route; 
Operating environment definitions: The convoy route area includes and 
bounds the path that mated Trident missiles take when they are 
transported between the limited area and the wharf for ballistic 
missile submarine off-loading and on-loading. The convoy route also 
includes the dockside handling building and a landside waterfront 
facility where the missiles are prepared for installation on a Trident 
nuclear-powered submarine (SSBN). 

Navy operating environments: Waterfront and harbor; 
Operating environment definitions: The waterfront and harbor area 
encompasses the waterfront restricted area and all landside and harbor 
countermeasures that provide security for moored SSBNs. 

Navy operating environments: SSBN transit; 
Operating environment definitions: The SSBN transit environment 
includes countermeasures that provide security for SSBNs while they are 
en route between the harbor and the dive/surface point. 

Source: DOD information. 

[A] Aircraft generation is an operational situation when nuclear forces 
are ordered to regenerate to alert status or where forces are 
reestablished to an operational status. This applies to forces that are 
not in this posture as a normal (day-to-day peacetime) practice. 

[End of table] 

[End of section] 

Appendix IV: Nuclear Weapons Security Funding for the Air Force, Navy, 
OST, and Pantex: 

DOD and DOE have estimated the funds required to protect nuclear 
weapons to be approximately $11.1 billion for fiscal years 2006 through 
2013.[Footnote 31] The nuclear weapons security funding requirements 
estimated by each of the organizations in our review--Air Force, Navy, 
OST, and Pantex--are presented in greater detail below. 

Total Funding to Protect Air Force Nuclear Assets Is $4.7 Billion: 

DOD has estimated the funds required to protect the Air Force stockpile 
of nuclear weapons to be about $ 4.7 billion for fiscal years 2006 
through 2013, as shown in table 6. 

Table 6: Total Estimated Air Force Nuclear Weapons Security Funding 
Requirements for Fiscal Years 2006 through 2013: 

Appropriation: Military personnel; 
FY 2006: $454.9 million; 
FY 2007: $462.3 million; 
FY 2008: $473.6 million; 
FY 2009: $417.4 million; 
FY 2010: $423.7 million; 
FY 2011: $439.0 million; 
FY 2012: $456.7 million; 
FY 2013: $471.4 million; 
Total: $3,599.0 million. 

Appropriation: Weapons procurement; 
FY 2006: $40.8 million; 
FY 2007: $79.1 million; 
FY 2008: $98.9 million; 
FY 2009: $93.7 million; 
FY 2010: $80.8 million; 
FY 2011: $27.4 million; 
FY 2012: $24.5 million; 
FY 2013: $19.2 million; 
Total: $464.4 million. 

Appropriation: Operations and maintenance (equipment); 
FY 2006: $42.0 million; 
FY 2007: $48.4 million; 
FY 2008: $71.9 million; 
FY 2009: $51.7 million; 
FY 2010: $43.7 million; 
FY 2011: $51.0 million; 
FY 2012: $44.7 million; 
FY 2013: $45.4 million; 
Total: $398.8 million. 

Appropriation: Other procurement; 
FY 2006: $22.4 million; 
FY 2007: $11.1 million; 
FY 2008: $3.7 million; 
FY 2009: $16.6 million; 
FY 2010: $22.3 million; 
FY 2011: $18.0 million; 
FY 2012: $11.4 million; 
FY 2013: $5.5 million; 
Total: $111.0 million. 

Appropriation: Operations and maintenance (civilian pay); 
FY 2006: $5.2 million; 
FY 2007: $5.4 million; 
FY 2008: $5.5 million; 
FY 2009: $6.1 million; 
FY 2010: $7.5 million; 
FY 2011: $7.9 million; 
FY 2012: $8.3 million; 
FY 2013: $8.6 million; 
Total: $54.5 million. 

Appropriation: Aircraft procurement; 
FY 2006: $3.1 million; 
FY 2007: $8.6 million; 
FY 2008: $4.9 million; 
FY 2009: $4.4 million; 
FY 2010: $1.1 million; 
FY 2011: $1.1 million; 
FY 2012: $1.2 million; 
FY 2013: $1.2 million; 
Total: $25.6 million. 

Appropriation: Munitions; 
FY 2006: $1.9 million; 
FY 2007: $2.1 million; 
FY 2008: $2.3 million; 
FY 2009: $3.2 million; 
FY 2010: $3.3 million; 
FY 2011: $3.4 million; 
FY 2012: $3.5 million; 
FY 2013: $3.5 million; 
Total: $23.2 million. 

