National Nuclear Security Administration: Reporting on Industrial Base Risks Needs Improvement

What GAO Found

The National Nuclear Security Administration (NNSA) uses a coordinated but decentralized approach to manage risks to the nuclear security enterprise (NSE) industrial base. The NSE industrial base includes four elements—supply chain, operations and facilities, logistics and transportation, and workforce. The Office of Systems Engineering and Integration, within NNSA's Office of Defense Programs, serves as the focal point for managing NSE industrial base risks at the enterprise level, including by attending working group meetings and participating in interagency processes. Contractors and working groups across the NSE are primarily responsible for managing industrial base risks. They use a variety of tools and processes that are often interlinked and cross-cutting. For example, some working groups use third-party software to identify, assess, and monitor risks.

Figure: Elements of the Nuclear Security Enterprise Industrial Base

NNSA has identified several key risks and taken steps to address some of them. For example, to address the insufficient supply of specialized equipment, NNSA established a working group that created two initiatives to expand capacity and increase supply. However, NNSA's primary method of communicating NSE industrial base risks to external stakeholders—the annual Stockpile Stewardship and Management Plan—does not completely and clearly communicate risk priorities or resource needs. For example,

• The Fiscal Year (FY) 2022 National Defense Authorization Act (NDAA) requires NNSA to report on identified risks and how they are prioritized. However, GAO found that the plan discusses some key risks in limited detail and did not describe any as priorities.
• The FY 2022 NDAA also requires NNSA to report its resource needs to mitigate industrial base risks. NNSA officials said that additional resources or tools would be useful to address some risks. However, the plan did not identify such resources.

Complete and clear information about industrial base risks and resource needs would help inform stakeholders and decision-makers about the status of the NSE industrial base.

Why GAO Did This Study

NNSA relies on contractors to produce or procure thousands of parts and components for the nuclear weapons stockpile. These contractors operate the laboratories and production facilities comprising the NSE. However, NNSA faces risks to its NSE industrial base such as human capital gaps, eroding infrastructure, constrained markets and suppliers, and global events. The FY 2022 NDAA requires NNSA to report on NSE industrial base risks.

A Senate report accompanying a bill for the FY 2023 NDAA includes a provision for GAO to review NNSA's plans for addressing NSE industrial base risks. This report (1) examines NNSA's approach to managing risks to the NSE industrial base and (2) assesses the extent to which NNSA has identified NSE industrial base risks and communicated these risks to external stakeholders.

To do this work, GAO reviewed NNSA documentation and interviewed NNSA officials and selected contractor and working group representatives. GAO compared NNSA's risk reporting to enterprise risk management good practices.