Rigorous audit on how Electrabel ensures document security

Rigorous audit on how Electrabel ensures document security
Security of documents proves to be an unexploded bomb for Electrabel.

An audit points the finger at numerous breaches in how Electrabel ensures security of documents, which are classified confidential or even secret. Excepting one unit, document management does not correspond to that demanded by law.

This emerges from the report which is also revealed today in the Sudpresse publications.

The audit was submitted to the operator on June 4th, 2016, with a view to monitoring the Federal Agency of Nuclear Monitoring (FANM). This revolves around the five units responsible for the nuclear sector.

These are Corporate Nuclear Production, Corporate Security, Electrabel Corporate Nuclear Safety Department (ECNSD) and the actual sites at Doel and Tihange.

No less than 26 major non conformities were revealed. These were thus breaches of legal obligation, management standards or benchmark standards.

The audit therefore concludes, “We may conclude that document management according to the required legal processing standards, has not met the legislation and that appropriate action is therefore necessary.”

It goes on, “This is with the definite exception of ECNSD.”

Breaches vary from site to site.

Amongst the salient points the issue of subcontractors at the Doel plant features. One particular firm had all the new plans for "Site Security" without Electrabel having any knowledge of this.

Moreover, the report criticizes incomplete facilities at restricted access and protected premises, where confidential and secret documents were kept.

In particular, there was an absence of a shredder or PC and stand-alone printers.

It was found that there was a non-systematic strategy to changing access codes to safes and premises, in the event of a change of staff.

The report noted an absence, in several cases, of information from the security officer regarding the destruction of some documents.

In two of the sites, the report found an absence both of individual monitoring sheets or an available log guaranteeing the traceability of confidential documents.

Moreover, some documents were poorly recorded and not stamped "Confidential" on each page.

The audit also found an identification issue in respect of the individuals responsible for various security tasks within Corporate Nuclear Production.

It clearly stated, “Roles and responsibilities are not well established and have not been properly allocated since the recent modification of the organisation.”


The Brussels Times


Copyright © 2024 The Brussels Times. All Rights Reserved.