Appropriation: Military construction; 
FY 2006: 0.0; 
FY 2007: 0.0; 
FY 2008: 0.0; 
FY 2009: 0.0; 
FY 2010: 0.0; 
FY 2011: 0.0; 
FY 2012: $4.6 million; 
FY 2013: 0.0; 
Total: $4.6 million. 

Appropriation: Total; 
FY 2006: $570.3 million; 
FY 2007: $617.0 million; 
FY 2008: $660.8 million; 
FY 2009: $593.1 million; 
FY 2010: $582.4 million; 
FY 2011: $547.8 million; 
FY 2012: $554.9 million; 
FY 2013: $554.8 million; 
Total: $4,681.1 million. 

Source: GAO analysis of Air Force information. 

[End of table] 

Total Funding to Protect Navy Nuclear Assets is $3.4 Billion: 

DOD has estimated the funds required to protect the Navy arsenal of 
nuclear weapons to be about $3.4 billion for fiscal years 2006 through 
2013, as shown in table 7.[Footnote 32] 

Table 7: Total Estimated Navy Nuclear Weapons Security Funding 
Requirements for Fiscal Years 2006 through 2013: 

Appropriation: Operations and maintenance; 
FY 2006: $99.7 million; 
FY 2007: $150.1 million; 
FY 2008: $150.5 million; 
FY 2009: $171.9 million; 
FY 2010: $167.1 million; 
FY 2011: $166.5 million; 
FY 2012: $169.8 million; 
FY 2013: $173.3 million; 
Total: $1,248.9 million. 

Appropriation: Military construction; 
FY 2006: $94.3 million; 
FY 2007: $48.1 million; 
FY 2008: $39.8 million; 
FY 2009: $50.7 million; 
FY 2010: $133.7 million; 
FY 2011: $309.0 million; 
FY 2012: $44.6 million; 
FY 2013: $56.0 million; 
Total: $776.2 million. 

Appropriation: Other procurement; 
FY 2006: $112.7 million; 
FY 2007: $41.1 million; 
FY 2008: $53.1 million; 
FY 2009: $52.9 million; 
FY 2010: $33.9 million; 
FY 2011: $27.3 million; 
FY 2012: $95.9 million; 
FY 2013: $97.8 million; 
Total: $514.7 million. 

Appropriation: Marine Corps manpower; 
FY 2006: $39.6 million; 
FY 2007: $40.8 million; 
FY 2008: $42.1 million; 
FY 2009: $45.7 million; 
FY 2010: $47.1 million; 
FY 2011: $48.5 million; 
FY 2012: $49.9 million; 
FY 2013: $51.4 million; 
Total: $365.1 million. 

Appropriation: Navy manpower; 
FY 2006: $23.3 million; 
FY 2007: $29.2 million; 
FY 2008: $30.1 million; 
FY 2009: $40.0 million; 
FY 2010: $41.2 million; 
FY 2011: $42.4 million; 
FY 2012: $43.7 million; 
FY 2013: $45.0 million; 
Total: $294.9 million. 

Appropriation: Weapons procurement; 
FY 2006: $5.1 million; 
FY 2007: 0.0; 
FY 2008: $7.0 million; 
FY 2009: $45.4 million; 
FY 2010: $44.3 million; 
FY 2011: $31.2 million; 
FY 2012: 0.0; 
FY 2013: 0.0; 
Total: $133.0 million. 

Appropriation: Research, development testing and evaluation; 
FY 2006: 0.0; 
FY 2007: $41.9 million; 
FY 2008: $5.8 million; 
FY 2009: $0.9 million; 
FY 2010: $0.9 million; 
FY 2011: 0.0; 
FY 2012: 0.0; 
FY 2013: 0.0; 
Total: $49.5 million. 

Appropriation: Total; 
FY 2006: $374.7 million; 
FY 2007: $351.2 million; 
FY 2008: $328.4 million; 
FY 2009: $407.5 million; 
FY 2010: $468.2 million; 
FY 2011: $624.9 million; 
FY 2012: $403.9 million; 
FY 2013: $423.5 million; 
Total: $3,382.3 million. 

Source: GAO analysis of Navy information. 

