Following issuance of the PNOV, Sandia challenged some of the severity levels determined by NNSA “on the basis that the information associated with the security event is available in open sources and could not result in any actual or high potential for adverse impact on national security,” according to the FNOV. However, NNSA determined that “the availability of this information in the open literature does not automatically declassify the information” and “Sandia is aware of existing processes in place to have information declassified,” the final letter says. It adds that “Sandia should have identified the security program weaknesses” earlier than the 2012 date of discovery. As a result, NNSA “finds no merit” in Sandia’s challenge to the PNOV, the letter says. NNSA imposed a $660,000 civil penalty for four Severity Level I and two Severity Level II violations of classified information security requirements, and adjusted the amount following some corrective actions to $577,500, the letter says. Sandia has been given 30 days to request a hearing.
Sandia Corporation is required to pay a penalty of $577,500 for six classified information security violations, according to a July 13 Final Notice of Violation (FNOV) from the National Nuclear Security Administration (NNSA) released last week. The violations, dating back to 1997 and discovered in 2012 at Sandia National Laboratories’ New Mexico site, involved the use of classified information, including Critical Nuclear Weapon Design Information, in 13 slides of an employee’s presentation. A Preliminary Notice of Violation (PNOV) issued to Sandia at the end of May noted that the presentation had not been submitted for classification review, was given at public venues and remained on an unclassified shared server for years.
Partner Content