Skip navigation
Nuclear Safeguards Education Portal

Evaluating Nuclear Security Culture

Self-assessment is an important part of ensuring that the security culture of the organization is strong and identifying areas for improvement.  When we think about self-assessment, we typically think about the data collection phase (surveys, interviews, etc.).  The data collection phase of the self-assessment, however, is only one stage of a multi-stage process of self-assessment laid out by the IAEA.  

Iaea -self -assessment -diagram. all elements are described in text of this page.

Source: Self-Assessment of Nuclear Security Culture in Facilities and Activities that Use Nuclear and/or Radioactive Material (IAEA NST026)

Start: Decision

The organization must first decide to carry out an initial or subsequent self-assessment and commit to that process, a decision that shows they value the importance of nuclear security culture.

Stage 1: Launch Outreach Campaign and Establish a Self-Assessment Team

Before carrying out the self-assessment, the management should build commitment for the process among personnel.  They can accomplish this by showing that they value the self-assessment process and by making the purpose and procedure clear to all employees.  Self-assessments often fail because personnel either do not think they are important or useful or because they do not understand how the data will be used.  At this stage it is also important to project the message that confidentiality will be ensured for all participants.

A self-assessment team should be assigned to oversee the assessment, and this team should consist of individuals from various departments and potentially even an independent expert whose role is to advise the team, reduce bias, and share skills for conducting a successful assessment.

Stage 2: Draft a Self-Assessment Plan

The self-assessment team should work with senior management to develop a self-assessment plan, which should identify the focus of the self-assessment.  The team should then select security culture indicators from the list developed by the IAEA (or develop their own indicators) to be included in the self-assessment.

Stage 3: Data Collection

The data collection process for the self-assessment should include:

  • Culture indicator surveys
  • Interviews and discussions with personnel at all levels
  • Document review
  • Observations by management of organizational adherence to security management system indices

This process includes both non-interactive methods (surveys, document reviews, observation) and interactive methods (interviews with individuals and group discussions) to assess the state of the organization's culture. Combining the two methods gives a fuller picture of the organization's culture through providing both qualitative as well as quantitative information.

Stage 4: Analyze Data and Consolidate Assessment Results

The self-assessment team should analyze and consolidate the results from the surveys, interviews, document reviews, and observations.  This phase of the process is crucial to understanding the root causes behind discrepancies or apparent deficiencies identified in the data.

Stage 5: Develop the Three-Tiered Outcome Model

The three-tiered outcome model is a simple system for identifying weaknesses and strengths for the nuclear security culture indicators.  Green signifies good performance, yellow signals areas that could be improved, and red indicates serious problems that must be addressed directly.

Stage 6: Discuss Results, Submit Final Report, and Develop an Action Plan 

The self-assessment team communicates the security culture profile to the management of the organization and submits a final report.  The management then develops a plan to address the root causes of any weaknesses identified in the report.

Page 30 / 43