[End of table] 

Total Funding to Protect OST's Nuclear Assets is $1.9 Billion: 

For fiscal years 2006 through 2013, DOE has estimated the funds 
required to protect fully assembled nuclear weapons and other nuclear 
material and components that OST transports from one location to 
another to be over $1.9 billion, as shown in table 8. 

Table 8: Total Estimated OST Nuclear Weapons Security Funding 
Requirements for Fiscal Years 2006 through 2013: 

Subprogram: Mission capacity; 
FY 2006: $121.0 million; 
FY 2007: $117.0 million; 
FY 2008: $122.7 million; 
FY 2009: $123.0 million; 
FY 2010: $149.8 million; 
FY 2011: $160.0 million; 
FY 2012: $165.2 million; 
FY 2013: $166.1 million; 
Total: $1,124.8 million. 

Subprogram: Program management; 
FY 2006: $39.7 million; 
FY 2007: $47.0 million; 
FY 2008: $46.6 million; 
FY 2009: $48.2 million; 
FY 2010: $52.6 million; 
FY 2011: $54.1 million; 
FY 2012: $56.9 million; 
FY 2013: $58.0 million; 
Total: $403.1 million. 

Subprogram: Infrastructure; 
FY 2006: $26.1 million; 
FY 2007: $28.7 million; 
FY 2008: $24.0 million; 
FY 2009: $28.0 million; 
FY 2010: $25.1 million; 
FY 2011: $30.2 million; 
FY 2012: $30.7 million; 
FY 2013: $30.5 million; 
Total: $223.3 million. 

Subprogram: Security/safety capability; 
FY 2006: $23.1 million; 
FY 2007: $16.5 million; 
FY 2008: $23.6 million; 
FY 2009: $21.8 million; 
FY 2010: $23.8 million; 
FY 2011: $21.8 million; 
FY 2012: $22.1 million; 
FY 2013: $22.1 million; 
Total: $174.8 million. 

Subprogram: Total; 
FY 2006: $209.9 million; 
FY 2007: $209.2 million; 
FY 2008: $216.9 million; 
FY 2009: $221.0 million; 
FY 2010: $251.3 million; 
FY 2011: $266.1 million; 
FY 2012: $274.9 million; 
FY 2013: $276.7 million; 
Total: $1,926.0 million. 

Source: GAO analysis of OST information. 

Note: The budget for each subprogram also includes Program Direction 
funding requirements, which include the funding requirement for 
personnel, such as salaries and benefits, travel, and other related 
expenses. 

[End of table] 

Total Funding to Protect Nuclear Assets at Pantex is $1.1 Billion: 

DOE has estimated the funds required to protect fully assembled nuclear 
weapons and other nuclear material and components at Pantex for fiscal 
years 2006 through 2013 to be about $1.1 billion, as shown in table 9. 

Table 9: Total Estimated Pantex Nuclear Weapons Security Funding 
Requirements for Fiscal Years 2006 through 2013: 

Program: Protective forces; 
FY 2006: $90.3 million; 
FY 2007: $92.5 million; 
FY 2008: $100.3 million; 
FY 2009: $105.5 million; 
FY 2010: $117.6 million; 
FY 2011: $117.6 million; 
FY 2012: $123.5 million; 
FY 2013: $117.0 million; 
Total: $864.3 million. 

Program: Physical security systems; 
FY 2006: $6.9 million; 
FY 2007: $7.3 million; 
FY 2008: $10.3 million; 
FY 2009: $4.8 million; 
FY 2010: $8.7 million; 
FY 2011: $10.2 million; 
FY 2012: $9.7 million; 
FY 2013: $20.0 million; 
Total: $77.9 million. 

Program: Design Basis Threat security enhancements; 
FY 2006: $14.7 million; 
FY 2007: $9.1 million; 
FY 2008: $25.5 million; 
FY 2009: 0.0; 
FY 2010: 0.0; 
FY 2011: 0.0; 
FY 2012: 0.0; 
FY 2013: 0.0; 
Total: $49.3 million. 

Program: Program management and support; 
FY 2006: $3.0 million; 
FY 2007: $4.3 million; 
FY 2008: $5.3 million; 
FY 2009: $6.9 million; 
FY 2010: $4.7 million; 
FY 2011: $5.7 million; 
FY 2012: $5.5 million; 
FY 2013: $5.7 million; 
Total: $41.1 million. 

