Federal Reports

This review was initiated because of questions raised during congressional testimony following the Kingston Ash Spill in December 2008. The objectives of this review were to determine whether the Tennessee Valley Authority (TVA) has (1) performed groundwater monitoring as prescribed by the permits and (2) found levels of constituents monitored that exceeded regulatory limits and, if so, implemented any required corrective actions.During our review, we found that in some instances TVA was not performing monitoring as prescribed by the permits. For calendar years 2008 and 2009, TVA was monitoring for the required constituents and testing within the required time frames at ten coal combustion product (CCP) areas at seven fossil plants. However, TVA was not monitoring for all permit-required constituents at Cumberland and Johnsonville Fossil Plants. TVA has submitted letters to the Tennessee Department of Environment and Conservation (TDEC) requesting removal of all constituents that were not being tested from the permit and TDEC stated this would be approved.Additionally, exceedances were found at eight of the nine fossil plants where monitoring is being conducted. TVA has two plants in Tennessee, Cumberland and Gallatin Fossil Plants, that have constituents that exceeded health-based limits and are working through the corrective action process described in Tennessee Rule 1200-1-7. Finally, TVA installed 29 monitoring wells at nine sites in 2010 and has committed to conducting at least one sampling event at each site by the end of fiscal year 2011.We recommended the Senior Vice President, Environment & Technology, continue (1) plans to implement monitoring at all active CCP disposal areas, and (2) with the assessment plans and initiate corrective actions for Cumberland and Gallatin Fossil Plants. TVA management agreed with the recommendations.

The Office of the Inspector General reviewed the IT controls for granting and monitoring non-nuclear contractor access to TVA Assets, including general network access. The OIG found TVA's controls over processes for managing and tracking non-Nuclear contractor logical and physical access need to be strengthened to reduce the risk of loss or compromise of sensitive TVA data and physical assets. Specifically, the OIG found:Three enterprise risks identified by TVA's Enterprise Risk Council could be impacted by weak controls over contractor access identified in this report.The current maturity of TVA's contractor management process is relatively low.Certain contractors had access to sensitive TVA assets without proper background investigation and clearance.TVA's system for assigning physical access to TVA facilities does not clearly identify facilities for which special clearance is needed.TVA does not have a process to require complete and accurate entry for all non-nuclear contractors into the Human Resource Information System.The IT Customer Center does not ensure Virtual Private Network tokens used by contractors are returned when the contractor leaves TVA employment. Summary Only