Safeguards and Security

Introduction/Background

Performance Objective: 2.0

Sustain and enhance the effectiveness of Integrated Safeguards and Security Management (ISSM).

Performance Criterion: 2.1

Demonstrate improvements in Integrated Safeguards and Security Management (ISSM) processes and functions.  Safeguards and Security (SAS) is integrated into the culture of the organization for effective deployment of management systems.

Performance Measure 2.1.a:

• Obtain DOE approval in FY05 of revisions to the July 2004 SLAC Site Safeguards and Security plan to address findings from the FY04 annual DOE Safeguards and Security Report and to ensure that the plan addresses DOE safeguards and security policies and requirements applicable to SLAC operations.
• Implementation status of the Integrated SAS Management (ISSM) Action Plan Milestones/Objectives is on track with schedules.
• Customer satisfaction survey relative to SAS knowledge and acceptance/involvement by Laboratory staff has positive results.
• SAS requirements are adequately defined and disseminated to Laboratory staff.  Line management and staff understand their SAS responsibilities and demonstrate their commitment to SAS through completion of required SAS training.
• SAS self-assessment program and resulting corrective action will be conducted in accordance with applicable requirements and expectations.

Discussion:

• The Site Security Plan was revised to reflect many internal procedural changes, organizational changes, and to incorporate DOE O 142.3.  The revised plan was completed in late September 2005. Final sign-off and submission to the DOE Site Office has been delayed due to the absence of key approving officials from SLAC.
• The primary ISSM efforts revolve around the Annual Security Briefing which was held on September 20th, 2005. The briefing was given to standing-room-only attendance and was combined with other security, counterintelligence, and safety presentations.  Additionally, the briefing was accompanied by the successful “Expo” in the auditorium breezeway where subject matter experts were available to meet with staff and discuss areas of concern.  This year, as in past years, we partnered with the ES&H staff to create the “Integrated Management” program as part of the security briefing.
  In addition to the annual briefing, we published several articles in “The Interaction Point (TIP)” and on “SLAC Today” website regarding security and traffic safety issues.  A full listing of these articles and notices is available for review.
• We conducted our customer satisfaction survey during the annual briefing (noted above) and received  530 responses – a > 25% increase in response compared to last year.  Results from comments are being tabulated and a summary report will be sent to the Directorate for their response and any appropriate action. We plan to conduct the next electronic customer survey in early calendar-year 2006.
• SAS training and orientation is given annually to all staff as part of the mandatory security briefing in September.  During the year, staff is reminded of their obligations for security through the use of various communications channels covered in Bullet #2 (above)
• Corrective actions and “lessons learned” are a routine part of our security posture.  The Security Manager meets with the Assistant Director on a weekly, sometimes daily, basis and corrections are made as appropriate.
  The Security Manager has regular communications via e-mail with managers responsible for areas under review or where incidents have taken place.  Each of these communications discusses corrective actions and ways to mitigate future problems.

Performance Objective 3:  Integrated Safeguards and Security (SAS)

Sustain and enhance the effectiveness of Integrated Safeguards and Security (SAS).

Performance Criterion 3.1:

Emerging threats are identified, reported, and mitigated as necessary.

Description:  This indicator will assess the Laboratory’s ability to identify report and mitigate, as necessary, any emerging threats.  Performance against this indicator will be measured using the following parameters and the criteria specified in the Performance Evaluation section, below.

Performance Measure:  

• Line organizations ensure the number of significant incidents of a security concern within the control of SLAC with impacts upon the national security, or foreign relations of the United States are minimized and mitigated.

• Security events are reported in a timely manner and managed as required identifying and repairing weaknesses in procedures and policies that are designed to protect government interests.

• Corrective actions for identified threats or issues are developed and implemented by the line organizations in a timely manner.

Definitions:
Incidents of security concern are:
Any actions or inactions that

1. Pose an immediate danger or short- or long-term threat to national security interests and/or critical DOE assets, that potentially create a serious security situation, or that create high-visibility media interest;
2. Pose long-term threats to DOE security interests or that potentially degrade the overall effectiveness of the Department’s protection program; and
3. In combination and over time, adversely impact the level of security awareness and program responsiveness necessary to protect DOE’s security interests.

Significant incidents of a security concern:

1. Any Security Event that can be expected to cause damage to national security or DOE security interests.
2. Events applicable to this indicator will be those that are within the control of SLAC. 

Discussion:

• SLAC is a Class C (Threat Level IV) facility.  We endeavor to ensure that any and all threats are minimized and mitigated – those of a local nature such as theft of government property and that of ensuring the safety and security of our staff.  We are also concerned about those of a national security nature.  During FY 2005, SLAC had no incidents that would rise to the national security level.
• All security events are reported if and when they occur.  We routinely examine our procedures.  One excellent example of this was the “lessons learned” discussions that revolved around the power outage that occurred on May 18th.  This provided us with an opportunity to examine many aspects of our procedures – most importantly -- communications with staff.
• Corrective actions for any major incidents are immediately examined.  As of this time in this rating period, there have been no such major incidents to require a formal corrective action plan.