Program: Information protection; 
FY 2006: $3.7 million; 
FY 2007: $4.4 million; 
FY 2008: $4.5 million; 
FY 2009: $3.4 million; 
FY 2010: $0.3 million; 
FY 2011: $4.6 million; 
FY 2012: $4.5 million; 
FY 2013: $4.6 million; 
Total: $30.0 million. 

Program: Materials control and accountability; 
FY 2006: $3.3 million; 
FY 2007: $3.3 million; 
FY 2008: $3.7 million; 
FY 2009: $3.2 million; 
FY 2010: $3.7 million; 
FY 2011: $3.6 million; 
FY 2012: $3.5 million; 
FY 2013: $3.6 million; 
Total: $27.9 million. 

Program: Personnel security program; 
FY 2006: $1.1 million; 
FY 2007: $1.1 million; 
FY 2008: $1.2 million; 
FY 2009: $1.6 million; 
FY 2010: $0.1 million; 
FY 2011: $1.1 million; 
FY 2012: $1.1 million; 
FY 2013: $1.1 million; 
Total: $8.4 million. 

Program: Total; 
FY 2006: $123.0 million; 
FY 2007: $122.0 million; 
FY 2008: $150.8 million; 
FY 2009: $125.4 million; 
FY 2010: $135.1 million; 
FY 2011: $142.8 million; 
FY 2012: $147.8 million; 
FY 2013: $152.0 million; 
Total: $1,098.9 million. 

Source: GAO analysis of Pantex information. 

[End of table] 

[End of section] 

Appendix V: Comments from the Department of Defense: 

Assistant To The Secretary Of Defense: 
Nuclear And Chemical And Biological Defense Programs: 
3050 Defense Pentagon: 
Washington, DC 20301-3050: 

April 20, 2009: 

Ms. Davi M. D'Agostino: 
Director, Defense Capabilities and Management: 
U.S. Government Accountability Office: 
441 G Street, N.W.
Washington, DC 20548: 

Dear Ms. D'Agostino: 

This is the Department of Defense (DOD) response to the GAO draft 
report, GAO-09-463, "Homeland Defense: Greater Focus on Analysis of 
Alternatives and Threats Needed to Improve DoD's Strategic Nuclear 
Weapons Security," dated March 20, 2009 (GAO Code 351119). The 
Department provides the enclosed comments. Detailed technical comments 
were provided separately. 

If you need additional information, please do not hesitate to call me 
at 703-697-3060. The point of contact for this matter is Colonel 
Patrick Vetter, Office of the Deputy Assistant to the Secretary of 
Defense (Nuclear Matters), 703-697-7130, patrick.vetter@osd.mil. 

Signed by: 

Steve Henry: 
Deputy Assistant to the Secretary of Defense (Nuclear Matters): 

Enclosure: As stated: 

[End of letter] 

GAO Draft Report - Dated March 20, 2009: 
GAO Code 351119/GAO-09-463: 

"Homeland Defense: Greater Focus on Analysis of Alternatives and 
Threats Needed to Improve DoD's Strategic Nuclear Weapons Security" 

Department Of Defense Comments To The Recommendations: 

Recommendation 1: The GAO recommends that the Secretary of Defense 
direct the Under Secretary of Defense (Acquisition, Technology and 
Logistics), to modify DoD Directive 5210.41, Security Policy for 
Protecting Nuclear Weapons, to require alternatives and cost benefit 
analysis of nuclear security measures as appropriate. 

DOD Response: Partially concur. DoD Directive 5210.41, Security Policy 
for Protecting Nuclear Weapons, provides guidance which meets the 
recommendation's intent. Paragraph 4.8 states: "physical security 
requirements associated with nuclear weapons shall take into 
consideration the affordability and life-cycle costs of a nuclear 
weapon system." In its current form, this policy statement inherently 
requires the department to examine alternatives in regard to cost 
benefit. 

Recommendation 2: The GAO recommends that the Secretary of Defense 
direct the Assistant to the Secretary of Defense for Nuclear and 
Chemical and Biological Defense Programs to modify DoD S-5210.41-M, 
Nuclear Weapons Security Manual, to provide appropriate guidance to the 
Services for weighing costs, including life-cycle costs, and benefits 
when considering alternative security measures for nuclear weapons. 

