Open Menu
December 16, 2024 | Susan Napier-Sewell

Lessons Learned: Negative Trends in Disposition of Classified Computers

negative trends

Prompt identification and communication of negative trends can lead to effective issues management and corrective actions.

The primary cause of negative trends was attributed to untrained individuals performing critical tasks, such as removing classified hard drives from computers. Additionally, the complexity associated with the cross-program nature of the lifecycle management of classified computers contributed to the negative trends issue.

Other common causes of negative trends included unclear processes and procedures, ambiguous roles and responsibilities, and inadequate training, communication, and work planning.

What happened?
Other incidents involved the improper storage and protection of classified computers. Past incidents occurred across various organizations at Sandia’s and involved personnel in different roles. The majority of incidents took place during the disposition and reapplication process, and two occurred during the movement of classified computers from one location to another.

What was learned?
During the causal analysis, it became evident that identifying and communicating system-level gaps is crucial:

•Critical or complex tasks should be performed by trained and qualified individuals.

•Effective work planning and the definition of clear roles and responsibilities, including hand-offs, are essential.

•Always seek guidance from available subject matter experts (SMEs) and resources, such as CCHD, Deployed Security Professionals, Classified Administrative Specialists, and Cyber Liaisons.

What was done to prevent recurrence? Improvements?

•A corporate-led systemic causal analysis was conducted with team members from the NM and CA sites.

•Thirteen lab-level corrective actions were identified.

•A new corporate process for the clearing and sanitization of classified computers and equipment was established—contact CCHD for assistance!

•Communications and training across the three program areas (Cyber/IT, Reapplication, and Security) were updated and created.

•Six instances have been documented where the new CCHD process has successfully pre•A corporate-led systemic causal analysis was conducted with team members from the NM and CA sites.

•Thirteen lab-level corrective actions were identified.

•A new corporate process for the clearing and sanitization of classified computers and equipment was established—contact CCHD for assistance!

•Communications and training across the three program areas (Cyber/IT, Reapplication, and Security) were updated and created.

•Six instances have been documented where the new CCHD process has successfully prevented an IOSC.

•There have been zero repeat IOSCs since the implementation of the corrective actions!

Content credit: EHSS (Office of Environment, Health, Safety, and Security) OpexShare, “Disposition of Classified Computers (Systemic Issue), published December 9, 2024, publisher, Sandia National Laboratories (SNL), Albuquerque, NM (Sandia National Lab).

Categories
Accident, Investigations, Operational Excellence
-->
Show Comments

Leave a Reply

Your email address will not be published. Required fields are marked *

More Articles That Might Interest You...

August 1, 2024 How to Become a Certified TapRooT® Instructor Read More about How to Become a Certified TapRooT® Instructor
October 15, 2020 Incident Investigation & Root Cause Analysis Success Stories Read More about Incident Investigation & Root Cause Analysis Success Stories
HOP
July 10, 2024 What is HOP? Read More about What is HOP?
Root Cause Failure Analysis, pump
February 14, 2024 Troubleshooting and Root Cause Analysis of Equipment Reliability Problems Read More about Troubleshooting and Root Cause Analysis of Equipment Reliability Problems