DOD Response: Partially concur. DoD S-5210.41-M. Nuclear Weapons 
Security Manual, is intended to implement the policy established in the 
governing DoD Directive 5210.41, Security Policy for Protecting Nuclear 
Weapons. It establishes specific requirements to meet the Nuclear 
Weapons Security Standard delineated in National Security Presidential 
Directive 28. Paragraph C3.1.9 of DoD S-5210.41-M dictates that system 
security consideration and updating of existing security systems should 
be integrated into the system engineering process, consistent with 
mission requirements and cost effectiveness consistent with DoD 
Directive 5000.01, The Defense Acquisition System, and DoD Instruction 
5000.2, Operation of the Defense Acquisition System. Additionally, DoD 
S-5210.41-M Chapter 10 provides instructions on deviating from 
established requirements while providing the equivalent levels of 
security through other means. To support this recommendation, the 
report implies, on page 13, the Navy relied solely upon DoD S-5210.41-M 
requirements in building an underground maintenance and storage 
facility. The Navy assessed a variety of options from a performance 
perspective and determined the most cost effective approach that would 
meet performance requirements was a hardened, underground structure. As 
further support for this recommendation, the report notes the Navy 
failed to include costs for the entire life cycle of their Ship, 
Submersible, Ballistic, Nuclear (SSBN) transit protection system (TPS). 
A 2006 PA&E review of TPS alternatives concluded that the TPS selection 
which provided the most significant benefit when evaluated in terms of 
deployment time, effectiveness, ability to evolve, impact to SSBN 
operations and cost was the system selected by the Navy. However, 
greater emphasis on cost-benefit and security effectiveness in 
selection and implementation of nuclear physical security measures is 
appropriate. This issue is addressed in the proposed revised DoD S-
5210.41-M. 

Recommendation 3: The GAO recommends that the Secretary of Defense 
direct the Deputy Assistant to the Secretary of Defense for Nuclear 
Matters (DATSD(NM)) to provide more specific guidance on the 
methodology to develop local threat assessments. 

DOD Response: Partially concur. DoD Instruction 2000.16, DOD
Antiterrorism (AT) Standards paragraph E3.4 prescribes procedures for 
conducting an annual local threat assessment. The proposed revision to 
DoD S-5210.41-M, provides more detailed guidance on preparing local 
threat assessments at nuclear installations. 

Recommendation 4: The GAO recommends that the Secretary of Defense 
direct the Secretaries of the Navy and Air Force to provide 
installation commanders with the capabilities necessary to more fully 
collect and assess local, regional, and national intelligence 
information. 

DOD Response: Partially concur. A comprehensive study by the Services 
to determine capability gaps in intelligence collection is needed to 
determine if installation commanders lack resources and personnel to 
meet requirements or better, more efficient use of existing resources 
and personnel is needed. 

Recommendation 5: The GAO recommends that the Secretary of Defense 
direct the Secretary of the Air Force to establish a method to 
centrally manage and track funding associated with nuclear weapons 
security. 

DOD Response: Concur. 

[End of section] 

Appendix VI: GAO Contact and Staff Acknowledgments: 

GAO Contacts: 

Davi D'Agostino (202) 512-5431 or dagostinod@gao.gov: 

Gene Aloise (202) 512-6870 or aloisee@gao.gov: 

Staff Acknowledgments: 

In addition to the contacts named above Ryan T. Coles, Assistant 
Director; Robert L. Repasky, Assistant Director; Steven D. Boyles; 
Grace A. Coleman; Penney M. Harwell Caramia; Wyatt R. Hundrup; Ronald 
La Due Lake; Gregory A. Marchand; and Charles W. Perdue also made key 
contributions to this report. 

[End of section] 

Related GAO Products: 

Nuclear Security: 

Nuclear Safety: Department of Energy Needs to Strengthen Its 
Independent Oversight of Nuclear Facilities and Operations. [hyperlink, 
http://www.gao.gov/products/GAO-09-61]. Washington, D.C.: October 23, 
2008. 

Los Alamos National Laboratory: Information on Security of Classified 
Data, Nuclear Material Controls, Nuclear and Worker Safety, and Project 
Management Weaknesses. [hyperlink, 
http://www.gao.gov/products/GAO-08-173R]. Washington, D.C.: January 10, 
2008. 

Nuclear Security: DOE's Office of the Under Secretary for Energy, 
Science and Environment Needs to Take Prompt, Coordinated Action to 
Meet the New Design Basis Threat. [hyperlink, 
http://www.gao.gov/products/GAO-05-611]. Washington, D.C.: July 15, 
2005. 

Nuclear Security: DOE Needs to Resolve Significant Issues Before It 
Fully Meets the New Design Basis Threat. [hyperlink, 
http://www.gao.gov/products/GAO-04-623]. Washington, D.C.: April 27, 
2004. 

Nuclear Security: NNSA Needs to Better Manage Its Safeguards and 
Security Program. [hyperlink, http://www.gao.gov/products/GAO-03-471]. 
Washington, D.C.: May 30, 2003. 

Nuclear Security: Lessons to Be Learned from Implementing NNSA's 
Security Enhancement., [hyperlink, 
http://www.gao.gov/products/GAO-02-358]. Washington, D.C.: March 29, 
2002. 

Nuclear Security: Security Issues At DOE and Its Newly Created National 
Nuclear Security Administration. [hyperlink, 
http://www.gao.gov/products/GAO/T-RCED-00-123]. Washington, D.C.: March 
14, 2000. 

Nuclear Security: Improvements Needed in DOE's Safeguards and Security 
Oversight. [hyperlink, http://www.gao.gov/products/GAO/RCED-00-62]. 
Washington, D.C.: February. 24, 2000. 

Risk Management: 

Risk Management: Strengthening the Use of Risk Management Principles in 
Homeland Security. [hyperlink, http://www.gao.gov/products/GAO-08-
904T]. Washington, D.C.: June 25, 2008. 

Homeland Security: Applying Risk Management Principles to Guide Federal 
Investments. [hyperlink, http://www.gao.gov/products/GAO-07-386T]. 
Washington, D.C.: February 7, 2007. 

Risk Management: Further Refinements Needed to Assess Risks and 
Prioritize Protective Measures at Ports and Other Critical 
Infrastructure. [hyperlink, http://www.gao.gov/products/GAO-06-91]. 
Washington, D.C.: December 15, 2005. 

Defense Management: Additional Actions Needed to Enhance DOD's Risk- 
Based Approach for Making Resource Decisions. [hyperlink, 
http://www.gao.gov/products/GAO-06-13]. Washington, D.C.: November 15, 
2005. 

Combating Terrorism: Threat and Risk Assessments Can Help Prioritize 
and Target Program Investments. [hyperlink, 
http://www.gao.gov/products/GAO/NSIAD-98-74]. Washington, D.C.: April 
9, 1998. 

Homeland Security: 

Homeland Security: Challenges and Strategies in Addressing Short-and 
Long-Term National Needs. [hyperlink,
http://www.gao.gov/products/GAO-02-160T]. Washington, D.C.: November 7, 
2001. 

Government Performance and Results Act of 1993: 

21st Century Challenges: Performance Budgeting Could Help Promote 
Necessary Reexamination. [hyperlink, 
http://www.gao.gov/products/GAO-05-709T]. Washington, D.C.: June 14, 
2005. 

Best Practices: 

GAO Cost Estimating and Assessment Guide: Best Practices for Developing 
and Managing Capital Program Costs. [hyperlink, 
http://www.gao.gov/products/GAO-09-3SP]. Washington, D.C.: March 2009. 

[End of section] 

Footnotes: 

[1] The following GAO reports address problems with DOE's security that 
we have identified in the past: GAO, Nuclear Security: Improving 
Correction of Security Deficiencies at DOE's Weapons Facilities, 
[hyperlink, http://www.gao.gov/products/GAO/RCED-93-10] (Washington, 
D.C.: Nov. 16, 1992); Nuclear Security: Improvements Needed in DOE's 
Safeguards and Security Oversight, [hyperlink, 
http://www.gao.gov/products/GAO/RCED-00-62] (Washington, D.C.: Feb. 24, 
2000); Nuclear Security: Lessons to Be Learned from Implementing NNSA's 
Security Enhancements, [hyperlink, 
http://www.gao.gov/products/GAO-02-358] (Washington, D.C.: Mar. 29, 
2002); Nuclear Security: NNSA Needs to Better Manage Its Safeguards and 
Security Program, [hyperlink, http://www.gao.gov/products/GAO-03-471] 
(Washington, D.C.: May 30, 2003); Nuclear Security: DOE Needs to 
Resolve Significant Issues Before It Fully Meets the New Design Basis 
Threat, [hyperlink, http://www.gao.gov/products/GAO-04-623] 
(Washington, D.C.: Apr. 27, 2004); Nuclear Security: DOE's Office of 
the Under Secretary for Energy, Science, and Environment Needs to Take 
Prompt, Coordinated Action to Meet the New Design Basis Threat, 
[hyperlink, http://www.gao.gov/products/GAO-05-611] (Washington, D.C.: 
July 15, 2005); and Los Alamos National Laboratory: Information on 
Security of Classified Data, Nuclear Material Controls, Nuclear and 
Worker Safety, and Project Management Weaknesses, [hyperlink, 
http://www.gao.gov/products/GAO-08-173R] (Washington, D.C.: Jan. 10, 
2008). 

[2] The White House, National Security Presidential Directive 28, 
United States Nuclear Weapons Command and Control, Safety, and Security 
(Washington, D.C., June 20, 2003). 

[3] OST also transports nuclear material between DOE sites and some 
sites licensed by the Nuclear Regulatory Commission. 

[4] GAO, Homeland Security: Challenges and Strategies in Addressing 
Short-and Long-Term National Needs, [hyperlink, 
http://www.gao.gov/products/GAO-02-160T] (Washington, D.C.: Nov. 7, 
2001. 

[5] DOD S-5210.41-M, Nuclear Weapons Security Manual (Nov. 22, 2004). 

[6] In its Naval Sea Systems Command 2005 Cost Estimating Guide, the 
Navy has defined life-cycle cost estimates as the total cost of a 
program over its full life. The costs can be grouped into the following 
four categories: research and development, procurement, operation and 
support, and disposal. 

[7] To address the recommendations of several task forces chartered to 
assess the Air Force's nuclear security posture in the aftermath of 
security breaches at one of its installations, the Air Force 
restructured its nuclear enterprise. The restructuring will ultimately 
include the Strategic Deterrence and Nuclear Integration Office, a 
newly created headquarters organization of the Air Staff, and the 
Global Strike Command, a new organization that will command all of the 
service's nuclear capability. A provisional command began operations on 
January 12, 2009, and the new command is expected to achieve initial 
operating capability in September 2009. 

[8] The life extension programs were developed to extend the expected 
lifetime of warheads or warhead components by at least 20 years; the 
programs include the B61 and W76 life extension programs. 

[9] DOD S-5210.41-M, Nuclear Weapons Security Manual (Nov. 22, 2004). 

[10] DOD Directive 5210.41, Security Policy for Protecting Nuclear 
Weapons (Nov. 1, 2004), and DOD S-5210.41-M. 

[11] A nuclear weapon system is one or more nuclear weapons that is/are 
on or physically attached to their delivery platform in combination 
with all related equipment, material, services, and personnel required 
for self-sufficiency. A nuclear weapon system is distinct and different 
from a nuclear command and control system. 

[12] The first 6 years of the program covered fiscal year 2006 through 
fiscal year 2011. 

[13] Naval Sea Systems Command, 2005 Cost Estimating Handbook 
(Washington, D.C.; Nov. 18, 2004). 

[14] GAO, GAO Cost Estimating and Assessment Guide: Best Practices for 
Developing and Managing Capital Program Costs, [hyperlink, 
http://www.gao.gov/products/GAO-09-3SP] (Washington, D.C.: March 2009). 

[15] Office of Management and Budget, Circular A-94, Guidelines and 
Discount Rates for Benefit-Cost Analysis of Federal Programs 
(Washington, D.C.: Oct. 29, 1992). 

[16] Department of Energy, Vulnerability Assessment Process Guide 
(Washington, D.C.: September 2004). 

[17] Department of Defense, Defense Intelligence Agency, Nuclear 
Security Threat Capabilities Assessment 2005 - 2015 (Washington, D.C., 
December 2005). 

[18] DOD Instruction 2000.16, DOD Antiterrorism Standards (Dec. 8, 
2006). 

[19] Members of the threat working groups typically include 
representatives from the installation security forces, the 
antiterrorism and force protection officer, the intelligence officer, 
and an Air Force Office of Special Investigations agent. 

[20] JTTFs are multi-agency teams led by the Justice Department and the 
FBI designed to combine the resources of federal, state, and local law 
enforcement. The JTTFs are small cells of highly trained, locally based 
investigators, analysts, linguists, Special Weapons and Tactics (SWAT) 
experts, and other specialists from dozens of U.S. law enforcement and 
intelligence agencies. Fusion Centers have been created by many states 
and larger cities to share information and intelligence within their 
jurisdictions as well as with the federal government. 

[21] DOD S-5210.41-M. 

[22] These assessments are specific to the nuclear facility and are in 
addition to the vulnerability assessments required by DOD's 
antiterrorism policy. DOD's antiterrorism policy requires that 
installation commanders or unit antiterrorism officers conduct annual 
vulnerability assessments of the entire installation to identify 
physical characteristics or procedures that render critical assets 
vulnerable to terrorists. 

[23] The DBT, most recently updated in 2005 and replaced by the GSP in 
August 2008, is a classified document that identifies the potential 
size and capabilities of terrorist threats to DOE facilities that 
handle nuclear material. DOE requires its sites to provide sufficient 
security measures to defend against the threat identified in the DBT. 

[24] Funding data provided by DOD and DOE were based on the fiscal year 
2009 President's Budget. 

[25] Funding information for base operations support and facilities, 
sustainment, restoration, and modernization at the Navy's two strategic 
weapons facilities is not included in this estimate. 

[26] DOE O 470.3A, Design Basis Threat Policy, (Nov. 29, 2005). 

[27] GAO, 21st Century Challenges: Performance Budgeting Could Help 
Promote Necessary Reexamination, [hyperlink, 
http://www.gao.gov/products/GAO-05-709T] (Washington, D.C.: June 14, 
2005). 

[28] Department of the Air Force, Reinvigorating the Air Force Nuclear 
Enterprise (Washington, D.C.: Oct. 24, 2008). 

[29] The funding category differed among three of the four agencies. 
The funding category for DOD was an appropriation account, for OST a 
goal, and for Pantex a program. 

[30] The GSP was signed by the Acting Deputy Secretary of Energy in 
August 2008. Since then, DOE has been updating its directives and OST 
and Pantex are currently updating their security plans. 

[31] Funding data provided by DOD and DOE were based on the fiscal year 
2009 President's Budget. 

[32] Funding information for base operations support and facilities, 
sustainment, restoration, and modernization at the Navy's two strategic 
weapons facilities is not included in this estimate. 

[End of section] 

GAO's Mission: 

The Government Accountability Office, the audit, evaluation and 
investigative arm of Congress, exists to support Congress in meeting 
its constitutional responsibilities and to help improve the performance 
and accountability of the federal government for the American people. 
GAO examines the use of public funds; evaluates federal programs and 
policies; and provides analyses, recommendations, and other assistance 
to help Congress make informed oversight, policy, and funding 
decisions. GAO's commitment to good government is reflected in its core 
values of accountability, integrity, and reliability. 

Obtaining Copies of GAO Reports and Testimony: 

The fastest and easiest way to obtain copies of GAO documents at no 
cost is through GAO's Web site [hyperlink, http://www.gao.gov]. Each 
weekday, GAO posts newly released reports, testimony, and 
correspondence on its Web site. To have GAO e-mail you a list of newly 
posted products every afternoon, go to [hyperlink, http://www.gao.gov] 
and select "E-mail Updates." 

Order by Phone: 

The price of each GAO publication reflects GAO’s actual cost of
production and distribution and depends on the number of pages in the
publication and whether the publication is printed in color or black and
white. Pricing and ordering information is posted on GAO’s Web site, 
[hyperlink, http://www.gao.gov/ordering.htm]. 

Place orders by calling (202) 512-6000, toll free (866) 801-7077, or
TDD (202) 512-2537. 

Orders may be paid for using American Express, Discover Card,
MasterCard, Visa, check, or money order. Call for additional 
information. 

To Report Fraud, Waste, and Abuse in Federal Programs: 

Contact: 

Web site: [hyperlink, http://www.gao.gov/fraudnet/fraudnet.htm]: 
E-mail: fraudnet@gao.gov: 
Automated answering system: (800) 424-5454 or (202) 512-7470: 

Congressional Relations: 

Ralph Dawn, Managing Director, dawnr@gao.gov: 
(202) 512-4400: 
U.S. Government Accountability Office: 
441 G Street NW, Room 7125: 
Washington, D.C. 20548: 

Public Affairs: 

Chuck Young, Managing Director, youngc1@gao.gov: 
(202) 512-4800: 
U.S. Government Accountability Office: 
441 G Street NW, Room 7149: 
Washington, D.C. 20548: