Part II
[Federal Register: October 26, 2006 (Volume 71, Number 207)][Proposed Rules][Page 62663-62874]From the Federal Register Online via GPO Access [wais.access.gpo.gov][DOCID:fr26oc06-16]
[[Page 62663]]
Part II
Nuclear Regulatory Commission
10 CFR Parts 50, 72, and 73
Power Reactor Security Requirements; Proposed Rule
[[Page 62664]]
NUCLEAR REGULATORY COMMISSION10 CFR Parts 50, 72, and 73RIN 3150-AG63Power Reactor Security RequirementsAGENCY: Nuclear Regulatory Commission.ACTION: Proposed rule.
SUMMARY: The Nuclear Regulatory Commission (NRC) is proposing to amend the current security regulations and add new security requirements pertaining to nuclear power reactors. Additionally, this rulemaking includes new security requirements for Category I strategic special nuclear material (SSNM) facilities for access to enhanced weapons and firearms background checks. The proposed rulemaking would: Make generically applicable security requirements imposed by Commission orders issued after the terrorist attacks of September 11, 2001, based upon experience and insights gained by the Commission during implementation; fulfill certain provisions of the Energy Policy Act of 2005; add several new requirements that resulted from insights from implementation of the security orders, review of site security plans, and implementation of the enhanced baseline inspection program and force-on-force exercises; update the regulatory framework in preparation for receiving license applications for new reactors; and impose requirements to assess and manage site activities that can adversely affect safety and security. The proposed safety and security requirements would address, in part, a petition for rulemaking (PRM 50- 80) that requests the establishment of regulations governing proposed changes to facilities which could adversely affect the protection against radiological sabotage.DATES: Submit comments by January 9, 2007. Submit comments specific to the information collection aspects of this rule by November 27, 2006. Comments received after the above dates will be considered if it is practical to do so, but assurance of consideration cannot be given to comments received after these dates.ADDRESSES: You may submit comments by any one of the following methods. Please include the following number ``RIN 3150-AG63'' in the subject line of your comments. Comments on rulemakings submitted in writing or in electronic form will be made available for public inspection. Because your comments will not be edited to remove any identifying or contact information, the NRC cautions you against including any information in your submission that you do not want to be publicly disclosed.Mail comments to: Secretary, U.S. Nuclear Regulatory Commission, Washington, DC 20555-0001, Attn: Rulemakings and Adjudications Staff.E-mail comments to: SECY@nrc.gov. If you do not receive a reply e- mail confirming that we have received your comments, contact us directly at (301) 415-1966. You may also submit comments via the NRC's rulemaking Web site at http://ruleforum.llnl.gov. Address questions about our rulemaking Web site to Carol Gallagher (301) 415-5905; E-mail CAG@nrc.gov. Comments can also be submitted via the Federal e-Rulemaking Portal http://www.regulations.gov.Hand deliver comments to: 11555 Rockville Pike, Rockville, Maryland 20852, between 7:30 a.m. and 4:15 p.m. Federal workdays (telephone (301) 415-1966).Fax comments to: Secretary, U.S. Nuclear Regulatory Commission at (301) 415-1101.You may submit comments on the information collections by the methods indicated in the Paperwork Reduction Act Statement.Publicly available documents related to this rulemaking may be viewed electronically on the public computers located at the NRC's Public Document Room (PDR), O1-F21, One White Flint North, 11555 Rockville Pike, Rockville, MD 20852-2738. The PDR reproduction contractor will copy documents for a fee. Selected documents, including comments, may be viewed and downloaded electronically via the NRC rulemaking Web site at http://ruleforum.llnl.gov.Publicly available documents created or received at the NRC after November 1, 1999, are available electronically at the NRC's Electronic Reading Room at http://www.nrc.gov/reading-rm/adams.html. From this site, the public can gain entry into the NRC's Agencywide Document Access and Management System (ADAMS), which provides text and image files of NRC's public documents. If you do not have access to ADAMS or if there are problems in accessing the documents located in ADAMS, contact the NRC PDR Reference staff at 1-800-397-4209, 301-415-4737, or by e-mail to PDR@nrc.gov.FOR FURTHER INFORMATION CONTACT: Mr. Richard Rasmussen, Office of Nuclear Security and Incident Response, U.S. Nuclear Regulatory Commission, Washington, DC 20555-0001; telephone (301) 415-0610; e- mail: RAR@nrc.gov or Mr. Timothy Reed, Office of Nuclear Reactor Regulation, U.S. Nuclear Regulatory Commission, Washington, DC 20555- 0001; telephone (301) 415-1462; e-mail: TAR@nrc.gov.SUPPLEMENTARY INFORMATION:Table of ContentsI. Background II. Rulemaking Initiation III. Proposed Regulations IV. Section-by-Section Analysis V. Guidance VI. Criminal Penalties VII. Compatibility of Agreement State Regulations VIII. Availability of Documents IX. Plain Language X. Voluntary Consensus Standards XI. Finding of No Significant Environmental Impact XII. Paperwork Reduction Act Statement XIII. Public Protection Notification XIV. Regulatory Analysis XV. Regulatory Flexibility Certification XVI. Backfit AnalysisI. BackgroundFollowing the terrorist attacks on September 11, 2001, the NRC conducted a thorough review of security to ensure that nuclear power plants and other licensed facilities continued to have effective security measures in place given the changing threat environment. Through a series of orders, the Commission specified a supplement to the Design Basis Threat (DBT), as well as requirements for specific training enhancements, access authorization enhancements, security officer work hours, and enhancements to defensive strategies, mitigative measures, and integrated response. Additionally, in generic communications, the Commission specified expectations for enhanced notifications to the NRC for certain security events or suspicious activities.Most of the requirements in this proposed rulemaking are derived directly from, or through implementation of, the following four security orders:EA-02-026, ``Interim Compensatory Measures (ICM) Order,'' dated February 25, 2002 (March 4, 2002; 67 FR 9792).EA-02-261, ``Access Authorization Order,'' dated January 7, 2003 (January 13, 2003; 68 FR 1643).EA-03-039, ``Security Personnel Training and Qualification Requirements (Training) Order,'' dated April 29, 2003 (May 7, 2003; 68 FR 24514), andEA-03-086, ``Revised Design Basis Threat Order,'' dated April 29, 2003 (May 7, 2003; 68 FR 24517).[[Page 62665]]
Nuclear power plant licensees revised their security plans, training and qualification plans, and safeguards contingency plans in response to these orders. The NRC completed its review and approval of all of the revised security plans, training and qualification plans, and safeguards contingency plans on October 29, 2004. These plans incorporated the enhancements instituted through the orders. While the specifics of these changes are Safeguards Information, in general, the changes resulted in enhancements such as increased patrols, augmented security forces and capabilities, additional security posts, additional physical barriers, vehicle checks at greater standoff distances, enhanced coordination with law enforcement and military authorities, augmented security and emergency response training, equipment, and communication, and more restrictive site access controls for personnel, including expanded, expedited, and more thorough employee background checks.The Energy Policy Act of 2005 (EPAct 2005), signed into law on August 8, 2005, is another source of some of the proposed requirements reflected in this rulemaking. Section 653, for instance, allows the NRC to authorize licensees to use, as part of their protective strategies, an expanded arsenal of weapons, including machine guns and semi- automatic assault weapons. Section 653 also requires that all security personnel with access to any weapons undergo a background check that would include fingerprinting and a check against the Federal Bureau of Investigation's (FBI) National Instant Criminal Background Check System (NICS) database. These provisions of EPAct 2005 would be reflected in the newly proposed Sec. Sec. 73.18 and 73.19, and the proposed NRC Form 754. Though this rulemaking primarily affects power reactor security requirements, to implement the EPAct 2005 provisions efficiently, the NRC expanded the rulemaking's scope in newly proposed Sec. Sec. 73.18 and 73.19 to include facilities authorized to possess formula quantities or greater of strategic special nuclear material, i.e., Category I SSNM facilities. Such facilities would include production facilities, spent fuel reprocessing facilities, fuel processing facilities, and uranium enrichment facilities. Additionally, Section 651 of the EPAct 2005 requires the NRC to conduct security evaluations at selected licensed facilities, including periodic force- on-force exercises. That provision also requires the NRC to mitigate any potential conflict of interest that could influence the results of force-on-force exercises. These provisions would be reflected in proposed Sec. 73.55.Through implementing the security orders, reviewing the revised site security plans across the fleet of reactors, conducting the enhanced baseline inspection program, and evaluating force-on-force exercises, the NRC has identified some additional security measures that would provide additional assurance of a licensee's capability to protect against the DBT.Finally, a petition for rulemaking submitted by the Union of Concerned Scientists and San Luis Obispo Mothers for Peace (PRM 50-80), requested the establishment of regulations governing proposed changes to facilities which could adversely affect their protection against radiological sabotage. This petition was partially granted on November 17, 2005 (70 FR 69690). The proposed new Sec. 73.58 contains requirements to address the remaining issues.The proposed amendments to the security requirements for power reactors, and for enhanced weapons requirements for power reactor and Category I SSNM facilities, would result in changes to the following existing sections and appendices in 10 CFR part 73:10 CFR 73.2, Definitions.10 CFR 73.55, Requirements for physical protection of licensed activities in nuclear power reactors against radiological sabotage.10 CFR 73.56, Personnel access authorization requirements for nuclear power plants.10 CFR 73.71, Reporting of safeguards events.10 CFR 73, Appendix B, General criteria for security personnel.10 CFR 73, Appendix C, Licensee safeguards contingency plans.10 CFR 73, Appendix G, Reportable safeguards events.The proposed amendments would also add three new sections to part 73:Proposed Sec. 73.18, Firearms background checks for armed security personnel.Proposed Sec. 73.19, Authorization for use of enhanced weapons.Proposed Sec. 73.58, Safety/security interface requirements for nuclear power reactors.The proposed rule would also add a new NRC Form 754 under the newly proposed Sec. 73.18.EPAct 2005 Weapons GuidelinesIn order to accomplish Sec. 161A. of the Atomic Energy Act of 1954, as amended (AEA), concerning the transfer, receipt, possession, transport, import, and use of enhanced weapons and the requirements for firearms background checks, the NRC has engaged with representatives from the U.S. Department of Justice (DOJ), the FBI, and the U.S. Bureau of Alcohol, Tobacco, Firearms, and Explosives (ATF), to develop guidelines required by Sec. 161A.d of the AEA. The provisions of Sec.161A. of the AEA take effect upon the issuance of these guidelines by the Commission, with the approval of the Attorney General. The Commission will publish a separate Federal Register notice on the issuance of these guidelines. This proposed rule would not rescind the authority of certain NRC licensees, currently possessing automatic weapons through alternate processes, to possess such enhanced weapons; however, these licensees would be subject to the new firearms background check requirements of Sec. 161A. of the AEA. Information on new provisions (Sec. Sec. 73.18 and 73.19) that would implement Sec. 161A. may be found in Section III.Conforming and Corrective ChangesConforming changes to the requirements listed below are proposed in order to ensure that cross-referencing between the various security regulations in part 73 is preserved, and to avoid revising requirements for licensees who are not within the scope of this proposed rule. The following requirements contain conforming changes:Section 50.34, ``Contents of applications; technical information'' would be revised to align the application requirements with the proposed revisions to appendix C to 10 CFR part 73.Section 50.54, ``Conditions of licenses'' would be revised to conform with the proposed revisions to sections in appendix C to 10 CFR part 73.Section 50.72, ``Immediate notification requirements for operating nuclear power reactors'' would be revised to state (in footnote 1) that immediate notification to the NRC may be required (per the proposed Sec. 73.71 requirements) prior to the notification requirements under the current Sec. 50.72.Section 72.212, ``Conditions of general license issued under Sec. 72.210'' would be revised to reference the appropriate revised paragraph designations in proposed Sec. 73.55.Section 73.8, ``Information collection requirements: OMB approval'' would be revised to add the newly proposed requirements (Sec. Sec. 73.18, 73.19, 73.58, and NRC Form 754) to the list of sections and forms with Office of Management and Budget (OMB)[[Page 62666]]information collection requirements. A corrective revision to Sec. 73.8 would also be made to reflect OMB approval of existing information collection requirements for NRC Form 366 under existing Sec. 73.71.Section 73.70, ``Records'' would be revised to reference the appropriate revised paragraph designations in proposed Sec. 73.55 regarding the need to retain a record of the registry of visitors.Additionally, Sec. 73.81, ``Criminal penalties'' which sets forth the sections within part 73 that are not subject to criminal sanctions under the AEA, would remain unchanged since willful violations of the newly proposed Sec. Sec. 73.18, 73.19, and 73.58 may be subject to criminal sanctions.Appendix B and appendix C to part 73 require special treatment in this rulemaking to preserve, with a minimum of conforming changes, the current requirements for licensees and applicants to whom this proposed rule would not apply. Accordingly, sections I through V of appendix B would remain unchanged, and the proposed new language for power reactors would be added as section VI. Appendix C would be divided into two sections, with Section I maintaining all current requirements, and Section II containing all proposed requirements related to power reactors.II. Rulemaking InitiationOn July 19, 2004, NRC staff issued a memorandum entitled ``Status of Security-Related Rulemaking'' (accession number ML041180532) to inform the Commission of plans to close former security-related actions and replace them with a comprehensive rulemaking plan to modify physical protection requirements for power reactors. This memorandum described rulemaking efforts that were suspended by the terrorist activities of September 11, 2001, and summarized the security-related actions taken following the attack. In response to this memorandum, the Commission directed the staff in an August 23, 2004, Staff Requirements Memorandum (SRM) (COMSECY-04-0047, accession number ML042360548) to forego the development of a rulemaking plan, and provide a schedule for the completion of security-related rulemakings. The staff provided this schedule to the Commission by memorandum dated November 16, 2004 (accession number ML043060572). Subsequently, the staff revised its plans to amend the part 73 security requirements to include a requirement for licensees to assess and manage site activities that could compromise either safety or security (i.e., the safety/security interface requirements). This revision is discussed in a memorandum dated July 29, 2005 (accession number ML051800350). Finally, by memorandum dated September 29, 2005 (COMSECY-05-0046, accession number ML052710167), the staff discussed its plans to incorporate select provisions of the EPAct 2005 into the power reactor security requirements rulemaking. In COMSECY-05-0046, dated November 1, 2005 (accession number ML053050439), the Commission approved the staff's approach in incorporating the select provisions of EPAct 2005.III. Proposed RegulationsThis section describes significant provisions of this rulemaking:1. EPAct 2005 weapons requirements. The new Sec. Sec. 73.18 and 73.19 would contain requirements to implement provisions of section 161A of the Atomic Energy Act of 1954, as amended (AEA). Section 653 of the EPAct amended the AEA by adding section 161A, ``Use of Firearms by Security Personnel.'' Section 161A provides new authority to the Commission to enhance security at certain NRC licensee and certificate holder facilities by authorizing the security personnel of those licensees or certificate holders to transfer, receive, possess, transport, import, and use an expanded arsenal of weapons, to include: Short-barreled shotguns, short-barreled rifles, and machine guns. In addition, section 161A also provides that NRC-designated licensees and certificate holders may apply to the NRC for authority to preempt local, State, or certain Federal firearms laws (including regulations) that prohibits the transfer, receipt, possession, transportation, importation, or use of handguns, rifles, shotguns, short-barreled shotguns, short-barreled rifles, machine guns, semiautomatic assault weapons, ammunition for such guns or weapons, and large capacity ammunition feeding devices. Prior to granting either authority, however, the Commission must determine that the proposed use of this authority is necessary in the discharge of official duties by security personnel engaged in protecting: (1) Facilities owned or operated by an NRC licensee or certificate holder and designated by the Commission, or (2) radioactive material or other property that is owned or possessed by an NRC licensee or certificate holder, or that is being transported to or from an NRC-regulated facility, if the Commission has determined the radioactive material or other property to be of significance to the common defense and security or public health and safety. Licensees and certificate holders must receive preemption authority before receiving NRC approval for enhanced weapons authority. Finally, the NRC may consider making preemption authority or enhanced-weapons authority available to other types of licensees or certificate holders in future rulemakings.Under the provisions of section 161A.d, section 161A takes effect on the date that implementing guidelines are issued by the Commission after being approved by the U.S. Attorney General. Following enactment of the EPAct 2005, NRC staff began discussions with staffs from the U.S. Department of Justice (DOJ) and its subordinate agencies the Federal Bureau of Investigation (FBI) and the U.S. Bureau of Alcohol, Tobacco, Firearms, and Explosives (ATF) to develop these guidelines. Issuance of these guidelines is a prerequisite for the issuance of a final rule on Sec. Sec. 73.18 and 73.19, and the conforming changes in Sec. 73.2. The proposed language for Sec. Sec. 73.18 and 73.19, and the conforming changes in Sec. 73.2, set forth in this proposed rule is consistent, to the extent possible, with the discussions between NRC and DOJ. However, because NRC and DOJ staffs continue to work to resolve the remaining issues, the guidelines have not been finalized as of the issuance of this notice. Once the final guidelines are issued, the Commission will, if necessary, take the appropriate actions to ensure that the language of proposed Sec. Sec. 73.18, 73.19, and 73.2, conforms with the guidelines. The Commission is utilizing this parallel approach to provide the most expeditious process for promulgating the necessary regulations implementing section 161A; thereby enhancing the security (i.e., weapons) capabilities of NRC-licensed facilities, while being mindful of our obligations to provide stakeholders an opportunity to comment on proposed regulations.2. Safety/Security interface requirements. These requirements are located in proposed Sec. 73.58. The safety/security requirements are intended to explicitly require licensee coordination of potential adverse interactions between security activities and other plant activities that could compromise either plant security or plant safety. The proposed requirements would direct licensees to assess and manage these interactions so that neither safety nor security is compromised. These proposed requirements address, in part, a Petition for Rulemaking (PRM 50-80) that requested the establishment of regulations governing proposed changes[[Page 62667]]to the facilities which could adversely affect the protection against radiological sabotage.3. EPAct 2005 additional requirements. The EPAct 2005 requirements that would be implemented by this proposed rulemaking, in addition to the weapons-related additions described previously, consist of new requirements to perform force-on-force exercises, and to mitigate potential conflicts of interest that could influence the results of NRC-conducted force-on-force exercises. These proposed new requirements would be included in proposed Sec. 73.55 and appendix C to part 73.4. Accelerated notification and revised four-hour reporting requirements. This proposed rule contains accelerated security notification requirements (i.e., within 15 minutes) in proposed Sec. 73.71 and appendix G to part 73 for attacks and imminent threats to power reactors. The proposed accelerated notification requirements are similar to what was provided to the industry in NRC Bulletin 2005-02, ``Emergency Preparedness and Response Actions for Security-Based Events,'' dated July 18, 2005. The proposed rule also contains two new four-hour reporting requirements. The proposed rule would direct licensees to report to the NRC information pertaining to suspicious activities as described in the proposed requirement. The proposed rule would also include a new four-hour reporting requirement for tampering events that do not meet the current threshold for one-hour reporting.5. Mixed-oxide (MOX) fuel requirements. These requirements would be incorporated into proposed Sec. 73.55 for licensees who propose to use MOX fuel in their reactor(s). These proposed requirements are in lieu of unnecessarily rigorous part 73 requirements (e.g., Sec. Sec. 73.45 and 73.46), which would otherwise apply because of the MOX fuel's low plutonium content and the weight and size of the MOX fuel assemblies. The proposed MOX fuel security requirements are intended to be consistent with the approach implemented at Catawba Nuclear Station through the MOX lead test assembly effort.6. Cyber-security requirements. This proposed rule would contain more detailed programmatic requirements for addressing cyber security at power reactors, which build on the requirements imposed by the February 2002 order. The proposed cyber-security requirements are designed to be consistent with ongoing industry cyber-security efforts.7. Mitigating strategies. The proposed rule would require licensees to develop specific guidance and strategies to maintain or restore core cooling, containment, and spent fuel pool cooling capabilities using existing or readily available resources (equipment and personnel) that can be effectively implemented under the circumstances associated with the loss of large areas of the plant due to explosions or fire. These proposed requirements would be incorporated into the proposed appendix C to part 73.8. Access authorization enhancements. The proposed changes would improve the integration of the access authorization requirements, fitness-for-duty requirements, and security program requirements. The proposed rule would include an increase in the rigor for some elements of the access authorization program including requirements for the conduct of psychological assessments, requirements for individuals to report arrests to the reviewing official, and requirements to clarify the responsibility for the acceptance of shared information. The proposed rule would also add requirements to allow NRC inspection of licensee information sharing records and requirements that subject additional individuals, such as those who have electronic access via computer systems or those who administer the access authorization program, to the access authorization requirements.9. Training and qualification enhancements. The proposed rule includes modifications to the training and qualification requirements that are based on insights from implementation of the security orders, review of site security plans, and implementation of the enhanced baseline inspection program and force-on-force exercises. These new requirements would include additional physical requirements for unarmed security personnel to assure that personnel performing these functions meet physical requirements commensurate with their duties. Proposed new requirements also include a minimum age requirement of 18 years for unarmed responders, qualification scores for testing required by the training and qualification plan, qualification requirements for security trainers, qualification requirements of personnel assessing psychological qualifications, armorer certification requirements, and program requirements for on-the-job training.10. Security Program Implementation insights. The proposed rule would impose new enhancements identified from implementation of the security orders, review of site security plans, and implementation of the enhanced baseline inspection program and force-on-force exercises. These new requirements would include changes to specifically require that the central alarm station (CAS) and secondary alarm station (SAS) have functionally equivalent capabilities such that no single act can disable the key functions of both CAS and SAS. The proposed additions would also include requirements for new reactor licensees to position the SAS within the protected area, add bullet resistance and limit the visibility into SAS. Proposed additions also require uninterruptible backup power supplies for detection and assessment equipment, ``video- capture'' capability, and qualification requirements for drill and exercise controllers.11. Miscellaneous. The proposed rule would eliminate some requirements that the staff found to be unnecessary, while still providing high assurance that activities involving special nuclear material are not inimical to the common defense and security and do not constitute an unreasonable risk to the public health and safety. One such requirement to be eliminated provides for guards to escort operators of motor vehicles within the protected area if the operators are cleared for unescorted access. The proposed rule would also add new requirements, including predefined provisions for the suspension of safeguards measures for severe weather conditions that could result in life-threatening situations for security personnel (e.g., tornadoes, floods, and hurricanes), and reduced overly-prescriptive requirements through the inclusion of performance-based language to allow flexibility in the methods used to accomplish requirements.IV. Section-by-Section AnalysisIV.1. New Weapons RequirementsThis proposed rulemaking would implement new weapons requirements that stem from the EPAct 2005. This is the only portion of this proposed rulemaking that involves facilities other than nuclear power reactors. The newly proposed weapons requirements would apply to power reactors and facilities authorized to possess a formula quantity or greater of strategic special nuclear material whose security plans are governed by Sec. Sec. 73.20, 73.45, and 73.46. The new requirements would be in three different sections and would include the utilization of an NRC Form:Revised proposed Sec. 73.2, ``Definitions''.[[Page 62668]]
Proposed Sec. 73.18, ``Firearms background checks for armed security personnel''.Proposed Sec. 73.19, ``Authorization for use of enhanced weapons''.Proposed NRC Form 754, ``Armed Security Personnel Background Check''.Under proposed Sec. 73.18, after the NRC approves the licensee's or certificate holder's application, all security personnel must have a satisfactorily completed firearms background check to have access to covered weapons. Licensees and certificate holders would be required under proposed Sec. 73.19 to notify the NRC that they have satisfactorily completed a sufficient number of firearms background checks to staff their security organization. The firearms background checks required by proposed Sec. 73.18 would be intended to verify that armed security personnel are not prohibited from receiving, possessing, transporting, or using firearms under Federal or State law. A firearms background check would consist of two parts, a check of an individual's fingerprints against the FBI's fingerprint system and a check of the individual's identity against the FBI's National Instant Criminal Background Check System (NICS). The NRC would propose a new NRC Form 754 for licensee or certificate holder security personnel to submit the necessary information to the NRC for forwarding to the FBI to perform the NICS portion of the firearms background check. The requirement to satisfactorily complete a firearms background check would apply to security personnel either directly employed by the licensee or certificate holder or employed by a security contractor to the licensee or certificate holder and whose official duties require access to covered weapons (i.e., armed security personnel) [see also new definitions for covered weapons, enhanced weapons, and standard weapons in Sec. 73.2]. Additionally, the requirement for licensees or certificate holders to ensure that their security personnel have satisfactorily completed a firearms background check would apply to licensees and certificate holders who have applied for and received NRC approval of preemption authority or enhanced-weapons authority. In order to simplify the rule language, Sec. 73.18 would only refer to applications for preemption authority because preemption authority would always be a necessary prerequisite for the receipt of enhanced weapons authority.The NRC would propose that a licensee or certificate holder may begin firearms background checks on armed security personnel after the licensee or certificate holder has applied to the NRC for the preemption authority section 161A of the AEA. Because the NRC has not previously had the authority to require its licensees or certificate holders to complete firearms background checks on security personnel, in most instances these requirements would be new to licensees and uncertainties exist over the amount of time to complete these checks. Thus delays in completing the checks (e.g., the time necessary to resolve any errors of fact in the FBI's NICS databases) could reduce the number of available security officers and create fatigue or minimum staffing level issues. Therefore, the NRC envisions working with licensees and certificate holders on a case-by-case basis to establish the date for NRC approval of an application for preemption authority; and thereby ensure that the licensee's or certificate holder's security organizations can continue to adequately protect the facility when the approval is issued.The Commission has not yet determined whether licensees and certificate holders may apply for preemption authority alone or combined preemption and enhanced-weapons authority prior to issuance of a final rule. In anticipation that the Commission does permit applications for section 161A authority prior to promulgation of a final rule, the proposed rule would include language to support a transition to these regulations from requirements imposed by Commission orders granting section 161A authority. The proposed rule would not, however, require a licensee or certificate holder to repeat a firearms background check for security personnel who previously satisfactorily completed a firearms background check that was required under Commission order. Consequently, this approach would provide both the Commission and industry with the maximum flexibility to expeditiously implement the security enhancements authorized by section 161A. The exception to this requirement would be for security personnel who have had a break in employment with the licensee or certificate holder or their security contractor, or who have transferred from another licensee or certificate holder (who previously completed a firearms background check on them). In either case these security personnel would be treated as new security personnel and they would be subject to a new firearms background check.The proposed rule would also provide direction on how security personnel who have received an adverse firearms background check (i.e., a ``denied'' or ``delayed'' NICS response) may: (1) Obtain further information from the FBI on the reason for the adverse response, (2) appeal a ``denied'' response, or (3) provide additional information to resolve a ``delayed'' response. Security personnel would be required to apply directly to the FBI for these actions (i.e., the licensee or certificate holder may not appeal to the FBI on behalf of the security personnel). Only after such personnel have successfully appealed their ``denied'' response, and have subsequently received a ``proceed'' NICS response, would they be permitted access to covered weapons.Security personnel who receive a ``denied'' NICS response are presumed by ATF to be prohibited from possessing or receiving a firearm under federal law (see 18 U.S.C. 922) and may not have access to covered weapons unless they have successfully appealed the ``denied'' NICS response and received a ``proceed'' NICS response. Because of the structure of section 161A, the proposed rule would not require licensees or certificate holders to remove personnel with a ``denied'' response until after the NRC has approved the licensee's or certificate holder's application for preemption authority (i.e., licensee's and certificate holders would not be subject to the requirements of Sec. 73.18 until after the NRC's approval of their application for preemption authority is issued). However, the NRC's expectation is that current licensees or certificate holders who receive a ``denied'' response for current security personnel would remove those personnel from any security duties requiring possession of firearms to comport with applicable Federal law and ATF regulations.The NRC would propose to charge the same fee for fingerprints submitted for a firearms background check as is currently imposed for fingerprints submitted for other NRC-required criminal history checks including fingerprints (i.e., an NRC administrative fee plus the FBI's processing fee). In addition, the NRC would charge an administrative fee for processing the NICS check information; however, no FBI fee would be charged for the NICS check.The proposed Sec. 73.19 would only apply to power reactor licensees and Category I special nuclear material licensees; therefore, only these two classes of licensees would be subject to the firearms background check provisions of Sec. 73.18. The NRC may, however, consider making stand-alone preemption authority or combined enhanced- weapons authority and preemption authority available to other[[Page 62669]]types of licensees or certificate holders in future rulemakings.In Sec. 73.19, the NRC would propose requirements for a licensee or certificate holder to apply for stand-alone preemption authority or to apply for combined enhanced-weapons authority and preemption authority. Licensees and certificate holders who apply for enhanced- weapons authority, must also apply for and receive NRC approval of preemption authority as a necessary prerequisite to receiving enhanced- weapons authority. The NRC would propose limiting either authority to power reactor licensees and Category I SSNM licensees at this time. The NRC may consider applying this authority to other types of licensees, certificate holders, radioactive material, or other property (as authorized under section 161A) in future rulemakings. Obtaining enhanced-weapons authority from the NRC would be a necessary prerequisite for a licensee or certificate holder to apply under ATF's regulations for a Federal firearms license for these weapons. The NRC would propose that licensees and certificate holders who want to apply for enhanced-weapons authority must provide the NRC, for prior review and approval, a new or revised security plan, training and qualification plan, and safeguards contingency plan to reflect the use of these specific new weapons the licensee or certificate holder intends to employ and to provide a safety assessment of the onsite and offsite impact of these specific enhanced weapons.The proposed rule would also provide direction on acceptable training standards for training and qualification on enhanced weapons. The NRC would require licensees and certificate holders to complete training and qualification of security personnel on any enhanced weapons, before these personnel employ those weapons to protect the facility. The NRC would also require Commission licensees and certificate holders to notify the NRC of any adverse ATF findings associated with ATF's inspections, audits, or reviews of their Federal firearms license (FFL) (i.e., an FFL held by an NRC licensee or certificate holder).Finally, the NRC would propose to treat enhanced weapons the same as existing weapons for the purpose of ``use'' of these weapons; and therefore Sec. 73.19 would cross reference to existing regulation in Sec. Sec. 73.55 and 73.46 on the use of weapons by reactor licensees and by Category I SSNM licensees ( i.e., the NRC is not proposing separate requirements on enhanced weapons versus standard weapons; rather, requirements on the use of any weaponry possessed by the licensee or certificate holder should be appropriate for the facility).To implement the new weapons provisions, three new terms would be added to Sec. 73.2: covered weapon, enhanced weapon, and standard weapon.The proposed new weapons requirements and supporting discussion for the proposed language are set forth in more detail (including the proposed new definitions) in Table 1.IV.2. Section 73.55, ``Requirements for Physical Protection of Licensed Activities in Nuclear Power Reactors Against Radiological Sabotage''Proposed Sec. 73.55 contains security program requirements for power reactor licensees. The security program requirements in Sec. 73.55 would apply to all nuclear power plant licensees that hold a 10 CFR part 50 license and to applicants who are applying for either a part 50 license or a part 52 combined license. Paragraph (a) of Sec. 73.55 would identify the licensees and applicants for which the requirements apply, and the need for submitting to NRC (for review and approval) a ``Physical Security Plan,'' a ``Training and Qualification Plan,'' and a ``Safeguards Contingency Plan.'' Paragraph (b) of Sec. 73.55 would set forth the performance objectives that govern power reactor security programs. The remaining paragraphs of Sec. 73.55 would implement the detailed requirements for each of the security plans, as well as for the various features of physical security.This section would be extensively revised in an effort to make generically applicable security requirements imposed by Commission orders issued after the terrorist attacks of September 11, 2001, based upon experience and insights gained by the Commission during implementation, fulfill certain provisions of the EPAct of 2005, and add several new requirements that resulted from evaluation insights from implementation of the security orders, review of site security plans, and implementation of the enhanced baseline inspection program and force-on-force exercises. The proposed regulations would require an integrated security plan that begins at the owner controlled area boundary and would implement defense-in-depth concepts and protective strategies based on protecting target sets from the various attributes of the design basis threat. Notable additions to the proposed Sec. 73.55 are summarized below. Cyber Security RequirementsThe current security regulations do not contain requirements related to cyber security. Subsequent to the events of September 11, 2001, the NRC issued orders to require power reactor licensees to implement measures to enhance cyber security. These security measures required an assessment of cyber systems and the implementation of corrective measures sufficient to provide protection against the cyber threats at the time the orders were issued.The proposed requirements maintain the intent of the security orders by establishing the requirement for a cyber security program to protect any system that, if compromised, can adversely impact safety, security, or emergency preparedness. Requirements for CAS and SAS To Have Functionally Equivalent Capabilities Such That No Single Act Can Disable the Function of CAS and SASCurrent regulatory requirements ensure that both CAS and SAS have equivalent alarm annunciation and communication capabilities, but do not explicitly require equivalent assessment, monitoring, observation, and surveillance capabilities. Further, the current requirement of Sec. 73.55(e)(1) states ``All alarms required pursuant to this part must annunciate in a continuously manned central alarm station located within the protected area and in at least one other continuously manned station not necessarily onsite, so that a single act cannot remove the capability of calling for assistance or otherwise responding to an alarm.'' The Commission orders added enhanced detection and assessment capabilities, but did not require equivalent capabilities for both CAS and SAS. The security plans approved by the Commission on October 29, 2004, varied, due to the performance-based nature of the requirements, with respect to how the individual licensees implemented these requirements, but all sites were required to provide a CAS and SAS with functionally equivalent capabilities to support the implementation of the site protective strategy.The proposed rule would extend the requirement for no single act to remove capabilities to the key functions of the alarm stations and would require licensees to implement protective measures such that a single act would not disable the intrusion detection, assessment, and communications capabilities of both the CAS and SAS. This proposed requirement would ensure continuity of response[[Page 62670]]operations during a security event by ensuring that the detection, assessment, and communications functions required to effectively implement the licensee's protective strategy are maintained despite the loss of one or the other alarm station. For the purposes of assessing the regulatory burden of this proposed rule, the NRC assumed that all licensees would require assessments and approximately one third of the licensees would choose to implement hardware modifications.The NRC has concluded that protecting the alarm stations such that a single act does not disable the key functions would provide an enhanced level of assurance that a licensee can maintain detection, assessment and communications capabilities required to protect the facility against the design basis threat of radiological sabotage. For new reactor licensees, licensed after the publication of this rule, the Commission would require CAS and SAS to be designed, constructed, and equipped with equivalent standards. Uninterruptible Power for Intrusion Detection and Assessment SystemsCurrent regulatory requirements require back-up power for alarm annunciation and non-portable communication equipment, but do not require this back-up power to be uninterruptible. Although not specifically required, many licensees have installed uninterruptible power to their security systems for added reliability of these electronic systems. However, the Commission had not required uninterruptible power for assessment systems. For the purposes of assessing the regulatory burden of this proposed rule, the NRC assumed that only a small number of licensees would require hardware modifications to meet this proposed requirement.Through implementation of the Commission-approved security plans, baseline inspections, and force-on-force testing, the NRC has concluded that uninterruptible back-up power would provide an enhanced level of assurance that a licensee can maintain detection, assessment and communication capabilities required to protect the facility against the design basis threat of radiological sabotage. This new requirement would reduce the risk of losing detection, assessment, and communication capabilities during a loss of the normal power supply. ``Video-Capture'' CapabilityCurrent regulatory requirements address the use of closed circuit television systems, but do not explicitly require them. Although not specifically required, all licensees have adopted the use of video surveillance in their site security plans. Many of the licensees have adopted advanced video surveillance technology to provide real-time and play-back/recorded video images to assist security personnel in determining the cause of an alarm annunciation. For the purposes of assessing the regulatory burden of this proposed rule, the NRC assumed that a small percentage of licensees would require hardware modifications to comply with this proposed requirement for advanced video surveillance technology.Through implementation of the Commission-approved security plans, baseline inspections, and force-on-force testing, the NRC has concluded that advanced video technology would provide an enhanced level of assurance that a licensee can assess the cause of an alarm annunciation and initiate a timely response capable of defending the facility against the threat up to and including the design basis threat of radiological sabotage. Therefore the proposed rule would require advanced video surveillance technology.Implementation of Sec. 73.55 is linked principally to the application of appendix B to part 73, ``General criteria for security personnel,'' and appendix C to part 73, ``Licensee safeguards contingency plans,'' both of which would be revised in this proposed rulemaking. Proposed changes to these appendices are discussed in Sections IV.6 and IV.7 of this document.Table 2 sets forth the proposed Sec. 73.55 language as compared to the current language, and provides the supporting discussion for the proposed language including new definitions for security officer and target set that would be added to Sec. 73.2. Because Sec. 73.55 would be restructured extensively, Table 9 (See Section VIII) provides a cross reference to locate individual requirements of the current regulation within the proposed regulation.The Commission is interested in obtaining specific stakeholder input on the impacts and burdens for certain areas of proposed changes to Sec. 73.55. Due to the accelerated rulemaking schedule, the NRC staff's assessments of impacts to individual licensees as a result of the proposed new requirements have not been informed by stakeholder insights on potential implementation issues. Consequently, the Commission recognizes that its views on the feasability, costs, and time necessary to fully implement certain portions of this proposed rule (e.g., alarm station, supporting systems, video systems, and cyber security issues) by selected licensees may not be fully informed. Accordingly, the Commission is requesting persons commenting on this proposed rule to address the following questions:1. What insights and estimates can stakeholders provide on the feasability, costs, and time necessary to implement the proposed rule's changes to existing alarm stations, supporting systems, video systems, and cyber security?2. Are there any actions that should be considered, such as authorizing alternative measures, exemptions, extended implementation schedules, etc., that would allow the NRC to mitigate any unnecessary regulatory burden created by these requirements?IV.3. Section 73.56, ``Personnel Access Authorization Requirements for Nuclear Power Plants''This section would continue to apply to all current part 50 licensees and to all applicants who are applying for a new reactor license under parts 50 or 52, but would be extensively revised. Proposed Sec. 73.56 would retain the requirement for a licensee to determine that an individual is trustworthy and reliable before permitting the individual to have unescorted access to nuclear power plant protected areas and vital areas. The majority of the revisions in proposed Sec. 73.56 reflect several fundamental changes to the NRC's approach to access authorization requirements since the terrorist attacks of September 11, 2001, and the NRC's concern with the threat of an active or passive insider who may collude with adversaries to commit radiological sabotage. These changes would include: (1) An increase in the rigor of some elements of the access authorization program to provide increased assurance that individuals who have unescorted access authorization are trustworthy and reliable; (2) an elimination of temporary unescorted access provisions [prior to the completion of the full background check]; (3) an elimination of the provisions that permit relaxation of the program when a reactor is in cold shutdown; and (4) the addition of a new category of individuals who would be subject to Sec. 73.56.Proposed Sec. 73.56(b)(ii) would require licensees' access authorization programs to cover individuals whose job duties and responsibilities permit them to access or use digital computer systems that may affect licensees' operational safety and security systems, and emergency response capabilities. Historically digital computer systems have played a limited role in the operation of nuclear power plants. However, the role of computer systems[[Page 62671]]at nuclear power plants is increasing, as licensees take advantage of computer technology to maximize plant productivity. In general, licensees currently exclude from their access authorization programs, individuals who may electronically access equipment in the protected areas of nuclear power plants to perform their job functions, if their duties and responsibilities do not require physical unescorted access to the equipment located within protected or vital areas. However, because these individuals manage and maintain the networks that connect to equipment located within protected or vital areas and are responsible for permitting authorized and/or trusted personnel to gain electronic access to equipment and systems, they are often granted greater electronic privileges than the trusted and authorized personnel. With advancements in electronic technology and telecommunications, differences in the potential adverse impacts of a saboteur's actions through physical access and electronic access are lessening. Thus, the proposed rule would require those individuals who have authority to electronically access equipment that, if compromised, can adversely impact operational safety, security or emergency preparedness of the nuclear power plants, to be determined to be trustworthy and reliable.The proposed revisions to Sec. 73.56 would also address changes in the nuclear industry's structure and business practices since this rule was originally promulgated. At the time the current Sec. 73.56 was developed, personnel transfers between licensees (i.e., leaving the employment of one licensee to work for another licensee) with interruptions in unescorted access authorization were less common. Most licensees operated plants at a single site and maintained an access authorization program that applied only to that site. When an individual left employment at one site and began working for another licensee, the individual was subject to a different access authorization program that often had different requirements. Because some licensees were reluctant to share information about previous employees with the new employer, licensees often did not have access to the information the previous licensee had gathered about the individual and so were required to gather the necessary information again. The additional effort to collect information that another licensee held created a burden on both licensees and applicants for unescorted access authorization. But, because few individuals transferred, the burden was not excessive.However, since 1991, the industry has undergone significant consolidation and developed new business practices to use its workforce more efficiently. Industry efforts to better use staffing resources have resulted in the development of a transient workforce that travels from site to site as needed, such as roving outage crews. Although the industry has always relied on contractors and vendors (C/V) for special expertise and staff for outages, the number of transient personnel who work solely in the nuclear industry has increased and the length of time they are on site has decreased. Because the current regulations were written on the basis that the majority of nuclear personnel would remain at one site for years, and that licensees would maintain independent, site-specific access authorization programs and share limited information, the current regulations do not adequately address the transfer of personnel between sites.In light of the NRC's increased concern with an insider threat since September 11, 2001, the increasingly mobile nuclear industry workforce has heightened the need for information sharing among licensee access authorization programs, including C/V authorization programs upon which licensees rely, to ensure that licensees have information that is as complete as possible about an individual when making an unescorted access authorization decision. To address this need, the access authorization orders issued by the NRC to nuclear power plant licensees on January 7, 2003, mandated increased sharing of information. In addition, proposed Sec. 73.56 would require licensees and C/V to collect and share greater amounts of information than under the current rule, subject to the protections of individuals' privacy that would be specified in proposed Sec. 73.56(m) [Protection of information]. As a result, individuals who are subject to this section would establish a detailed ``track record'' within the industry that would potentially cover their activities over long periods of time and would follow them if they change jobs and move to a new position that requires them to be granted unescorted access authorization by another licensee. The proposed requirement acknowledges the industry initiative to develop and utilize a database to ensure accurate information sharing between sites. This increased information sharing is necessary to provide high assurance that individuals who are granted and maintain unescorted access authorization are trustworthy and reliable when individuals move between access authorization programs. In addition, the increased information sharing would reduce regulatory burden on licensees when processing individuals who have had only short breaks between periods of unescorted access authorization.Another change in the NRC's proposed approach to access authorization requirements is the result of a series of public meetings that were held with stakeholders during 2001-2004 to discuss potential revisions to 10 CFR part, 26, ``Fitness-for-Duty Programs.'' Part 26 establishes additional steps that the licensees who are subject to Sec. 73.56 must take as part of the process of determining whether to grant unescorted access authorization to an individual or permit an individual to maintain unescorted access authorization. These additional requirements focus on aspects of an individual's behavior, character, and reputation related to substance abuse. They require the licensee and other entities who are subject to part 26 to conduct drug and alcohol testing of individuals and an inquiry into the individual's past behavior with respect to illegal drug use or consumption of alcohol to excess, as part of determining whether the individual may be granted unescorted access authorization. However, historically there have been some inconsistencies and redundancies between the Sec. 73.56 access authorization requirements and the related requirements in part 26. These inconsistencies have led to implementation questions from licensees, as well as inconsistencies in how licensees have implemented the requirements. The redundancies have, in other cases, imposed an unnecessary regulatory burden on licensees.During public meetings held to discuss potential changes to part 26, the stakeholders pointed out ambiguities in the terms used in both part 26 and Sec. 73.56, apparent inconsistencies and redundancies in the related requirements, and reported many experiences in which the ambiguities and lack of specificity and clarity in current Sec. 73.56 had resulted in unintended consequences. Although these meetings did not focus on Sec. 73.56, many of the stakeholders' comments directly resulted in some of the proposed changes to Sec. 73.56. (Summaries of these meetings, and any comments provided through the Web site, are available at http://ruleforum.llnl.gov/cgi-bin/rulemake?source=Part26_risk&st=risk. ) In response to stakeholder requests, the
[[Page 62672]]NRC has proposed language changes to improve the clarity and specificity of the requirements in proposed Sec. 73.56 and substantially reorganized the section to present the requirements generally in the order in which they would apply to licensees' access authorization processes. The proposed changes are expected to result in more uniform implementation of the requirements, and, consequently, greater consistency in achieving the goals of Sec. 73.56. Table 3 sets forth the proposed Sec. 73.56 language as compared to the current language, and discusses the proposed language.The Commission is interested in obtaining specific stakeholder input on the following two issues:1. The Commission requests public comment specific to the appropriateness of the framework for the Insider Mitigation Program as specified by the proposed 10 CFR 73.55(b)(7)(i) and 73.55(b)(7)(ii). The proposed rule specifies that the Insider Mitigation Program include elements of the access authorization program, fitness-for-duty program, behavioral observation program, and various physical security measures for the purpose of providing assurance that insider activities would be detected before adverse affects could be realized.2. The Commission requests public comment on the feasibility of adding a requirement to the proposed rule to require a modified escorted visitor access provision which would allow site visits by members of the public to limited areas of the facility for the purpose of enhancing public education and awareness through informational briefings and tours at the facility.IV.4. Section 73.58 ``Safety/Security Interface Requirements for Nuclear Power Reactors''The NRC is proposing to add a new requirement to part 73 addressing the safety/security interface for nuclear power reactor licensees. The need for the proposed new requirement is based upon the NRC's experience in reviewing licensees' implementation of a significant number of new security requirements since the terrorist attacks of September 11, 2001. Licensees have always been required to ensure that any changes to safety functions, systems, programs, and activities do not have unintended consequences on other facility safety functions, systems, programs, and activities. Likewise, licensees have been required to ensure that any changes to security functions, systems, programs, and activities do not have unintended consequences on other facility security functions, systems, programs, and activities. However, the Commission has concluded that the pace, number, and complexity of these security changes warrant the establishment of a more formal program to ensure licensees properly assess the safety/ security interface in implementing these changes.On April 28, 2003, the Union of Concerned Scientists and the San Luis Obispo Mothers for Peace submitted a petition for rulemaking (PRM- 50-80) requesting that, in part, the NRC's regulations establishing conditions of licenses and requirements for evaluating proposed changes, tests, and experiments for nuclear power plants be amended to require licensee evaluation of whether the proposed changes, tests, and experiments cause protection against radiological sabotage to be decreased and, if so, that the changes, tests, and experiments only be conducted with prior NRC approval. In SECY-05-0048, dated March 28, 2005, the NRC staff recommended that the Commission approve rulemaking for the requested action, but did not necessarily endorse the specific amendments suggested by the petition. In SECY-05-0048, dated June 28, 2005, the Commission directed the staff to develop the technical basis for such a rule and to incorporate its provisions within the ongoing power reactor security requirements rulemaking. This proposed rule addresses, in part, the petitioner's request by incorporating proposed Sec. 73.58 within this rulemaking.The Commission has determined that the proposed safety/security interface rule requirements are necessary because the current regulations do not specifically require evaluation of the effects of plant changes on security or the effects of security changes on plant safety. Further, current regulations do not require communication about the implementation and timing of changes, which would promote awareness of the effects of changing facility conditions and result in appropriate assessment and response.The NRC is aware of a number of occurrences of adverse safety/ security interactions at nuclear power plants over the years to justify consideration of a new rule. Examples of adverse interactions include: (1) Inadvertent security barrier breaches while performing maintenance activities (e.g., cutting of pipes that provided uncontrolled access to vital areas, removing ventilation fans or other equipment from vital area boundary walls without taking compensatory measures to prevent uncontrolled access into vital areas); (2) Blockage of bullet resisting enclosure's (or other defensive firing position's) fields of fire; (3) Erection of scaffolding and other equipment without due consideration of its impact on the site's applicable physical protection strategy; and (4) Staging of temporary equipment within security isolation zones.Security could also adversely affect operations because of inadequate staffing of security force personnel on backshifts, weekends, and holidays, to support operations during emergencies (e.g., opening and securing vital area access doors to allow operations personnel timely access to safety-related equipment). Also, security structures, such as vehicle barriers, delay barriers, rerouted isolation zones, or defensive shields could adversely affect plant equipment such as valve pits, fire stations, other prepositioned emergency equipment, blowout panels, or otherwise interfere with operators responding to plant events.The NRC considered many factors in developing this proposed new requirement. One of the factors considered is that existing change processes are focused on specific areas of plant activities, and that implementation of these processes is generally well understood by licensees. An example is found in Sec. 50.54(p), which provides that a reactor licensee may make changes to its safeguards contingency plans without Commission approval provided that the changes do not decrease the safeguards effectiveness of the plan. Similarly, Sec. 50.65(a)(4) provides that a reactor licensee shall assess and manage the increase in risk that may result from proposed maintenance activities. However, neither Sec. Sec. 50.54(p) (security) nor 50.65(a)(4) (safety) require that an assessment for potential adverse impacts on safety/security interface be made before the proposed changes are implemented. The proposed Sec. 73.58 would address this gap by requiring that, before implementing allowed changes, licensees must assess the changes with respect to the safety/security interface and, if potential adverse interactions are identified, take appropriate compensatory and/or mitigative action before making the changes.The proposed rule reflects a performance-based approach and language which is sufficiently broad that, in addition to operating power reactors, it could be applied to other classes of licensees in separate rulemaking(s), if conditions warrant. In addition to the requirements in proposed Sec. 73.58, a new definition for[[Page 62673]]safety/security interface would be added to Sec. 73.2.Table 4 sets forth the proposed Sec. 73.58 language and provides the supporting discussion for the proposed language, including a new definition for safety/security interface that would be added to Sec. 73.2.IV.5. Section 73.71 ``Reporting of Safeguards Events''The events of September 11, 2001, emphasized the need for the capability to respond to coordinated attacks that could pose an imminent threat to national infrastructure such as nuclear power reactor sites. Prompt licensee notification to the NRC of a security event involving an actual or imminent threat would initiate the NRC's alerting mechanism for other nuclear facilities in recognition that an attack or threat against a single facility may be the prelude to attacks or threats against multiple facilities. In either case, timely communication of this event to the NRC, and the NRC's communication of the threat or attack to other licensees could reduce the adversaries' ability to engage in coordinated attacks and would strengthen the licensees' response posture. NRC would also initiate notifications to the Homeland Security/Federal response networks for an ``Incident of National Significance,'' as defined by the National Response Plan (NRP).Currently, Sec. 73.71(b)(1) requires power reactor licensees to notify the NRC within one hour of discovery, as described in Paragraph I of appendix G to 10 CFR part 73, ``Reportable safeguards events.'' In addition, Sec. 50.72 establishes reporting requirements for events requiring an emergency declaration in accordance with a licensee's emergency plan. Licensee notification under Sec. 50.72(a)(3) is required only after the threat is assessed, an ``Emergency Class'' is declared, and initial notification of appropriate State and local agencies are completed first (i.e., not upon discovery). The current timing of requirements of this notification would not allow the NRC to warn other licensees of a potential threat to their facilities in a prompt manner to allow other licensees to change their security posture in advance of a threat or potential attack. The Commission has previously advised licensees of the need to expedite their initial notification to the NRC. The proposed accelerated notification requirements are similar to those provided to licensees in NRC Bulletin 2005-02, ``Emergency Preparedness and Response Actions for Security- Based Events,'' dated July 18, 2005.The proposed amendments to Sec. 73.71 would add a new expedited notification requirement for licensees subject to the provisions of Sec. 73.55 to notify the NRC Operations Center as soon as possible after the discovery of an imminent or actual threat against the facility as described in appendix G to part 73, but not later than 15 minutes after discovery. The proposed amendments to Sec. 73.71 and appendix G to part 73 would also add two additional four-hour notification requirements for suspicious events and tampering events not otherwise covered under appendix G to part 73. The proposed Sec. 73.71 would retain the requirement for the licensee to maintain a continuous communications channel for one-hour notifications upon request of the NRC. The proposed rule would not require a continuous communications channel for four-hour notifications, because of the lesser degree of urgency of these events. For 15-minute notifications, the NRC may request the licensee establish a continuous communications channel after the licensee has made any emergency notifications to State officials or local law enforcement and if the licensee has taken action to stabilize the plant following any transient [associated with the 15-minute notification]. In NRC Bulletin 2005-02, ``Emergency Preparedness and Response Actions for Security-Based Events,'' dated July 18, 2005, the NRC had indicated a continuous communications channel was not necessary for the new 15-minute notifications. However, in developing this proposed rule the Commission has evaluated the need to promptly obtain information of an unfolding event versus imposing an unreasonable burden on licensees in the midst of a rapidly unfolding event and possible plant transient. The Commission considers that the proposed regulation would provide a reasonable balance between these two objectives. Table 5 sets forth the proposed amendments to Sec. 73.71 language as compared to the current language, and provides the supporting discussion for the proposed language. Table 8 sets forth the proposed amendments to the appendix G to part 73 language as compared to the current language, and provides the supporting discussion for the proposed language.The Commission is interested in obtaining specific stakeholder input on the proposed changes to Sec. 73.71 and appendix G to part 73 . Accordingly, the Commission is requesting persons commenting on this proposed rule to address the following question:1. For the types of events covered by the proposed four-hour notification requirements in Sec. 73.71 and appendix G to part 73, should the notification time interval of all or some of these notifications be different (e.g., a 1-hour, 2-hour, 8-hour, 24-hour notification)? If so, what notification time interval is appropriate? ``Notification time interval'' is meant to be the time from when a licensee recognizes that an event has occurred or is occurring to the time that the licensee reports the event to the NRC.IV.6. Appendix B to Part 73, ``General Criteria for Security Personnel''Appendix B to part 73 provides requirements for the training and qualification of security personnel to ensure that security personnel can execute their duties. Following the events of September 11, 2001, the Commission determined that tactical proficiency and physical fitness requirements governing licensees' armed security force personnel needed to be enhanced. The proposed amendments to appendix B to part 73 make generically applicable security requirements imposed by Commission orders issued after the terrorist attacks of September 11, 2001, based upon experience and insights gained by the Commission during implementation and add several new requirements that resulted from evaluation insights from force-on-force exercises.Notable additions to the proposed appendix B to part 73 requirements are summarized as follows: Additional Physical Requirements and Minimum Age Requirements for Unarmed Members of the Security OrganizationUnarmed security personnel perform duties similar to armed security personnel, such as detection, assessment, vehicle and personnel escort, and vital area controls. The current requirements for unarmed members of the security organization state, in part, that these individuals shall have no physical weaknesses or abnormalities that would affect their performance of assigned duties. However, the current rule does not require unarmed personnel to pass a physical examination to verify that they meet standards for vision, hearing, or some portions of psychological qualifications. The proposed rule would include a requirement to assure that unarmed security personnel are physically capable of performing their assigned duties.Additionally, the current rule specifies a minimum age of 21 years old[[Page 62674]]for armed security personnel, but does not specify a minimum age requirement for unarmed security personnel. The proposed rule would require that unarmed members attain the age of 18 prior to assignment to establish a minimum age requirement for unarmed members of the security organization at a power reactor facility.These proposed additional requirements would assure that personnel performing security functions, whether armed or unarmed, meet appropriate age, vision, hearing and psychological requirements commensurate with their assigned security duties. Qualification Scores for Program Elements Required by the Training and Qualification PlanThe current rule includes daylight qualification scores of 70 percent for handguns, 80 percent for semiautomatic rifles, 50 percent for shotguns and a requirement for night fire familiarization with assigned weapons. The April 29, 2003, Training Order imposed new requirements for the firearms training and qualification programs at power reactor licensees. The Training Order retained the current daylight qualification scores of 70 percent for handguns, 80 percent for semiautomatic rifles and superceded the daylight qualification score of 50 percent for the shotgun. The order did not specify a qualification score for the daylight course of fire for the shotgun, only an acceptable level of proficiency. The order superceded the current rule for night fire familiarization and added courses of fire for night fire and tactical training with assigned weapons.The proposed rule would retain the qualification scores of the existing regulations and add specific qualification scores for the daylight course of fire for the shotgun and/or enhanced weapons, the night fire qualification for shotguns, handguns, semiautomatic rifles and/or enhanced weapons and the tactical course of fire for all assigned weapons to remain consistent with the qualification scoring methodology contained in the current rule. The scoring methodology for the current rule and the proposed rule is consistent with the scoring methodology used for firearms programs at the local, State and Federal levels and is consistent with approved courses of fire from the law enforcement community and recognized national entities.The proposed rule would also include a requirement for a qualification score of 80 percent for the annual written exam. The current rule does not provide a requirement for an annual written exam score. Likewise, the April 29, 2003, Training Order that required licensees to develop and implement an annual written exam also did not specify a qualification score. The Commission has determined that a score of 80 percent demonstrates a minimum level of understanding and familiarity of the material necessary to adequately perform security- related tasks. The 80-percent score would be consistent with minimum scores commonly utilized throughout the nuclear industry. Qualification Requirements for Security Trainers, Personnel Assessing Psychological Qualifications and Armorer CertificationsThe current rule and the security orders do not specifically address the qualification or certification of instructors, or other personnel that have assigned duties and responsibilities for implementation of training and qualification programs of power reactor licensees.The proposed rule includes specific references to personnel that have assigned duties and responsibilities for implementation of training and qualification programs to ensure these persons are qualified and/or certified to make determinations of security personnel suitability, working condition of security equipment, and overall determinations that security personnel are trained and qualified to execute their assigned duties. On-the-Job TrainingThe current rule states in part that each individual who requires training to perform assigned security duties shall, prior to assignment, be trained to perform these tasks and duties. Each individual shall demonstrate the required knowledge, skill and ability in accordance with specific standards of each task.The proposed rule would specify the new requirement that the licensee include on-the-job training as part of the training and qualification program prior to assigning an individual to an unsupervised security position. This requirement is in addition to formal and informal classroom training. The on-the-job training program would provide the licensee the ability to assess an individual's knowledge, skill and ability to effectively carry-out assigned duties, in a supervised manner, within the actual work environment, before assignment, to an unsupervised position.The proposed revision to appendix B of part 73 required special treatment in this rulemaking to preserve, with a minimum of conforming changes, the current requirements for licensees and applicants to whom this proposed rule would not apply. Accordingly, Section I through V of appendix B to part 73 would remain unchanged, and the proposed new language for power reactors would be added as Section VI.Table 6 sets forth the proposed amendments to appendix B to part 73 and provides the supporting discussion for the proposed language. Because this section would be extensively restructured, Table 10 (See Section VIII) provides a cross-reference to locate individual requirements of the current regulation within the proposed regulation.IV.7. Appendix C to Part 73, ``Licensee Safeguards Contingency Plans''Appendix C to part 73 provides requirements that govern the development of safeguards contingency plans. Following the terrorist attacks of September 11, 2001, the NRC conducted a thorough review of security to continue to ensure that nuclear power plants had effective security measures in place given the changing threat environment. The proposed appendix C would increase the information required in the safeguards contingency plans for responses to threats, up to and including, design basis threats, as described in Sec. 73.1. Notable additions to the proposed appendix C to part 73 requirements are summarized below: Mitigating StrategiesCurrent regulations do not include requirements to develop mitigating strategies for events beyond the scope of the design basis threat. The orders issued after September 11, 2001, included a requirement to preplan strategies for coping with such events. The proposed appendix C to part 73 would contain this element of the orders to require that licensees preplan strategies to respond to and mitigate the consequences of potential events, including those that may result in the loss of large areas of the plant due to explosions or fire. Qualification Requirements for Drill and Exercise ControllersThe current rule and the security orders do not specifically address the qualification of personnel that are assigned duties and responsibilities for implementation of training and qualification drills and exercises at power reactor licensees.The proposed rule includes specific references to personnel who function as drill and exercise controllers to ensure these persons are trained and qualified to execute their assigned duties. Drills[[Page 62675]]and exercises are key elements to assuring the preparedness of the licensee security force and must be conducted in a manner that demonstrates the licensee's ability to execute the protective strategy as described in the site security plans. Additionally, drills and exercises must be performed properly to assure they do not negatively impact personnel or plant safety.The proposed revision to appendix C of part 73 required special treatment in this rulemaking to preserve, with a minimum of conforming changes, the current requirements for licensees and applicants to whom this proposed rule would not apply. Accordingly, appendix C to part 73 would be divided into two sections, with Section I maintaining all current requirements, and Section II containing all proposed requirements related to nuclear power reactors.Table 7 sets forth the proposed amendments to appendix C to part 73 and provides the supporting discussion for the proposed language. Because this section would be extensively restructured, Table 11 (See Section VIII) is a cross-reference showing where individual requirements of the current regulation would be in the proposed regulation.IV.8. Appendix G to Part 73, ``Reportable Safeguards Events''Proposed appendix G to part 73 provides requirements regarding the reporting of safeguards events. Proposed appendix G would contain changes to support the revised and accelerated reporting requirements which would be incorporated into this rulemaking. Proposed appendix G to part 73 would also contain revised four-hour reporting requirements that would require licensees to report to the NRC information of suspicious surveillance activities, attempts at access, or other similar information as addressed in Appendix G, section III (a)(1) and (2). Following September 11, 2001, the NRC issued guidance requesting that licensees report suspicious activities near their facilities to allow assessment by the NRC and other appropriate agencies. The proposed new reporting requirement would clarify this expectation to assure consistent reporting of this important information. Additionally, the proposed rule would contain an additional four-hour reporting requirement for tampering events that do not meet the threshold for reporting under the current one-hour requirements. The proposed reporting requirements for tampering events would allow NRC assessment of these events. Table 8 sets forth the proposed amendments to appendix G to part 73 and provides the supporting discussion for the proposed language.The Commission is interested in obtaining specific stakeholder input on the following issue:1. The Commission requests public comment on the need to establish an additional requirement for licensees to establish and maintain predetermined communication protocols, such as passwords, with the Nuclear Regulatory Commission in order to verify the authenticity of communications during a security event, to include requirements for uniform protocols to verify the authenticity of reports required under this proposed rule.IV.9. Conforming and Corrective ChangesThe following conforming changes would also be made: Sec. Sec. 50.34 and 50.54 (references to the correct paragraphs of revised appendix C of part 73), Sec. 50.72 (changes to Sec. 73.71 reports), Sec. Sec. 72.212 and 73.70 (references to the correct paragraphs due to renumbering of Sec. 73.55), and Sec. 73.8 (adding Sec. 73.18, Sec. 73.19, and revised to reflect new NRC form 754 to reflect recordkeeping or reporting burden). A corrective change would also be made to Sec. 73.8 to reflect an existing recordkeeping or reporting burden for NRC Form 366 under Sec. 73.71. However, no changes would be made to Sec. 73.81(b) (due to the new Sec. Sec. 73.18, 73.19, and 73.58), because willful violations of Sec. Sec. 73.18, 73.19, and 73.58 may be subject to criminal penalties.Table 1.--Proposed Part 73.18 and 73.19 and Conforming Changes to Part 73.2 [Firearms background checks for armed security personnel andauthorization for preemption of firearms laws and use of enhanced weapons]Proposed language
ConsiderationsSec. 73.18 Firearms background checks This new section would for armed security personnel.implement the firearms (a) Purpose. This section sets forth background check requirements the requirements for completion of of new section 161A of the firearms background checks on armed Atomic Energy Act of 1954, as security personnel at selected NRC- amended. Section 161A was regulated facilities. Firearmsadded by section 653 of the background checks are intended toEnergy Policy Act of 2005. verify that security personnel whose The proposed rule language in duties require access to coveredSec. Sec. 73.18 and 73.19, weapons are not prohibited fromand conforming changes to Sec. receiving, possessing, transporting, 73.2 would be consistent importing, or using such weapons under with the guidelines required applicable Federal or State law.by section 161A.d to implement Licensees and certificate holdersthe provisions of section listed under paragraph (c) of this 161A. Section 161A.d requires section who have applied forthe Commission to issue preemption authority under Sec.guidelines, with the approval 73.19 (i.e., Sec. 73.19 authority), of the Attorney General, for or who have been granted preemption section 161A to take effect. authority by Commission order, are In parallel and separate from subject to the requirements of this this rulemaking effort, section.
guidelines are being developed by staffs from the NRC and the Department of Justice (DOJ), [including staffs from the FBI and ATF]. During development of these guidelines, the DOJ indicated that the firearms background check provisions of section 161A only take effect if a triggering event occurs. A triggering event would occur when a licensee or certificate holder applies to the NRC to use the stand-alone preemption authority or the combined enhanced-weapons and preemption authority of section 161A. Therefore, armed security personnel of both current and future licensees and certificate holders would not be subject to the firearms background check provisions of the proposed Sec. 73.18, unless their employing licensee or certificate holder applies for and receives Sec. 73.19 authority from the NRC.[[Page 62676]]
Sec. 73.18(b) General Requirements. Paragraph (b)(1) would require (1) Licensees and certificate holders current and future licensees listed in paragraph (c) of thisand certificate holders who section who have received NRC approval have received NRC approval of of their application for preemption their application for authority shall ensure that a firearms preemption authority to ensure background check has been
that all security personnel satisfactorily completed for allwhose official duties require security personnel requiring access to access to covered weapons covered weapons as part of theirsatisfactorily complete a official security duties prior tofirearms background check. The granting access to any covered weapons firearms background check must to those personnel. Security personnel be satisfactorily completed to who have satisfactorily completed a permit access to covered firearms background check, but who weapons. The Commission have had a break in employment with intends for duties ``requiring the licensee, certificate holder, or access to a covered weapon'' their security contractor of greater to include such duties as: than one (1) week subsequent to their Security operations most recent firearms background check, activities; training and or who have transferred from aqualification activities; and different licensee or certificateweapons' maintenance, holder (even though the other licensee handling, accountability, or certificate holder satisfactorily transport, and use activities. completed a firearms background check [See also new definitions for on such individuals), are not excepted covered weapons, enhanced from the requirements of this section. weapons, and standard weapons in Sec. 73.2 at the end of Table 1]. A new firearms background check would be required for security personnel who have a break in employment or who have transferred from another licensee or certificate holder irrespective of whether the individual previously satisfactorily completed a firearms background check (i.e., such individuals would be treated as new security personnel and subject to a new firearms background check). Sec. 73.18(b)(2) Security personnel The NRC staff recognizes that who have satisfactorily completed a the Commission has not yet firearms background check pursuant to made a final decision on Commission orders are not subject to a whether licensees and further firearms background checkcertificate holders may apply under this section, unless thesefor preemption authority alone personnel have a break in service or or combined preemption and transfer as set forth in paragraph enhanced-weapons authority (b)(1) of this section.
prior to issuance of a final rule; however, the proposed rule would include language to support a transfer from any orders associated with such applications for section 161A authority to regulations and thereby provide both the Commission and industry with the maximum flexibility to expeditiously implement the security enhancements of section 161A. Paragraph (b)(2) would exempt previously checked personnel from a recheck, except in the case of a break in service or transfer [as in paragraph (b)(1)]. Sec. 73.18(b)(3) A change in the Paragraph (b)(3) would indicate licensee, certificate holder, orthat changes in the security ownership of a facility, radioactive contractor or ownership of the material, or other property designated licensee or certificate holder under Sec. 73.19, or a change in the are not triggering events that security contractor that providesrequire a new firearms security personnel responsible for background check. protecting such facilities,Paragraph (b)(4) would indicate radioactive material, or otherthat Licensee and certificate property, shall not constitute `aholders may begin submitting break in service' or `transfer,' as their security personnel for those terms are used in paragraphfirearms background checks (b)(2) of this section.
after the licensee or (4) Licensees and certificate holders certificate holder has applied listed in paragraph (c) of thisto the NRC for preemption section may begin the applicationauthority alone or combined process for firearms background checks preemption and enhanced under this section for securityweapons authority (i.e., Sec. personnel whose duties require access 73.19 authority). to covered weapons immediately on Paragraph (b)(5) would indicate application to the NRC for preemption that firearms background authority.
checks are in addition to (5) Firearms background checks do not access authorization or replace any other background checks or security clearance checks that criminal history checks required for security personnel currently the licensee's or certificate holder's undergo under other NRC security personnel under this chapter. regulations (e.g., Sec. Sec. 11.15, 25.17 or 73.57). The NRC expects licensees and certificate holders who become aware of any new potentially derogatory information on current security personnel (through the completion of a firearms background check), to evaluate any such information for applicability as required by the licensee's or certificate holder's access authorization or security clearance programs. Sec. 73.18(c) Applicability. This Paragraph (c) would define the section applies to licensees orapplicability of Sec. 73.18 certificate holders who have applied to licensees or certificate for or received NRC approval of their holders who have applied for application for Sec. 73.19 authority or received Commission or were issued Commission ordersapproval of stand-alone requiring firearms background checks. preemption authority or combined enhanced-weapons and preemption authority [see considerations below for Sec. 73.19(c) on the applicability of licensee and certificate holder under this proposed rule]. Note: portions of this section would apply to licensee or certificate holder who has applied for, but not yet received preemption authority (e.g., requirements for submission of fingerprints) or those portions that would only apply to licensees or certificate holders who have received NRC approval of their application (e.g., requirements for removal of security personnel who have not yet satisfactorily completed a firearms background check). This section would also apply to power reactor and Category I SSNM licensees or certificate holders issued Commission orders requiring completion of firearms background checks [see consideration for paragraph (b)(2) above]. Sec. 73.18(d) Firearms background Paragraph (d) would identify check requirements. A firearmsthe two components of a background check for securityfirearms background check that personnel must include--
are required by section 161A (1) A check of the individual's(i.e., a fingerprint check and fingerprints against the Federala NICS check). Bureau of Investigation's (FBI's) The NICS was established fingerprint system; and
pursuant to section 103.(b) of (2) A check of the individual'sthe Brady Handgun Violence identifying information against the Prevention Act (Pub. L. 103- FBI's National Instant Criminal159) and is maintained by the Background Check System (NICS).FBI.[[Page 62677]]
Sec. 73.18(e) Firearms background Paragraph (e) would indicate check submittals.
the process for submitting to (1) Licensees and certificate holders the NRC the two components of shall submit to the NRC, in accordance the firearms background check. with Sec. 73.4, for all security Accomplishment of the NICS personnel requiring a firearmscheck would be based upon background check under this section-- information submitted by the (i) A set of fingerprints, inlicensee or certificate holder accordance with paragraph (n) of this to the NRC under new NRC Form section, and
754 (see Section VIII of this (ii) A completed NRC Form 754.notice for further information on this NRC Form). Sec. 73.18(e)(2) Licensees andParagraph (e)(2) would certificate holders shall retain a establish the records copy of all NRC Forms 754 submitted to retention requirements for the NRC for a period of one (1) year submitted NRC Forms 754. subsequent to the termination of an individual's access to covered weapons or to the denial of an individual's access to covered weapons. Sec. 73.18(f) NICS portion of aParagraph (f) would indicate firearms background check. The NRC that the NRC is forwarding the will forward the information contained information from submitted NRC in the submitted NRC Forms 754 to the Forms 754 to the FBI for FBI for evaluation against the NICS. evaluation against the NICS. Upon completion of the NICS check, the The FBI will return one of the FBI will inform the NRC of the results three results from the NICS with one of three responses under 28 check (per the FBI's CFR part 25; ``proceed,'' ``denied,'' regulations) and a NICS or ``delayed,'' and the associated transaction number. The NRC NICS transaction number. The NRC will will forward this returned forward these results and theinformation to the submitting associated NICS transaction number to licensee or certificate holder the submitting licensee or certificate for forwarding to the holder. The licensee or certificate individual security officer. holder shall provide these results to The NICS transaction number is the individual who completed the NRC necessary for any future Form 754.
communications with the FBI on the NICS check (e.g., an individual's appeal of a ``denied'' NICS response). Sec. 73.18(g) Satisfactory andParagraph (g) would set forth adverse firearms background checks. the criteria for a (1) A satisfactorily completed firearms satisfactory firearms background check means a ``proceed'' background check based upon response for the individual from the the specific NICS response. NICS.
The fingerprint checks (2) An adversely completed firearms mandated by section 161A background check means a ``denied'' or support the accomplishment of ``delayed'' response from the NICS. the NICS check and resolution of any adverse NICS records; therefore, the NRC would not specify a [satisfactory or adverse] completion criteria for the fingerprint portion of the firearms background check. Sec. 73.18(h) Removal from access to Paragraph (h) would require the covered weapons. Licensees orlicensee or certificate holder certificate holders who have received to remove personnel who are NRC approval of their application for prohibited from possessing or Sec. 73.19 authority shall ensure receiving firearms from duties security personnel are removed from requiring access to covered duties requiring access to covered weapons. Disqualifying status weapons upon the licensee's oror occurrences are found under certificate holder's knowledge of any the United States Code, Title disqualifying status or the occurrence 18, Section 922 and ATF's of any disqualifying events under 18 implementing regulations (see U.S.C. 922(g) or (n), and the ATF's 27 CFR 478.32 and 478.11). See implementing regulations in 27 CFR also considerations for Sec. part 478.
73.18(b)(5). Sec. 73.18(i) [Reserved]............. Paragraph (i) would not be used to avoid confusion with the use of sub-sub paragraph (i). Sec. 73.18(j) Security personnel Paragraph (j) would require responsibilities. Security personnel security personnel who become assigned duties requiring access to prohibited from possessing or covered weapons shall promptly [within receiving firearms due to a three (3) working days] notify their disqualifying status or employing licensee's or certificate occurrence of a disqualifying holder's security management (whether event to notify their licensee directly employed by the licensee or or certificate holder within certificate holder or employed by a three (3) days of this fact. security contractor to the licensee or This paragraph would work in certificate holder) of the existence conjunction with the of any disqualifying status or upon requirements of paragraphs the occurrence of any disqualifying (k), (m), and (n) and would events listed under 18 U.S.C. 922(g) require security personnel to or (n), and the ATF's implementing self report the occurrence of regulations in 27 CFR part 478 that any disqualifying status or would prohibit them from possessing or events. receiving a covered weapon. Sec. 73.18(k) Awareness ofParagraph (k) would require disqualifying events. Licensees and licensees and certificate certificate holders who have received holders to train security NRC approval of Sec. 73.19 authority personnel on disqualifying shall include within their NRC-status or events to facilitate approved security training andself reporting of such status qualification plans instruction on-- or events by security (1) Disqualifying status or eventspersonnel under paragraph (j). specified in 18 U.S.C. 922(g) and (n), And to train security and ATF's implementing regulations in personnel on their ongoing 27 CFR part 478 (including anyresponsibility to report applicable definitions) identifying disqualifying status or events categories of persons who areto their licensee or prohibited from possessing orcertificate holder. receiving any covered weapons; and (2) The continuing responsibility of security personnel assigned duties requiring access to covered weapons to promptly notify their employing licensee or certificate holder of the occurrence of any disqualifying events. Sec. 73.18(l) [Reserved]............. Paragraph (l) would not be used to avoid confusion with the use of sub-paragraph (1) [see also paragraph (i) above].[[Page 62678]]
Sec. 73.18(m) Notification ofParagraph (m) would require removal. Within 72 hours after taking licensees or certificate action to remove security personnel holders to report instances from duties requiring access towhere security personnel (with covered weapons, because of thecurrent access to weapons) are existence of any disqualifying status removed from armed duties or the occurrence of any disqualifying because of the occurrence of event--other than due to the prompt any disqualifying status or notification by the security officer event. The timeliness of this under paragraph (j) of this section-- notification would be based licensees and certificate holders who upon the need for appropriate have received NRC approval of Sec. NRC followup of a potential 73.19 authority shall notify the NRC criminal violation, rather Operations Center of such removalthan the followup necessary actions, in accordance with appendix A for an ongoing security event of this part.
(i.e., the individual no longer has access to covered weapons). Appendix A provides contact information for the NRC Operations Center. Sec. 73.18(n) Reporting violations of Paragraph (n) would indicate law. The NRC will promptly reportthat if the NRC becomes aware suspected violations of Federal law to of suspected violations of the appropriate Federal agency orcriminal law (e.g., a suspected violations of State law to prohibited person actually the appropriate State agency.possessing weapons as a security officer) it is obligated to report suspected violations of Federal or State law to the appropriate government agency or agencies. Sec. 73.18(o) Procedures forParagraph (o) would prescribe processing of fingerprint checks. (1) the location, method, and Licensees and certificate holders who requirements for submission of have applied for Sec. 73.19fingerprints to the NRC as authority, using an appropriate method part of a firearms background listed in Sec. 73.4, shall submit to check. the NRC's Division of Facilities and The proposed language would be Security one (1) completed, legible essentially identical to that standard fingerprint card (Form FD- contained to the current 258, ORIMDNRCOOOZ) or, wherefingerprint submission practicable, other fingerprint record requirements under the current for each individual requiring aaccess authorization firearms background check, to theregulations in Sec. NRC's Director, Division of Facilities 73.57(d). and Security, Mail Stop T6-E46, ATTN: Criminal History Check. Copies of this form may be obtained by writing the Office of Information Services, U.S. Nuclear Regulatory Commission, Washington, DC 20555-0001, by calling (301) 415-5877, or by e-mail to FORMS@nrc.gov. Guidance on what alternative formats, including electronic submissions, may be practicable are referenced in Sec. 73.4. Sec. 73.18(o)(2) Licensees andSee considerations for Sec. certificate holders shall indicate on 73.18(o). This provision will the fingerprint card or otherpermit proper internal routing fingerprint record that the purpose of fingerprints within the for this fingerprint check is theFBI's Criminal Justice accomplishment of a firearmsInformation Services Division background check.
to support the NICS checks. Sec. 73.18(o)(3) Licensees andSee considerations for Sec. certificate holders shall establish 73.18(o). procedures to ensure that the quality of the fingerprints taken results in minimizing the rejection rate of fingerprint cards or records due to illegible or incomplete information. Sec. 73.18(o)(4) The Commission will See considerations for Sec. review fingerprints for firearms73.18(o). background checks for completeness. Any Form FD-258 or other fingerprint record containing omissions or evident errors will be returned to the licensee or certificate holder for corrections. The fee for processing fingerprint checks includes one (1) free re-submission if the initial submission is returned by the FBI because the fingerprint impressions cannot be classified. The one (1) free re-submission must have the FBI Transaction Control Number reflected on the re-submission. If additional submissions are necessary, they will be treated as an initial submittal and require a second payment of the processing fee. The payment of a new processing fee entitles the submitter to an additional free re-submittal, if necessary. Previously rejected submissions may not be included with the third submission because the submittal will be rejected automatically. Licensees and certificate holders may wish to consider using different methods for recording fingerprints for resubmissions, if difficulty occurs with obtaining a legible set of impressions. Sec. 73.18(o)(5)(i) Fees for the See considerations for Sec. processing of fingerprint checks are 73.18(o). due upon application. Licensees and certificate holders shall submit payment with the application for the processing of fingerprints, and payment must be made by corporate check, certified check, cashier's check, money order, or electronic payment, made payable to ``U.S. NRC.'' a Combined payment for multiple applications is acceptable. (ii) The application fee is the sum of the user fee charged by the FBI for each fingerprint card or other fingerprint record submitted by the NRC on behalf of a licensee or certificate holder, and an administrative processing fee assessed by the NRC. The NRC processing fee covers administrative costs associated with NRC handling of licensee and certificate holder fingerprint submissions. The Commission publishes the amount of the fingerprint check application fee on the NRC's public Web site.b The Commission will directly notify licensees and certificate holders who are subject to this regulation of any fee changes.
[[Page 62679]]
Footnotes: a For guidance on making electronic payments, contact the NRC's Security Branch, Division of Facilities and Security, Office of Administration at (301) 415-7404. b For information on the current fee amount, refer to the Electronic Submittals page at http://www.nrc.gov/ site-help/eie.html and select the linkfor the Criminal History Program. Sec. 73.18(o)(6) The Commission will See considerations for Sec. forward to the submitting licensee or 73.18(o). certificate holder all data received from the FBI as a result of the licensee's or certificate holder's application(s) for fingerprint background checks, including the FBI's fingerprint record. Sec. 73.18(p) Appeals and correction Paragraph (p)(1) would indicate of erroneous system information.that individuals who have (1) Individuals who require a firearms received a ``denied'' response background check under this section or a ``delayed'' response may and who receive a ``denied'' NICSnot be assigned duties response or a ``delayed'' NICSrequiring access to covered response may not be assigned duties weapons during their appeal of requiring access to covered weapons the denial or resolution of during the pendency of an appeal of the delay. the results of the check or during the Paragraph (p)(2) would indicate pendency of providing and evaluating that the licensee or any necessary additional information certificate holder will to the FBI to resolve the ``delayed'' provide information on the response, respectively.
FBI's appeals process to the (2) Licensees and certificate holders denied individual. The NRC and shall provide information on the FBI's FBI are considering creating a procedures for appealing a ``denied'' brochure describing the response to the denied individual or appeals process or resolution on providing additional information to process that would be similar the FBI to resolve a ``delayed''to the FBI's current brochure response.
[describing the NICS appeals (3) An individual who receives aprocess] provided by federal ``denied'' or ``delayed'' NICSfirearms licensees to response to a firearms backgroundindividuals receiving a check under this section may request ``denied'' NICS response (see the reason for the response from the example at the FBI's NICS FBI. The licensee or certificateinformation website at http:// holder shall provide to the individual www.fbi.gov/hq/cjisd/nics/who has received the ``denied'' or index.htm). ``delayed'' response the unique NICS Paragraph (p)(3) would indicate transaction number associated with the that the individual who specific firearms background check. receives a ``denied'' or (4) These requests for the reason for a ``delayed'' response must ``denied'' or ``delayed'' NICSpersonally make any requests response must be made in writing, and to the FBI on the reason for must include the NICS transactionthe NICS response; and the number. The request must be sent to licensee or certificate holder the Federal Bureau of Investigation; may not make such requests NICS Section; Appeals Service Team, upon the individual's behalf. Module A-1; PO Box 4278; Clarksburg, Paragraph (p)(4) would provide WV 26302-9922. The FBI will provide the FBI's address for the individual with the reasons for correspondence. Additionally, the ``denied'' response or ``delayed'' in response to the response. The FBI will also indicate individual's request the FBI whether additional information orwould provide the person the documents are required to support an reason for the denial or the appeal or resolution, for example, delay to facilitate any where there is a claim that the record appeals or to facilitate in question does not pertain to the providing supplemental individual who was denied.information to resolve a ``delayed'' response. Sec. 73.18(p)(5) If the individual Paragraph (p)(5) would set a wishes to challenge the accuracy of time limit for filing an the record upon which the ``denied'' initial appeal of a ``denied'' or ``delayed'' response is based, or response or to request if the individual wishes to assert resolution of a ``delayed'' that his or her rights to possess or response to encourage timely receive a firearm have been restored resolution of such cases and by lawful process, he or she may make facilitate FBI disposition of application first to the FBI. Theinterim records. The individual shall file an appeal of a individual filing the appeal ``denied'' response or file a request would be required to set forth to resolve a ``delayed'' responsethe basis for the appeal and within 45 calender days of the date provide information supporting the NRC forwards the results of the their claim. Copies of records firearms background check to thewould be required to be true licensee or certificate holder. The copies (i.e., certified by a appeal or request must includecourt or other government appropriate documentation or record(s) entity). Because some establishing the legal and/or factual supplemental information may basis for the challenge. Any record or take longer than 45 days to document of a court or otherobtain, individuals filling an government entity or officialappeal or requesting furnished in support of an appeal must resolution should not delay be certified by the court or other their filing in order to government entity or official as a gather all necessary true copy. The individual mayinformation, but would supplement their initial appeal or indicate that additional request--subsequent to the 45 daysupporting information will be filing deadline--with additionalforthcoming. information as it becomes available, Paragraph (p)(6) would indicate for example, where obtaining a true that if an individual cannot copy of a court transcript may take resolve a record with the FBI, longer than 45 days. The individual the individual may apply to should note in their appeal or request the originating agency to any information or records that are correct the record and notify being obtained, but are not yetthe FBI of those results. available.
The originating agency may (6) If the individual is notified that respond to the individual's the FBI is unable to resolve theapplication by addressing the appeal, the individual may then apply individual's specific reasons for correction of the record directly for the challenge, and by to the agency from which theindicating whether additional information forming the basis of the information or documents are denial was originated. If therequired. If the record is individual is notified by thecorrected as a result of the originating agency, that additional appeal to the originating information or documents are required agency, the individual may so the individual may provide them to the notify the FBI, which would, originating agency. If the record is in turn, verify the record corrected as a result of the appeal to correction with the the originating agency, the individual originating agency (assuming may so notify the FBI and submitthe originating agency has not written proof of the correction.already notified the FBI of the correction) and take all necessary steps to correct the record in the NICS system.[[Page 62680]]
Sec. 73.18(p)(7) An individual who Paragraph (p)(7) would indicate has satisfactorily appealed athat an individual who has ``denied'' response or resolved asuccessfully resolved a ``delayed'' response may provide``denied'' or ``delayed'' written consent to the FBI to maintain response may consent to the information about himself or herself FBI maintaining information in a Voluntary Appeal File (VAF) to be about himself or herself in established by the FBI and checked by the FBI's VAF (i.e., the basis the NICS for the purpose of preventing for the successful the erroneous denial or extended delay resolution). The FBI will by the NICS of any future NICS checks. issue such individuals a VAF (8) Individuals appealing a ``denied'' number that can be entered on response or resolving a ``delayed'' an NRC Form 754 or ATF Form response are responsible for providing 4417 to prevent repetition of the FBI any additional information the excessive delays in completing FBI requires to resolve theany future NICS checks (both ``delayed'' response.
for checks as security personnel and for checks of individuals engaging in a firearms transaction as a private person). A VAF file would be used only by the NICS for this purpose. The FBI would remove all information in the VAF pertaining to an individual upon receipt of a written request by that individual. However, the FBI may retain such information contained in the VAF as long as needed to pursue cases of identified misuse of the system. If the FBI finds a disqualifying record on the individual after his or her entry into the VAF, the FBI may remove the individual's information from the file. Paragraph (p)(8) would indicate that the responsibility for providing any necessary additional information to the FBI to appeal the ``denied'' response or resolve the ``delayed'' rests with the individual, not with the FBI. Sec. 73.19 Authorization forThis new section would preemption of firearms laws and use of implement the provisions of enhanced weapons.
new section 161A of the AEA (a) Purpose. This section sets forth with respect to preemption the requirements for licensees and authority alone or combined certificate holders to obtain NRCenhanced-weapons authority and approval to use the expandedpreemption authority. This authorities provided under section section would permit, but not 161A of the Atomic Energy Act of 1954, require, selected classes of as amended (AEA), in protecting NRC- licensees and certificate designated facilities, radioactive holders to apply to the NRC material, or other property. These for these authorities. authorities include ``preemptionParagraph (a) would provide the authority'' and ``enhanced-weapons overall purpose and indicate authority.''
that this section applies to defending NRC-designated facilities, radioactive material, or other property. Sec. 73.19(b) General Requirements. Paragraph (b) would contain Licensees and certificate holdersgeneral requirements and listed in paragraph (c) of thisoverview of the advantages of section may apply to the NRC, inthese two authorities. The accordance with the provisions of this ability of licensees and section, to receive stand-alonecertificate holders to apply preemption authority or combinedto the NRC for stand-alone enhanced weapons authority andpreemption authority or preemption authority.
combined enhanced-weapons (1) Preemption authority, as provided authority and preemption in section 161A of the AEA, means the authority would be limited to authority of the Commission to permit the classes of licensees set licensees or certificate holders, or forth in paragraph (c) of this the designated security personnel of section. the licensee or certificate holder, to Licensees and certificate transfer, receive, possess, transport, holders may apply for import, or use one (1) or morepreemption authority alone. category of standard and enhancedHowever, licensees and weapons, as defined in Sec. 73.2, certificate holders who apply notwithstanding any local, State, or for enhanced-weapons authority certain Federal firearms lawswould also be required to (including regulations).
apply for preemption (2) Enhanced weapons authority, asauthority, because of provided in section 161A of the AEA, restrictions on the possession means the authority of the Commission of enhanced weapons require to permit licensees or certificate the preemption of certain holders, or the designated security regulations. The NRC would personnel of the licensee orcreate this separate, but certificate holder, to transfer,parallel, structure to provide receive, possess, transport, import, licensees with flexibility in and use one (1) or more category of choosing security capabilities enhanced weapons, as defined in Sec. versus security costs. 73.2, notwithstanding any local,Paragraphs (b)(1) and (b)(2) State, or certain Federal firearms provide definitions of these laws (including regulations).two authorities. Sec. 73.19(b)(3) Prior to receiving Paragraph (b)(3) would indicate NRC approval of enhanced-weaponsthat to receive enhanced- authority, the licensee or certificate weapons authority, a licensee holder must have applied for andor certificate holder must received NRC approval for preemption also have received preemption authority, in accordance with this authority. section or under Commission orders. Paragraph (b)(4) would describe (4) Prior to granting either authority the criteria of section 161A the NRC must determine that thethe Commission must determine proposed use of this authority isare present for a licensee or necessary in the discharge of official certificate holder to apply to duties by security personnel engaged the NRC for stand-alone in protecting--.
preemption authority or (i) Facilities owned or operated by a combined enhanced-weapons licensee or certificate holder and authority and preemption designated by the Commission under authority for other types of paragraph (c) of this section, or. facilities, radioactive (ii) Radioactive material or othermaterial, or other property. property that is owned or possessed by a licensee or certificate holder, or that is being transported to or from an NRC-regulated facility. Before granting such approval, the Commission must determined that the radioactive material or other property is of significance to the common defense and security or public health and safety and has designated such radioactive material or other property under paragraph (c) of this section.[[Page 62681]]
Sec. 73.19(c) Applicability. (1) The Paragraph (c)(1) would limit following classes of licensees orthe types of licensees who certificate holders may apply forcould apply for stand-alone stand-alone preemption authority-- preemption authority alone to (i) Power reactor facilities; andtwo classes of NRC-regulated (ii) Facilities authorized to possess a facilities--power reactor formula quantity or greater offacilities and fuel cycle strategic special nuclear material facilities authorized to with security plans subject to Sec. possess Category I quantities Sec. 73.20, 73.45, and 73.46.of SSNM. Such SSNM fuel cycle (2) The following classes of licensees facilities would include: or certificate holders may apply for production facilities, spent combined enhanced-weapons authority fuel reprocessing facilities, and preemption authority--fuel fabrication facilities, (i) Power reactor facilities; andand uranium enrichment (ii) Facilities authorized to possess a facilities. However, they formula quantity or greater ofwould not include hot cell strategic special nuclear material facilities, independent spent with security plans subject to Sec. fuel storage installations, Sec. 73.20, 73.45, and 73.46.monitored retrievable storage installations, geologic repository operations areas, non-power reactors, byproduct material facilities, and the transportation of spent fuel, high level waste, and special nuclear material. Paragraph (c)(2) would also limit the types of licensees who could apply for combined enhanced-weapons authority and preemption authority to these same two classes of licensed facilities. The Commission is proposing under this rulemaking to limit the range of facilities, radioactive material, or other property [for which these authorities are appropriate] to power reactor facilities and fuel cycle facilities authorized to possess Category I quantities of strategic special nuclear material. The Commission would take this approach to be consistent with the scope of this rulemaking. The Commission may consider other types of facilities, radioactive material, or other property as appropriate for these authorities in future rulemakings. Additionally, the Commission would use the parallel structure in paragraph (c) to facilitate future rulemakings. Specifically, the Commission recognizes that enhanced- weapons authority may not be appropriate for all present and future classes of licensees with armed security programs; whereas the applicability of preemption authority to all present and future classes of licensees with armed security programs may be much broader. Sec. 73.19(c)(3) With respect to the Paragraph (b)(3) would indicate possession and use of firearms by all that the provisions of this other NRC licensees or certificate section do not supersede holders, the Commission's requirements existing Commission in effect before [effective date of regulations or orders for non- final rule] remain applicable, except power reactor and non-Category to the extent those requirements are I SSNM licensees, unless modified by Commission order orspecifically indicated. regulations applicable to such licensees and certificate holders. Sec. 73.19(d) Authorization for stand- Paragraph (d)(1) would describe alone preemption of firearms laws. (1) the process for a licensee or Licensees and certificate holderscertificate holder to apply listed in paragraph (c) of thisfor preemption authority. This section may apply to the NRC for the would be a voluntary action. preemption authority described inBased upon the Commission's paragraph (b)(1) of this section.conclusion that the classes of Licensees and certificate holdersfacilities listed under seeking such authority shall submit an paragraph (c) are appropriate application to the NRC in writing, in for the use of such preemption accordance with Sec. 73.4, andauthority, no additional indicate that the licensee ordocumentation or supporting certificate holder is requestinginformation would be required preemption authority under section by a licensee or certificate 161A of the AEA.
holder to apply for preemption (2) Licensees and certificate holders authority other than the who have applied for preemptionlicensee or certificate holder authority under this section may begin is included within the list of firearms background checks under Sec. licenses and certificate 73.18 for their armed securityholders in paragraph (c). personnel.
Paragraph (d)(2) would permit (3) Licensees and certificate holders licensees and certificate who have applied for preemptionholders who have applied for authority under this section and who preemption authority to begin have satisfactorily completed firearms submitting their security background checks for a sufficient personnel for firearms number of security personnel (tobackground checks under Sec. implement their security plan while 73.18. meeting security personnel fatigue Paragraph (c)(3) would require requirements of this chapter orlicensees and certificate Commission order) shall notify the holders who applied for NRC, in accordance with Sec. 73.4, preemption authority to of their readiness to receive NRCsubsequently notify the NRC of approval of preemption authority and their readiness to fully implement all the provisions of Sec. implement Sec. 73.18 without 73.18.
adverse impact on the security organization (i.e., the provisions in Sec. 73.18 requiring removal from armed duties of personnel with a ``denied'' or ``delayed'' response would not adversely affect the licensee's or certificate holder's security organization). Sec. 73.19(d)(4) Based upon theParagraph (d)(4) would indicate licensee's or certificate holder's that the NRC will rely upon readiness notification and anythe licensee's or certificate discussions with the licensee orholder's determination that certificate holder, the NRC willsufficient numbers of its document in writing to the licensee or security personnel have certificate holder that the Commission satisfactorily passed the has approved or disapproved thefirearms background check to licensee's or certificate holder's fully implement the provisions application for preemption authority. of Sec. 73.18. The NRC would document in writing its approval or disapproval of the licensee's or certificate holder's application for preemption authority. The NRC may also rely upon discussions with the licensee or certificate holder to reach a conclusion.[[Page 62682]]
Sec. 73.19(e) Authorization for use Paragraph (e)(1) would describe of enhanced weapons. (1) Licensees and the process for a licensee or certificate holders listed incertificate holder to apply paragraph (c)(2) of this section may for combined enhanced-weapons apply to the NRC for enhanced-weapons authority and preemption authority described in paragraphauthority. A licensee or (a)(2) of this section. Licensees and certificate holder would be certificate holders applying forpermitted to apply for enhanced-weapons authority shall have preemption authority in also applied for preemption authority. conjunction with an Licensees and certificate holders may application for enhanced- make these applications concurrently. weapons authority, or the (2) Licensees and certificate holders licensee or certificate holder seeking enhanced-weapons authority may apply for preemption shall submit an application to the authority first. Only the NRC, in accordance with Sec. 73.4, classes of licensees and indicating that the licensee orcertificate holders listed certificate holder is requestingunder paragraph (c)(2) would enhanced-weapons authority underbe permitted to apply for section 161A of the AEA. Licensees and combined enhanced-weapons certificate holders shall also include authority and preemption with their application--.
authority. (i) The additional information required Paragraph (e)(2) would require by paragraph (f) of this section;. a licensee or certificate (ii) The date they applied to the NRC holder to include specific for preemption authority (if notinformation with their concurrent with the application for application as set forth in enhanced weapons authority); and.Sec. 73.19(f). The licensee (iii) If applicable, the date when the or certificate holder would licensee or certificate holderalso be required to include received NRC approval of theirinformation on the date they application for preemption authority applied for, and/or received under this section or via Commission NRC approval of their order..
application for preemption authority under Sec. 73.19, or under Commission order prior to the effective date of a final rule. Sec. 73.19(e)(3) The NRC willParagraph (e)(3) would indicate document in writing to the licensee or that the NRC would document in certificate holder that the Commission writing the approval or has approved or disapproved thedisapproval of an application licensee's or certificate holder's for combined enhanced-weapons application for enhanced-weaponsauthority and preemption authority. The NRC must approve, or authority. The NRC's approval have previously approved, a licensee's would also indicate the total or certificate holder's application numbers, types, and calibers for preemption authority underof enhanced weapons that are paragraph (d) of this section, or via approved for a specific Commission order, to approve thelicensee or certificate application for enhanced weaponsholder. authority. Sec. 73.19(e)(4) Licensees andParagraph (e)(4) would indicate certificate holders who have applied that after the licensee or to the NRC for and received enhanced- certificate holder has weapons authority shall then apply to received NRC approval of its the U.S. Bureau of Alcohol, Tobacco, application to use enhanced Firearms, and Explosives (ATF) for a weapons, it must then apply to federal firearms license (FFL) and ATF to obtain a FFL and also also register under the Nationalregister under the NFA to Firearms Act (NFA) in accordance with obtain these weapons. Because ATF regulations under 27 CFR parts 478 ATF has indicated it would and 479 to obtain the enhancedrely upon the NRC's technical weapons. Licensees and certificate evaluation [on whether the holders shall include a copy of the specific weapons listed in the NRC's written approval with their NFA NRC's approval are appropriate registration application.
for the licensee or certificate holder] in processing the licensee's or certificate holder's NFA registration application, licensees and certificate holders would include a copy of the NRC's approval with their NFA registration application. This paragraph would require licensees to obtain a FFL in addition to registering under the NFA. Based upon conversations with ATF, the NRC understands that while ATF's regulations do not mandate that persons who obtain NFA weapons also have an FFL, NRC licensees and certificate holders desiring to obtain enhanced weapons would benefit from status an ATF FFL. Advantages would include reduced time to process requests to transfer NFA weapons to or from the licensee or certificate holder (e.g., initial receipt, repair, or disposition), simplification of the ATF's review of an NFA registration application, and elimination of transfer taxes for NFA- weapons transactions. The NRC also understands that status as an FFL would create obligations for such licensee's and certificate holders. Obligations would include payment of an annual special occupational tax, additional recordkeeping requirements, and a requirement to permit ATF inspectors access to the licensee's or certificate holder's facilities possessing enhanced weapons to inspect ATF-licensed weapons and corresponding records. Sec. 73.19(f) Application forParagraph (f)(1) would describe enhanced-weapons authority additional the additional information a information. (1) Licensees andlicensee or certificate holder certificate holders applying to the would be required to submit Commission for enhanced-weaponsalong with their application authority under paragraph (e) of this for preemption and enhanced- section shall also submit to the NRC weapons authority. This for prior review and written approval information would be submitted new, or revised, physical security to the NRC for prior review plans, security personnel training and and approval and would qualification plans, safeguardsdescribe and address the contingency plans, and safetyspecific weapons to be assessments incorporating the use of employed. In addition to the specific enhanced weapons theaddressing the enhanced licensee or certificate holder intends weapons in the security, to use. These plans and assessments training and qualification, must be specific to the facility,and safeguards contingency radioactive material, or otherplans, a licensee or property being protected.
certificate holder would also provide a safety assessment on the use of the specific enhanced weapons to be employed. Licensees and certificate holders who apply for authority alone under paragraph (d) would not be subject to the requirements of paragraph (f).[[Page 62683]]
Sec. 73.19(f)(2) In addition to other Paragraph (e)(2) would describe requirements set forth in this part, specific information the these plans and assessments must-- license or certificate holder (i) For the physical security plan, would include in the plans and identify the specific types or models, assessments accompanying the calibers, and numbers of enhancedapplication for enhanced- weapons to be used;
weapons authority. The (ii) For the training and qualification paragraph would also describe plan, address the training andthe scope of the safety qualification requirements to useassessments and would require these specific enhanced weapons; and evaluation of both onsite and (iii) For the safeguards contingency offsite impacts from the use plan, address how these enhanced and of the specific enhanced any standard weapons will be employed weapons to be employed. The by the licensee's or certificatesafety assessment would be holder's security personnel in meeting required to only address the the NRC-required protective strategy, enhanced weapons the license including tactical approaches andor certificate holder intends maneuvers.
to employ. Sec. 73.19(f)(2)(iv) For the safety See considerations for Sec. assessment--
73.19(f)(2). (A) Assess any potential safety impact on the facility, radioactive material, or other property from the use of these enhanced weapons; (B) Assess any potential safety impact on public or private facilities, public or private property, or on members of the public in areas outside of the site boundary from the use of these enhanced weapons; and (C) Assess any potential safety impact on public or private facilities, public or private property, or on members of the public from the use of these enhanced weapons at training facilities intended for proficiency demonstration and qualification purposes. Sec. 73.19(f)(3) The licensee's or Paragraph (f)(3) would specify certificate holder's training andacceptable standards for the qualification plan on possessing,licensee or certificate holder storing, maintaining, qualifying on, to use in creating a training and using enhanced weapons mustand qualification plan for include information from applicable enhanced weapons. This firearms standards developed byparagraph would not create any nationally-recognized firearmsnew requirements for training organizations or standard settingstandards for standard bodies or standards developed byweapons. Federal agencies, such as: the U.S. Paragraph (f)(4) would require Department of Homeland Security'sthe submission of revised Federal Law Enforcement Trainingplans for prior NRC review and Center, the U.S. Department ofapproval, irrespective of Energy's National Training Center, and whether the licensee or the U.S. Department of Defense.certificate holder concludes (4) Licensees or certificate holders that the use of these enhanced shall submit any new or revised plans weapons would not cause ``a and assessments for prior NRC review decrease in security and written approval notwithstanding effectiveness'' under the the provisions of Sec. Sec.applicable NRC regulation. 50.54(p), 70.32(e), and 76.60 of this chapter which otherwise permit a license or certificate holder to make changes to such plans ``that would not decrease their effectiveness'' without prior NRC review. Sec. 73.19(g) Completion of training Paragraph (g) would require and qualification prior to use oflicensees and certificate enhanced weapons.
holders to ensure security Licensees and certificate holders who personnel are trained and have applied for and received enhanced- qualified on the use and weapons authority under paragraph (e) employment of enhanced weapons of this section shall ensure security before the licensee or personnel complete required firearms certificate holder deploys training and qualification inthese enhanced weapons to accordance with the licensee's ordefend the facility, certificate holder's NRC-approvedradioactive material, or other training and qualification plan. Such property. training must be completed prior to Documentation of completion of security personnel's use of enhanced this training would be weapons to protect NRC-designatedconsistent with the licensee's facilities, radioactive material, or or certificate holder's other property and must be documented approved training and in accordance with the requirements of qualification plan. the licensee's or certificate holder's training and qualification plan. Sec. 73.19(h) Use of enhancedParagraph (h) would indicate weapons. Requirements regarding the that Sec. 73.19 does not use of enhanced weapons by security supercede requirements on the personnel in the performance of their use of weapons under the power official duties are contained in Sec. reactor and Category I fuel Sec. 73.46 and 73.55 and incycle facility security appendices B and C of this part, as regulations found in Part 73. applicable. Sec. 73.19(i) [Reserved]............. Paragraph (i) would not be used to avoid confusion with the use of sub-sub paragraph (i). Sec. 73.19(j) Notification of adverse Paragraph (j) would require NRC ATF findings or notices. NRC licensees licensees or certificate and certificate holders with an ATF holders to notify NRC, should federal firearms license (FFL) and/or the licensee or certificate enhanced weapons shall notify the NRC, holder receive any adverse in accordance with Sec. 73.4, of findings based upon an ATF instances involving any adverse ATF inspection, audit, or review findings or ATF notices related to of the enhanced weapons their FFL or such weapons.possessed by the licensee or certificate holder under an ATF FFL. This would allow the NRC to appropriately respond to any public or media inquiries associated with such findings in a timely manner. Sec. 73.2 Definitions................ Three new definitions would be added to this section as conforming changes supporting the new Sec. Sec. 73.18 and 73.19 that would include: covered weapon, enhanced weapon, and standard weapon. The NRC would use these three terms to envelope the weapons, ammunition, and devices listed under section 161A of the AEA.[[Page 62684]]
Other new definitions that would be added as conforming changes to this section in support of other regulations (e.g., safety/security interface and target set) are discussed in other tables in this proposed rule. Covered weapon means any handgun,A definition for covered weapon rifle, shotgun, short-barreledwould be used as an overall shotgun, short-barreled rifle, semi- term to encompass the firearms automatic assault weapon, machinegun, (weapons), ammunition, and ammunition for any such gun or weapon, devices listed in section or large capacity ammunition feeding 161A. The meanings of the device as specified under section 161A specific terms for the of the Atomic Energy Act of 1954, as firearms, ammunition, or amended. As used here, the termsdevices encompassed within ``handgun, rifle, shotgun, short-this definition would have the barreled shotgun, short-barreledsame meaning for those terms rifle, semi-automatic assault weapon, as is those found under Title machinegun, ammunition, or large18 of the United States Code, capacity ammunition feeding device'' Section 921(a) [18 U.S.C. have the same meaning as set forth for 921(a)]. those terms under 18 U.S.C. 921(a). Covered weapons include both enhanced weapons and standard weapons. However, enhanced weapons do not include standard weapons. Enhanced weapon means any short-Definitions for enhanced weapon barreled shotgun, short-barreledand standard weapon would be rifle, or machinegun. Enhanced weapons added to support the differing do not include destructive devices, scope of these new sections. including explosives or weaponsThe relationship between greater than 50 caliber (i.e., weapons covered weapon, enhanced with a bore greater than 1.27 cm [0.5 weapon, and standard weapon in] diameter).
would be explained. Standard weapon means any handgun, Also, the definition for rifle, shotgun, semi-automatic assault enhanced weapons would not weapon, or a large capacity ammunition include destructive devices as feeding device.
defined under ATF's regulations, since the NRC's authority under section 161A of the AEA does not permit licensees or certificate holders to possess destructive devices.
Table 2.--Part 73 Section 73.55 [Requirements for physical protection of licensed activities in nuclear power reactors against radiological sabotage]Current languageProposed language ConsiderationsRequirements for physical Requirements for This title would be protection of licensedphysical protection retained. activities in nuclear power of licensed reactors againstactivities in radiological sabotage.nuclear power reactors against radiological sabotage. (a) Introduction.... This header would be added for formatting purposes. Sec. 73.55 By December 2, (a)(1) By [date--180 This requirement 1986, each licensee, as days--after the would be added to appropriate, shall submit effective date of discuss the types proposed amendments to its the final ruleof Commission security plan which define published in the licensees to whom how the amendedFederal Register], the proposed requirements of Paragraphs each nuclear power requirements of (a), (d)(7), (d)(9), and reactor licensee, this section would (e)(1) will be met.licensed under 10 apply and the CFR part 50, shall schedule for incorporate the submitting the revisedamended security requirements of plans. The this sectionCommission intends through amendments to delete the to its Commission- current language, approved Physical because it applies Security Plan,only to a past rule Training andchange that is Qualification Plan, completed. The and Safeguardsproposed Contingency Plan, requirements of referred tothis section would collectively as be applicable to ``approved security decommissioned/ing plans,'' and shall reactors unless submit the amended otherwise exempted. security plans to the Commission for review and approval. Sec. 73.55 Each submittal (a)(2) The amended This requirement must include a proposed security plans must would be added to implementation schedule for be submitted as provide a reference Commission approval.specified in Sec. to the current Sec. 50.4 of this50.4(b)(4) which chapter and must describes describe how the procedural details revisedrelative to the requirements of proposed security this section will plan submission be implemented by requirement. the licensee, to include a proposed implementation schedule. Sec. 73.55 The amended (a)(3) The licensee This requirement safeguards requirements of shall implement the would be added to these paragraphs must be existing approved clarify that the implemented by the licensee security plans and licensee must within 180 days afterassociatedcontinue to Commission approval of the Commission orders implement the proposed security plan in until Commission current Commission- accordance with theapproval of the approved security approved schedule.amended security plans until the plans, unlessCommission approves otherwisethe amended plans. authorized by the The phrase ``unless Commission.otherwise authorized by the Commission'' would provide flexibility to account for unanticipated situations that may affect the licensee's ability to comply with this proposed requirement.[[Page 62685]]
Sec. 73.55(b)(1)(i) The (a)(4) The licensee This requirement licensee is responsible to is responsible for would retain the the Commission formaintaining the current requirement maintaining safeguards in onsite physical that the licensee accordance with Commission protection program is responsible for regulations and thein accordance with meeting Commission licensee's security plan. Commissionregulations and the regulations and approved security related Commission- plans. The phrase directed orders ``through the through theimplementation of implementation of the approved the approvedsecurity plans and security plans and site implementing site implementing procedures'' would procedures.be added to describe the relationship between Commission regulations, the approved security plans, and implementing procedures. The word ``safeguards'' would be replaced with the phrase ``physical protection program'' to more accurately focus this requirement to the security program rather than the broad ``safeguards'' which includes safety. The Commission views the approved security plans as the mechanism through which the licensee meets Commission requirements through implementation, therefore, the licensee is responsible to the Commission for this performance. (a)(5) Applicants This requirement for an operating would be added to license under the describe the provisions of part proposed 50 of this chapter, requirements for or holders of a applicants and to combined license specify that these under theproposed provisions of part requirements must 52 of this chapter, be met before an shall satisfy the applicant's receipt requirements of of special nuclear this section before material in the the receipt ofform of fuel special nuclear assemblies. material in the form of fuel assemblies. (a)(6) For licenses This requirement issued afterwould be added to [effective date of describe the this rule],Commission licensees shall expectations for design, construct, new reactors. Based and equip theon changes to the central alarmthreat environment station andthe Commission has secondary alarm determined that the station tofunctions required equivalentto be performed by standards.the central alarm station are a critical element of the licensee capability to satisfy the performance objective and requirements of the proposed paragraph (b) of this section. Therefore, to ensure that these critical capabilities are maintained, the Commission has determined that this proposed requirement would be a prudent and necessary measure to ensure the licensee's ability to summon assistance or otherwise respond to an alarm as is currently required by Sec. 73.55(e)(1) and therefore satisfy the performance objective and requirements of the proposed paragraph (b) of this section. (a)(6)(i) Licensees This requirement shall apply the would be added for requirements for consistency with the central alarm and clarification station listed in of the proposed paragraphsrequirement of (e)(6)(v),paragraph (a)(6) of (e)(7)(iii), and this section. The (i)(8)(ii) of this Commission has section to thedetermined that secondary alarm these construction station as well as standards that were the central alarm previously applied station.to only the central alarm station should also be built into the secondary alarm station for new reactor licensees. (a)(6)(ii) Licensees This requirement shall comply with would be added for the requirements of consistency with paragraph (i)(4) of and clarification this section such of the proposed that both alarm requirement of stations areparagraph (i)(4) of provided withthis section and to equivalentclarify that for capabilities for new reactors, both detection,the central and assessment,secondary alarm monitoring,stations must be observation,provided surveillance, and ``equivalent communications. capabilities'' and not simply equivalent ``functional'' capabilities as is stated in the proposed paragraph (i)(4) of this section. The Commission has determined that these capabilities must be equivalent for new reactors to ensure that the secondary alarm station is redundant to the central alarm station.[[Page 62686]]
Sec. 73.55(a) General (b) GeneralThis header would be performance objective and performanceretained. The requirements.
objective andproposed requirements.requirements of this section are intended to represent the general outline for a physical protection program that would provide an acceptable level of protection if effectively implemented. The proposed actions, standards, criteria, and requirements of this section are intended to be bounded by the description of the design basis threat identified by the Commission in Sec. 73.1. Sec. 73.55(a) The licensee (b)(1) The licensee This requirement shall establish andshall establish and would retain the maintain an onsite physical maintain a physical current performance protection system andprotection program, objective of Sec. security organization which to include a73.55(a) with two will have as its objective securityminor changes. to provide high assurance organization which First, the phrase that activities involving will have as its ``an onsite special nuclear material objective tophysical protection are not inimical to the provide highsystem'' would be common defense and security assurance thatreplaced with the and do not constitute an activitiesphrase ``a physical unreasonable risk to the involving special protection public health and safety. nuclear material program'' to more are not inimical to clearly state the the common defense Commission's view and security and do that the physical not constitute an protection system unreasonable risk elements described to the publicin this proposed health and safety. rule combine to make the licensee physical protection program. Second, the word ``and'' would be replaced with the phrase ``to include a'' to clarify the Commission's view that the security organization is not considered to be independent of the licensee physical protection program but rather, is a component of that program. Sec. 73.55(a) The physical (b)(2) The physical This requirement protection system shall be protection program would contain a designed to protect against must be designed to substantial the design basis threat of detect, assess, revision to provide radiological sabotage as intercept,a more detailed and stated in Sec. 73.1(a). challenge, delay, performance based Sec. 73.55(h)(4)(iii)(A) and neutralizerequirement for the Requiring responding guards threats up to and design of the or other armed response including thelicensee physical personnel to interposedesign basis threat protection program. themselves * * *..of radiological Most significantly, sabotage as stated the word in Sec. 73.1(a), ``interpose'' would at all times.be replaced with the words ``detect, assess, intercept, challenge, delay, and neutralize''. The current requirement of Sec.73.55(h)(4)(iii)(A) requires the licensee to ``interpose'' for the purpose of preventing radiological sabotage, however, the definition of ``radiological sabotage'' stated in Sec. 73.2 does not contain a performance based element by which the Commission can measure this capability and therefore, this proposed requirement would provide the six performance based elements or capabilities ``detect, assess, intercept, challenge, delay, and neutralize.'' The first element, ``detect'', would be provided through the use of detection equipment, patrols, access controls, and other program elements required by this proposed rule and would provide notification to the licensee that a potential threat is present and where the threat is located.[[Page 62687]]
The second element, ``assess'', would provide a mechanism through which the licensee would identify the nature of the threat detected. This would be accomplished through the use of video equipment, patrols, and other program elements that would be required by this proposed rule and would provide the licensee with information about the threat upon which the licensee would determine how to respond. The third, fourth, and fifth elements would comprise the component actions of response and would be provided by personnel trained and equipped in accordance with a response strategy. The third element ``intercept'' would be the act of placing a person at an intersecting defensive position directly in the path of advancement taken by the threat, and between the threat and the protected target or target set element. The fourth element ``challenge'' would be to verbally or physically confront the threat to impede, halt, or otherwise interact with the threat with the intent of preventing further advancement of the threat towards the protected target or target set element. The fifth element ``delay'' would be to take necessary actions to counter any attempt by the threat to advance towards the protected target or target set element. The sixth element ``neutralize'' would be to place the threat in a condition from which the threat no longer has the potential to, or capability of, doing harm to the protected item. The Commission does not intend to suggest that the action, ``neutralize'', would require the application of ``deadly force'' in all instances. The phrase ``threat of radiological sabotage'' would be replaced with the phrase ``threats up to and including the design basis threat of radiological sabotage'' to clarify the Commission's view that the licensee must provide protection against any element of the design basis threat, to include those that do not rise to the full capability of the design basis threat.[[Page 62688]]
Sec. 73.55(a) To achieve (b)(3) The licensee This requirement this general performance physical protection would retain and objective, the onsiteprogram must be revise two current physical protection system designed andrequirements to and security organization implemented toprovide a must include, but notsatisfy theperformance based necessarily be limited to, requirements of requirement for the the capabilities to meet this section and design of the the specific requirements ensure that nophysical protection contained in paragraphs (b) single act, asprogram. The first through (h) of this section. bounded by thesignificant Sec. 73.55(e)(1) * * * so design basisrevision would that a single act cannot threat, can disable expand the current remove the capability of the personnel,requirement for calling for assistance or equipment, oralarm stations to otherwise responding to an systems necessary be protected alarm..
to preventagainst a single significant core act, and would damage and spent require that the fuel sabotage.licensee physical protection program be designed to ensure that a single act can not disable the personnel, equipment, or systems necessary to prevent significant core damage and spent fuel sabotage which would result in the loss of the capability to prevent radiological sabotage. The Commission's view is that because of changes to the threat environment, it is necessary to emphasize the ``remove the capability'' requirement of the current Sec. 73.55(e)(1) such that the single act protection requirement would apply to personnel, equipment, and systems required to perform specific functions that if disabled would remove the licensee capability to prevent radiological sabotage. The second significant revision would provide a measurable and performance based requirement against which the Commission would measure the effectiveness of the licensee's physical protection program to prevent radiological sabotage. The Commission's view is that the goal of the licensee's physical protection program must include an acceptable safety margin to assure that the performance objective of public health and safety is met. This safety margin would be established by designing and implementing a physical protection program that protects against radiological sabotage by preventing significant core damage and spent fuel sabotage which describes the undesirable consequences that could result from the destruction of a target set or all elements of a target set and would be a precursor to radiological sabotage. The Commission's view is that significant damage to the core or sabotage to spent fuel would result in a condition in which the performance objective of ``High Assurance'' could no longer be provided and therefore, prevention of significant core damage and spent fuel sabotage are a measurable performance criteria against which the Commission would evaluate the effectiveness of the licensee physical protection program.[[Page 62689]]
The phrase ``as bounded by the design basis threat'' would be used to clarify the Commission's view that the licensee must ensure that the physical protection program is designed to protect against the design basis threat and all other threats that do not rise to the level of the design basis threat. The phrase ``the capabilities to meet the specific requirements contained in paragraphs (b) through (h) of this section'' would be replaced by the phase ``implemented to satisfy the requirements of this section'' to account for the reformatting of this proposed rule and to describe the Commission view that the licensee is responsible to implement Commission requirements through the approved security plans and procedures. (b)(4) The physical This requirement protection program would be added to must includeapply defense-in- diverse anddepth concepts as redundantpart of the equipment, systems, physical protection technology,program to ensure programs,the capability to supportingmeet the processes, andperformance implementingobjective of the procedures.proposed paragraph (b)(1) of this section is maintained in the changing threat environment. The terms ``diverse and redundant'' are intended to describe defense-in- depth in a performance based manner and would be a critical element for meeting the proposed requirement for protection against a single act described in the proposed paragraph (b)(3) of this section. Sec. 73.55(b)(4)(i) Upon (b)(5) Upon the This requirement the request of anrequest of anwould retain the authorized representative authorizedcurrent requirement of the Commission, therepresentative of for demonstration licensee shall demonstrate the Commission, the and would contain the ability of the physical licensee shallminor revisions to security personnel to carry demonstrate the apply this out their assigned duties ability to meet requirement to the and responsibilities.Commissionlicensee's ability requirementsto implement the through thephysical protection implementation of program and not be the physicallimited to only the protection program, ability of security including thepersonnel to carry ability of armed out their duties. and unarmedThis proposed personnel torequirement would perform assigned clarify the duties andCommission's view responsibilities that the licensee required by the must also approved security demonstrate the plans and licensee effectiveness of procedures.plans, procedures, and equipment to accomplish their intended function within the physical protection program. (b)(6) The licensee This requirement shall establish and would be added to maintain a written specify that this performanceperformance evaluation program evaluation program in accordance with would be the appendix B andmechanism by which appendix C to this the licensee would part, todemonstrate the demonstrate and capabilities assess thedescribed by the effectiveness of performance based armed responders requirements of the and armed security proposed paragraphs officers to perform (b)(2) through (4) their assignedof this section. duties andThe phrase ``target responsibilities to sets'' would be protect target sets used consistent described inwith the proposed paragraph (f) of (b)(3) of this this section and section to describe appendix C to this the combination of part, throughequipment and implementation of operator actions the licenseewhich, if all are protective strategy. prevented from performing their intended safety function or prevented from being accomplished, would likely result in significant core damage (e.g., non- incipient, non- localized fuel melting, and/or core disruption) barring extraordinary action by plant operators. A target set with respect to spent fuel sabotage is draining the spent fuel pool leaving the spent fuel uncovered for a period of time, allowing spent fuel heat up and the associated potential for release of fission products.[[Page 62690]]
Sec. 73.55(d)(7) The(b)(7) The licensee This requirement licensee shall:shall establish, would be retained (i) Establish an accessmaintain, andand revised to authorization system * * *. follow an access require the authorizationlicensee to provide program inan Access accordance with Authorization Sec. 73.56.Program. (b)(7)(i) InThis proposed addition to the requirement would access
be added to authorizationestablish the program required insider mitigation above, and theprogram (IMP). The fitness-for-duty licensee's IMP program required in should integrate part 26 of this specific elements chapter, eachof the licensee AA licensee shalland FFD programs to develop, implement, focus those and maintain an elements on insider mitigation identifying program.potential insider threats and denying the opportunity for an insider to gain or retain access at an NRC licensed facility. (b)(7)(ii) TheThis proposed insider mitigation requirement would program must be be added to provide designed to oversee a performance based and monitor the requirement for the initial anddesign and content continuingof the IMP. The trustworthiness and Commission has reliability ofconcluded that, by individuals granted itself, the initial or retainingdetermination of unescorted access trustworthiness and authorization to a reliability is not protected or vital adequate to area and implement minimize the defense-in-depth potential methodologies to opportunity for an minimize theinsider to gain or potential for an retain access, and insider tothat only through adversely affect, continual re- either directly or evaluation of the indirectly, the information licensee capability obtained through to preventthese processes can significant core the licensee damage or spent provide the level fuel sabotage.of assurance necessary. The Commission has also determined that defense-in-depth would be provided through the integration of physical protection measures with access authorization and fitness-for-duty program elements, to ensure the licensee capability to identify and mitigate the potential activities of an insider, such as, but not limited to, tampering. The Commission does not intend that a licensee would limit the IMP to any one or more elements, but rather that the licensee would identify and add additional elements as necessary to ensure the site's IMP satisfies the performance requirements specified by the Commission. The Commission has determined that no one element of the physical protection program, access authorization program, or fitness- for-duty program would, by itself, provide the level of protection against the insider necessary to meet the performance objective of the proposed paragraph (b) and therefore, the effective integration of these three programs is a necessary requirement to achieve defense-in- depth against the potential insider. (b)(8) The licensee This requirement shall ensure that would be added to its correctiveprovide a action programperformance based assures thatrequirement to failures,ensure that the malfunctions,licensee implements deficiencies,and completes the deviations,required corrective defective equipment actions in a timely and nonconformances manner and that in security program actions would be components,taken to correct functions, orthe cause of the personnel areproblem to ensure promptly identified that the problem and corrected.would not be Measures shallrepeated. ensure that the cause of any of these conditions is determined and that corrective action is taken to preclude repetition. (c) Security plans.. This header would be added for formatting purposes. (c)(1) Licensee This requirement security plans. would be added to Licensee security describe the plans mustpurpose of the implementlicensee Physical CommissionSecurity Plan, requirements and Training and must describe:Qualification Plan, and Safeguards Contingency Plan in a performance based requirement and to introduce the general types of information to be discussed.[[Page 62691]]
(c)(1)(i) How the This requirement physical protection would be added to program willdescribe the prevent significant performance based core damage and requirement to be spent fuel sabotage met by the physical through theprotection program establishment and and the basic maintenance of a elements of the securitysystem that must be organization, the described in the use of security security plans. equipment and technology, the training and qualification of security personnel, and the implementation of predetermined response plans and strategies; and (c)(1)(ii) Site- This requirement specific conditions would be added to that affectreflect the implementation of Commission's view Commissionthat licensees must requirements.focus attention on site-specific conditions in the development and implementation of site plans, procedures, processes, response strategies, and ultimately, the licensee capability to achieve the performance objective of the proposed paragraph (b)(1) of this section. (c)(2) Protection of This requirement security plans. The would be added to licensee shallemphasize the protect therequirements for approved security the protection of plans and other safeguards related safeguards information in information against accordance with the unauthorizedrequirements of disclosure inSec. 73.21. accordance with the requirements of Sec. 73.21. (c)(3) Physical This header would be security plan.added for formatting purposes. (c)(3)(i) TheThis requirement licensee shallwould be added to establish,specify the maintain, andrequirement for a implement aphysical security Commission-approved plan. physical security plan that describes how the performance objective and requirements set forth in this section will be implemented. (c)(3)(ii) TheThis requirement physical security would be added to plan must describe describe the the facilitygeneral content of location andthe physical layout, thesecurity plan and securityspecify the general organization and types of structure, duties information to be and
addressed. Because responsibilities of the specifics of personnel, defense- defense-in-depth in-depthrequired by the implementation that proposed Sec. describes73.55(b)(4) would components,vary from site-to- equipment andsite, the terms technology used. ``components,'' ``equipment'' and ``technology'' would be used to provide flexibility. (c)(4) Training and This header would be qualification plan. added for formatting purposes. Sec. 73.55(b)(4)(ii) Each (c)(4)(i) TheThis requirement licensee shall establish, licensee shallwould retain and maintain, and follow an NRC- establish,separate two approved training andmaintain, andcurrent qualifications plan * * *. follow a Commission- requirements of approved training Sec. and qualification 73.55(b)(4)(ii). plan that describes This proposed how the criteria requirement would set forth inrequire the appendix Blicensee to provide ``General Criteria a training and for Securityqualification plan. Personnel,'' to this part will be implemented. Sec. 73.55(b)(4)(ii) * * * (c)(4)(ii) TheThis requirement outlining the processes by training andwould retain the which guards, watchmen, qualification plan requirement for the armed response persons, and must describe the licensee to outline other members of theprocess by which the processes in security organization will armed and unarmed this plan with be selected, trained,security personnel, minor revisions. equipped, tested, andwatchpersons, and The phrase qualified to ensure that other members of ``guards, watchmen, these individuals meet the the securityarmed response requirements of thisorganization will persons'' would be paragraph.
be selected,replaced by the trained, equipped, phrase ``armed and tested, qualified, unarmed security and re-qualified to personnel, ensure that these watchpersons'' to individuals possess generically and maintain the identify all knowledge, skills, members of the and abilitiessecurity required to carry organization. The out their assigned Commission does not duties andintend that responsibilities administrative effectively.staff be included except as these personnel would be used to perform duties required to detect, assess, intercept, challenge, delay, and neutralize a threat, to include compensatory measures used to maintain these capabilities in the event of a failed component.[[Page 62692]]
The phrase ``meet the requirements of this paragraph'' would be replaced by the phrase ``possess the knowledge, skills, and abilities required to effectively carry out their assigned duties and responsibilities'' to clarify that the focus of this proposed requirement would be to ensure these individuals possess these capabilities. (c)(5) Safeguards This header would be contingency plan. added for formatting purposes. Sec. 73.55(h)(1)(c)(5)(i) TheThis requirement Safeguards contingencylicensee shallwould retain the plans must be in accordance establish,current requirement with the criteria inmaintain, andof Sec. appendix C to this part, implement a73.55(h)(1) to ``Licensee SafeguardsCommission-approved provide a Contingency Plans''.safeguardssafeguards contingency plan contingency plan that describes how with minor the criteria set revisions. Most forth in section II significantly, the of appendix C,reference to ``Licenseeappendix C to part Safeguards73 would be revised Contingencyto reflect the Plans,'' to this reformatting of the part will beproposed appendix C implemented.to part 73 which would have a section II that applies only to power reactors. (c)(5)(ii) TheThis requirement safeguardswould be added to contingency plan generally describe must describethe content of the predeterminedSafeguards actions, plans, and Contingency Plan. strategies designed to intercept, challenge, delay, and neutralize threats up to and including the design basis threat of radiological sabotage. (c)(6) Implementing This header would be procedures.added for formatting purposes. Sec. 73.55(b)(3)(i)(c)(6)(i) TheThis requirement Written security procedures licensee shallwould retain the that document the structure establish,requirement for of the securitymaintain, andwritten security organization and detail the implement written procedures with duties of guards, watchmen, procedures that minor revisions. and other individualsdocument theThe phrase ``and responsible for security. structure of the implement securityCommission organization,requirements detail the specific through the duties andapproved security responsibilities of plans'' would be each position, and added to clarify implementthe requirement Commissionthat the licensee requirementsimplements through theCommission approved security requirements plans.
through procedures as well as the approved security plans. (c)(6)(ii)This requirement Implementingwould be added to procedures need not address the current be submitted to the and proposed Commission forprocedural details prior approval, but for implementing are subject toprocedures. inspection by the Commission. (c)(6)(iii)This requirement Implementingwould be added to procedures must describe the detail the specific content of actions to be taken implementing and decisions to be procedures to made by eachclarify the current position of the requirement security``detail the duties organization to of guards, implement thewatchmen, and other approved security individuals plans.
responsible for security.'' Sec. 73.55(b)(3) The(c)(6)(iv) TheThis requirement licensee shall have alicensee shall: would be retained management system to
and would separate provide for * * *.
the two current requirements of Sec. 73.55(b)(3) with minor revisions. The phrase ``management system'' would be replaced with the word ``process.'' The current requirement to have a management system would be addressed in the proposed Sec. 73.55(d)(2). Sec. 73.55(b)(3) * * * the (c)(6)(iv)(A)This requirement development, revision,Develop, maintain, would retain the implementation, andenforce, review, requirement to enforcement of security and revise security develop, revise, procedures.
implementingimplement, and procedures.enforce security procedures. The words ``maintenance and review'' would be added to clarify these tasks as necessary functions. The word ``implementation'' would be deleted because implementation is addressed in the proposed paragraphs (c)(6)(i) through (iii) of this section. Sec. 73.55(b)(3)(ii)(c)(6)(iv)(B)This requirement Provision for writtenProvide a process would retain the approval of thesefor the written current requirement procedures and anyapproval offor written revisions to the procedures implementingapproval with minor by the individual withprocedures andrevisions. overall responsibility for revisions by the the security functions. individual with overall responsibility for the security functions.[[Page 62693]]
(c)(6)(iv)(C) Ensure This requirement that changes made would be added to to implementing ensure that the procedures do not licensee process decrease thefor making changes effectiveness of to implementing any procedure to procedures includes implement anda process to ensure satisfy Commission that changes do not requirements.result in a reduction of effectiveness or result in a conflict with other site procedures. (c)(7) PlanThis requirement revisions. Thewould be added to licensee shalloutline the three revise approved methodologies for security plans as making changes to necessary to ensure the Commission- the effectiveapproved security implementation of plans and clarify Commissionthat the licensee regulations and the would make licensee'snecessary plan protectivechanges to account strategy.for changes to site Commission approval specific conditions of revisions made and lessons learned pursuant to this from implementing paragraph is not the approved required, provided security plans. that revisions meet the requirements of Sec. 50.54(p) of this chapter. Changes that are beyond the scope allowed per Sec. 50.54(p) of this chapter shall be submitted as required by Sec. Sec. 50.90 of this chapter or Sec. 73.5. Sec. 73.55(b) Physical (d) SecurityThis header would be Security Organization.organization.retained with a minor revision. Sec. 73.55(b)(1) The(d)(1) The licensee This requirement licensee shall establish a shall establish and would retain the security organization,maintain a security current requirement including guards, toorganizationfor a security protect his facilitydesigned, staffed, organization to against radiologicaltrained, andprotect against sabotage.
equipped to provide radiological early detection, sabotage. This assessment, and proposed response torequirement would unauthorizedbe revised to activities within describe a more any area of the performance based facility.requirement consistent with the proposed paragraphs (b)(2) through (4) of this section. The phrase ``including guards, to protect his facility against radiological sabotage'' would be replaced with the phrase ``designed, staffed, trained, and equipped to provide early detection, assessment, and response to unauthorized activities'' to describe those elements of the security organization needed to provide the capabilities described in the proposed paragraph (b). The phrase ``within any area of the facility'' would be added to clarify the Commission's expectation that the licensee must implement measures consistent with site security assessments and the licensee response strategy, to facilitate the identification of a threat before an attempt to penetrate the protected area would be made. Sec. 73.55(b)(3) The(d)(2) The security This requirement system shall include:organization must would be retained include:with minor revisions. The word ``system'' would be replaced by the phrase ``security organization.'' Although, the security ``system'' would include the security organization, this proposed requirement focuses only on the security organization. Sec. 73.55(b)(3) The(d)(2)(i) AThis requirement licensee shall have amanagement system would retain the management system * * *. that providesrequirement for a oversight of the management system onsite physical with minor protection program. revisions. Most significantly this proposed requirement would not limit the licensee management system to only provide for the development, revision, implementation, and enforcement of security procedures which are addressed in the proposed paragraph (c)(6)(iv) of this section. The Commission expectation would be that the licensee management system oversees all aspects of the onsite physical protection program to ensure the effective implementation of Commission requirements through the approved security plans and implementing procedures.[[Page 62694]]
Sec. 73.55(b)(2) At least (d)(2)(ii) At least This requirement one full time member of the one member, onsite would be retained security organization who and available at with minor has the authority to direct all times, who has revisions. The the physical protection the authority to phrase ``who is activities of the security direct theassigned no other organization shall beactivities of the duties which would onsite at all times.securityinterfere with'' organization and would be added to who is assigned no ensure that the other duties that designated would interfere individual would with thisnot be assigned any individual'sduties that would ability to perform prevent or these duties in interfere with the accordance with the ability to direct approved security these activities plans and licensee when needed. protective strategy. Sec. 73.55(b)(4)(i) The (d)(3) The licensee This requirement licensee may not permit an may not permit any would be retained individual to act as aindividual to act with minor guard, watchman, armedas a member of the revisions. response person, or other security member of the securityorganization unless organization unless the the individual has individual has beenbeen trained, trained, equipped, andequipped, and qualified to perform each qualified to assigned security job duty perform assigned in accordance with appendix duties and B, ``General Criteria for responsibilities in Security Personnel,'' to accordance with the this part.
requirements of appendix B to part 73 and the Commission-approved training and qualification plan. (d)(4) The licensee This requirement may not assign an would be added to individual to any clarify the position involving prerequisite detection,qualifications for assessment, orassignment to any response toposition involving unauthorizeda function upon activities unless which detection, that individual has assessment, or satisfied theresponse requirements of capabilities Sec. 73.56.depend. Sec. 73.55(b)(1) If a (d)(5) If aThis requirement contract guard force is contracted security would be retained utilized for site security, force is used to with minor the licensee's writtenimplement therevision. The agreement with theonsite physical phrase ``utilized contractor that must be protection program, for site security'' retained by the licensee as the licensee'swould be replaced a record for the duration written agreement with the phrase of the contract willwith the contractor ``used to implement clearly show that:must be retained by the onsite physical the licensee as a protection record for theprogram'' to focus duration of the on the contract and must implementation of clearly state the the onsite physical followingprotection program. conditions: Sec. 73.55(b)(1)(i) The (d)(5)(i) TheThis requirement licensee is responsible to licensee iswould be retained the Commission forresponsible for with minor maintaining safeguards in maintaining the revisions. Most accordance with Commission onsite physical significantly, the regulations and theprotection program word ``safeguards'' licensee's security plan. in accordance with would be replaced Commission orders, with the phrase'' Commissiononsite physical regulations, and protection the approvedprogram'' to more security plans. accurately describe the focus of this requirement. Sec. 73.55(b)(1)(ii) The (d)(5)(ii) TheThis requirement NRC may inspect, copy, and Commission maywould be retained take away copies of all inspect, copy,with minor reports and documentsretain, and remove revisions. required to be kept byall reports and Commission regulations, documents required orders, or applicableto be kept by license conditions whether Commission the reports and documents regulations, are kept by the licensee or orders, or the contractor.applicable license conditions whether the reports and documents are kept by the licensee or the contractor. (d)(5)(iii) AnThis requirement individual may not would be added for be assigned to any consistency with position involving the proposed detection,requirements of the assessment, orproposed paragraph response to(d)(4) of this unauthorizedsection. This activities unless proposed that individual has requirement would satisfied thebe stipulated in a requirements of contract because it Sec. 73.56.relates to a function of the contract. Sec. 73.55(b)(1)(iv) The (d)(5)(iv) AnThis requirement contractor will not assign individual may not would retain and any personnel to the site be assigned duties combine two current who have not first been and
requirements of made aware of theseresponsibilities Sec. responsibilities.required to73.55(b)(1)(iv) and Sec. 73.55(b)(4)(i) The implement theSec. licensee may not permit an approved security 73.55(b)(4)(i) with individual to act as aplans or licensee minor revisions guard, watchman, armedprotective strategy necessary for response person, or other unless thatconsistency with member of the securityindividual has been the proposed rule. organization unless the properly trained, individual has beenequipped, and trained, equipped, andqualified to qualified to perform each perform their assigned security job duty assigned duties and in accordance with appendix responsibilities in B * * *..
accordance with appendix B to part 73 and the Commission-approved training and qualification plan. Sec. 73.55(b)(1)(iii) The (d)(5)(v) Upon the This requirement requirement in paragraph request of anwould be retained (b)(4) of this section that authorizedto describe the the licensee demonstrate representative of current requirement the ability of physical the Commission, the for demonstration security personnel tocontractor security by contract perform their assignedemployees shall security personnel. duties and responsibilities demonstrate the The language of includes demonstration of ability to perform this current the ability of thetheir assignedrequirement would contractor's physicalduties andbe deleted and security personnel toresponsibilities replaced by the perform their assignedeffectively.proposed language duties and responsibilities
of the proposed in carrying out the
Sec. 73.55(b)(5). provisions of the Security Plan and these regulations, and * * *.[[Page 62695]]
(d)(5)(vi) AnyThis requirement license forwould be added to possession andimplement ownership ofapplicable portions enhanced weapons of the EPAct 2005, will reside with and to require any the licensee.security force contract to include a statement that would ensure that all licenses relative to firearms and enhanced weapons reside with the licensee, not the contractor. Sec. 73.55(c) Physical (e) PhysicalThis requirement barriers.
barriers. Based would be added to upon the licensee's provide a protectiveperformance based strategy, analyses, requirement for and site conditions determining the use that affect the use and placement of and placement of physical barriers physical barriers, required for the licensee shall protection of install andpersonnel, maintain physical equipment, and barriers that are systems, the designed andfailure of which constructed ascould directly or necessary to deter, indirectly endanger delay, and prevent public health and the introduction of safety. unauthorized personnel, vehicles, or materials into areas for which access must be controlled or restricted. The phrase ``Based upon the licensee protective strategy, analyses, and site specific conditions'', would be used to ensure that licensees consider protective strategy requirements and needs, as well as any analyses conducted by the licensee or required by the Commission to determine the effects the design basis threat could have on personnel, equipment, and systems, and any site specific condition that could have an impact on the capability to prevent significant core damage and spent fuel sabotage. The Commission considers these factors to be necessary considerations when determining the appropriate use and placement of barriers in any area. (e)(1) The licensee This requirement shall describe in would be added to the approvedprovide a mechanism security plans, the by which the design,licensee would construction, and confirm information function ofregarding the use, physical barriers placement, and and barrier systems construction of used and shallbarriers to include ensure that each the intended barrier and barrier function of system is designed specific barriers and constructed to as they relate to satisfy the stated satisfying the function of the proposed barrier and barrier requirements of system.this section. Sec. 73.55(c)(9)(iii) (e)(2) The licensee This requirement Protect as Safeguardsshall retain in would retain and Information, information accordance with combine the current required by the Commission Sec. 73.70, all requirements of pursuant to Sec.analyses,Sec. 73.55(c)(8) and (9).comparisons, and 73.55(c)(9)(iii) Sec. 73.55(c)(9)(iv)descriptions of the and (9)(iv) with Retain, in accordance with physical barriers minor revisions. Sec. 73.70, alland barrier systems comparisons and analyses used to satisfy the prepared pursuant to Sec. requirements of 73.55(c)(7) and (8)..this section, and shall protect these records as safeguards information in accordance with the requirements of Sec. 73.21. (e)(3) Physical This header would be barriers must:added for formatting purposes. (e)(3)(i) Clearly This requirement delineate thewould be added to boundaries of the provide a area(s) for which performance based the physicalrequirement for the barrier provides use of barriers. protection or a function, such as protected and vital area boundaries and stand-off distance. Sec. 73.55(c)(8) Each (e)(3)(ii) BeThis requirement licensee shall compare the designed andwould be added to vehicle control measures constructed toapply the current established in accordance protect against the requirement of Sec. with Sec. 73.55(c)(7) to design basis threat 73.55(c)(8) to the Commission's design commensurate to the compare vehicle goals (i.e., to protect required function control measures equipment, systems,of each barrier and against Commission devices, or material, the in support of the design goals, to failure of which couldlicensee protective all barriers, such directly or indirectlystrategy.as but not limited endanger public health and
to, channeling safety by exposure to
barriers, delay radiation) and criteria for
barriers, and protection against a land
bullet resisting vehicle bomb.
enclosures, and not limit this comparison to only vehicle barriers. The Commission's view is that the physical construction, materials, and design of any barrier must be sufficient to perform the intended function and therefore, the licensee must meet these standards.[[Page 62696]]
(e)(3)(iii) Provide This requirement visual deterrence, would be added to delay, and support provide a access controlperformance based measures.requirement for physical barriers. Because of changes to the threat environment the Commission believes emphasis on the use of physical barriers would be appropriate. (e)(3)(iv) Support This requirement effectivewould be added to implementation of provide a the licensee'sperformance based protective strategy. requirement for physical barriers. Because of changes to the threat environment the use of physical barriers within the licensee protective strategy would be considered essential. (e)(4) OwnerThis requirement controlled area. would be added to The licensee shall provide a establish andperformance based maintain physical requirement to barriers in the provide enhanced owner controlled protection outside area to deter,the protected area delay, or prevent relative to unauthorizeddetecting and access, facilitate delaying a threat the early detection before reaching any of unauthorized area from which the activities, and threat could control approach disable the routes to thepersonnel, facility.equipment, or systems required to meet the performance objective and requirements described in the proposed paragraph (b) of this section. (e)(5) Isolation This header would be zone.
added for formatting purposes. Sec. 73.55(c)(3) Isolation (e)(5)(i) AnThis requirement zones shall be maintained isolation zone must would retain the in outdoor areas adjacent be maintained in current requirement to the physical barrier at outdoor areasfor an isolation the perimeter of theadjacent to the zone. protected area * * *.protected area perimeter barrier. The isolation zone shall be: Sec. 73.55(c)(3) Isolation (e)(5)(i)(A)This requirement zones * * * and shall be of Designed and of would retain and sufficient size to permit sufficient size to revise the current observation of thepermit unobstructed requirement for activities of people on observation and isolation zone either side of that barrier assessment ofdesign to provide in the event of itsactivities onobservation. Most penetration.
either side of the significantly, the protected areawords ``designed'' barrier.and ``unobstructed'' would be added to provide a more performance based requirement. The phrase ``of people'' would be deleted to focus the proposed requirement on ``activities''. Sec. 73.55(c)(4) Detection (e)(5)(i)(B)This requirement of penetration or attempted Equipped withwould be retained penetration of theintrusion detection and revised to protected area or theequipment capable require intrusion isolation zone adjacent to of detecting both detection equipment the protected area barrier attempted andwithin an isolation shall assure that adequate actual penetration zone and provide a response by the security of the protected performance based organization can bearea perimeterrequirement for initiated.
barrier andthat equipment. The assessmentphrase ``shall equipment capable assure that of facilitating adequate response timely evaluation by the security of the detected organization can be unauthorizedinitiated'' would activities before be moved from this completedproposed penetration of the requirement to the protected areaproposed Sec. perimeter barrier. 73.55(i)(9)(v). (e)(5)(ii)This requirement Assessmentwould be added to equipment in the provide a isolation zone must performance based provide real-time requirement for and play-back/assessment recorded videoequipment utilized images in a manner for the isolation that allows timely zone. The evaluation of the Commission has detecteddetermined that unauthorizedbased on changes to activities before threat environment and after eachthe use of alarm annunciation. technology that allows for the assessment of activities before and after an alarm annunciation is necessary to facilitate a determination of the level of response needed to satisfy the performance objective and requirements of the proposed paragraph (b) of this section. The Commission believes the application of this commonly used technology would be an appropriate use of technological advancements that would effectively enhance licensee capabilities to achieve the performance objective and requirements of the proposed paragraph (b) of this section.[[Page 62697]]
Sec. 73.55(c)(3) If(e)(5)(iii) Parking This requirement parking facilities arefacilities, storage would be retained provided for employees or areas, or other and revised to visitors, they shall be obstructions that provide a located outside thecould provideperformance based isolation zone and exterior concealment orrequirement for the to the protected areaotherwise interfere areas outside the barrier.
with the licensee's isolation zone. capability to meet Most significantly, the requirements of the phrase paragraphs``storage areas, or (e)(5)(i)(A) and other obstructions (B) of thiswhich could provide section, must be concealment or located outside of otherwise the isolation zone. interfere'' would be added to ensure that areas inside, outside, and adjacent to the protected area barrier would be maintained clear of obstructions to ensure observation and assessment capabilities. (e)(6) Protected This header would be area.
added for formatting purposes. (e)(6)(i) TheThis requirement protected areawould be added to perimeter must be provide a protected byperformance based physical barriers requirement for designed andphysical barriers constructed to meet and penetrations Commissionthough the requirements and protected area all penetrations barrier to be through thissecured to prevent barrier must be and detect secured in a manner attempted or actual that prevents or exploitation of the delays, and detects penetration. The the exploitation of Commission's view any penetration. is that penetrations must be secured equal to the strength of the barrier of which it is a part and that attempts to exploit a penetration must be detected and response initiated. Sec. 73.55(c)(2) The(e)(6)(ii) TheThis requirement physical barriers at the protected areawould be retained perimeter of the protected perimeter physical with minor area shall be separated barriers must be revision. The from any other barrierseparated from any phrase ``unless designated as a physical other barrierotherwise barrier for a vital area designated as a identified in the within the protected area. vital area physical approved physical barrier, unless security plan'' otherwisewould be added to identified in the provide flexibility approved physical for an alternate security plan.methodology to be described in the Commission-approved security plans. Sec. 73.55(e)(3) All(e)(6)(iii) All This requirement emergency exits in each emergency exits in would retain and protected area and each the protected area separate the two vital area shall be alarmed. must be secured by current locking devices requirements with that allow exit minor revision. The only and alarmed. phrase ``secured by locking devices which allow exit only'' would be added to provide a performance based requirement relative to the function of locking devices with emergency exit design to prevent entry. Vital areas would be addressed in the proposed Sec. 73.55(e)(8)(vii). (e)(6)(iv) Where This requirement building walls, would be added to roofs, orprovide a penetrationsperformance based comprise a portion requirement for of the protected instances where area perimeterthis site condition barrier, anwould exist. isolation zone is not necessary, provided that the detection, assessment, observation, monitoring, and surveillance requirements of this section are met, appropriately designed and constructed barriers are installed, and the area is described in the approved security plans. Sec. 73.55(c)(6) The(e)(6)(v) TheThis requirement walls, doors, ceiling,reactor control would retain the floor, and any windows in room, the central locations the walls and in the doors alarm station, and identified in the of the reactor control room the location within current Sec. shall be bullet-resisting. which the last73.55(c)(6), Sec. 73.55(d)(1) Theaccess control(d)(1), and (e)(1). individual responsible for function for access Specific reference the last access control to the protected to walls, doors, function (controllingarea is performed, ceiling, floor, and admission to the protected must be bullet- any windows in the area) must be isolatedresisting.walls, doors, within a bullet-resisting
ceiling, and floor structure as described in
would be deleted to Paragraph (c)(6) of this
clarify that all section to assure his or
construction her ability to respond or
features would be summon assistance.
required to meet Sec. 73.55(e)(1) The
the bullet onsite central alarm
resisting station must be considered
requirement, and a vital area and its walls,
therefore remove doors, ceiling, floor, and
the potential for any windows in the walls
confusion where a and in the doors must be
structural feature bullet-resisting..
such as sky-lights would not be listed. The Commission does not intend to suggest that penetrations, such as heating/ cooling ducts be made bullet- resistant, but rather that the licensee implement appropriate measures to prevent the exploitation of such features in a manner consistent with the intent of the bullet- resisting requirement to ensure the required functions performed in these locations are protected and maintained.[[Page 62698]]
(e)(6)(vi) AllThis requirement exterior areaswould be added to within theprovide a protected area must performance based be periodically requirement for checked to detect monitoring exterior and deterareas of the unauthorizedprotected area to activities,facilitate personnel,achievement of the vehicles, andrequirements materials.described by the proposed paragraph (b). (e)(7) Vital areas.. This header would be added for formatting purposes. Sec. 73.55(c)(1) The(e)(7)(i) Vital This requirement licensee shall locate vital equipment must be would be retained equipment only within a located only within with minor vital area, which in turn, vital areas, which revision. The shall be located within a in turn must be phrase ``of protected area such that located withinsufficient strength access to vital equipment protected areas so to meet the requires passage through at that access toperformance least two physical barriers vital equipment requirements of of sufficient strength to requires passage paragraph (a) of meet the performancethrough at least this section'' requirements of paragraph two physicalwould be replaced (a) of this section.barriers designed with the phrase and constructed to ``designed and perform theconstructed to required function, perform the except as otherwise required function'' approved by the for consistency Commission inwith the proposed accordance with requirements for paragraph (f)(2) of physical barriers this section.discussed throughout this proposed Sec. 73.55(e). The phrase ``except as otherwise approved by the Commission in accordance with paragraph (f)(2) of this section'' would be added to account for the condition addressed by paragraph (f)(2). Sec. 73.55(c)(1) More than (e)(7)(ii) More than This requirement one vital area may beone vital area may would be retained. located within a single be located within a protected area.single protected area. Sec. 73.55(e)(1) The(e)(7)(iii) The This requirement onsite central alarmreactor control would retain and station must be considered room, the spent combine two current a vital area and * * *. fuel pool,requirements from Sec. 73.55(e)(1) Onsite secondary power 10 CFR 73.55(e)(1), secondary power supplysupply systems for for protecting systems for alarmintrusion detection these areas annunciator equipment and and assessmentequivalent to a non-portable communications equipment, non- vital area. The equipment as required in portableCommission added paragraph (f) of thiscommunicationsthe ``spent fuel section must be located equipment, and the pool'' to emphasize within vital areas..central alarmthe Commission view station, must be that because of provided protection changes to the equivalent to vital threat environment equipment located the spent fuel pool within a vital area. must also be provided this protection. The phrase ``alarm annunciator'' would be replaced with ``intrusion detection and assessment'' to clarify the application of this proposed requirement to intrusion detection sensors and video assessment equipment as well as the alarm annunciation equipment. (e)(7)(iv) Vital This requirement equipment that is would be added to undergoingprovide a maintenance or is performance based out of service, or requirement any other change to consistent with the site conditions proposed Sec. that could73.58 Safety/ adversely affect Security Program. plant safety or security, must be identified in accordance with Sec. 73.58, and adjustments must be made to the site protective strategy, site procedures, and approved security plans, as necessary. Sec. 73.55(e)(3) All(e)(7)(v) TheThis requirement emergency exits in each licensee shallwould retain and protected area and each protect all vital combine two current vital area shall be alarmed. areas, vital area requirements 10 CFR Sec. 73.55(d)(7)(D) Lock access portals, and 73.55(e)(3) and and protect by an activated vital area(d)(7)(D) with intrusion alarm system all emergency exits minor revision for unoccupied vital areas.. with intrusionformatting detection equipment purposes. The and lockingphrase ``Emergency devices. Emergency exit locking exit lockingdevices shall be devices shall be designed to permit designed to permit exit only'' would exit only.be added to provide a performance based requirement to describe the function to be provided by emergency exit locking devices. Sec. 73.55(d)(7)(D) Lock (e)(7)(vi)This requirement and protect by an activated Unoccupied vital would retain the intrusion alarm system all areas must becurrent requirement unoccupied vital areas. locked.to lock unoccupied vital areas with minor revision for formatting purposes. The current requirement to alarm all vital areas would be moved to the proposed paragraph (e)(7)(v) of this section. (e)(8) VehicleThis header would be barrier system. The added for licensee must:formatting purposes.[[Page 62699]]
Sec. 73.55(c)(7) Vehicle (e)(8)(i) Prevent This requirement control measures, including unauthorizedwould be retained vehicle barrier systems, vehicle access or and revised to must be established toproximity to any provide a protect against use of a area from which any requirement for land vehicle, as specified vehicle, itsprotection against by the Commission, as a personnel, or its any vehicle within means of transportation to contents couldthe context of the gain unauthorized proximity disable thedesign basis threat to vital areas.personnel,described in Sec. equipment, or73.1. Because of systems necessary changes to the to meet thethreat environment, performancethe meaning of the objective andword ``proximity'' requirementsremains the same described inbut is applied to paragraph (b) of include all this section.locations from which the design basis threat could disable the personnel, equipment, or systems required to prevent radiological sabotage. (e)(8)(ii) Limit and This requirement control all vehicle would be added to approach routes. provide a requirement for limiting and controlling vehicle access routes to the site for the purpose of protecting the facility against vehicle bomb attacks and the use of vehicles as a means of transporting personnel and materials that would be considered a threat. Because of changes to the threat environment the Commission has determined that control of all vehicle approach routes is a critical element of the onsite physical protection program. (e)(8)(iii) Design This requirement and install awould be added to vehicle barrier require the system, to include licensee to passive and active determine the barriers, at apotential effects a stand-off distance vehicle bomb could adequate to protect have on the personnel,facility and to equipment, andestablish a barrier systems against the system at a stand- design basis threat. off distance sufficient to protect personnel, equipment and systems. Because of changes to the threat environment, the Commission views stand-off distances to be a critical element of the onsite physical protection program and which require continuing analysis and evaluation to maintain effectiveness. (e)(8)(iv) Deter, This requirement detect, delay, or would be added to prevent vehicle use ensure the licensee as a means ofmaintains the transportingcapability to unauthorizeddeter, detect, personnel ordelay, or prevent materials to gain unauthorized access unauthorized access beyond a vehicle beyond a vehicle barrier system. barrier system, Because of changes gain proximity to a to the threat protected area or environment, the vital area, orCommission views otherwise penetrate the vehicle threat the protected area to be a critical perimeter.element of the onsite physical protection program that requires continual analysis and evaluation to maintain effectiveness. This proposed requirement would include vehicles that do not reach the full capability of the design basis threat. (e)(8)(v)This requirement Periodically check would be added the operation of consistent with the active vehiclecurrent requirement barriers andof Sec. provide a secondary 73.55(g)(1) and power source or a would apply to the means of mechanical operation of active or manualvehicle barriers operation, in the within time lines event of a power required to prevent failure to ensure unauthorized that the active vehicle access, barrier can bedespite the loss of placed in thethe primary power denial position source. The term within the time ``periodically'' line required to would be intended preventto allow the unauthorizedlicensees to vehicle accessestablish checks at beyond the required a frequency standoff distance. necessary to ensure active barriers remain effective for both denial and non-denial operation. (e)(8)(vi) Provide This requirement surveillance and would be added to observation ofprovide a vehicle barriers requirement for the and barrier systems licensee to monitor to detectthe integrity of unauthorizedbarriers to verify activities and to availability when ensure theneeded and to integrity of each prevent or detect vehicle barrier and tampering. Because barrier system. of changes to the threat environment, the Commission views the vehicle bomb consideration to be a critical element of the onsite physical protection program which requires continuing analysis and evaluation to maintain effectiveness.[[Page 62700]]
(e)(9) Waterways.... This header would be added for formatting purposes. (e)(9)(i) TheThis requirement licensee shallwould be added to control waterway provide a approach routes or requirement for proximity to any controlling area from which a waterway approach waterborne vehicle, routes consistent its personnel, or with the its contents could requirement of the disable theproposed paragraph personnel,(e)(9)(ii) of this equipment, orsection. Because of systems necessary changes to the to meet thethreat environment, performancethe Commission objective andviews waterway requirementsapproach routes and described incontrol measures to paragraph (b) of be a critical this section.element of the onsite physical protection program and one that requires continual analysis and evaluation to maintain effectiveness. (e)(9)(ii) TheThis requirement licensee shallwould be added to delineate areas provide a from which arequirement for waterborne vehicle notifying must be restricted unauthorized and installindividuals that waterborne vehicle access is not control measures, permitted, and the where applicable. installation of barriers where appropriate. (e)(9)(iii) The This requirement licensee shallwould be added to monitor waterway provide a approaches andrequirement for adjacent areas to monitoring waterway ensure earlyapproaches detection,consistent with assessment, and other monitoring response toand surveillance unauthorizedrequirements of activity orthis proposed proximity, and to section. ensure the integrity of installed waterborne vehicle control measures. (e)(9)(iv) Where This requirement necessary to meet would be added to the requirements of provide a this section,requirement to licensees shall coordinate where coordinate with necessary with local, State, and other agencies Federal agencies having having jurisdiction jurisdictional over waterwayauthority over approaches.waterways to ensure that the proposed requirements of this section would be met. (e)(10) Unattended This requirement openings in any would be added to barrier established provide a to meet therequirement for all requirements of openings in any this section that OCA, PA, or VA are 620 cm\2\ (96.1 barrier to ensure in\2\) or greater that the intended in total area and function of the have a smallest barrier is met. The dimension of 15 cm phrase ``consistent (5.9 in) orwith the intended greater, must be function of each secured andbarrier'' would monitored at adescribe the frequency thatcriteria for making would preventa determination to exploitation of the secure or monitor opening consistent openings of this with the intended size where the function of each intended function barrier.of the barrier would be compromised if the opening is not secured or monitored. The size of the opening described is a commonly accepted standard throughout the security profession for application to any security program and one that represents an opening large enough for a person to exploit. Therefore, the Commission has determined that openings meeting the stated criteria require measures to prevent exploitation. (f) Target sets..... This header would be added for formatting purposes. (f)(1) The licensee This requirement shall document in would be added to site procedures the provide a process used to performance based develop andrequirement for the identify target licensee to sets, to include document how each analyses andtarget set was methodologies used developed to to determine and facilitate review group the target of the licensee set equipment or methodology by the elements.Commission. The Commission has determined that because of changes to the threat environment the identification and protection of all target sets would be a critical component for the development and implementation of the licensee protective strategy and the capability of the licensee to prevent significant core damage and spent fuel sabotage, therefore, providing protection against radiological sabotage and satisfying the performance objective and requirements stated in the proposed paragraph (b) of this section.[[Page 62701]]
(f)(2) The licensee This requirement shall consider the would be added to effects that cyber ensure cyber attacks may have attacks associated upon individual with advancements equipment orin the area of elements of each automated computer target set ortechnology are grouping.considered and the affects that such attacks may have on the integrity of individual target set equipment and elements is accounted for in the licensee protective strategy. (f)(3) Target set This requirement equipment orwould be added to elements that are provide a not containedperformance based within a protected requirement to or vital area must identify and be explicitlyaccount for this identified in the condition in the approved security approved security plans andplans, if it exists protective measures at a site. for such equipment or elements must be addressed by the licensee's protective strategy in accordance with appendix C to this part. (f)(4) The licensee This requirement shall implement a would be added to program for the require the oversight of plant licensee to equipment andestablish and systems documented implement a program as part of thethat focuses on licensee protective ensuring that strategy to ensure certain plant that changes to the equipment and configuration of systems are the identifiedperiodically equipment andchecked to ensure systems do notthat unauthorized compromise theconfiguration licensee'schanges or capability totampering would be prevent significant identified and an core damage and appropriate spent fuel sabotage. response initiated. Based on changes to the threat environment, the Commission has determined this would be an appropriate enhancement to the licensee onsite physical protection program. (g) Access control.. This header would be added for formatting purposes. (g)(1) The licensee This header would be shall:
added for formatting purposes. Sec. 73.55(d)(1) The(g)(1)(i) Control This requirement licensee shall control all all points ofwould be retained points of personnel and personnel, vehicle, and revised with vehicle access into aand material access minor revisions. protected area.into any area, or Most significantly, beyond any physical the phrase ``a barrier or barrier protected area'' system, established would be replaced to meet theby the phrase ``any requirements of area, or beyond any this section.physical barrier or barrier system, established to meet the requirements of this section'' to clarify that the focus of this proposed requirement would not be limited to only protected area access but would apply to any area for which access must be controlled to meet complimentary requirements addressed in this proposed rule. In addition, the word ``material'' would be added to emphasize that the control of material into these areas would also be a critical element of the onsite physical protection program to facilitate achievement of the performance objective of the proposed paragraph (b) of this section. Sec. 73.55(d)(7)(i)(B) (g)(1)(ii) Control This requirement Positively control, inall points ofwould be retained accordance with the access personnel andwith minor list established pursuant vehicle access into revisions. to paragraph (d)(7)(i) of vital areas in this section, all points of accordance with personnel and vehicleaccess access to vital areas.authorization lists. Sec. 73.55(d)(7)(i) * * * (g)(1)(iii) During This requirement limit unescorted access to non-emergencywould be retained vital areas duringconditions, limit and revised with nonemergency conditions to unescorted access minor revisions. individuals who require to the protected Most significantly, access in order to perform area and vitalthe phrase their duties. To achieve areas to only those ``protected area'' this, the licensee shall: individuals who would be added to require unescorted emphasize that the access to perform same ``assigned assigned duties and duties and responsibilities. responsibilities'' criteria apply to both vital and protected areas.[[Page 62702]]
(g)(1)(iv) Monitor This requirement and ensure thewould be added to integrity of access provide a control systems. requirement for ensuring the integrity of the access control system and prevent its unauthorized bypass. Based on changes to the threat environment, the Commission has determined that emphasis would be necessary to ensure that the integrity of the access control system is maintained through oversight and that attempts to circumvent or bypass the established process will be detected and access denied. (g)(1)(v) Provide This requirement supervision and would be added to control over the provide a badging process to requirement for preventensuring the unauthorized bypass integrity of the of access control access control equipment located process. Based on at or outside of changes to the the protected area. threat environment, the Commission has determined that specific emphasis on access control equipment outside the protected area would be necessary to ensure that the integrity of the access control system is maintained for those process elements that are not contained within the protected area. Sec. 73.55(d)(1) The(g)(1)(vi) Isolate This requirement individual responsible for the individualwould be retained the last access control responsible for the and revised with function (controllinglast access control minor revisions. admission to the protected functionMost significantly, area) must be isolated(controllingthe phrase ``as within a bullet-resisting admission to the described in structure as described in protected area) paragraph (c)(6) of paragraph (c)(6) of this within a bullet- this section'' section to assure his or resisting structure would be deleted her ability to respond or to assure thebecause the to summon assistance.ability to respond specific criteria or to summonfor bullet- assistance inresisting would no response tolonger be addressed unauthorizedin the referenced activities.paragraph. Specific criteria would be addressed in standards published by the Underwriters Laboratory (UL). (g)(1)(vii) InThis requirement response towould be added to specific threat and require two securityspecific actions to information,be taken by the implement a two- licensee where person (line-of- credible threat sight) rule for all information is personnel in vital provided. This areas so that no proposed one individual is requirement would permittedfirst require that unescorted access the two-person rule to vital areas. be implemented, and Under thesesecond, that conditions themeasures be licensee shallimplemented to implement measures verify that the two- to verify that the person rule is met two person rule has when access to a been met when a vital area is vital area isgained. This accessed.proposed requirement would include those areas identified in the proposed (e)(8)(iv) of this section to be protected as vital areas. Based on changes to the threat environment, the Commission has determined that the proposed requirement is necessary to facilitate licensee achievement of the performance objective of the proposed paragraph (b) of this section. (g)(2) In accordance This requirement with the approved would be added to security plans and specify the basic before granting functions that must unescorted access be satisfied to through an access meet the current control point, the and proposed licensee shall: requirements for controlling access into any area for which access controls are implemented. Sec. 73.55(d)(1)(g)(2)(i) Confirm This requirement Identification * * * of all the identity of would retain the individuals unlessindividuals.current requirement otherwise provided herein
with minor must be made and * * *.
revisions for formatting purposes. Sec. 73.55(d)(1) * * * (g)(2)(ii) Verify This requirement authorization must bethe authorization would retain the checked at these points. for access ofcurrent requirement individuals,with minor vehicles, andrevisions for materials.formatting purposes. Sec. 73.55(d)(1) * * * (g)(2)(iii) Search This requirement search of all individuals individuals,would retain the unless otherwise provided vehicles, packages, current requirement herein must be made and * * deliveries, and with minor *.
materials inrevisions for accordance with formatting paragraph (h) of purposes. this section.[[Page 62703]]
(g)(2)(iv) Confirm, This requirement in accordance with would be added to industry shared describe an lists andacceptable databases, that information sharing individuals have mechanism used by not been denied licensees to share access to another information about licensed facility. visitors and employees who have requested either escorted or unescorted access to at least one site. Based on changes to the threat environment, the Commission has determined that this proposed requirement would be a prudent enhancement to the licensee capabilities. (g)(3) AccessThis header would be control points must added for be:
formatting purposes. (g)(3)(i) Equipped This requirement with lockingwould be added to devices, intrusion describe the types detectionof equipment equipment, anddetermined to be monitoring,acceptable to observation, and satisfy the desired surveillancelevel of equipment, asperformance appropriate.intended by the proposed requirements of this section. The phrase ``as appropriate'' would be used to provide the flexibility needed to provide only that equipment that is required to accomplish the desired function of the specific access control point. Sec. 73.55(d)(1) The(g)(3)(ii) Located This requirement licensee shall control all outside orwould be added to points of personnel and concurrent with, clarify the vehicle access into athe physicallocation of access protected area.barrier systemcontrol points to through which it ensure personnel controls access. and vehicles do not gain access beyond a barrier (i.e., stand-off distance) before being searched. (g)(4) Emergency This header would be conditions.added for formatting purposes. Sec. 73.55(d)(7)(ii)(g)(4)(i) TheThis requirement Design the accesslicensee shallwould be retained authorization system to design the access with minor accommodate the potential control system to revision. Most need for rapid ingress or accommodate the significantly, the egress of individualspotential need for phrase ``access during emergency conditions rapid ingress or authorization or situations that could egress ofsystem'' would be lead to emergencyauthorizedreplaced with the conditions. To help assure individuals during phrase ``access this, the licensee shall: emergencycontrol system'' to conditions orclarify that the situations that focus of this could lead toproposed emergencyrequirement is on conditions.controlling access during emergency conditions. The need for rapid ingress and egress is a physical action and would more appropriately be addressed through access controls. Also, the phrase ``authorized individuals'' would be added to indicate that access authorization requirements are satisfied by the individual in advance of the need for access. In addition, the phrase ``To help assure this, the licensee shall:'' would be deleted because it would no longer be needed. Sec. 73.55(d)(7)(ii)(A) (g)(4)(ii) Under This requirement Ensure prompt access to emergencywould be retained vital equipment.conditions, the and revised to add licensee shalla performance based implementrequirement that procedures tothe licensee ensure that:develop and (g)(4)(ii)(A)maintain a process Authorizedby which prompt emergency personnel access to vital are provided prompt equipment is access to affected assured while at areas andthe same time equipment..ensuring the (g)(4)(ii)(B)detection of Attempted or actual unauthorized entry, unauthorized entry and that this to vital equipment process would be is detected..implemented in a (g)(4)(ii)(C) The manner that is capability toconsistent with the prevent significant proposed core damage and requirements of spent fuel sabotage this section and is maintained.. ensures the licensee capability to satisfy the performance objective of the proposed paragraph (b) of this section.[[Page 62704]]
(g)(4)(iii) The This requirement licensee shallwould be added to ensure thatprovide a restrictions for performance based site access and requirement for egress duringcoordination of emergencysecurity access conditions arecontrols during coordinated with emergencies with responses bythe access needs of offsite emergency emergency response support agencies personnel. This identified in the proposed site emergencyrequirement is plans.
intended to provide the necessary level of flexibility to the licensee to ensure access by appropriate personnel while maintaining the necessary security posture for controlling access to areas where dangerous conditions exist, such as violent conflict involving weapons. (g)(5) Vehicles..... This header would be added for formatting purposes. Sec. 73.55(d)(4) The(g)(5)(i) TheThis requirement licensee shall exercise licensee shallwould be retained positive control over all exercise control and revised to such designated vehicles to over all vehicles apply to all assure that they are used while inside the vehicles and not be only by authorized persons protected area and limited to only and for authorized purposes. vital areas todesignated ensure they are vehicles. Most used only bysignificantly, the authorized persons phrase ``all such and for authorized designated purposes.vehicles'' would be deleted to remove this limitation and clarify that the proposed requirement applies to any vehicle granted access. The word ``positive'' would be deleted to remove uncertainties regarding the meaning of this word. Sec. 73.55(d)(4) All(g)(5)(ii) Vehicles This requirement vehicles, except designated inside thewould be retained licensee vehicles,protected area or and would contain a requiring entry into the vital areas must be significant protected area shall be operated by anrevision to relieve escorted by a member of the individualthe licensee from security organization while authorizedthe current within the protected area, unescorted access requirement to and * * *.
to the area, or escort a vehicle must be escorted by operated by an an individualindividual who trained, qualified, otherwise has and equipped to unescorted access perform vehicle and relief from the escort duties,requirement that a while inside the member of the area.
security organization must escort vehicles. The phrase ``escorted by a member of the security organization'' would be replaced with the phrase ``operated by an individual authorized unescorted access to the area, or must be escorted while inside the area'' to allow personnel authorized unescorted access, to operate the vehicle without escort and to allow a vehicle to be escorted by an individual other than a member of the security organization if the operator is not authorized unescorted access. Training and qualification requirements for escorts would be addressed in the proposed Sec. 73.55(g)(7) and (g)(8). Sec. 73.55(d)(4)(g)(5)(iii) Vehicles This requirement Designated licenseeinside thewould be retained vehicles shall be limited protected area must and revised. Most in their use to onsitebe limited to plant significantly, the plant functions and shall functions orphrase ``Designated remain in the protected emergencies, and licensee'' would be area except formust be disabled deleted to broaden operational, maintenance, when not in use. the scope of this repair security and
proposed emergency purposes.
requirement to all vehicles. Also, the phrase ``shall remain in the protected area except for operational, maintenance, repair security and emergency purposes'' would be deleted because it would no longer be needed. The word ``disabled'' would be added to specify that when not in use all vehicles must be rendered non-operational such that the vehicle would not be in a ready-to- use configuration. (g)(5)(iv) Vehicles This requirement transportingwould be added to hazardous materials ensure the control inside theof hazardous protected area must material be escorted by an deliveries. The armed member of the Commission has securitydetermined that the organization.level of control described by this proposed requirement is prudent and necessary to satisfy the performance objective of the proposed paragraph (b) of this section. (g)(6) AccessThis header would be control devices. added for formatting purposes.[[Page 62705]]
Sec. 73.55(d)(5) A(g)(6)(i)This requirement numbered picture badgeIdentificationwould be retained identification system shall badges. Theand revised with be used for all individuals licensee shallminor revisions. who are authorized access implement aMost significantly, to protected areas without numbered photothe phrase ``and escort.
identificationvital areas'' is badge/key-cardadded to provide system for allnecessary focus individualsthat badges apply authorizedto both the unescorted access protected area and to the protected vital areas. Access area and vitalto the protected areas.
area does not include access to a vital area except as required to perform duties. Sec. 73.55(d)(5)(ii)(g)(6)(i)(A)This requirement Badges may be removed from Identificationwould be retained the protected area when badges may beand revised with measures are in place to removed from the minor revisions. confirm the true identity protected area only Most significantly, and authorization forwhen measures are the phrase ``upon access of the badge holder in place to confirm entry to the upon entry to the protected the true identity protected area'' area.
and authorization would be replaced for unescortedwith the phrase access of the badge ``before allowing holder beforeunescorted access allowing unescorted to the protected access to thearea'' to clarify protected area. that the performance to be achieved would be to confirm and verify access authorization before granting access to any individual. Sec. 73.55(d)(5)(ii)(g)(6)(i)(B) Except This requirement Badges shall be displayed where operational would retain the by all individuals while safety concerns current requirement inside the protected area. require otherwise, to display badges identificationat all times and badges must bewould be revised to clearly displayed address the by all individuals exception to this while inside the proposed protected area and requirement. The vital areas.phrase ``Except where operational safety concerns require otherwise,'' would be added to account for considerations such as radiological control requirements or foreign material exclusion requirements, that may preclude this requirement. In addition, the word ``clearly'' would be added to describe the expected performance that badges would be visible to provide an indication of authorization to be in the area. (g)(6)(i)(C) The This requirement licensee shallwould be added to maintain a record, account for to include the name technological and areas to which advancements unescorted access commonly associated is granted, of all with electronically individuals to whom based badging photo
systems used by identificationlicensees. The badge/key-cards Commission has have been issued. determined that this proposed requirement is prudent and necessary because such a record would be automatically made as a standard function and intent of this type of system. In addition, badging systems commonly used by licensees include the ability to program remote card-readers which are designed to grant or deny access to specific areas based upon the information electronically associated with specific badges/key- cards. This proposed requirement would not specify the media in which this record must be maintained to allow for electronic storage. Sec. 73.55(d)(8) All keys, (g)(6)(ii) Keys, This requirement locks, combinations, and locks,
would be retained related access controlcombinations, and and revised with devices used to control passwords. Allminor revisions. access to protected areas keys, locks,Most significantly, and vital areas must be combinations,the word controlled to reduce the passwords, and``passwords'' would probability of compromise. related accessbe added to account control devices for technological used to control advancements access to protected associated with the areas, vital areas, use of computers. security systems, The phrase and safeguards``security systems, information must be and safeguards controlled andinformation'' would accounted for to be added to reduce theemphasize the need probability ofto control access compromise. The to these items. The licensee shall: phrase ``and accounted for'' would be added to confirm possession by the individual to whom the access control device has been issued.[[Page 62706]]
Sec. 73.55(d)(8) The(g)(6)(ii)(A) Issue This requirement licensee shall issue keys, access controlwould be retained locks, combinations, and devices only to and revised with other access controlindividuals who minor revisions. devices to protected areas require unescorted Most significantly, and vital areas only to access to perform the phrase persons granted unescorted official duties and ``protected areas facility access.responsibilities. and vital areas'' would be replaced with the phrase ``to perform official duties and responsibilities'' to account for access control devices to items or systems that may be located outside of protected and vital areas, such as to computer systems and safeguards information storage cabinets. The phrase ``keys, locks, combinations, and other access control devices'' would be replaced by the phrase ``access control devices'' to generically describe these items and account for other technological advancements that may occur in the future. (g)(6)(ii)(B)This requirement Maintain a record, would be added to to include name and facilitate affiliation, of all achievement of the individuals to whom current requirement access controlto control access devices have been control devices to issued, andreduce the implement a process probability of to account forcompromise. The use access controlof key control logs devices at least and annual annually.inventories is a commonly used mechanism for any security system and therefore, the Commission has determined that this proposed requirement is a prudent and necessary enhancement to facilitate the licensee's capability to achieve the performance objective of the proposed paragraph (b) of this section. Sec. 73.55(d)(8) Whenever (g)(6)(ii)(C)This requirement there is evidence orImplementwould be retained suspicion that any key, compensatoryand revised to lock, combination, ormeasures uponprovide a related access controldiscovery orperformance based device may have beensuspicion that any requirement for compromised, it must be access controlcompensatory changed or rotated.device may have measures taken in been compromised. response to Compensatorycompromise. Most measures mustsignificantly, the remain in effect phrase ``it must be until thechanged or compromise isrotated'' would be corrected.captured in the proposed Sec. 73.55(g)(6)(ii) (D) and (E). The phrase ``Compensatory Measures must remain in effect until the compromise is corrected'' would be added to provide focus specific to when compensatory measures would no longer apply. Sec. 73.55(d)(8) Whenever (g)(6)(ii)(D)This requirement there is evidence orRetrieve, change, would be retained suspicion that any key, rotate, deactivate, and revised with lock, combination, oror otherwiseminor revisions. related access controldisable accessMost significantly, devices may have beencontrol devices the words compromised, it must be that have been, or ``retrieve'', changed or rotated.may have been``deactivate'', and compromised.``disable'' would be added to ensure focus is provided on these actions relative to ensuring control of access control devices and to account for electronic devices. Sec. 73.55(d)(7)(C)(g)(6)(ii)(E)This requirement Revoke, in the case of an Retrieve, change, would retain and individual's involuntary rotate, deactivate, combine two current termination for cause, the or otherwiserequirements to individual's unescorted disable all access specify the actions facility access andcontrol devices required to control retrieve his or herissued toaccess control identification badge and individuals who no devices issued to other entry devices, as longer requirepersonnel who no applicable, prior to or unescorted access longer possess a simultaneously withto the areas for need for access. notifying this individual which the devices The Commission has of his or her termination. were designed.determined that the Sec. 73.55(d)(8) Whenever
cause for an individual's unescorted
revocation of access is revoked due to
unescorted access his or her lack of
authorization does trustworthiness,
not effect the reliability, or inadequate
actions needed to work performance, keys,
reduce the locks, combinations, and
probability of related access control
compromise. devices to which that
Therefore, the same person had access must be
actions are changed or rotated.
necessary whether access is revoked under favorable or unfavorable conditions. Whenever an individual no longer requires access to an area the access control devices issued to that individual would be retrieved, changed, rotated, deactivated, or otherwise disabled to provide high assurance that the individual would not continue to have access to the item or location. (g)(7) Visitors..... This header would be added for formatting purposes.[[Page 62707]]
Sec. 73.55(d)(6)(g)(7)(i) TheThis requirement Individuals not authorized licensee may permit would retain the by the licensee to enter escorted access to current requirement protected areas without the protected area to provide escorted escort shall be escorted by to individuals who access with minor a watchman or otherdo not haverevisions. This individual designated by unescorted access proposed the licensee while in a authorization in requirement would protected area and shall be accordance with the address visitor badged to indicate that an requirements of access and would escort is required.Sec. 73.56 and specify that anyone part 26 of this who has not chapter. Thesatisfied the licensee shall: requirements of Sec. 73.56 and part 26 of this chapter would be considered to be a visitor. The current requirement for escorts would be addressed in proposed Sec. 73.55(g)(8). (g)(7)(i)(A)This requirement Implementwould be added to procedures forrequire processing,implementing escorting, andprocedures that controllingdescribe how visitors.visitors would be processed, escorted, and controlled. (g)(7)(i)(B) Confirm This requirement the identity of would be added to each visitorrequire the through physical verification of the presentation of a true identity of recognizednon-employee identification card individuals through issued by a local, the presentation of State, or Federal photographic Government agency government issued that includes a identification photo or contains (i.e., driver's physicallicense) which characteristics of provides physical the individualcharacteristics requesting escorted that can be access.compared to the holder. The word ``recognized'' would be used to provide flexibility for other types of identification that may be issued by local, State or Federal Governments. Sec. 73.55(d)(6) In(g)(7)(i)(C)This requirement addition, the licenseeMaintain a visitor would be retained shall require that each control register in with minor individual register his or which all visitors revision. her name, date, time,shall register purpose of visit,their name, date, employment affiliation, time, purpose of citizenship, and name of visit, employment the individual to beaffiliation, visited.
citizenship, and name of the individual to be visited before being escorted into any protected or vital area. Sec. 73.55(d)(6)(g)(7)(i)(D) Issue a This requirement Individuals not authorized visitor badge to would be retained by the licensee to enter all visitors that with minor revision protected areas without clearly indicates for formatting escort shall * * * bethat an escort is purposes. Most badged to indicate that an required.significantly, the escort is required.
word ``clearly'' would be added to focus on display of the badge in a manner that easily identifies the individual as requiring an escort. Sec. 73.55(d)(6)(g)(7)(i)(E) Escort This requirement Individuals not authorized all visitors, at would retain the by the licensee to enter all times, while requirement for protected areas without inside theescort with minor escort shall be escorted by protected area and revision for a watchman or othervital areas.formatting individual designated by
purposes. Most the licensee while in a
significantly, the protected area and * * *.
requirement for who performs these escort duties is moved to the proposed paragraph (g)(8) of this section. Sec. 73.55(d)(5)(i) An (g)(7)(ii)This requirement individual not employed by Individuals not would be retained the licensee but whoemployed by the with minor requires frequent andlicensee but who revisions. Most extended access torequire frequent significantly, the protected and vital areas and extendedphrase ``shall may be authorized access to unescorted access satisfy the access such areas without escort to the protected authorization provided that he receives a area and vitalrequirements of picture badge upon entrance areas shall satisfy Sec. 73.56 and into the protected area the accesspart 26 of this which must be returned upon authorizationchapter'' would be exit from the protected requirements of added to clarify area and which indicates: Sec. 73.56 and the requirement part 26 of this that these chapter and shall individual's be issued a non- satisfy the same employee photobackground check identificationrequirements and badge that isBehavior easily
Observation Program distinguished from participation that other
would be applied to identificationany other licensee badges before being employee for allowed unescorted unescorted access access to theauthorization. In protected area. Non- addition, the employee photophrase ``which must identificationbe returned upon badges mustexit from the indicate:protected area'' would be deleted because removal of badges from the protected area would be addressed in the proposed paragraph (g)(6)(i)(A). Sec. 73.55(d)(5)(i)(A) Non- (g)(7)(ii)(A) Non- This requirement employee, no escortemployee, no escort would be retained required;
required.with minor revision for formatting purposes. Sec. 73.55(d)(5)(i)(B) (g)(7)(ii)(B) Areas This requirement Areas to which access is to which access is would be retained authorized; andauthorized.with minor revision for formatting purposes. Sec. 73.55(d)(5)(i)(c) The (g)(7)(ii)(C) The This requirement period for which access has period for which would be retained been authorized.access iswith minor revision authorized.for formatting purposes. (g)(7)(ii)(D) The This requirement individual'swould be added to employer.facilitate identification of this type of non- employee and the type of activities this individual should be performing.[[Page 62708]]
(g)(7)(ii)(E) A This requirement means to determine would be added for the individual's emergency planning emergency planpurposes. assembly area. (g)(8) Escorts. The This requirement licensee shallwould be added to ensure that all provided escorts are trained performance based in accordance with requirements for appendix B to this satisfying the part, the approved escort requirements training andof this proposed qualification plan, rule and would and licenseeprovide regulatory policies andstability through procedures.the consistent application of visitor controls at all sites. Based on changes to the threat environment, the Commission has determined that emphasis on the identification and control of visitors is a prudent and necessary enhancement to facilitate licensee achievement of the performance basis of the proposed paragraph (b)(1) of this section. (g)(8)(i) Escorts This requirement shall be authorized would be added to unescorted access establish a basic to all areas in qualification which they will criteria for perform escortindividuals duties.performing escort duties. Individuals not authorized unescorted access to an area must be escorted and therefore, would not be qualified to perform escort duties in that area. (g)(8)(ii)This requirement Individualswould be added to assigned to escort establish a basic visitors shall be qualification provided a means of criteria for timely
individuals communication with performing escort both alarm stations duties. The phrase in a manner that ``timely ensures the ability communication'' to summonwould mean the assistance when ability to call for needed.assistance before that ability can be taken away. (g)(8)(iii)This requirement Individualswould be added to assigned to vehicle establish a basic escort duties shall qualification be provided a means criteria for of continuousindividuals communication with performing escort both alarm stations duties. The word to ensure the``continuous ability to summon communication'' assistance when would mean needed.possession of a direct line of communication for immediate notification, such as a radio. (g)(8)(iv) Escorts This requirement shall bewould be added to knowledgeable of establish a basic those activities qualification that are authorized criteria for to be performed individuals within the areas performing escort for which they are duties. The primary assigned to perform responsibility of escort duties and an escort would be must also bethe identification knowledgeable of and reporting of those activities unauthorized that are authorized activities, to be performed by therefore, to any individual for perform escort which the escort is duties the assignedindividual must responsibility. possess this knowledge in order to be an effective escort and recognize an event involving an unauthorized activity. (g)(8)(v) Visitor to This requirement escort ratios shall would be added to be limited to 10 to establish a basic 1 in the protected restriction to area and 5 to 1 in ensure that vital areas,individuals provided that the performing escort necessaryduties are able to observation and maintain control controlover the personnel requirements of being escorted. The this section can be phrase ``provided maintained by the that the necessary assigned escort observation and over all visitor control activities.requirements of this section can be maintained'' would provide flexibility for the licensee to reduce the specified ratios to facilitate achievement of the performance objective of the proposed paragraph (b). (h) Search programs. This header would be added for formatting purposes. Sec. 73.55(d)(2) At the (h)(1) At eachThis requirement point of personnel anddesignated access would be retained vehicle access into acontrol point into with minor protected area, all hand- the ownerrevisions. Most carried packages shall be controlled area and significantly, the searched for devices such protected area, the phrase ``for as firearms, explosives, licensee shalldevices such as and incendiary devices, or search individuals, firearms, other items which could be vehicles, packages, explosives, and used for radiologicaldeliveries, and incendiary devices, sabotage.
materials inor other items accordance with the which could be used requirements of for radiological this section and sabotage'' would be the approvedreplaced with the security plans, phrase ``in before granting accordance with the access.requirements of this section and the approved security plans'' to provide language that would make this proposed requirement generically applicable to all searches.[[Page 62709]]
Sec. 73.55(d)(2) At the (h)(1)(i) TheThis requirement point of personnel andobjective of the would be retained vehicle access into asearch program must and revised to protected area, all hand- be to deter,focus this proposed carried packages shall be detect, and prevent requirement on the searched for devices such the introduction of objective of the as firearms, explosives, unauthorizedsearch program for and incendiary devices, or firearms,all areas and not other items which could be explosives,limit the search used for radiologicalincendiary devices, function to only sabotage.
or otherprotected and vital unauthorizedareas. The materials andCommission has devices intodetermined that designated areas in because of changes which theto the threat unauthorized items environment, the could be used to focus of protective disable personnel, measures must be to equipment, andprotect any area systems necessary from which the to meet thelicensee capability performanceto meet the objective andperformance requirements of objective and paragraph (b) of requirements of the this section.proposed paragraph (b) of this section could be disabled or destroyed. Sec. 73.55(d)(1) The(h)(1)(ii) TheThis requirement search function forsearch requirements would be retained detection of firearms,for unauthorized with minor explosives, and incendiary firearms,revisions. The devices must beexplosives,phrase ``or other accomplished through the incendiary devices, unauthorized use of both firearms and or othermaterials and explosive detectionunauthorizeddevices'' would be equipment capable ofmaterials andadded to account detecting those devices. devices must be for future accomplishedtechnological through the use of advancements. The equipment capable phrase ``and of detecting these through visual and unauthorized items hands-on physical and through visual searches'' would be and hands-onadded to ensure physical searches, these aspects of as needed to ensure the search process all items areare considered and identified before applied when granting access. needed. (h)(1)(iii) Only This requirement trained andwould be added for qualified members consistency with of the security the current Sec. organization, and 73.55(b)(4)(i), and other trained and clarification for qualified personnel ``observation'' of designated by the search activities licensee, shall by personnel. The perform searchphrase ``other activities or be trained and assigned duties and qualified personnel responsibilities designated by the required to satisfy licensee'' would be observationused to account for requirements for non-security the searchpersonnel who would activities.be assigned search duties relative to supply or warehouse functions or other types of bulk shipments. (h)(2) The licensee This requirement shall establish and would be added for implement written consistency with search procedures the current Sec. for all access73.55(b)(3)(i). control points before granting access to any individual, vehicle, package, delivery, or material. (h)(2)(i) Search This requirement procedures must would be added for ensure that items consistency with possessed by an the current Sec. individual, or73.55(d)(1) contained within a relative to the use vehicle or package, of search equipment must be clearly and to specify a identified as not requirement for the being a prohibited licensee to item beforeidentify items that granting access may be obscured beyond the access from observation by control point for equipment such as X- which the search is ray equipment. This conducted.requirement would ensure that human interaction with search equipment is effective and that assigned personnel are aware of all items observed or are not identified by search equipment. (h)(2)(ii) TheThis requirement licensee shallwould be added for visually andconsistency with physically hand the current Sec. search all73.55(d)(1), individuals,relative to the vehicles, andpurpose of the packages containing search function to items that cannot identify items that be or are notmay be obscured clearly identified from observation by by search equipment. equipment such as X- ray equipment. This proposed requirement intends to ensure that the licensee take appropriate actions to ensure all items granted access to the PA would be identified before granting access. Sec. 73.55(d)(1) Whenever (h)(3) Whenever This requirement firearms or explosivessearch equipment is would be retained detection equipment at a out of service or with minor portal is out of service or is not operating revisions. The not operating
satisfactorily, phrase ``firearms satisfactorily, thetrained andor explosives licensee shall conduct a qualified members detection equipment physical pat-down search of of the security at a portal'' would all persons who wouldorganization shall be replaced with otherwise have been subject conduct a hands-on the phrase ``search to equipment searches.physical search of equipment `` to all individuals, generically vehicles, packages, describe this deliveries, and equipment. The materials thatphrase ``a physical would otherwise pat-down search'' have been subject would be replaced to equipmentwith the phrase ``a searches.hands-on physical search'' to update the language commonly used to describe this activity.[[Page 62710]]
Sec. 73.55(d)(1) When the (h)(4) When anThis requirement licensee has cause toattempt towould be retained suspect that an individual introducewith minor is attempting to introduce unauthorized items revisions to firearms, explosives, or has occurred or is provide additional incendiary devices into suspected, theperformance based protected areas, thelicensee shallrequirements licensee shall conduct a implement actions relative to physical pat-down search of to ensure that the achieving the that individual.suspectdesired results. individuals, vehicles, packages, deliveries, and materials are denied access and shall perform a visual and hands-on physical search to determine the absence or existence of a threat. (h)(5) VehicleThis requirement search procedures would be added to must be performed provide a by at least two (2) performance based properly trained requirement for and equippedperforming vehicle security personnel, searches. This at least one of proposed whom is positioned requirement would to observe theensure that search process and unauthorized provide a timely activities would be response toidentified and a unauthorizedtimely response activities ifwould be initiated necessary.at a vehicle search area, to include an armed response. Based on changes to the threat environment, the Commission has determined that this requirement would facilitate achievement of the performance objective and requirements of the proposed paragraph (b) of this section. Sec. 73.55(d)(4) Vehicle (h)(6) Vehicle areas This requirement areas to be searched shall to be searched must would be retained include the cab, engine include, but are with minor compartment, undercarriage, not limited to, the revisions. and cargo area.cab, engine compartment, undercarriage, and cargo area. (h)(7) VehicleThis requirement search checkpoints would be added to must be equipped provide additional with videoperformance based surveillancerequirements equipment that must relative to be monitored by an achieving the individual capable desired results for of initiating and vehicle searches at directing a timely any location response todesignated for the unauthorizedperformance of activity.vehicle searches. To satisfy this proposed requirement, the individual assigned to monitor search activities need not be located in the CAS or SAS, but rather may be located in any position from which the monitoring and notification requirements of this section could be assured. Sec. 73.55(d)(1) * * * (h)(8) Exceptions to This requirement except bona fide Federal, the searchwould retain, State, and local lawrequirements of combine, and revise enforcement personnel on this section must two current official duty to thesebe submitted to the requirements Sec. equipment searches upon Commission for73.55(d)(1) and (4) entry into a protected area. prior review and to generically Sec. 73.55(d)(4) * * * approval and must account for those except under emergencybe identified in instances where conditions, shall bethe approvedsearch requirements searched for items which security plans. would not be met could be used for sabotage
before granting purposes prior to entry
access beyond a into the protected area.
physical barrier. This proposed requirement would require that the licensee specify in the approved plans the specific circumstances under which search requirements would not be satisfied. Sec. 73.55(d)(3) * * * (h)(8)(i) Vehicles This requirement except those Commission and items that may would be retained approved delivery andbe excepted from and revised. Most inspection activitiesthe searchsignificantly, this specifically designated by requirements of requirement would the licensee to be carried this section must be revised to out within vital orbe escorted by an ensure that protected areas for reasons armed individual vehicles and items of safety, security orwho is trained and excepted from operational necessity.equipped to observe search requirements offloading andbefore entry into perform searchthe protected area activities at the are escorted by an final destination armed individual within theand searched when protected area. offloaded to provide assurance that unauthorized personnel and items would be detected and reported. Sec. 73.55(d)(4) * * * to (h)(8)(ii) To the This requirement the extent practicable, extent practicable, would be retained shall be off loaded in the items excepted from with minor protected area at asearch must be off revision. specific designatedloaded only at materials receiving area specified receiving that is not adjacent to a areas that are not vital area.
adjacent to a vital area. (h)(8)(iii) The This requirement excepted items must would be added to be searched at the provide a receiving area and performance based opened at the final requirement that destination by an would ensure that individual familiar the proposed with the items. requirement for search is met at the receiving area. Sec. 73.55(i) This header would be Detection andadded for assessment systems.. formatting purposes.[[Page 62711]]
(i)(1) The licensee This requirement shall establish and would be added for maintain anconsistency with intrusion detection the current and assessmentrequirement of 10 system that must CFR 73.55(e)(1) and provide, at all the proposed Sec. times, the73.55(b)(2) through capability for(4). The phrase early detection and ``intrusion assessment ofdetection and unauthorizedassessment system'' persons andwould be intended activities.to describe all components (i.e., personnel, procedures, and equipment) designated by the licensee as performing a function(s) required to detect or assess unauthorized activities in any area to which access must be controlled to meet Commission requirements. The term ``system'' refers to how these components interact to satisfy Commission requirements. This proposed requirement does not mandate specific intrusion detection equipment for any specific area, but rather requires that the system provide detection and assessment capabilities that meet Commission requirements. The phrase ``at all times'' is used to describe the Commission's view that the licensee must have in place and operational a mechanism by which all threats will be detected and an appropriate response initiated, at any time. The Commission does not mean to suggest that a failure of any component of a system would constitute an automatic non- compliance with this proposed requirement provided the failure is identified and compensatory measures are implemented within a time frame consistent with the time lines necessary to prevent exploitation of the failure, beginning at the time of the failure. Sec. 73.55(e)(1) All(i)(2) Intrusion This requirement alarms required pursuant to detection equipment would be retained this part must annunciate must annunciate, with three in a continuously manned and videosignificant central alarm stationassessmentrevisions. The most located within theequipment images significant protected area and in at shall display,revision would be least one otherconcurrently in at the deletion of the continuously manned station least twocurrent language not necessarily onsite, so continuouslythat describes that a single act cannot staffed onsitewhere the secondary remove the capability of alarm stations, at alarm station may calling for assistance or least one of which be located. Because otherwise responding to an must be protected of changes to the alarm.
in accordance with threat environment the requirements of the Commission has paragraphsdetermined that to (e)(6)(v),ensure the (e)(7)(iii), and functions required (i)(8)(ii) of this to be performed by section.the central alarm are maintained, both alarm stations must be located onsite. As all current licensees have their secondary alarm station onsite, the Commission has determined that deletion of the ``not necessarily onsite'' provision, would have no impact. The second significant revision is the addition of the word ``concurrently'' to provide a performance based requirement that focuses on the need to ensure that both alarm station operators are notified of a potential threat, are capable of making a timely and independent assessment, and have equal capabilities to ensure that a timely response is made. This proposed requirement would be necessary for consistency with the current requirement to protect against a single act. The third significant revision would be the addition of the phrase ``and video assessment equipment images shall display'' to add a performance based requirement that focuses on the relationship between detection and assessment.[[Page 62712]]
(i)(3) TheThis requirement licensee'swould be added to intrusion detection provide performance system must bebased requirements designed to ensure consistent with the that both alarm current Sec. station operators: 73.55(e)(1), and (i)(3)(i) Arethe proposed concurrentlyrequirements of notified of the this proposed alarm annunciation. section. The (i)(3)(ii) Areproposed capable of making a requirement for timely assessment dual knowledge and of the cause of dual capability each alarmwithin both alarm annunciation.stations provides a (i)(3)(iii) Possess defense-in-depth the capability to component initiate a timely consistent with the response inproposed accordance with the requirement for approved security protection against plans, licensee a single act. protective strategy, and implementing procedures. Based on changes to the threat environment the Commission has determined this proposed requirement is a prudent clarification of current requirements necessary to facilitate the licensee capability to achieve the performance objective of the proposed paragraph (b)(1) of this section. (i)(4) Both alarm This requirement stations must be would be added for equipped withconsistency with equivalentthe current Sec. capabilities for 73.55(e)(1) and the detection andproposed communication, and requirements for must be equipped defense-in-depth with functionally and protection equivalentagainst a single assessment,act. The word monitoring,``equivalent'' observation, and would require the surveillancelicensee to provide capabilities to both alarm stations support thewith detection and effectivecommunication implementation of equipment that the approvedensures each alarm security plans and station operator is the licenseeknowledgeable of an protective strategy alarm annunciation in the event that at each alarm point either alarmand zone, and can station is disabled. communicate the initiation of an appropriate response to include the disposition of each alarm. The phrase ``functionally equivalent'' would require that both alarm stations be equally equipped to perform those assessment, surveillance, observation, and monitoring functions needed to support the effective implementation of the licensee protective strategy. This proposed requirement would clarify the Commission expectation that those video technologies and capabilities used to support the effective implementation of the approved security plans and the licensee protective strategy are equally available for use by both alarm station operators to ensure that the functions of detection, assessment, and communications can be effectively maintained and utilized in the event that one or the other alarm station is disabled. Based on changes to the threat environment the Commission has determined that this proposed requirement is a prudent and necessary clarification of current requirements and Commission Orders necessary to ensure the performance objective and requirements of the proposed paragraph (b) of this section are met. Sec. 73.55(e)(1) * * * so (i)(4)(i) TheThis requirement that a single act cannot licensee shallwould be retained remove the capability of ensure that aand revised to calling for assistance or single act cannot provide additional otherwise responding to an remove theclarification alarm.
capability of both regarding the alarm stations to critical functions detect and assess determined unauthorizedessential and which activities, respond must be maintained to an alarm, summon to carry out an offsite assistance, effective response implement theto threats protectiveconsistent with the strategy, provide proposed command andperformance control, orobjective and otherwise prevent requirements of significant core paragraph (b) of damage and spent this section. fuel sabotage.
[[Continued on page 62713]]
From the Federal Register Online via GPO Access [wais.access.gpo.gov] ]
[[pp. 62713-62762]] Power Reactor Security Requirements[[Continued from page 62712]]
[[Page 62713]]
Sec. 73.55(e)(1) Onsite (i)(4)(ii) The alarm This requirement secondary power supplystation functions would retain the systems for alarmin paragraph (i)(4) current requirement annunciator equipment * * *. of this section for secondary power must remainwith two operable from an significant uninterruptible revisions. First, backup power supply the phrase in the event of the ``annunciator loss of normalequipment'' would power.
be replaced with the phrase ``alarm station functions'' to ensure that the equipment required by each alarm station to fulfill its assigned functions, are available and operational without interruption due to a loss of normal power. Second, the word ``uninterruptible'' would be added to clarify the Commission's view that the operation of detection and assessment equipment must be maintained without interruption, in the event of a loss of normal power. Backup power supply for non-portable communication equipment is addressed in the proposed paragraph (j)(5) of this section. Based on changes to the threat environment, the Commission has determined that this proposed requirement is prudent and necessary to facilitate achievement of the performance objective and requirements of the proposed paragraph (b) of this section. (i)(5) Detection. This requirement Detectionwould be added for capabilities must consistency with be provided bythe current Sec. security73.55(c)(4) and to organizationprovide a personnel andperformance based intrusion detection requirement for equipment, anddetection equipment shall be defined in to be capable of implementingoperating under procedures.known/normal site Intrusion detection conditions such as equipment must be heat, wind, capable ofhumidity, fog, operating ascold, snowfall, intended under the etc. Equipment conditionsfailure and encountered at the abnormal or severe facility.weather cannot always be predicted but compensatory measures would be required in accordance with the proposed requirements of this section to ensure compliance. (i)(6) Assessment. This requirement Assessmentwould be added for capabilities must consistency with be provided bythe current Sec. security73.55(c)(4) and to organizationprovide a personnel and video performance based assessmentrequirement for equipment, andassessment shall be described equipment to be in implementing capable of procedures. Video operating under assessmentknown/normal site equipment must be conditions such as capable ofheat, wind, operating ashumidity, fog, intended under the cold, snowfall, conditionsetc. Equipment encountered at the failure and facility and must abnormal or severe provide videoweather cannot images from which always be predicted accurate and timely but compensatory assessments can be measures would be made in response to required in an alarmaccordance with the annunciation or proposed other notification requirements of of unauthorized this section to activity.ensure compliance. (i)(7) The licensee This requirement intrusion detection would be added for and assessmentformatting system must:purposes. (i)(7)(i) Ensure This requirement that the duties and would be added to responsibilities provide a assigned toperformance based personnel, the use requirement of equipment, and relative to the the implementation design of the of procedureslicensee detection provides theand assessment detection andsystem and to assessmentclarify that this capabilitiessystem would necessary to meet include all three the requirements of components. paragraph (b) of this section. Sec. 73.55(e)(2) The(i)(7)(ii) Ensure This requirement annunciation of an alarm at that annunciation would be retained the alarm stations shall of an alarmwith minor indicate the type of alarm indicates the type revision. The (e.g., intrusion alarms, and location of the phrase ``at the emergency exit alarm, etc.) alarm.
alarm stations'' and location.
and the listed examples would be deleted because they would no longer be needed. Sec. 73.55(e)(2) All alarm (i)(7)(iii) Ensure This requirement devices includingthat alarm devices, would be retained transmission lines toto includewith minor revision annunciators shall betransmission lines for formatting tamper indicating and self- to annunciators, purposes. checking.
are tamper indicating and self- checking.[[Page 62714]]
(i)(7)(iv) Provide This requirement visual and audible would be added for alarm annunciation consistency with and concurrentthe proposed video assessment requirement for capability to both equivalent alarm stations in a capabilities in manner that ensures both alarm timely recognition, stations. The acknowledgment and phrase ``visual and response by each audible'' would alarm stationprovide redundancy operator into ensure that each accordance with alarm would be written response recognized and procedures.acknowledged when received. Sec. 73.55(e)(2) * * * (i)(7)(v) Provide an This requirement e.g., an automaticautomaticwould be retained indication is provided when indication when the with minor revision failure of the alarm system alarm system or a for formatting or a component occurs, or component of the purposes. when the system is onalarm system fails, standby power.
or when the system is operating on the backup power supply. Sec. 73.70(f) A record at (i)(7)(vi) Maintain This requirement each onsite alarma record of all would be added for annunciation location of alarm
consistency with each alarm, false alarm, annunciations, the Sec. 73.70(f). alarm check, and tamper cause of eachThe Commission indication that identifies alarm, and theexpects that this the type of alarm,disposition of each record would be a location, circuit, date, alarm.
commonly maintained and time. In addition,
record in details of response by
electronic form facility guards and
which is generated watchmen to each alarm,
as an automatic intrusion, or other
function of the incident shall be recorded.
intrusion detection system. (i)(8) AlarmThis header would be stations.added for formatting purposes. Sec. 73.55(e)(1) All(i)(8)(i) Both alarm This requirement alarms required pursuant to stations must be would retain the this part must annunciate continuouslycurrent requirement in a continuously manned staffed by at least Sec. 73.55(e)(1) central alarm stationone trained and for continuously located within thequalified member of staffed alarm protected area and in at the securitystations and would least one otherorganization.be revised to continuously manned station
describe the * * *.
necessary qualifications that would be required of the assigned individuals. Sec. 73.55(e)(1) The(i)(8)(ii) TheThis requirement onsite central alarminterior of the would be retained station must be located central alarmwith minor within a building in such a station must not be revision. Most manner that the interior of visible from the significantly, the the central alarm station perimeter of the phrase ``located is not visible from the protected area. within a building'' perimeter of the protected
would be deleted area.
because it would be considered unnecessary. Sec. 73.55(e)(1) This (i)(8)(iii) The This requirement station must not contain licensee may not would be retained any operational activities permit anywith minor that would interfere with activities to be revisions to the execution of the alarm performed within provide a response function.either alarmperformance based station that would requirement interfere with an regarding the alarm stationprimary duties operator's ability required to satisfy to effectivelythe current execute assigned requirement detection,``execution of the assessment,alarm response surveillance, and function.'' communication duties and responsibilities. (i)(8)(iv) TheThis requirement licensee shallwould be added for assess and respond consistency with to all alarms and current other indications requirements. The of unauthorized specific activities inrequirements of the accordance with the current Sec. approved security 73.55(h)(4) are plans andretained in detail implementingin the proposed procedures.appendix C to part 73. (i)(8)(v) TheThis requirement licenseewould be added for implementingconsistency with procedures must related ensure that both requirements of alarm stationthis proposed operators aresection and to knowledgeable of ensure that the all alarmlicensee provides a annunciations,process by which assessments, and both alarm station final disposition operators are of all alarms, to concurrently made include but not aware of each alarm limited to aand are prohibition from knowledgeable of changing the status how each alarm is of a detectionresolved and that point orno one alarm deactivating astation operator locking or access can manipulate control device at a alarm station protected or vital equipment, area portal,communications, or without theprocedures without knowledge andthe knowledge and concurrence of the concurrence of the other alarm station other. operator. (i)(9) Surveillance, This header would be observation, and added for monitoring.formatting purposes. (i)(9)(i) The onsite This requirement physical protection would be added to program mustprovide a include theperformance based capability forrequirement for surveillance,ensuring observation, and surveillance, monitoring in a observation, and manner thatmonitoring provides earlycapabilities in any detection andarea for which assessment ofthese measures are unauthorizednecessary to meet activities.the requirements of this proposed section.[[Page 62715]]
(i)(9)(ii) TheThis requirement licensee shallwould be added to provide continual provide a surveillance,performance based observation, and requirement for monitoring of all ensuring areas identified in surveillance, the approvedobservation, and security plans as monitoring requiringcapabilities in any surveillance,area for which observation, and these measures are monitoring tonecessary to meet ensure earlythe requirements of detection ofthis proposed unauthorizedsection. The word activities and to ``continual'' would ensure themean regularly integrity ofrecurring actions physical barriers such that or other components designated areas of the onsitewould be checked at physical protection intervals program.sufficient to ensure the detection of unauthorized activities. (i)(9)(ii)(A)This requirement Continualwould be added to surveillance,provide necessary observation, and qualifying monitoringrequirements for responsibilities performance of must be performed observation and by securitymonitoring personnel during activities. The routine patrols or word ``continual'' by other trained would mean the same and equippedas used in the personnelproposed paragraph designated as a (i)(9)(ii) of this component of the section. protective strategy. (i)(9)(ii)(B)This requirement Surveillance,would be added to observation, and provide a monitoringperformance based requirements may be requirement for accomplished by ensuring that direct observation surveillance, or video technology. observation, and monitoring capabilities that may be met through the use of video technology or direct human observation. (i)(9)(iii) The This requirement licensee shallwould be added to provide randomfocus a performance patrols of allbased requirement accessible areas on the protection containing target of target set set equipment.equipment. Target set equipment would be addressed in detail in the proposed paragraph (f) of this section. The term ``random'' provides flexibility to the licensee and requires patrols at unpredictable times within predetermined intervals to deter exploitation of periods between patrols. The phrase ``accessible areas'' would exclude areas such as locked high radiation areas or other such areas containing a significant safety concern that would preclude the conduct of the patrol function. (i)(9)(iii)(A) Armed This requirement security patrols would be added to shall periodically focus on the items check designated that, because of areas and shall changes to the inspect vital area threat environment, entrances, portals, the Commission has and externaldetermined would barriers.require focus by armed security patrols. The term ``periodically'' provides flexibility to the licensee. The phrase ``designated areas'' means any area identified by the licensee as requiring an action to meet the proposed requirements of this section. (i)(9)(iii)(B)This requirement Physical barriers would be added for must be inspected consistency with at random intervals the current to identifyrequirement Sec. tampering and73.55(g)(1) and to degradation.focus on verifying the integrity of physical barriers to ensure that the barrier would perform as expected. The word ``random'' would mean that the required inspection would be performed at unpredictable times to deter exploitation of periods between inspections. Sec. 73.55(b)(4)(i) The (i)(9)(iii)(C)This requirement licensee may not permit an Security personnel would be added for individual to act as ashall be trained to consistency with guard, watchman, armedrecognizethe current response person, or other indications ofrequirement Sec. member of the securitytampering as73.55(b)(4)(i) to organization unless the necessary toprovide necessary individual has beenperform assigned focus on the threat trained, equipped, andduties andof tampering and qualified to perform each responsibilities as the need to ensure assigned security job duty. they relate tothat personnel are safety and security trained to systems andrecognize it. equipment. (i)(9)(iv)This requirement Unattended openings would be added to that are notprovide a monitored byperformance based intrusion detection requirement to equipment must be ensure that observed byunattended openings security personnel that cross a at a frequency that security boundary would preventestablished to meet exploitation of the proposed that opening.requirements of this section would not be exploited by the design basis threat of radiological sabotage to include the use of tools to enlarge the opening.[[Page 62716]]
Sec. 73.55(h)(4) Upon (i)(9)(v) UponThis requirement detection of abnormaldetection ofwould be retained presence or activity of unauthorizedwith minor revision persons or vehicles * * *, activities,to provide the licensee securitytampering, or other flexibility for the organization shall * * *. threats, thelicensee to licensee shalldetermine if all or initiate actions only part of the consistent with the protective strategy approved security capabilities would plans, the licensee be needed for a protectivespecific event. The strategy, andphrase ``abnormal implementingpresence or procedures.activity of persons or vehicles'' would be replaced with the phrase ``unauthorized activities, tampering, or other threats'' to clarify the types of activities that would be expected to warrant a response by the licensee. (i)(10) VideoThis header would be technology.added for formatting purposes. (i)(10)(i) TheThis requirement licensee shallwould be added for maintain inconsistency with operable condition the current all videorequirement Sec. technology used to 73.55(g)(1) and satisfy thewould provide a monitoring,performance based observation,requirement for surveillance, and ensuring video assessmenttechnology is requirements of operating and this section.available when needed. (i)(10)(ii) Video This header would be technology must be: added for formatting purposes. (i)(10)(ii)(A)This requirement Displayedwould be added for concurrently at consistency with both alarm stations. the other proposed requirements for dual alarm stations and would focus on the need for video technology to be provided to both alarm stations at the same time to ensure that an assessment would be made and a timely response would be initiated. (i)(10)(ii)(B)This requirement Designed to provide would be added for concurrentconsistency with observation,the other proposed monitoring, and requirements for surveillance of dual alarm stations designated areas and would focus on from which an alarm the need for the annunciation or a same capabilities notification of to be provided to unauthorizedboth to ensure activity isobservation, received.monitoring, and surveillance requirements are met. (i)(10)(ii)(C)This requirement Capable ofwould be added to providing a timely provide a visual display from performance based which positiverequirement for recognition and video technology assessment of the which focuses on detected activity the need for clear can be made and a visual images from timely response which accurate and initiated.timely assessment can be made in response to alarm annunciations. Sec. 73.55(h)(6) To(i)(10)(ii)(D) Used This requirement facilitate initial response to supplement and would retain the to detection of penetration limit the exposure current requirement * * * preferably by means of securityto use video of closed circuitpersonnel totechnology to limit television or by otherpossible attack. the exposure of suitable means which limit
security personnel exposure of responding
while performing personnel to possible
security duties attack.
with minor revision to add patrols. (i)(10)(iii) The This requirement licensee shallwould be added to implement controls provide a for personnelperformance based assigned to monitor requirement video technology to relative to ensure thatcontrolling assigned personnel personnel fatigue maintain the level related to extended of alertnessperiods of required tomonitoring video effectively perform technology. The the assigned duties Commission has and
determined that responsibilities. each individual's alertness is critical to the effective use of video technology and the licensee capability to achieve the performance objective of this proposed section. Therefore, licensee work hour controls should ensure that assigned personnel are relieved of these duties and assigned other duties at intervals sufficient to ensure the individual's ability to effectively carry out assigned duties and responsibilities. (i)(11) Illumination This header would be added for formatting purposes.[[Page 62717]]
Sec. 73.55(c)(5) Isolation (i)(11)(i) TheThis requirement zones and all exteriorlicensee shallwould be retained areas within the protected ensure that all and revised. Most area shall be provided with areas of thesignificantly, this illumination sufficient for facility, toproposed the monitoring andinclude appropriate requirement would observation requirements of portions of the expand a paragraphs (c)(3), (c)(4), owner controlled performance based and (h)(4) of this section, area, are provided lighting but * * *.
with illumination requirement to all necessary toareas designated by satisfy thethe licensee as requirements of having a need for this section.detection, assessment, surveillance, observation, and monitoring capabilities in support of the protective strategy and not limit it to only the isolation zone and all exterior areas within the protected area. This requirement would not require deterministic illumination levels but rather would require that illumination levels be sufficient to provide the detection, assessment, surveillance, observation, and monitoring capabilities described by the licensee in the approved security plans. This description would be required to consider the requirements of the proposed (i)(11)(ii) and (iii). Sec. 73.55(c)(5) Isolation (i)(11)(ii) The This requirement zones and all exteriorlicensee shallwould be retained areas within the protected provide a minimum and revised to area shall be provided with illumination level provide a illumination * * * not less of 0.2 footcandle performance based than 0.2 footcandlemeasuredrequirement for measured horizontally at horizontally at illumination. Most ground level.
ground level, in significantly, this the isolation zones proposed and all exterior requirement would areas within the maintain the protected area, or current 0.2 may augment the footcandle lighting facilityrequirement but illuminationwould also provide system, to include flexibility to a patrols,licensee to provide responders, and less than the 0.2 video technology footcandle where with low-lightlow-light technology capable technology would be of meeting theused to maintain detection,the capability to assessment,meet the surveillance,performance level observation,for detection, monitoring, and assessment, responsesurveillance, requirements of observation, this section.monitoring, and response. The word ``or'' would be used specifically to mean that the licensee need satisfy only one of the two options such that the 0.2 footcandle requirement must be met in the isolation zone and all exterior areas within the protected area unless low-light technology is used. However, the word ``augment'' would be used to represent the Commission's view that sole use of low-light technology is not authorized as this approach would be contrary to defense- in-depth and could be susceptible to single failure where a counter technology is developed or used. (i)(11)(iii) The This requirement licensee shallwould be added to describe in the clarify the need approved security for lighting to be plans how thedescribed in the lightingapproved security requirements of plans and how the this section are lighting ``system'' met and, if used, would be used to the type(s) and achieve the application of low- performance light technology objective. used. Sec. 73.55(f)(j) Communication This header would be Communication requirements. requirements.retained. The current requirements under this header are retained and reformatted to individually address each current requirement. Significant revisions would be specifically identified as each current requirement is addressed. Sec. 73.55(f)(1) Each (j)(1) The licensee This requirement guard, watchman or armed shall establish and would be retained response individual on duty maintain,with minor shall be capable ofcontinuousrevision. Most maintaining continuouscommunicationsignificantly, the communication with ancapability with specific language individual in eachonsite and offsite of the current continuously manned alarm resources to ensure requirement would station required byeffective command be revised to a paragraph (e)(1) of this and control during more performance section * * *.
both normal and based requirement. emergencyThe word situations.``continuous'' would be used to mean that a communication method would be available and operating any time it would be needed to communicate information.[[Page 62718]]
Sec. 73.55(f)(1) * * * who (j)(2) Individuals This requirement shall be capable of calling assigned to each would be retained for assistance from other alarm station shall with minor guards, watchmen, and armed be capable ofrevision. Most response personnel and from calling forsignificantly, in local law enforcementassistance inorder to provide authorities.
accordance with the flexibility and to approved security capture the plans, licensee proposed integrated response requirements of plan, and licensee appendix C to part procedures.73 for an Integrated Response Plan, this proposed requirement replaces the specific list of support entities to be called with a performance based requirement to follow predetermined actions. Sec. 73.55(f)(1) Each (j)(3) Each on-duty This requirement guard, watchman or armed security officer, would be retained response individual on duty watchperson,with minor shall be capable ofvehicle escort, and revisions. Most maintaining continuousarmed responsesignificantly, this communication with anforce member shall proposed individual in eachbe capable ofrequirement would continuously manned alarm maintainingupdate the titles station required bycontinuousused to identify paragraph (e)(1) of this communication with the listed section * * *.
an individual in positions and would each alarm station. add ``vehicle escorts'' for consistency with the proposed paragraph (g)(8) of this section. Sec. 73.55(f)(3) To(j)(4) The following This requirement provide the capability of continuouswould be retained continuous communication * communicationwith minor revision * * and shall terminate in capabilities must for formatting each continuously manned terminate in both purposes. alarm station required by alarm stations paragraph (e)(1) of this required by this section.
section: Sec. 73.55(f)(2) The alarm (j)(4)(i)This requirement stations required byConventionalwould be retained paragraph (e)(1) of this telephone service. with minor section shall have
revision. Most conventional telephone
significantly, the service for communication
phrase ``with the with the law enforcement
law enforcement authorities as described in
authorities as paragraph (f)(1) of this
described in section.
paragraph (f)(1) of this section'' would be deleted because site plans and procedures would contain protocols for contacting support personnel and agencies. Sec. 73.55(f)(3) To(j)(4)(ii) Radio or This requirement provide the capability of microwavewould be retained continuous communication, transmitted two-way with minor radio or microwavevoice
revision. Most transmitted two-way voice communication,significantly, the communication, eithereither directly or phrase ``shall be directly or through anthrough anestablished, in intermediary, shall beintermediary.addition to established, in addition to
conventional conventional telephone
telephone service, service, between local law
between local law enforcement authorities and
enforcement the facility and * * *.
authorities and the facility and'' would be deleted because site plans and procedures would contain protocols for contacting support personnel and agencies. (j)(4)(iii) A system This requirement for communication would be added for with all control consistency with rooms, on-dutythe proposed operationsrequirements of personnel, escorts, this section and to local, State, and provide a Federal lawperformance based enforcementrequirement for agencies, and all communications other personnel consistent with the necessary toproposed Integrated coordinate both Response Plan onsite and offsite addressed in the responses.proposed appendix C to part 73. Sec. 73.55(f)(4) Non- (j)(5) Non-portable This requirement portable communications communicationswould be retained equipment controlled by the equipment mustwith minor licensee and required by remain operable revision. Most this section shall remain from independent significantly, the operable from independent power sources in phrase ``controlled power sources in the event the event of the by the licensee and of the loss of normal power. loss of normalrequired by this power.
section'' would be deleted because there would be no requirement for non- portable communications equipment that is not under licensee control or not required by this section. (j)(6) The licensee This requirement shall identify site would be added to areas whereensure the communication could capability to be interrupted or communicate during cannot beboth normal and maintained andemergency shall establish conditions, and to alternativefocus attention on communicationthe requirement measures for these that the licensee areas inmust identify site implementingareas in which procedures.communications could be lost and account for those areas in their procedures. 73.55(h) Response(k) ResponseThis header would be requirement.
requirements.retained. (k)(1) Personnel and This header would be equipment.added for formatting purposes.[[Page 62719]]
(k)(1)(i) TheThis requirement licensee shallwould be added to establish andprovide a maintain, at all performance based times, the minimum requirement for number of properly determining the trained andminimum number of equipped personnel armed responders required toneeded to protect intercept,the facility challenge, delay, against the full and neutralizecapability of the threats up to and design basis including thethreat. The phrase design basis threat ``to intercept, of radiological challenge, delay, sabotage as defined and neutralize in Sec. 73.1, to threats up to and prevent significant including the core damage and design basis threat spent fuel sabotage. of radiological sabotage as defined in Sec. 73.1, to prevent significant core damage and spent fuel sabotage'' would be used for consistency with the proposed paragraphs (b)(2) through (4) of this section. (k)(1)(ii) TheThis requirement licensee shallwould be added to provide andprovide a maintain firearms, performance based ammunition, and requirement to equipment capable ensure that the of performinglicensee provides functionsweapons that are commensurate to the capable of needs of each armed performing the member of thefunctions required securityfor each armed organization to individual to carry out their fulfill their assigned duties and assigned duties per responsibilities in the licensee accordance with the protective approved security strategy. For plans, the licensee example, if an protectiveindividual is strategy,assigned to a implementingposition for which procedures, and the the protective site specificstrategy requires conditions under weapons use at 200 which the firearms, meters, then the ammunition, and assigned weapon equipment will be must be capable of used.
that performance as well as the individual. (k)(1)(iii) The This requirement licensee shallwould be added to describe in the ensure that the approved security licensee provides, plans, all firearms in the approved and equipment to be security plans, a possessed by and description of the readily available weapons to be used to, armed personnel and those equipment to implement the designated as protective strategy readily available. and carry out all assigned duties and responsibilities. This description must include the general distribution and assignment of firearms, ammunition, body armor, and other equipment used. (k)(1)(iv) TheThis requirement licensee shallwould be added to ensure that all provide a firearms,performance based ammunition, and requirement to equipment required ensure the by the protective availability and strategy are in operability of sufficient supply, equipment needed to are in workingaccomplish response condition, and are goals and readily available objectives during for use inpostulated events. accordance with the The term ``readily licensee protective available'' would strategy andmean that required predetermined time firearms and lines.
equipment are either in the individuals possession or at pre-staged locations such that required response time lines are met. (k)(1)(v) TheThis requirement licensee shallwould be added to ensure that all provide a armed members of performance based the securityrequirement to organization are ensure that all trained in thearmed personnel proper use andmeet standard maintenance oftraining program assigned weapons requirements and and equipment in specific training accordance with requirements appendix B to part applicable to the 73.
specific weapons they are assigned, to include the maintenance required for each to ensure operability. The ability for armed personnel to trouble-shoot a problem, such as a jammed round during an actual event, would be considered a critical function necessary to achieve the performance objective.[[Page 62720]]
Sec. 73.55(h)(5) The(k)(2) The licensee This requirement licensee shall instruct shall instruct each would be retained every guard and all armed armed responsewith some revision. response personnel toperson to prevent The term ``guard'' prevent or impede attempted or impede attempted was removed as the acts of theft oracts of theft or term is no longer radiological sabotage by radiologicalused. The phrase using force sufficient to sabotage by using ``or any other counter the force directed force sufficient to circumstances as at him including the use of counter the force authorized by deadly force when the guard directed at that applicable state or other armed response person including law'' would be person has a reasonable the use of deadly added to clarify belief it is necessary in force when thethat applicable self-defense or in thearmed responsestate law specifies defense of others.person has athe conditions reasonable belief under which deadly that the use of force may be deadly force is applied. It is necessary in self- important to note defense or in the that the use of defense of others, deadly force should or any otherbe a last resort circumstances as when all other authorized bylesser measures to applicable state neutralize the law.
threat have failed. The conditions under which deadly force would be authorized are governed by state laws and nothing in this proposed rule should be interpreted to mean or require anything that would contradict such state law. The term ``it'' is replaced with the phrase ``deadly force'' to more clearly describe the action. (k)(3) The licensee This requirement shall provide an would be added to armed response team provide a consisting of both performance based armed responders requirement that and armed security would retain the officers to carry current requirement out responsefor armed duties, withinresponders and add predetermined time a category of armed lines.
security officer to clarify the division of types of armed response personnel and their roles. (k)(3)(i) Armed This header would be responders.added for formatting purposes. Sec. 73.55(h)(3) The total (k)(3)(i)(A) The This requirement number of guards, andlicensee shallwould be retained armed, trained personnel determine theand revised to immediately available at minimum number of remove the specific the facility to fulfill armed responders minimum numbers of these response requirements necessary to10, but no less shall nominally be tenprotect against the than 5, to provide (10), unless specifically design basis threat a performance based required otherwise on a described in Sec. requirement that case by case basis by the 73.1(a), subject to meets the proposed Commission; however, this Commissionrequirement of number may not be reduced approval, and shall paragraph (k)(1)(i) to less than five (5)document thisof this section. guards.
number in theThis proposed approved security requirement would plans.
ensure that the licensee would provide the requisite number of armed responders needed to carry-out the protective strategy, the effectiveness of which would be evaluated through annual exercises and triennial exercises observed by the Commission. Sec. 73.55(h)(3) The total (k)(3)(i)(B) Armed This requirement number of guards, andresponders shall be would be retained armed, trained personnel available at all and revised. Most immediately available at times inside the significantly, this the facility to fulfill protected area and proposed these response requirements may not be assigned requirement would * * *.
any other duties or specify the responsibilities conditions that that couldmust be met to interfere withsatisfy the meaning assigned response of the word duties.``available'' as used. (k)(3)(ii) Armed This header would be security officers. added for formatting purposes. (k)(3)(ii)(A) Armed This requirement security officers would be added to designated toprovide a strengthen response performance based capabilities shall requirement for the be onsite andlicensee to available at all identify a new times to carry out category of armed assigned response personnel to be duties.used to supplement and support the armed responders identified in the proposed paragraph (k)(3)(ii)(A) of this section. Sec. 73.55(h)(3) The total (k)(3)(ii)(B) The This requirement number of guards, andminimum number of would be added to armed, trained personnel armed securityrequire licensees immediately available at officers must be to document the the facility to fulfill documented in the number of armed these response requirements approved security security officers shall nominally be * * *. plans.
to be used. (k)(3)((iii) The This requirement licensee shallwould be added for ensure thatconsistency with training andthe current qualificationrequirement Sec. requirements73.55(b)(4)(ii) for accurately reflect an approved T&Q the duties andplan and the responsibilities to current requirement be performed.for licensees to document how these personnel are to be trained and qualified.[[Page 62721]]
(k)(3)(iv) TheThis requirement licensee shallwould be added for ensure that all consistency with firearms,the current Sec. ammunition, and 73.55(g)(1) to equipment needed ensure that all for completing the firearms and actions described equipment required in the approved by each member of security plans and the armed response licensee protective team would be strategy areoperable and in the readily available possession of or and in workingavailable at pre- condition.staged locations, to ensure that each individual is able to meet the time lines specified by the protective strategy. This includes those equipment designated as readily available. (k)(4) The licensee This requirement shall describe in would be added to the approvedprovide regulatory security plans, consistency for the procedures forperiod of time a responding to an licensee may not unplanned incident meet the minimum that reduces the numbers stated in number of available the approved plans armed response team because of illness members below the or injury to an minimum numberassigned individual documented by the or individuals licensee in the while on-duty. approved security plans. (k)(5) Protective This requirement Strategy. Licensees would be added to shall develop,provide a maintain, andperformance based implement a written requirement for the protective strategy development of a in accordance with protective strategy the requirements of that specifies how this section and the licensee will appendix C to this utilize onsite and part.
offsite, the resources to ensure the performance objective of how the proposed paragraph (b) of this section is met. (k)(6) The licensee This proposed shall ensure that requirement would all personnelbe added to ensure authorizedthat both security unescorted access and non-security to the protected organization area are trained personnel are and understandtrained to their roles and recognize and responsibilities respond to hostage during security and duress incidents, tosituations. This include hostage and proposed training duress situations. would also include the specific actions to be performed during these postulated security events. Sec. 73.55(h)(4) Upon (k)(7) Upon receipt This requirement detection of abnormalof an alarm orwould be retained presence or activity of other indication of and revised for persons or vehicles within threat, theconsistency with an isolation zone, alicensee shall: the proposed protected area, material
requirements of access area, or a vital
this section. area; or upon evidence or
Reference to the indication of intrusion
specific site areas into a protected area, a
would be deleted material access area, or a
because the vital area, the licensee
performance based security organization
requirements of shall:
this proposed section would be applicable to all facility areas, and therefore such reference would not be needed. Sec. 73.55(h)(4)(i)(k)(7)(i) Determine This requirement Determine whether or not a the existence of a would be retained threat exists,
threat inwith minor accordance with revision. assessment procedures. Sec. 73.55(h)(4)(ii)(k)(7)(ii) Identify This requirement Assess the extent of the the level of threat would be retained threat, if any,present through the with minor use of assessment revision. methodologies and procedures. Sec. 73.55(h)(4)(iii)(A) (k)(7)(iii)This requirement Requiring responding guards Determine thewould be retained or other armed response response necessary with revision for personnel to interposeto intercept,consistency with themselves * * *.challenge, delay, the proposed and neutralize the paragraph (b) of threat inthis section. accordance with the requirements of appendix C to part 73, the Commission- approved safeguards contingency plan, and the licensee response strategy. Sec. 73.55(h)(4)(iii)(B) (k)(7)(iv) Notify This requirement Informing local lawoffsite support would be retained enforcement agencies of the agencies such as with revision for threat and requestinglocal lawconsistency with assistance.
enforcement, in the Integrated accordance with Response Plan. site procedures. Sec. 73.55(h)(2) The(k)(8) LawThis requirement licensee shall establish enforcementwould be retained and document liaison with liaison. Thewith minor local law enforcementlicensee shallrevision. Most authorities.
document andsignificantly, this maintain current proposed agreements with requirement local, state, and addresses the need Federal lawto identify the enforcementresources and agencies, toresponse times to include estimated be expected in response times and order to facilitate capabilities.planning development.[[Page 62722]]
(l) Facilities using This paragraph would mixed-oxide (MOX) be added to provide fuel assemblies. In general provisions addition to the for the onsite requirementsphysical protection described in this of unirradiated section formixed oxide (MOX) protection against fuel assemblies in radiologicalrecognition of the sabotage, operating fact that some commercial nuclear nuclear power power reactorsreactor facilities licensed under 10 currently have CFR parts 50 or 52 chosen or may and using special choose to possess nuclear material in and utilize this the form of MOX type of special fuel assemblies nuclear material at shall protecttheir sites. unirradiated MOX Because weapons fuel assemblies grade plutonium is against theft or utilized in the diversion.fabrication of MOX fuel assemblies, the Commission has determined that a threat of theft applies and that it is prudent and necessary to apply certain security measures for MOX fuel that are in addition to those that are currently required at other nuclear power reactor facilities. Therefore, the requirements proposed in this paragraph are provided to ensure that these additional requirements are identified and met by those licensees who have chosen or may choose to utilize MOX fuel. (l)(1) Licensees This requirement shall protect the would be added to unirradiated MOX identify fuel assemblies applicability of against theft or this paragraph. diversion in accordance with the requirements of this section and the approved security plans. (l)(2) Commercial This requirement nuclear powerwould be added reactors using MOX because the fuel assemblies are Commission has exempt from the determined that due requirements of to the low Sec. Sec. 73.20, plutonium 73.45, and 73.46 concentration, for the onsitecomposition of the physical protection MOX fuel, and of unirradiated MOX configuration (size fuel assemblies. and weight) of the assemblies, the physical security protection measures identified in the listed regulations are superceded by those requirements addressed in this proposed section for unirradiated MOX fuel assemblies at nuclear power reactor facilities. (l)(3)
This header would be Administrativeadded for controls.formatting purposes. (l)(3)(i) TheThis requirement licensee shallwould be added to describe in the ensure that the approved security licensee describes plans, thethe onsite physical operational and protection measures administrativein the approved controls to besecurity plans. implemented for the receipt, inspection, movement, storage, and protection of unirradiated MOX fuel assemblies. (l)(3)(ii) TheThis requirement licensee shallwould be added to implement the use provide assurance of tamper-that the indicating devices unirradiated fuel for unirradiated assemblies were not MOX fuel assembly accessed during transport and shall transport. verify their use and integrity before receipt. (l)(3)(iii) Upon This requirement delivery ofwould be added for unirradiated MOX formatting fuel assemblies, purposes. the licensee shall: (l)(3)(iii)(A)This requirement Inspectwould be added to unirradiated MOX ensure that fuel assemblies for unirradiated MOX damage.fuel assemblies are in an acceptable condition before use or storage. (l)(3)(iii)(B)This requirement Search unirradiated would be added to MOX fuel assemblies ensure that no for unauthorized unauthorized materials.materials were introduced within the unirradiated MOX fuel assembly during transport. (l)(3)(iv) TheThis requirement licensee maywould be added to conduct theprovide a required inspection performance based and searchrequirement that functionsprovides simultaneously. flexibility for accomplishment of the proposed requirements. (l)(3)(v) TheThis requirement licensee shallwould be added for ensure the proper formatting placement andpurposes. control of unirradiated MOX fuel assemblies as follows:[[Page 62723]]
(l)(3)(v)(A) At This requirement least one armed would be added to security officer, provide deterrence in addition to the and immediate armed armed response team response to required byattempts of theft paragraphs (h)(4) or tampering. This and (h)(5) ofproposed armed appendix C to part responder's duty 73, shall bewould be solely to present during the observe and protect receipt andthe unirradiated inspection ofMOX fuel assemblies unirradiated MOX upon receipt and fuel assemblies. before storage. (l)(3)(v)(B) The This requirement licensee shallwould be added to store unirradiated reduce the risk of MOX fuel assemblies theft by providing only within a spent three delay fuel pool, located barriers before within a vitalgaining area, so thatunauthorized access access to theto the MOX fuel unirradiated MOX assembles while in fuel assemblies storage. requires passage through at least three physical barriers. (l)(3)(vi) TheThis requirement licensee shallwould be added to implement aensure that a material control material control and accountability and accountability program for the program would be unirradiated MOX established and fuel assemblies implemented and that includes a would focus on predetermined and recordkeeping which documented storage describes the location for each inventory and unirradiated MOX location of the fuel assembly.SSNM within the assemblies. (l)(3)(vii) Records This requirement that identify the would be added to storage locations ensure restricted of unirradiated MOX access to records fuel assemblies are which describe or consideredidentify the safeguardslocation of information and unirradiated MOX must be protected fuel assemblies and stored inwithin the spent accordance with fuel pool. Sec. 73.21. (l)(4) Physical This header would be controls.added for formatting purposes. (l)(4)(i) TheThis requirement licensee shall lock would be added to or disable allprovide a equipment and power performance based supplies torequirement for equipment required administrative for the movement controls over and handling of equipment and power unirradiated MOX supplies to fuel assemblies. equipment required to physically move the unirradiated MOX fuel assemblies to ensure that at least two security measures must be disabled before this equipment could be used. (l)(4)(ii) TheThis requirement licensee shallwould be added to implement a two- provide an person line-of- administrative sight rule whenever control to reduce control systems or the risk of the equipment required insider threat and for the movement or theft. handling of unirradiated MOX fuel assemblies must be accessed. (l)(4)(iii) The This requirement licensee shallwould be added to conduct randomprovide patrols of areas surveillance containingactivities for the unirradiated MOX detection of fuel assemblies to unauthorized ensure theactivities that integrity ofwould pose a threat barriers and locks, to MOX fuel deter unauthorized assemblies in activities, and to addition to any identifysimilar indications ofrequirements of tampering.this proposed section. (l)(4)(iv) Locks, This requirement keys, and any other would be added to access controlensure that the device used tosecurity secure equipment organization would and power sources be responsible for required for the the administrative movement ofcontrols over unirradiated MOX access control fuel assemblies or devices. openings to areas containing unirradiated MOX fuel assemblies must be controlled by the security organization. (l)(4)(v) Removal of This requirement locks used towould be added to secure equipment ensure that both and power sources the licensee required for the security and movement ofoperations unirradiated MOX management level fuel assemblies or personnel would be openings to areas responsible for the containingremoval of locks unirradiated MOX securing MOX fuel fuel assemblies assemblies. must require approval by both the on-duty security shift supervisor and the operations shift manager. (l)(4)(v)(A) At This requirement least one armed would be added to security officer ensure that shall be present to immediate armed observe activities response capability involving theis provided before movement ofaccessing equipment unirradiated MOX used to move fuel assemblies unirradiated MOX before the removal fuel assemblies. of the locks and providing power to equipment required for the movement or handling of unirradiated MOX fuel assemblies.[[Page 62724]]
(l)(4)(v)(B) At This requirement least one armed would be added to security officer ensure that shall be present at immediate armed all times until response capability power is removed is provided during from equipment and any activity locks are secured. involving the use of equipment used to move unirradiated MOX fuel assemblies. (l)(4)(v)(C)This requirement Security officers would be added to shall be trained ensure that and knowledgeable assigned security of authorized and officers possess unauthorizedthe capability to activitiesimmediately involvingrecognize, report, unirradiated MOX and respond to fuel assemblies. unauthorized activities involving unirradiated MOX fuel assemblies. (l)(5) At least one This requirement armed securitywould be added to officer shall be ensure physical present and shall protection of maintain constant unirradiated MOX surveillance of fuel assemblies unirradiated MOX when not located fuel assemblies within an area that when the assemblies meets the three are not located in barrier requirement the spent fuel pool of this proposed or reactor.rule. (l)(6) The licensee This requirement shall maintain at would be added for all times theconsistency with capability tothe proposed detect, assess, paragraph (b) of intercept,this section. challenge, delay, and neutralize threats to unirradiated MOX fuel assemblies in accordance with the requirements of this section. (m) Digital computer This header would be and communication added for networks.formatting purposes. (m)(1) The licensee This requirement shall implement a would be to ensure cyber-securitythat nuclear power program thatplants are provides highprotected from assurance thatcyber attacks via computer systems, minimizing the which ifpotential attack compromised would pathway and the likely adversely consequences impact safety,arising from a security, andsuccessful cyber emergencyattack. preparedness, are protected from cyber attacks. (m)(1)(i) TheThis requirement licensee shallwould be added to describe the cyber- ensure licensees security program have a requirements in the comprehensive approved security security plan by plans.
integrating cyber- security into the overall onsite physical protection program. As licensees take advantage of computer technology to maximize plant productivity, the role of computer systems at nuclear power plants is increasing. Therefore, the Commission has determined that incorporation of a cyber-security program into the Commission-approved security plans would be a prudent and necessary security enhancement. (m)(1)(ii) TheThis requirement licensee shallwould be added to incorporate the ensure that the cyber-securitycomputer systems program into the used in onsite onsite physical physical protection protection program. systems are protected from cyber attacks. With advancements in computer technology, many systems in nuclear power plants rely on computers to perform their functions, including some security functions. Therefore, the Commission has determined that the integration of security measures covering these systems would be a prudent and necessary action. (m)(1)(iii) The This requirement cyber-securitywould be added to program must be ensure licensees designed to detect actively and and prevent cyber proactively secure attacks ontheir plants from protected computer cyber attacks. The systems.Commission has determined that because specific cyber threats and the people who seek unauthorized access to, or use of computers are constantly changing, protected computer systems must be protected against these attacks and mitigation measures implemented. (m)(2) Cyber-This requirement securitywould be added to assessment. The require licensees licensee shallto systematically implement a cyber- determine the security assessment status of their program toplant's cyber risks systematicallyand identify assess and manage vulnerabilities cyber risks.that need to be mitigated to reduce risks to acceptable levels. (m)(3) Policies, This header would be requirements, and added for procedures.formatting purposes.[[Page 62725]]
(m)(3)(i) TheThis requirement licensee shallwould be added to apply cyber-create a computer securitysecurity program requirements and that establishes policies thatspecific goals and identify management assigns expectations and responsibilities to requirements for employees to meet the protection of those goals. computer systems. (m)(3)(ii) TheThis requirement licensee shallwould be added to develop andensure the licensee maintaindevelops, implementingimplements, and procedures toenforces, detailed ensure cyber-guidance documents securitythat licensee requirements and employees would be policies arerequired to follow implementedto meet the stated effectively.security goals. (m)(4) Incident This header would be response andadded for recovery.formatting purposes. (m)(4)(i) TheThis requirement licensee shallwould be added to implement a cyber- ensure that each security incident licensee would be response andprepared to respond recovery plan to to computer minimize thesecurity incidents adverse impact of a in a manner that cyber-securityensures that plants incident on safety, are safe and security, orsecure. A computer emergencysecurity incident preparednesscould result from a systems.computer virus, other malicious code, or a system intruder, either an insider or as a result of an external attack and could adversely impact the licensee's ability to effectively maintain safety, security, or emergency preparedness. Without an incident response and recovery plan, licensees would respond to a computer security incident in an ad hoc manner. However with an incident response and recovery plan, licensees would respond to an incident in a quick and organized manner. This would minimize the adverse impact caused by a computer security incident. (m)(4)(ii) The cyber- This requirement security incident would be added to response andensure licensees recovery plan must have a be described in the comprehensive integrated response incident response plan required by plan by integrating appendix C to this cyber-security into part.
the overall security of their plants. As licensees take advantage of computer technology to maximize plant productivity, the role of computer systems at nuclear power plants is increasing as well as the possibility for adverse impact from a computer mishap. Therefore, the Commission has determined that it would be a prudent and necessary action for licensees to develop and implement a comprehensive response plan that includes a cyber incident response and recovery plan. (m)(4)(iii) The This requirement cyber-securitywould be added to incident response ensure that and recovery plan licensees acquire must ensure the the capability to capability torespond to cyber respond to cyber- incidents in a security incidents, manner that minimize loss and contains and destruction,repairs damage from mitigate andincidents, and correct theprevents future weaknesses that damage. An incident were exploited, and handling capability restore systems and/ provides a way for or equipmentplant personnel to affected by a cyber- report incidents security incident. and the appropriate response and assistance to be provided to aid in recovery. (m)(5) Protective This requirement strategies. The would be added to licensee shallincorporate the implement defense- approach of delay, in-depth protective detect, and strategies torespond. The use of protect computer multiple and systems from cyber diverse layers of attacks, detecting, defense would delay isolating, andthe threat from neutralizingreaching those unauthorizedsystems that, if activities in a compromised, can timely manner.adversely impact safety, security, or emergency preparedness of the nuclear power plants. This delay in attack would allow more time to detect the attack and would allow time to respond.[[Page 62726]]
(m)(6) Configuration This requirement and controlwould be added to management program. implement The licensee shall configuration implement amanagement to configuration and ensure that the control management system in operation program, to include is the correct cyber riskversion analysis, to ensure (configuration) of that modifications the system and that to computer system any changes to be designs, access made are reviewed control measures, for security configuration,implications. operationalConfiguration integrity, andmanagement can be management process used to help ensure do not adversely that changes take impact facility place in an safety, security, identifiable and and emergencycontrolled preparednessenvironment and systems beforethat they do not implementation of unintentionally those modifications. harm any of the system's properties, including its security. (m)(7) Cyber-This header would be security awareness added for and training..formatting purposes. (m)(7)(i) TheThis requirement licensee shallwould be added to implement a cyber- ensure licensees security awareness implement cyber- and trainingsecurity awareness program.and training programs to ensure that appropriate personnel are aware of cyber-security requirements and have the cyber- security skills and competencies necessary to secure affected plant systems and equipment. (m)(7)(ii) The cyber- This requirement security awareness would be added to and trainingimplement a cyber- program must ensure security awareness that appropriate and training plant personnel, program to: including1. Improve employee contractors, are awareness of the aware of cyber- need to protect securitycomputer systems; requirements and 2. Develop employee that they receive skills and the trainingknowledge so required tocomputer users can effectively perform perform their jobs their assignedmore securely; and duties and3. Build in-depth responsibilities. knowledge, as needed, to design, implement, or operate security programs for organizations and systems. (n) Security program This header would be reviews and audits. added for formatting purposes. Sec. 73.55(g)(4)(i)(A) At (n)(1) The licensee This requirement intervals not to exceed 12 shall review the would be retained months or * * *.onsite physical with minor revision protection program for formatting at intervals not to purposes. exceed 12 months, or Sec. 73.55(g)(4)(i)(B) As (n)(1)(i) AsThis requirement necessary, based on annecessary based would be retained assessment by the licensee upon assessments or with minor against performanceother performance revision. indicators * * *.indicators. Sec. 73.55(g)(4)(i)(B) * * (n)(1)(ii) Within 12 This requirement * as soon as reasonably months after awould be retained practicable after a change change occurs in and revised. Most occurs in personnel,personnel,significantly, the procedures, equipment, or procedures,phrase ``as soon as facilities that potentially equipment, orreasonably could adversely affectfacilities that practicable'' would security but no longer than potentially could be deleted and the 12 months after the change. adversely affect current requirement security.``12 months'' would be moved to the beginning of the sentence to eliminate potential for misunderstanding and improve consistency. Sec. 73.55(g)(4)(i)(B) In (n)(2) As a minimum, This requirement any case, each element of each element of the would be retained the security program must onsite physical with minor be reviewed at least every protection program revision. 24 months.
must be reviewed at least every twenty- four (24) months. Sec. 73.55(g)(4)(i) The (n)(2)(i) The onsite This requirement licensee shall reviewphysical protection would be retained implementation of theprogram review must and revised to security program bybe documented and combine two current individuals who have no performed byrequirements. Most direct responsibility for individualssignificantly, the the security programindependent ofword ``documented'' either:
those personnel would be added for Sec. 73.55(g)(4)(ii) The responsible for consistency with results and recommendations program management the current Sec. of the security program and any individual 73.55(g)(4)(ii). review * * * must bewho has directThe phrase documented * * *.responsibility for ``security implementing the program'' would be onsite physical replaced with the protection program. phrase ``program'' for consistency with use of the phrase ``onsite physical protection program''. Sec. 73.55(g)(4)(ii) The (n)(2)(ii) Onsite This requirement security program review physical protection would be retained must include an audit of program reviews and and revised to security procedures and audits mustprovide additional practices, an evaluation of include, but not be examples. Most the effectiveness of the limited to, ansignificantly, the physical protection system, evaluation of the phrase ``but not be an audit of the physical effectiveness of limited to'' would protection system testing the approvedbe added to clarify and maintenance program, security plans, that the proposed and an audit of commitments implementingexamples are not established for response by procedures,all inclusive. local law enforcementresponse authorities.
commitments by local, State, and Federal law enforcement authorities, cyber- security programs, safety/security interface, and the testing, maintenance, and calibration program.[[Page 62727]]
Sec. 73.55(d)(7)(ii)(B) (n)(3) The licensee This requirement Periodically reviewshall periodically would be retained physical security plans and review the approved with minor contingency plans andsecurity plans, the revision. The procedures to evaluateintegrated response phrase ``Integrated their potential impact on plan, the licensee Response Plan'' plant and personnel safety. protectivewould be added to strategy, andemphasize the licenseeimportance of this implementingproposed plan and procedures toto emphasize its evaluate theirrelationship to effectiveness and other site plans. potential impact on The term plant and personnel ``implementing'' safety.procedures would be added for consistency with this proposed section. (n)(4) The licensee This requirement shall periodically would be added to evaluate the cyber- account for the use security program of computers and for effectiveness the need to ensure and shall update that required the cyber-security protective measures program as needed are being met and to ensureto evaluate the protection against effects that changes to internal changes or other and externaltechnological threats.advancements would have on systems used at nuclear power plants. (n)(5) The licensee This requirement shall conductwould be added to quarterly drills provide a and annual force-on- performance based force exercises in requirement for the accordance with conduct of force-on- appendix C to part force drills and 73 and the licensee exercises. performance evaluation program. Sec. 73.55(g)(4)(ii) The (n)(6) The results This requirement results and recommendations and recommendations would be retained of the security program of the onsitewith minor review, management'sphysical protection revision. The findings on whether the program reviews and phrase ``security security program isaudits,program review'' currently effective, and management'swould be replaced any actions taken as afindings regarding with the phrase'' result of recommendations programonsite physical from prior program reviews effectiveness, and protection program must be documented in a any actions taken reviews and report to the licensee's as a result ofaudits'' for plant manager and torecommendations consistency with corporate management at from prior program the format of the least one level higher than reviews, must be proposed rule. The that having responsibility documented in a phrase ``on whether for the day-to-day plant report to thethe security operation.
licensee's plant program is manager and tocurrently corporateeffective'' would management at least be replaced with one level higher the phrase than that having ``regarding program responsibility for effectiveness'' for day-to-day plant plain language operation.purposes. (n)(7) Findings from This requirement onsite physical would be added to protection program ensure that reviews, audits, security and assessments deficiencies and must be entered findings would be into the sitetracked through the corrective action site corrective program andaction program protected asuntil corrected, safeguardsand information information, if regarding specific applicable.findings would be protected in accordance with the sensitivity and potential for exploitation of the information. (n)(8) The licensee This requirement shall make changes would be added to to the approved provide a security plans and performance based implementingrequirement for the procedures as a revision of result of findings approved security from securityplans where plan program reviews, changes are audits, andnecessary to assessments, where account for necessary to ensure implementation the effectiveproblems, changes implementation of to site conditions, Commissionor other problems regulations and the that adversely licensee protective affect the licensee strategy.capability to effectively implement Commission requirements. (n)(9) UnlessThis requirement otherwise specified would be added to by the Commission, provide necessary onsite physical flexibility to protection program allow licensees to reviews, audits, conduct audits/ and assessments may reviews within a be conducted up to specified time thirty days prior period without to, but no later changing future than thirty days scheduled audit/ after the scheduled review dates. This date withoutrequirement adverse impact upon provides regulatory the next scheduled stability and annual audit date. flexibility to account for unforseen circumstances that may interfere with regularly scheduled dates, such as forced outages. Sec. 73.55(g) Testing and (o) Maintenance, This header would be maintenance.
testing, andretained and calibration.revised to include ``calibration'' of equipment to ensure the accuracy of readings provided from such equipment. (o)(1) The licensee This header would be shall:
added for formatting purposes. (o)(1)(i) Implement This requirement a maintenance,would be added to testing andcomprehensively calibration program address all to ensure thatsecurity equipment security systems in consistent and equipment are terms. This tested forproposed operability and requirement would performance atclarify the current predeterminedrequirement for intervals, areensuring that maintained insecurity equipment operable condition, operates and and are capable of performs as stated performing their in the approved intended function security plans. when needed.[[Page 62728]]
(o)(1)(ii) Describe This requirement the maintenance, would be added to testing andaddress the calibration program maintenance, in the approved testing and physical security calibration of plan. Implementing security equipment procedures must in non-specific specify operational terms and describe and technicalthe types of details required to documentation and performlevel of detail maintenance,needed. testing, and calibration activities to include, but not limited to, purpose of activity, actions to be taken, acceptance criteria, the intervals or frequency at which the activity will be performed, and compensatory actions required. (o)(1)(iii) Document This requirement problems, failures, would be added for deficiencies, and consistency with other findings, to the proposed include the cause requirement for of each, and enter addressing findings each into the site from security corrective action program reviews and program. Theaudits and how licensee shallspecific protect thisinformation information asconcerning security safeguardsdeficiencies and information, if findings must be applicable.protected so that noted deficiencies could not be exploited. Sec. 73.55(g)(1) The(o)(1)(iv) Implement This requirement licensee shall develop and compensatorywould be retained employ compensatorymeasures in awith minor measures includingtimely manner to revision. equipment, additionalensure that the security personnel andeffectiveness of specific procedures tothe onsite physical assure that theprotection program effectiveness of theis not reduced by security system is notfailure or degraded reduced by failure or other operation of contingencies affecting the security-related operation of the security components or related equipment orequipment. structures. Sec. 73.55(g)(2) Each (o)(2) EachThis requirement intrusion alarm shall be intrusion alarm would be retained tested for performance at must be tested for and revised to the beginning and end of operability at the correct the use of any period that it is used beginning and end the phrase ``tested for security. If the period of any period that for performance'', of continuous use is longer it is used foras stated in the than seven days, thesecurity, or if the current Sec. intrusion alarm shall also period of73.55(g)(2). The be tested at least once continuous usetesting performed every seven (7) days.exceeds seven (7) at the beginning days, the intrusion and end of any alarm must beperiod is intended tested at least to be a ``go, no- once every seven go'' test or (7) days.operational test that is used to simply indicate that the equipment functions in response to predetermined stimuli. A performance test is a more elaborate test that would test a system through the entire range of its intended function or stimuli. Sec. 73.55(g)(2) Each (o)(3) Intrusion This requirement intrusion alarm shall be detection andwould be retained tested for performance at access controland revised to the beginning and end of equipment must be correct the any period that it is used performance tested periodicity of for security.
in accordance with performance testing the approvedstated in the security plans. current Sec. 73.55(g)(2) and to add ``access control equipment'' due to the widespread use of access control technologies and to focus on the need to ensure that this equipment is functioning as intended in response to the predetermined stimuli (e.g., biometrics). The phrase ``each intrusion alarm'' would be replaced with the phrase ``Intrusion detection and access control equipment'' to more accurately describe the equipment to be performance tested. Sec. 73.55(g)(3)(o)(4) Equipment This proposed Communications equipment required forrequirement would required for communications communicationsbe retained and onsite shall be tested for onsite must berevised to correct performance not lesstested forthe use of the frequently than once at the operability not phrase ``tested for beginning of each security less frequently performance'', as personnel work shift.than once at the stated in the beginning of each current Sec. security personnel 73.55(g)(3). The work shift.testing performed at the beginning and end of any period is intended to be a ``go, no- go'' test or operational test that is used to simply indicate that the equipment functions in response to predetermined stimuli.[[Page 62729]]
Sec. 73.55(g)(3)(o)(5) Communication This requirement Communications equipment systems between the would be retained required for communications alarm stations and and revised to offsite shall be tested for each control room, include both performance not less than and between the ``onsite'' and once a day.
alarm stations and offsite offsite support communication agencies, toequipment include back-up associated with communicationintegrated response equipment, must be and to correct the tested foruse of the term operability at``performance least once each day. test,'' as stated in the current Sec. 73.55(g)(3). The testing performed at least once each day is intended to be a ``go, no-go'' test or operational test that is used to simply indicate that the equipment functions. (o)(6) SearchThis requirement equipment must be would be added to tested forensure that search operability atequipment is tested least once each day for operability and and tested forperformance at performance atintervals that least once during provide assurance each seven (7) day that unauthorized period and before items would be being placed back detected as in service after required. This each repair orproposed inoperative state. requirement is added to address the widespread use of search equipment technologies, such as explosives and metal detectors, and x-ray equipment and to provide a performance based requirement that focuses on the importance for accurate performance of this equipment. Sec. 73.55(g)(1) All(o)(7) All intrusion This requirement alarms, communicationdetectionwould be retained equipment, physicalequipment,with minor barriers, and othercommunicationrevision. Most security related devices or equipment, physical significantly, back- equipment shall bebarriers, and other up power supplies maintained in operablesecurity-related are added to ensure condition.
devices orthis critical equipment, toelement is include back-up maintained in power supplies must operable condition. be maintained in operable condition. (o)(8) A program for This requirement testing orwould be added to verifying theaccount for those operability ofcircumstances when devices ora licensee cannot equipment located satisfy testing in hazardous areas requirements due to must be specified safety hazards or in the approved radiation security plans and restrictions. Vital must definecomponent area alternate measures portals located to be taken towithin facility ensure the timely radiological completion ofcontrolled areas testing orthat are maintenance when inaccessible due to the hazardoussafety hazards or condition orestablished radiationradiation restrictions are no restrictions may be longer applicable. excluded from the testing requirements of this section. (p) Compensatory This header would be measures.added for formatting purposes. Sec. 73.55(g)(1) The(p)(1) The licensee This requirement licensee shall develop and shall identifywould be retained employ compensatorymeasures andwith minor measures * * *.criteria needed to revision. The word compensate for the ``compensate'' is loss or reduced used to provide a performance ofperformance based personnel,requirement that equipment, systems, requires the and components, identified that are required compensatory to meet themeasure to be requirements of ``developed and this section.employed''. Sec. 73.55(g)(1) The(p)(2) Compensatory This requirement licensee shall develop and measures must be would be retained employ compensatorydesigned andand revised to measures includingimplemented tofocus on the equipment, additionalprovide a level of Commission's view security personnel andprotection that is that compensatory specific procedures toequivalent to the measures must assure that theprotection that was provide a level of effectiveness of theprovided by the protection that security system is notdegraded orsatisfies the reduced by failure or other inoperableCommission contingencies affecting the personnel,requirement which operation of the security equipment, system, was otherwise related equipment oror components.satisfied through structures.
use or implementation of the failed component of the onsite physical protection program. (p)(3) Compensatory This requirement measures must be would be added to implemented within provide a specific time lines performance based necessary to meet requirement for the requirements timely stated in paragraph implementation of (b) of this section compensatory and described in measures. The the approvedphrase ``within security plans. specific time lines necessary to meet the requirements stated in paragraph (b)'' would provide qualifying details against which specific time lines would be developed. (q) Suspension of This header would be safeguards measures. added for formatting purposes. (q)(1) The licensee This requirement may suspendwould be added for implementation of formatting affectedpurposes. The requirements of phrase this section under ``implementation of the followingaffected conditions:requirements'' would be used to ensure the licensee only suspends those measures that cannot be met as a direct result of the condition.[[Page 62730]]
Sec. 73.55(a) In(q)(1)(i) InThis requirement accordance with Sec. Sec. accordance with would be retained 50.54(x) and 50.54(y) of Sec. Sec.with minor this chapter, the licensee 50.54(x) andrevision. may suspend any safeguards 50.54(y) of this measures pursuant to Sec. chapter, the 73.55 in an emergency when licensee may this action is immediately suspend any needed to protect thesafeguards measures public health and safety pursuant to this and no action consistent section in an with license conditions and emergency when this technical specification action is that can provide adequate immediately needed or equivalent protection is to protect the immediately apparent.public health and safety and no action consistent with license conditions and technical specifications that can provide adequate or equivalent protection is immediately apparent. Sec. 73.55(a) ThisThis suspension of This requirement suspension must be approved safeguards measures would be retained as a minimum by a licensed must be approved as with minor revision senior operator prior to a minimum by ato report this taking the action.licensed senior information to the operator prior to control room. This taking this action. proposed requirement is intended to ensure that at least one onsite, licensee management level person who is knowledgeable and aware of reactor operations and reactor status at the time, is the individual who would approve the suspension and has the knowledge to determine and the authority to direct appropriate compensatory measures to include, but not limited to, modifications to the licensee protective strategy during the suspension period. (q)(1)(ii) During This requirement severe weather when would be added to the suspension is provide a immediately needed performance based to protectrequirement that personnel whose accounts for the assigned duties and suspension of responsibilities in safeguards measures meeting theduring severe requirements of weather conditions this section would that could result otherwisein life threatening constitute a life situations such as threateningtornadoes, floods, situation and no hurricanes, etc., action consistent for those with theindividuals requirements of assigned to carry this section that out certain duties can provideand equivalentresponsibilities protection isrequired by immediatelyCommission apparent.regulations, and the approved security plans and procedures. Suspension ofThis requirement safeguards due to would be added to severe weather must provide a be initiated by the requirement for who security supervisor is authorized to and approved by a approve suspensions licensed senior under severe operator prior to weather conditions. taking this action. (q)(2) Suspended This requirement security measures would be added to must beprovide a reimplemented as performance based soon as conditions requirement for permit.reimplementing suspended security measures. Sec. 73.55(a) The(q)(3) TheThis requirement suspension of safeguards suspension ofwould be retained measures must be reported safeguards measures with minor revision in accordance with themust be reported for documenting provisions of Sec. 73.71. and documented in suspended security accordance with the measures. provisions of Sec. 73.71. Sec. 73.55(a) Reports made (q)(4) Reports made This requirement under Section Sec. 50.72 under Sec. 50.72 would be retained. need not be duplicatedof this chapter under Sec. 73.71.need not be duplicated under Sec. 73.71. (r) Records......... This header would be added for formatting purposes. Sec. 73.55(b)(1)(ii) The (r)(1) TheThis requirement NRC may inspect, copy, and Commission maywould be retained take away copies of all inspect, copy,with minor reports and documentsretain, and remove revision. The required to be kept bycopies of allphrase ``reports Commission regulations, records required to and documents'' orders, or applicablebe kept bywould be replaced license conditions whether Commissionwith the word the reports and documents regulations,``records'' to are kept by the licensee or orders, or license account for all the contractor.conditions whether information the records are collection kept by therequirements licensee or aregardless of contractor.media, to include electronic record keeping systems. Sec. 73.55(g)(4) These (r)(2) The licensee This requirement reports must be maintained shall maintain all would be retained in an auditable form,records required to and revised to available for inspection, be kept byconsolidate for a period of 3 years. Commissionmultiple current regulations,records retention orders, or license requirements rather conditions, as a than state the same record until the requirement Commissionmultiple times for terminates theeach record license for which throughout this the records were rule. The phrase developed and shall ``unless otherwise maintain superceded specified by the portions of these Commission'' would records for atbe used to address least three (3) any conflict that years after the may arise between record isother records superseded, unless retention otherwise specified requirements such by the Commission. that the more restrictive requirement would take precedence.[[Page 62731]]
(s) Safety/security This requirement interface. Inwould be added to accordance with the provide specific requirements of reference to the Sec. 73.58, the proposed Sec. licensee shall73.58 for Safety develop andand Security implement a process Interface to inform andrequirements. coordinate safety and security activities to ensure that these activities do not adversely affect the capabilities of the security organization to satisfy the requirements of this section, or overall plant safety. (t) Alternative This header would be measures.added for formatting purposes. Sec. 73.55(a) The(t)(1) TheThis requirement Commission may authorize an Commission maywould be retained applicant or licensee to authorize anand revised to provide measures forapplicant orprovide a protection againstlicensee to provide performance based radiological sabotage other a measure forrequirement for than those required by this protection against alternative section if the applicant or radiologicalmeasures that focus licensee demonstrates that sabotage other than attention on the the measures have the same one required by Commission's view high assurance objective as this section if the that an alternative specified in this paragraph applicant ormeasure is an and that the overall level licenseeunanalyzed of system performancedemonstrates that: substitute for a provides protection against (i) The measurespecific Commission radiological sabotagemeets the samerequirement of this equivalent to that which performanceproposed section would be provided byobjective andand therefore, must Paragraphs (b) through (h) requirements as be individually and of this section and meets specified inknowingly reviewed the general performance paragraph (b) of and approved by the requirements of thisthis section, and. Commission before section.
(ii) The proposed implementation to alternative measure ensure consistency provides protection with these proposed againstCommission radiologicalregulations. The sabotage or theft Commission has of unirradiated MOX determined that the fuel assemblies, requirements equivalent to that described in this which would beproposed section provided by the have been carefully specificanalyzed by the requirement for Commission and which it wouldtherefore, an substitute.alternative measure to a proposed requirement of this section must also be carefully analyzed through the process addressed in 10 CFR 50.90 before implementation. Specifically, the language used by this proposed requirement addresses alternative measures ``individually'' rather than collectively to clarify that each proposed alternative measure is unique by itself and must be analyzed as such. In addition, the phrase ``have the same high assurance objective'' is replaced with the phrase ``meets the same performance objective and requirements as specified in paragraph (b) of this section''. The proposed paragraph (b) of this section retains the same ``high assurance objective'' referred to by the current requirement and incorporates by reference the performance based requirements of this proposed section that facilitate licensee achievement of the intended high assurance objective. Sec. 73.55(c)(9)(i) For (t)(2) The licensee This requirement licensees who choose to shall submit each would be retained propose alternativeproposedand revised to measures as provided for in alternative measure expand the 10 CFR 73.55(c)(8), the to the Commission application of the proposal must be submitted for review andcurrent provision in accordance with 10 CFR approval infor alternative 50.90 and include theaccordance with measures to all analysis and justification Sec. Sec. 50.4 proposed for the proposedand 50.90 of this requirements of alternatives.
chapter beforethis section and implementation. would provide the process by which alternative measures would be submitted for Commission review and approval. Sec. 73.55(c)(8)(ii)(t)(3) The licensee This requirement Propose alternativeshall submit awould be retained measures, in addition to technical basis for and revised to the measures established in each proposedexpand the accordance with 10 CFRalternativeapplication of the 73.55(c)(7), describe the measure, to include current provision level of protection that any analysis or for alternative these measures wouldassessmentmeasures to all provide against a landconducted inproposed vehicle bomb, and compare support of arequirements of the costs of thedetermination that this section and to alternative measures with the proposedprovide a the costs of measuresalternative measure description of the necessary to fully meet the provides a level of detailed design goals and criteria. protection that is information needed at least equal to to support the that which would technical basis for otherwise bea request for provided by the Commission approval specificof an alternative requirement of this measure. section.[[Page 62732]]
Sec. 73.55(c)(8)(ii) The (t)(4) Alternative This requirement Commission will approve the vehicle barrier would be retained proposed alternativesystems. In the with minor measures if they provide case of alternative revision. The substantial protectionvehicle barrier phrase ``The against a land vehiclesystems required by Commission will bomb, and it is determined Sec. 73.55(e)(8), approve the by an analysis, using the the licensee shall proposed essential elements of 10 demonstrate that: alternative CFR 50.109, that the costs (i) The alternative measures'' would be of fully meeting the design measure provides deleted because goals and criteria are not substantialapproval would be justified by the addedprotection against based on NRC protection that would be a vehicle bomb, and. review. The provided.
(ii) Based onproposed language comparison of the clearly stipulates costs of thethat alternative alternativemeasures will be measures to the reviewed by the costs of meeting staff and approval the Commission's would be contingent requirements using upon the the essentialjustification elements of 10 CFR provided by the 50.109, the costs licensee to include of fully meeting an analysis that the Commission's examines the costs requirements are and benefits of the not justified by alternative measure the protection that consistent with 10 would be provided. CFR 50.109. Sec. 73.55This requirement Definitions.would be added to clarify the use of the listed terms used in this proposed rule. Security Officer This definition means a uniformed would be added to individual, either clarify what is armed with ameant by the term covered weapon or ``Security unarmed, whoseOfficer'' as used primary duty is the in this document. protection of a facility, of radioactive material, or of other property against theft or diversion or against radiological sabotage. Target Set means the This definition combination ofwould be added to equipment orclarify what is operator actions meant by the term which, if all are ``Target Set'' as prevented fromused in this performing their document. intended safety function or prevented from being accomplished, would likely result in significant core damage (e.g., non- incipient, non- localized fuel melting, and/or core disruption) barring extraordinary action by plant operators. A target set with respect to spent fuel sabotage is draining the spent fuel pool leaving the spent fuel uncovered for a period of time, allowing spent fuel heat-up and the associated potential for release of fission products.
Table 3.--Proposed Part 73 Section 73.56 [Personnel access authorization requirements for nuclear power plants]Current languageProposed language ConsiderationsSec. 73.56(a) General..... (a) Introduction.... This header would be added for formatting purposes. This proposed Sec. 73.56(a) would amend and reorganize current Sec. 73.56(a) [General]. The current Sec. 73.56(a) required licensees to develop and implement access authorization (AA) programs. The proposed Sec. 73.56(a) would update these requirements. The title of this paragraph would be revised to more accurately capture the topics addressed in the proposed Sec. 73.56(a), which would include a description of the NRC-regulated entities who would be subject to the section and the methods by which the NRC intends that licensees would implement the amended AA programs. These proposed changes to the language and organization of current Sec. 73.56(a) would be made to enhance the clarity of the requirements in this section, for the reasons discussed in Section IV.[[Page 62733]]
Sec. 73.56(a) General. (1) (a)(1) By [date--180 This requirement Each licensee who isdays--after the would be added to authorized on April 25, effective date of discuss the types 1991, to operate a nuclear the final ruleof Commission power reactor pursuant to published in the licensees to whom Sec. Sec. 50.21(b) or Federal Register], the proposed 50.22 of this chapter shall each nuclear power requirements of comply with thereactor licensee, this section would requirements of thislicensed under 10 apply and the section. By April 27, 1992, CFR part 50, shall schedule for the required accessincorporate the submitting the authorization program must revisedamended access be incorporated into the requirements of authorization site Physical Security Plan this sectionprogram. The as provided for by 10 CFR through amendments Commission intends 50.54(p)(2) andto its Commission- to delete the implemented. By April 27, approved access current language, 1992, each licensee shall authorizationbecause it applies certify to the NRC that it program and shall only to a past rule has implemented an access submit the amended change that is authorization program that program to thecompleted. The meets the requirements of Commission forproposed this part.
review and approval. requirements of this section would be applicable to decommissioned/ing reactors unless otherwise approved by the Commission. This proposed requirement would add a requirement for Commission review and approval of the amended access authorization program to ensure that access authorization programs meet the objective of providing high assurance that individuals who are subject to the requirements of this section are trustworthy and reliable, and do not constitute an unreasonable risk to public health and safety or the common defense and security, including the potential to commit radiological sabotage. (a)(2) The amended This requirement program must be would be added to submitted asprovide a reference specified in Sec. to the current Sec. 50.4 and must50.4(b)(4) which describe how the describes revisedprocedural details requirements of relative to the this section will proposed security be implemented by plan submission the licensee, to requirement. include a proposed implementation schedule. (a)(3) The licensee This requirement shall implement the would be added to existing approved clarify that the access
licensee must authorizationcontinue to program andimplement the associatedcurrent Commission- Commission orders approved security until Commission plans until the approval of the Commission approves amended program, the amended plans. unless otherwise The phrase ``unless authorized by the otherwise Commission.authorized by the Commission'' would provide flexibility to account for unanticipated situations that may affect the licensee's ability to comply with this proposed requirement. (a)(4) The licensee This requirement is responsible to would be added to the Commission for clarify that the maintaining the licensee is authorizationresponsible for program inmeeting Commission accordance with regulations and the Commissionapproved security regulations and plans. The phrase related Commission- ``through the directed orders implementation of through thethe approved implementation of program and site the approvedimplementing program and site procedures'' would implementingbe added to procedures.describe the relationship between Commission regulations, the approved authorization program, and implementing procedures. The Commission views the approved security plans as the mechanism through which the licensee implements Commission requirements.[[Page 62734]]
Sec. 73.56(a)(2) Each (a)(5) Applicants This requirement applicant for a license to for an operating would be added to operate a nuclear power license under the describe the reactor pursuant to Sec. provisions of part proposed Sec. 50.21(b) or 50.22 of 50 of this chapter, requirements for this chapter, whoseor holders of a applicants and to application was submitted combined license specify that the prior to April 25, 1991, under theproposed shall either by April 27, provisions of part requirements of 1992, or the date of52 of this chapter, this section must receipt of the operating shall satisfy the be met upon receipt license, whichever isrequirements of of an operating later, incorporate thethis section upon license or upon required accessreceipt of annotice of the authorization program into operating license Commission's the site Physical Security or upon notice of finding under Sec. Plan and implement it.the Commission's 52.103(g) of this Sec. 73.56(a)(3) Eachfinding under Sec. chapter. This applicant for a license to 52.103(g) of this proposed operate a nuclear power chapter.requirement would reactor pursuant to Sec.
retain the meaning Sec. 50.21(b) or 50.22 of
of the current Sec. this chapter and each
73.56(a)(3), applicant for a combined
which requires construction permit and
applicants for a operating license pursuant
license to operate to part 52 of this chapter,
a nuclear power whose application is
plant to submitted after April 25,
incorporate an 1991, shall include the
access required access
authorization authorization program as
program in their part of its Physical
Physical Security Security Plan. The
Plan and implement applicant, upon receipt of
the approved access an operating license or
authorization upon receipt of operating
program when authorization, shall
approval to begin implement the required
operating is access authorization
received. This program as part of its site
proposed Physical Security Plan..
requirement would also add a requirement for Commission review and approval of an applicant's Physical Security Plan incorporating the requirements of this proposed section for the reasons discussed with respect to proposed Sec. 73.56(a)(1). The Commission intends to delete the current Sec. 73.56(a)(2) because there are no remaining applicants for an operating license under Sec. Sec. 50.21(b) or 50.22 of this chapter who have not implemented an AA program under the current requirements. Therefore, the current paragraph is no longer necessary. The proposed paragraph would retain the current requirement for licensees and applicants to implement access authorization programs upon receipt of an operating license or operating authorization, respectively, and add a requirement for these entities to maintain their access authorization programs. The requirement to maintain AA programs would be added to convey more accurately that Sec. 73.56 includes requirements for maintaining AA programs, in addition to requirements for implementing them. Sec. 73.56(a)(4) The(a)(6) Contractors Proposed Sec. licensee may accept part of and vendors (C/Vs) 73.56(a)(6) would an access authorization who implementamend current Sec. program used by itsauthorization73.56(a)(4), which contractors, vendors, or programs or program permits licensees other affected
elements shallto accept a C/V organizations anddevelop, implement, authorization substitute, supplement, or and maintainprogram to meet the duplicate any portion of authorizationstandards of this the program as necessary to programs or program section. The meet the requirements of elements that meet proposed paragraph this section. In any case, the requirements of would retain the the licensee is responsible this section, to current permission for granting, denying, or the extent that the for licensees to revoking unescorted access licensees andaccept C/V authorization to anyapplicantsauthorization contractor, vendor, orspecified inprograms, in full other affected organization paragraphs (a)(1) or in part, but employee.
and (a)(5) of this would also add C/Vs section rely upon to the list of those C/Ventities who are authorizationsubject to proposed programs or program Sec. 73.56 in elements to meet order to convey the requirements of more clearly that C/ this section. In Vs may be directly any case, only a subject to NRC licensee orinspection and applicant shall enforcement actions grant or permit an than the current individual torule language maintain unescorted implies. access to nuclear power plant protected and vital areas.[[Page 62735]]
This change is necessary to clarify the applicability of the rule's requirements to a C/ V's authorization program because several requirements in the current section could be interpreted as implying that a C/V is accountable to the licensee but not to the NRC, should significant weaknesses be identified in the C/ V's authorization program upon which one or more licensees rely. However, this interpretation would be incorrect. Therefore, proposed Sec. 73.56(a)(6) would include C/V authorization programs and program elements upon which licensees and applicants rely within the scope of this section to convey more accurately that these C/Vs are directly accountable to the NRC for meeting the applicable requirements of Sec. 73.56. This clarification is also necessary to maintain the internal consistency of the proposed rule because some provisions of the proposed section apply only to C/Vs, including, but not limited to, the second sentence of proposed Sec. 73.56(n)(7). The proposed paragraph would also retain the intent of the current requirement that only licensees and applicants have the authority to grant or permit an individual to maintain unescorted access to nuclear power plant protected and vital areas. The phrases, ``program elements'' and ``to the extent that * * *,'' would replace the second sentence of current Sec. 73.56(a)(4), which permits licensees to accept part of an authorization program used by its contractors, vendors, or other affected organizations and substitute, supplement, or duplicate any portion of the program as necessary to meet the requirements of this section. The proposed change would retain the meaning of the current provision, but would clarify the intent of the provision in response to implementation questions from licensees. The phrase, ``program elements,'' would replace ``part of an access authorization program,'' to more clearly convey that the parts of an authorization program to which this provision refers are the program elements that are required under current and proposed Sec. 73.56, including a background investigation; psychological assessment; behavioral observation; a review procedure for adverse determinations regarding an individual's trustworthiness and reliability; audits; the protection of information; and retaining and sharing records.[[Page 62736]]
The phrase, ``to the extent that the licensees and applicants rely upon C/V authorization programs or program elements,'' would be used in proposed Sec. 73.56(a)(6) to clarify that C/ Vs need only meet the requirements of this section for those authorization program elements upon which licensees and applicants who are subject to this section rely. This change would be made to address two issues. First, ``to the extent that'' would be used to indicate that C/Vs need not implement every element of an AA program in order for licensees to rely on the program elements that a C/V does implement in accordance with the requirements of this section. For example, if a C/V conducts background investigations upon which licensees rely in making unescorted access authorization determinations, the background investigations must meet the requirements of current Sec. 73.56(b)(2)(i) [or proposed Sec. 73.56(d)]. However, the C/V need not also perform psychological assessments or any other services for licensees in order for licensees to rely on the background investigations that the C/V performs. Second, the phrase, ``to the extent that,'' would also indicate that any elements of an authorization program that a C/V implements that are not relied upon by licensees need not meet the requirements of this section. For example, if the same C/V in the previous example also offers psychological assessment services, in addition to conducting background investigations for licensees, but no licensees or applicants who are subject to this section rely on those psychological assessment services to make unescorted access authorization decisions, then the C/V need not meet the requirements of current Sec. 73.56(b)(2)(ii) [or proposed Sec. 73.56(e)] for conducting those psychological assessments. These proposed changes to the terms used in current Sec. 73.56(a)(4) would be made for increased clarity in the language of the rule. (b) Individuals who A new Sec. are subject to an 73.56(b) authorization[Individuals who program.are subject to an (b)(1) The following AA program] would individuals shall specify the be subject to an individuals who authorizationmust be subject to program:.an AA program, based on their job duties and responsibilities. Current Sec. 73.56 requires only that individuals who have unescorted access to protected and vital areas shall be subject to an AA program. The proposed rule would add several categories of individuals who would be subject to the proposed AA program, for the reasons discussed with respect to each paragraph that addresses the additional categories of individuals who would be covered. Proposed Sec. 73.56(b) would be added for clarity in the organization of the proposed section by grouping together in one list the individuals who would be subject to the proposed regulations.[[Page 62737]]
Sec. 73.56(b) General (b)(1)(i) AnyProposed Sec. performance objective and individual to whom 73.56(b)(1)(i) requirements. (1) Thea licensee orwould retain the licensee shall establish applicant grants current requirement and maintain an accessunescorted access that any individual authorization programto nuclear power who has unescorted granting individualsplant protected and access to nuclear unescorted access tovital areas.power plant protected and vital areas *
protected and vital * *.
areas shall be subject to an AA program that meets the requirements of this section. The current requirement is embedded in the first sentence of current Sec. 73.56(b) [General performance objective and requirements]. The proposed paragraph would list this category of individuals separately for organizational clarity in the rule. (b)(1)(ii) AnyA new Sec. individual whose 73.56(b)(1)(ii) assigned duties and would require that responsibilities individuals who are permit theassigned duties and individual to take responsibilities actions bythat permit them to electronic means, take actions by either onsite or electronic means remotely, thatthat could could adversely adversely impact a impact a licensee's licensee's or or applicant'sapplicant's operational safety, operational safety, security, orsecurity, or emergency response emergency response capabilities; and capabilities would be subject to an AA program. The proposed provision would be consistent with the intent of current Sec. 73.56, which is to ensure that anyone who has unescorted access to equipment that is important to the operational safety and security of plant operations must be trustworthy and reliable. As discussed in Section IV.3, because of the increased use of digital systems and advanced communications technologies in nuclear power plants, the current regulations, which focus on individuals who have physical access to equipment within protected and vital areas, do not provide adequate assurance of the trustworthiness and reliability of persons whose job duties and responsibilities permit them to take actions through electronic means that can affect operational safety, security, and emergency response capabilities, but who, because of advances in electronic communications, may not require physical access to protected and vital areas. For example, some licensees have installed systems that permit engineers or information technology technicians to take actions from remote locations that may affect the operability of safety-related components, or affect the functionality of operating systems. Because the potential impact of actions taken through electronic means may be as serious as actions taken by an individual who is physically present within a protected or vital area, the NRC has determined that subjecting this additional category of individuals to the AA program is necessary.[[Page 62738]]
(b)(1)(iii) Any Proposed Sec. individual who has 73.56(b)(1)(iii) responsibilities would require that for implementing a certain individuals licensee's orwho are members of applicant'sthe licensee's or protectiveapplicant's strategy,security including, but not organization shall limited to, armed be subject to an AA security forceprogram, based on officers, alarm their station operators, responsibilities and tacticalfor implementing a response teamlicensee's leaders; andprotective strategy. Current Sec. 73.55 requires that any armed members of the security organization must be subject to an AA program, but the proposed rule would also list them here for clarity and completeness in the requirements of this section. The proposed paragraph would also include any individual who has responsibilities for implementing the licensee's protective strategy, which may include individuals who are not armed. In practice, the NRC is not aware of any licensees, applicants, or C/Vs who do not subject this broader category of individuals to an AA program. However, the proposed rule would specify that these individuals shall be subject to an AA program because of their critical responsibilities with respect to plant security and, therefore, the need for high assurance that they are trustworthy and reliable. (b)(1)(iv) TheProposed Sec. licensee's,73.56(b)(1)(iv) applicant's, or C/ would introduce a V's reviewingnew term, official.``reviewing official,'' to Sec. 73.56 to refer to an individual who is designated by a licensee, applicant, or C/V to be responsible for reviewing and evaluating information about persons who are applying for unescorted access authorization and determining whether to grant, deny, maintain, or unfavorably terminate unescorted access authorization. The proposed paragraph would require reviewing officials to be subject to the AA program because of the key role these individuals play in providing high assurance that persons who are granted unescorted access to protected areas and electronic access to operational safety, security, or emergency response systems within protected or vital areas are trustworthy and reliable. In addition, reviewing officials' actions affect the confidence that the public, management, the NRC, and individuals who are subject to the AA program have in the integrity of the program and the accuracy and reliability of the authorization decisions that are made under the program. Therefore, the NRC believes that reviewing officials must meet the highest standards for trustworthiness and reliability, including the requirements of an AA program.[[Page 62739]]
(b)(2) At theProposed Sec. licensee's,73.56(b)(2) would applicant's, or C/ recognize the long- V's discretion, standing industry other individuals practice, which has who are designated been endorsed by in accessthe NRC, of authorizationsubjecting program procedures additional may be subject to individuals to an authorization authorization program that meets requirements during the requirements of periods when those this section.individuals do not require and have not been granted unescorted access to protected or vital areas. For example, some C/Vs, whose personnel may be called upon by a licensee to work at a licensee's site under contract, implement full authorization programs to cover those personnel. Similarly, some licensees require employees who are normally stationed at their corporate headquarters to be subject to an authorization program, for such access, is referred to as having ``unescorted access'' (UA). The proposed paragraph would be added to give licensees, applicants, and C/ Vs who implement authorization programs that meet the requirements of this part the authority to do so under the proposed rule. Sec. 73.56(b) General (c) GeneralProposed Sec. performance objective and performance73.56(c) would requirements. (1) Theobjective. Access retain the meaning licensee shall establish authorizationof the current and maintain an accessprograms mustprogram performance authorization programprovide highobjective, which is granting individualsassurance that the embedded in current unescorted access toindividuals who are Sec. 73.56(b), protected and vital areas specified inbut would separate with the objective ofparagraph (b)(1) of it from the providing high assurance this section, and, requirement in the that individuals granted if applicable,current paragraph unescorted access are(b)(2) of thisfor licensees to trustworthy and reliable, section areestablish and and do not constitute an trustworthy and maintain an AA unreasonable risk to the reliable, such that program. The health and safety of the they do notrequirement to public including aconstitute anestablish and potential to commitunreasonable risk maintain AA radiological sabotage.to public health programs would be and safety or the moved to proposed common defense and Sec. 73.56(a), security, including where it would be the potential to imposed on each commit radiological entity who would be sabotage.subject to the section, for organizational clarity. The performance objective would be revised to add cross-references to the categories of individuals who must be subject to an authorization program, as specified in proposed Sec. 73.56(b), because the proposed rule would require that certain individuals, in addition to those who have unescorted physical access to protected and vital areas of a nuclear power plant, would be subject to the AA program, as discussed with respect to Sec. 73.56(b). In addition, the phrase, ``common defense and security,'' would be added to the proposed paragraph to convey the purpose of authorization programs more specifically, which would include protection of the public from the potential insider activities defined in current Sec. 73.1(a)(1)(B) and (a)(2)(B).[[Page 62740]]
Sec. 73.56(2) Except as (d) BackgroundProposed Sec. provided for in paragraphs investigation. In 73.56(d) would (c) and (d) of thisorder to grantamend current Sec. section, the unescorted unescorted access 73.56(b)(2)(i), access authorizationauthorization to an which requires program must include the individual, the authorization following: (i) A background licensees,programs to include investigation designed to applicants and C/Vs a background identify past actions which specified ininvestigation and are indicative of anparagraph (a) of describes the individual's futurethis section shall aspects of an reliability within aensure that the individual's protected or vital area of individual has been background to be a nuclear power reactor. As subject to ainvestigated. a minimum, the background backgroundProposed Sec. investigation must verify investigation. The 73.56(d) would an individual's * * *.backgroundretain the investigation must requirements of the include, but is not current paragraph, limited to, the but increase the following elements: level of detail with which they are specified in response to implementation questions from licensees and in order to increase consistency among authorization programs, as discussed in Section IV.3. Because the requirements in the proposed rule would be more detailed, the current paragraph would be restructured and subdivided to present requirements for each element of the background investigation in a separate paragraph. This change would be made for increased clarity in the organization of the rule. The cross-references to paragraphs (c) and (d) in the current provision would be deleted because they would no longer apply in the reorganized section. The proposed provision would use the phrase, ``ensure that the individual has been subject to a background investigation,'' because completion of every element of a background investigation may not be required each time an individual applies for UAA. As discussed with respect to proposed Sec. 73.46(h)(1) and (h)(2), the proposed rule would permit licensees, applicants, and C/ Vs, in order to meet the requirements of this section, to accept and rely on certain background investigation elements, psychological assessments, and behavioral observation training conducted by other licensees, applicants, and C/ Vs who are subject this section. This permission would reduce unnecessary regulatory burden by eliminating redundancies in authorization program elements that cover the same subject matter and periods of time. However, as discussed with respect to proposed paragraphs (h) and (i)(1) of this section, the proposed rule would establish time limits on the permission to accept and rely on authorization program elements to which the individual was previously subject, based upon how far in the past the background investigation element, psychological assessment, and behavioral observation training was conducted. These time limits are discussed in more detail with respect to the specific provisions in the proposed rule that address them.[[Page 62741]]
(d)(1) Informed Proposed Sec. consent. The73.56(d)(1) would licensees,require the applicants, and C/ entities who are Vs specified in subject to this paragraph (a) of section to obtain this section may written consent not initiate any from any individual element of awho is applying for backgroundUAA before the investigationlicensee, without theapplicant, or C/V knowledge andinitiates any written consent of element of the the subjectbackground individual.investigation that Licensees,is required in this applicants, and C/ section. The Vs shall inform the practice of individual of his obtaining the or her right to individual's review information written consent for collected to assure the background its accuracy and investigation has provide thebeen endorsed by individual with an the NRC and opportunity toincorporated into correct anylicensees' Physical inaccurate orSecurity Plans incompletesince Sec. 73.56 information that is was first developed bypromulgated. It is licensees,necessary to applicants, and C/ protect the privacy Vs about therights of individual.individuals who are applying for UAA. The proposed paragraph would also require licensees, applicants, and C/ Vs to inform the individual of his or her right to review information that is developed by the licensee, applicant, or C/V to verify its accuracy, and have the opportunity to correct any misinformation. Proposed Sec. 73.56(o)(6) would further require the licensee, applicant, or C/V to ensure that any necessary corrections are made to information about the individual that has been recorded in the information- sharing mechanism that would be required under proposed Sec. 73.56(o)(6), as discussed with respect to that paragraph. These are also industry practices that have been endorsed by the NRC and incorporated into licensees' Physical Security Plans. Permitting the individual to review and have the opportunity to correct personal information that is collected about him or her is necessary to maintain individuals' confidence in the fairness of authorization programs by protecting individuals from possible adverse employment actions that may result from an inability to gain unescorted access to protected areas, based upon incorrect information. Requiring the entities who are subject to this section to correct information contained in the information-sharing mechanism, as would be required under proposed Sec. 73.56(o)(6), is necessary to maintain the integrity of the personal information shared among the entities who would be subject to the proposed section, and the effectiveness of AA programs.[[Page 62742]]
(d)(1)(i) TheProposed Sec. subject individual 73.56(d)(1)(i) may withdraw his or would specify that her consent at any an individual who time. The licensee, has given his or applicant or C/V to her written consent whom the individual for a background has applied for investigation under unescorted access proposed Sec. authorization shall 73.56(d)(1) may inform thewithdraw that individual that-- consent at any (A) Withdrawal of time. However, his or her consent because a will withdraw the background individual'sinvestigation is current application one of the for accessrequirements for authorization under granting UAA, and the licensee's, because the applicant's or C/ background V's authorization investigation program; and.cannot be completed (B) Other licensees, without the subject applicants and C/Vs individual's will have access to consent, proposed informationSec. documenting the 73.56(d)(1)(i)(A) withdrawal through would specify that the information- the licensee, sharing mechanism applicant, or C/V required underto whom the paragraph (o)(6) of individual has this section..applied for UAA must inform the individual who has withdrawn consent that withdrawal of consent will terminate the individual's current application for UAA. In addition, the licensee, applicant, or C/V would be required by proposed Sec. 73.56(d)(1)(i)(B) to notify the individual that other licensees, applicants, and C/ Vs will have access to information documenting the withdrawal through the information- sharing mechanism required under proposed Sec. 73.56(o)(6). That proposed paragraph would require that information specified in the licensee's or applicant's Physical Security Plan about individuals who have applied for UAA, must be recorded and retained in a database that is administered as an information-sharing mechanism by licensees and applicants subject to Sec. 73.56. (d)(1)(ii) If an Proposed Sec. individual73.56(d)(1)(ii) withdraws his or would establish her consent, the several licensees,requirements applicants and C/Vs related to a specified inwithdrawal of paragraph (a) of consent by an this section may individual who has not initiate any applied for UAA. elements of the The proposed backgroundparagraph would investigation that require the were not inentities who are progress at the subject to this time the individual section to document withdrew his or her the individual's consent, but shall withdrawal of complete anyconsent, and backgroundcomplete and investigationdocument any elements that are elements of the in progress at the background time consent is investigation that withdrawn. In the had been initiated information-sharing before the time at mechanism required which an individual under paragraph withdraws his or (o)(6) of thisher consent, and section, thewould prohibit the licensee,initiation of any applicant, or C/V element that was shall record the not in progress. individual'sFor example, if a application for licensee had unescorted access submitted a request authorization; his to a credit history or her withdrawal reporting agency of consent for the before an backgroundindividual withdrew investigation; the his or her consent, reason given by the the proposed individual for the paragraph would withdrawal, if any; require the and any pertinent licensee to informationdocument the credit collected from the history information backgroundthat is obtained investigationabout the elements that were individual, even if completed.the licensee receives the credit history report after the date on which the individual withdrew his or her consent. However, if the licensee had not yet requested information about the individual's military service history at the time the individual withdraws consent, the proposed provision would prohibit the licensee from initiating a request for military service history information. There are many reasons that an individual may withdraw his or her consent for the background investigation.[[Page 62743]]
In most instances, the reason that an individual withdraws his or her consent is legitimate, such as a change in the individual's work assignment. However, in some instances, the NRC is aware that individuals have withdrawn consent for the background investigation in order to attempt to prevent the discovery of adverse information or the sharing of adverse information already discovered about the individual by the licensee with other licensees. If the licensee were to stop all information gathering at the time at which the individual withdrew his or her consent, the likelihood that the adverse information would be discovered would be reduced. As a result, the individual could be afforded an opportunity to create a risk to public health and safety and the common defense and security by having physical access to a protected or vital area, and most importantly, be in a position to observe the licensee's security posture by obtaining access to a licensee facility under escort, because a rigorous background investigation is not required for individuals who ``visit'' a nuclear power plant under escort. Similarly, if information that had been requested by the licensee, such as a criminal history report under proposed Sec. 73.57 [Requirements for criminal history checks of individuals granted unescorted access to a nuclear power facility or access to safeguards information by power reactor licensees] of this chapter or the credit history report under proposed Sec. 73.56(d)(5), was received by the licensee after the time the individual withdrew consent and contained adverse information, but that adverse information was not documented in the information-sharing mechanism required under proposed paragraph (o)(6) of this section, the individual also could be inappropriately permitted to visit under escort the same or another site because the adverse information would not be available for review. Therefore, the proposed provisions would be necessary to maintain the effectiveness of AA programs in protecting public health and safety and the common defense and security by ensuring that all available information about individuals who have applied for UAA is documented and shared, while also protecting the privacy rights of individuals by initiating no further elements of the background investigation when an individual withdraws his or her consent. The proposed paragraph would also require licensees, applicants, and C/ Vs to create a record, accessible to other licensees, applicants, and C/ Vs, of the fact that an individual withdrew his or her consent to the background investigation and the reason for the withdrawal. This record would need to be created in the information- sharing mechanism required by proposed Sec. 73.56(o)(6), in order for licensees, applicants, and C/ Vs to carry out the notice requirement in proposed Sec. 73.56(d)(1)(i)(B).[[Page 62744]]
Sec. 73.56(4) Failure by (d)(1)(iii) The an individual to report any licensees, previous suspension,applicants, and C/ revocation, or denial of Vs specified in unescorted access toparagraph (a) of nuclear power reactors is this section shall considered sufficient cause inform, in writing, for denial of unescorted any individual who access authorization.is applying for unescorted access authorization that the following actions related to providing and sharing the personal information under this section are sufficient cause for denial or unfavorable termination of unescorted access authorization: (A) Refusal to provide written consent for the background investigation;. (B) Refusal to provide or the falsification of any personal history information required under this section, including the failure to report any previous denial or unfavorable termination of unescorted access authorization; Proposed Sec. 73.56(d)(1)(iii) would replace current Sec. 73.56(b)(4). The proposed paragraph would retain the intent of the current provision in proposed Sec. 73.56(d)(4), but would add other actions related to providing and sharing personal information that would be sufficient cause for a reviewing official to deny or unfavorably terminate an individual's UAA. Proposed paragraph (d)(1)(iii)(B) of this section would add falsification of any personal history information as a sufficient reason to deny or unfavorably terminate UAA in order to deter falsification attempts.. (C) Refusal toProposed paragraph provide written (d)(1)(iii)(D) of consent for the this section would sharing of personal add failure to information with comply with the other licensees, arrest-reporting applicants, or C/Vs requirements of required underproposed paragraph paragraph (d)(4)(v) (g) of this section of this section; as a sufficient and
reason to deny or (D) Failure tounfavorably report any arrests terminate UAA in or formal actions order to deter specified inindividuals from paragraph (g) of delaying or failing this section..to report such incidents. The additional actions that would be sufficient cause for denial or unfavorable termination would include: refusing to provide written consent for the background investigation that would be required under proposed paragraph (d)(1)(iii)(A) of this section; refusing to provide personal history information required under paragraph (d)(2) of this section, in proposed (d)(1)(iii)(B); and refusing to provide written consent for the individual's personal information to be shared among the entities who would be subject to this section that would be required under paragraph (d)(4)(v) of this section, in proposed paragraph (d)(1)(iii)(C).[[Page 62745]]
The proposed rule would specify these requirements for the disclosure and sharing of personal information because implementation of the AA programs required under this section requires individuals to disclose and permit the sharing of such personal information, subject to the protections of such information that would be provided in proposed Sec. 73.56(m). The proposed paragraph would also require the entities who are subject to this section to inform individuals of the potential consequences of these actions so that individuals understand the requirements to which they are subject and, therefore, would be more likely to comply with them. The proposed paragraph would delete the terms, ``suspension'' and ``revocation,'' and replace them with the term, ``unfavorable termination.'' Historically, there have been some inconsistencies between Sec. 73.56 access authorization requirements and related requirements in 10 CFR part 26 that have led to implementation questions from licensees, as well as inconsistencies in how the licensees have implemented the requirements. During the public meetings discussed in Section IV.3, the stakeholders provided examples of ambiguities in the terms used in Sec. 73.56 and how these ambiguities and lack of clarity in Sec. 73.56 had resulted in unintended consequences. Therefore, to address stakeholder requests for clarity and consistently describe the actions of denying UAA to an individual and terminating an individual's UAA for cause in proposed Sec. 73.56, only the terms, ``deny or denial'' and ``unfavorably terminate or unfavorable termination,'' would be used in the proposed paragraph and throughout the proposed section. (d)(2) Personal Proposed Sec. history disclosure. 73.56(d)(2) would (i) Any individual require an who is applying for individual who is unescorted access applying for UAA to authorization shall provide the disclose thepersonal personal history information that is information that is required under the required by the licensee's, licensee's,applicant's, or C/ applicant's, or C/ V's authorization V's authorization program, and any program and any information that information that may be necessary may be necessary for the reviewing for the reviewing official to official to make a evaluate the determination of individual's the individual's trustworthiness and trustworthiness and reliability. The reliability..proposed provision would be added to impose a requirement on individuals to divulge personal information in order to be granted UAA, in response to stakeholder requests at the public meetings discussed in Section IV.3.[[Page 62746]]
The proposed paragraph would not specify the nature of the information that individuals may be required to disclose because the information may vary widely, depending upon a number of factors, including, but not limited to, whether or not the individual has previously held UAA; the length of time that has elapsed since his or her last period of UAA was terminated; the job duties and responsibilities that the individual would perform for which UAA is required; and whether any adverse information about the individual is disclosed or discovered as a result of the background investigation, psychological assessment, or the suitable inquiry and drug and alcohol testing required under part 26 of this chapter. Although the amount and nature of information to be disclosed would vary depending on the factors described, individuals applying for UAA would be required to disclose some personal history information each time he or she applies for UAA, as discussed with respect to proposed Sec. 73.56(h) [Granting unescorted access authorization]. (d)(2)(ii)Proposed Sec. Licensees,73.56(d)(2)(ii) applicants, and C/ would prohibit a Vs may not require licensee, an individual to applicant, or C/V disclose anfrom requiring an administrativeindividual to withdrawal ofreport an unescorted access administrative authorization under withdrawal of UAA the requirements of that may be paragraphs (g), required under (h)(7), orproposed Sec. (i)(1)(v) of this 73.56(g), (h)(7), section, if the or (i)(1)(v), individual'sexcept if the unescorted access information authorization was developed or not subsequently discovered about denied orthe individual terminatedduring the period unfavorably by a of the licensee,administrative applicant, or C/V. withdrawal resulted in a denial or unfavorable termination of the individual's UAA. The proposed paragraph would ensure that a temporary administrative withdrawal of an individual's UAA, caused by an administrative delay in completing an evaluation of any formal legal action, or any portion of a background investigation, re- investigation, or psychological assessment or re- assessment that is not under the individual's control, would not be treated as an unfavorable termination, except if the reviewing official determines that the delayed information requires denial or unfavorable termination of the individual's UAA. This proposed provision would be necessary to maintain the public's and individuals' confidence in the fairness of AA programs by protecting individuals from possible adverse employment actions that may be based upon administrative delays for which they are not responsible.[[Page 62747]]
Sec. 73.56(b)(2)(i) * * * (d)(3) Verification Proposed Sec. true identity, and develop of true identity. 73.56(d)(3) would information concerning an Licensees,expand on the individual's employment applicants, and C/ portion of current history, education history, Vs shall verify the Sec. credit history, criminal true identity of an 73.56(b)(2)(i) that history, military service, individual who is requires licensees and verify an individual's applying forto verify an character and reputation. unescorted access individual's true authorization in identity. The order to ensure proposed paragraph that the applicant would require the is the person that entities who are he or she hassubject to this claimed to be. At a section, at a minimum, licensees, minimum, to applicants, and C/ validate the social Vs shall validate security number, or the social security in the case of number that the foreign nationals, individual hasthe alien provided, and, in registration the case of foreign number, that the nationals, theindividual has alien registration provided to the number that the licensee, applicant individualor C/V. The term, provides. In``validation,'' addition,would be used in licensees,the proposed applicants, and C/ paragraph to Vs shall alsoindicate that determine whether licensees, the results of the applicants and C/Vs fingerprintingwould be required required under Sec. to take steps to 73.21 confirm the access information individual'sin addition to that claimed identity, provided by the if such results are individual from available.other reliable sources to ensure that the personal identifying information the individual has provided to the licensee is authentic. This validation could be achieved through a variety of means, including, but not limited to, accessing information from databases that are maintained by the Federal Government, or evaluating an accumulation of information, such as comparing the social security number the individual provided to the social security number(s) included in a credit history report and information obtained from other sources. The proposed paragraph would also require using the information obtained from fingerprinting individuals, as required under proposed Sec. 73.21, to confirm an individual's identity, if that information is available. The proposed requirement clarifies the NRC's intent with respect to this portion of the background investigation. Sec. 73.56(b)(2)(i) * * * (d)(4) Employment Proposed Sec. and develop information history evaluation. 73.56(d)(4) would concerning an individual's Licensees,amend the portion employment history * * *. applicants, and C/ of current Sec. Vs shall ensure 73.56(b)(2)(i) that that an employment requires licensees history evaluation to develop has been completed, information by questioning the concerning an individual'sindividual's present and former employment history, employers, and by education history, determining the and military activities ofservice. This individuals while paragraph would be unemployed.added in response to many implementation questions about these requirements from licensees. Because the proposed paragraph would add several clarifications of the current requirements, it would be subdivided to present each requirement separately for organizational clarity in the rule. Considered together, the requirements of proposed Sec. 73.56(d)(4) would clarify the NRC's intent that periods of unemployment, education, and military service must be evaluated only if the individual claims them instead of typical civilian employment.[[Page 62748]]
Proposed Sec. 73.56(d)(4) would require licensees, applicants, and C/ Vs to demonstrate a best effort to complete the employment history evaluation. The term, ``best effort,'' would be added to clarify the requirements and increase consistency between Sec. 73.56 and related requirements in 10 CFR 26.27(a). The best effort criterion recognizes licensees', applicants', and C/ Vs' status as commercial entities with no legal authority to require the release of the information from other private employers and educational institutions. Because of privacy and potential litigation concerns, some private employers and educational institutions may be unable or unwilling to release qualitative information about a former employee or student. Therefore, the best effort criterion would first require licensees, applicants, and C/ Vs to seek employment information from the primary source (e.g. a company, private employer, or educational institution that the applicant has listed on his or her employment history), but recognizes that it may not be forthcoming. In this case a licensee, applicant, or C/V would be required to seek information from an alternate, secondary source when the information from the primary source is unavailable. The proposed provision would use the phrase, ``ensure that the employment history evaluation has been completed,'' because a licensee, applicant, or C/V may not be required to conduct an employment history evaluation for every individual who applies for UAA. As discussed with respect to proposed Sec. 73.56(h)(3) and (h)(4), the proposed rule would permit licensees, applicants, and C/ Vs to accept and rely on elements of the background investigations, psychological assessments, and behavioral observation training conducted by other entities who are subject to this section to meet the requirements of this section. Therefore, the need for and extent of the employment history evaluation would vary, depending upon how much recent information was available to the licensee, applicant, or C/V from any previous periods during which the individual may have held UAA. In the case of individuals whose UAA has been interrupted for 30 or fewer days, proposed Sec. 73.56(h) would not require an employment history evaluation for the reasons discussed with respect to that paragraph.[[Page 62749]]
However, proposed Sec. 73.56(h) would establish time limits on the permission to accept and rely on AA program elements to which the individual was previously subject, based upon how far in the past the background investigation, psychological assessment, and behavioral observation training elements were completed. These time limits are discussed in more detail with respect to the specific provisions in the proposed rule that address them. The proposed provision would also require licensees, applicants, and C/ Vs to determine the activities of individuals during periods in which the individual was unemployed. The proposed rule would add this requirement to make certain that, during the periods that individuals claim to have been unemployed, (1) they were not engaged in activities that may reflect adversely on their trustworthiness and reliability, such as confinement for periods of incarceration or in- patient drug or alcohol treatment, or (2) they intentionally failed to disclose periods of employment that were ended unfavorably. (d)(4)(i) For the A new Sec. claimed employment 73.56(d)(4)(i) period, thewould specify the employment history purpose of the evaluation must employment history ascertain theevaluation, which reason forwould be to termination,ascertain eligibility for information about rehire, and other the individual's information that trustworthiness and could reflect on reliability, and the individual's the types of trustworthiness and information that reliability.the licensee, applicant, or C/V would seek from employers regarding an individual who is applying for UAA. The proposed paragraph would require the entities who are subject to this section to ascertain, consistent with the ``best effort'' criterion established in proposed Sec. 73.56(d)(4), the reason that the individual's employment was terminated, his or her eligibility for rehire, and other information that could reflect on the individual's trustworthiness and reliability. The term, ``ascertain,'' would be used in the proposed paragraph because it is consistent with the terminology used by the industry to refer to the actions taken with respect to conducting the employment history evaluation and would, therefore, improve the clarity of this requirement for those who must implement it. In addition, there may be instances in which it is unnecessary for a licensee, applicant, or C/V to conduct the employment history evaluation, as discussed with respect to proposed Sec. 73.56(d)(4), because proposed Sec. 73.56(h)(2) would permit the entities who implement authorization programs to rely on employment history evaluations conducted by other entities who are subject to this section. In such cases, the licensee's, applicant's, or C/ V's reviewing official would not review information that was developed under his or her AA program, but would ascertain the subject individual's employment history by reviewing information that had been collected by others. The proposed requirement would be added in response to implementation questions that have arisen about the employment history check that is required in current Sec. 73.56(b)(2)(i).[[Page 62750]]
Sec. 73.56(b)(2)(i) * * * (d)(4)(ii) If the Proposed Sec. the background
claimed employment 73.56(d)(4)(ii) investigation must * * * was militarywould amend the develop informationservice, theportion of current concerning an individual's licensee,Sec. 73.56(2)(i) * * * military service * * applicant, or C/V that requires *.
who is conducting licensees to the employmentdevelop information history evaluation about an shall request a individual's characterization of military service. service, reason for The proposed separation, and any paragraph would disciplinaryclarify the NRC's actions that could intent that affect averification and trustworthiness and characterization of reliabilitythe individual's determination.military service would be required only if the individual claims military service as employment within the periods during which the individual would be required to disclose his or her employment history, as specified in proposed Sec. 73.56(h) [Granting unescorted access authorization]. This clarification would respond to implementation questions from licensees and stakeholder requests at the public meetings discussed in Section IV.3. Sec. 73.56(b)(2)(i) * * * (d)(4)(iii) Periods Proposed Sec. and develop information of self-employment 73.56(d)(4)(iii) concerning an individual's or unemployment may would be added at * * * education history, * be verified by any the request of * *.
reasonable method. stakeholders at the If education is public meetings claimed in lieu of discussed in employment, the Section IV.3 to licensee,clarify the NRC's applicant, or C/V intent with respect shall requestto periods of self- information that employment, could reflect on unemployment, or the individual's education, if the trustworthiness and individual claims reliability and, at such activities a minimum, verify within the periods that the individual during which the was activelyindividual would be participating in required to the educational disclose his or her process during the employment history, claimed period. as specified in proposed Sec. 73.56(h). The proposed paragraph would permit licensees, applicants, and C/ Vs to use any reasonable means, consistent with the ``best effort'' criterion discussed with respect to proposed Sec. 73.56(d)(4), to verify the individual's activities during claimed periods of self-employment and unemployment. Reasonable means to verify the individual's activities may include, but would not be limited to, a review of business or tax records documenting the individual's self-employment, copies of unemployment compensation checks, or interviews with business associates or acquaintances. To verify education in lieu of employment, the proposed paragraph would require the entities who are subject to this section to request information from the claimed educational institution that could reflect on the individual's trustworthiness and reliability. However, for reasons that are similar to those discussed with respect to proposed Sec. 73.56(d)(4), the NRC recognizes that it may be difficult to obtain information from an educational institution about the individual's behavior while a student. Therefore, the proposed paragraph would permit licensees, applicants, and C/ Vs to verify, at a minimum, that the applicant was attending and actively participating in school during the claimed period(s).[[Page 62751]]
(d)(4)(iv) If a Proposed Sec. company, previous 73.56(d)(4)(iv) employer, orwould further educationalclarify the NRC's institution to whom intent with respect the licensee,to the actions that applicant, or C/V licensees, has directed aapplicants, and C/ request forVs would take to information refuses meet the best to provideeffort criterion in information orproposed Sec. indicates an73.56(d)(4), in inability orresponse to many unwillingness to implementation provide information questions received within 3 business from licensees. The days of theproposed paragraph request, thewould address licensee,circumstances in applicant, or C/V which a primary shall document this source of refusal, inability, information refuses or unwillingness in to provide the licensee's, employment applicant's, or C/ information or V's record of the indicates an investigation, and inability or obtain aunwillingness to confirmation of provide it within 3 employment ordays of the educationalrequest. Licensees enrollment andand other entities attendance from at would be required least one alternate to document that source, withthe request for questions answered information was to the best of the directed to the alternate source's primary source and ability. Thisthe nature of the alternate source response (i.e., a may not have been refusal, inability, previously used by or unwillingness). the licensee,If a licensee, applicant, or C/V applicant, or C/V to obtainencounters such information about circumstances, the the individual's proposed paragraph character andwould require the reputation. If the licensee, licensee,applicant, permit, applicant, or C/V or C/V to seek uses an alternate employment history source becauseinformation from an employmentalternate source, information is not to the extent of forthcoming within the alternate 3 business days of source's ability to the request, the provide the licensee,information. An applicant, or C/V alternate source need not delaymay include, but granting unescorted would not be access
limited to, a co- authorization to worker or wait for anysupervisor at the employer response, same company who but shall evaluate had personal and document the knowledge of the response if it is applicant, if such received.an individual could be located. However, the proposed rule would prohibit the licensee, applicant, or C/V from using the alternate source of employment information to meet the requirements in proposed Sec. 73.56(d)(6) for a character reference, in order to ensure that the scope of the background investigation is sufficiently broad to provide high assurance that individuals who are granted UAA are trustworthy and reliable. The proposed paragraph would permit licensees and other entities to grant UAA, if warranted, when a response has been obtained from an alternate source, without waiting more than 3 days after the request for information was directed to a primary source. The 3-day period would be established because industry and NRC experience in implementing current Sec. 73.56 has shown that if an employer or educational institution intends to respond to the request for information, the response will be forthcoming within this period. Therefore, there is no added benefit to public health and safety or the common defense and security in requiring licensees, applicants, or C/Vs to wait longer than 3 days before implementing the alternative methods of meeting the employment history evaluation requirements that would be permitted in the proposed paragraph.[[Page 62752]]
However, should the licensee, applicant, or C/V receive an employer response to the request for information after the 3-day period, the proposed paragraph would require that the implications of the information must be evaluated with respect to the individual's trustworthiness and reliability and the information documented, so that it is available to other licensees, applicants, and C/ Vs. These changes would be made to reduce unnecessary regulatory burden while maintaining high assurance that individuals who are subject to an AA program are trustworthy and reliable. (d)(4)(v) When any Proposed Sec. licensee,73.56(d)(v) would applicant, or C/V require licensees, specified inapplicants, and C/ paragraph (a) of Vs who are subject this section is to this section to legitimatelyshare employment seeking thehistory information informationthat they have required for an collected, if unescorted access contacted by authorizationanother licensee, decision under this applicant, or C/V section and has who has a release obtained a signed signed by the release from the individual who is subject individual applying for UAA authorizing the that would permit disclosure of such the sharing of that information, ainformation. This licensee,proposed provision applicant, or C/V would amend the who is subject to requirement to this section shall release employment disclose whether history information the subjectin current Sec. individual's73.56(f)(2) and unescorted access would be consistent authorization was with related denied orrequirements in 10 terminatedCFR part 26. The unfavorably. The proposed provision licensee,would also clarify applicant, or C/V that the who receives the information must request foralso be released to information shall C/Vs who have make available the authorization to information upon programs when the C/ which the denial or V has obtained the unfavorablerequired signed termination ofrelease from the unescorted access applicant. This authorization was proposed based.
clarification is necessary because some licensees have misinterpreted current Sec. 73.56(f)(2) as prohibiting the release of employment history information to C/Vs who administer authorization programs under this section. These requirements are necessary to ensure that adequate information to serve as a basis for UAA decisions can be obtained by a licensee, applicant, or C/V. (d)(4)(vi) InProposed Sec. conducting an73.56(d)(4)(vi) employment history would permit evaluation, the licensees, licensee,applicants, and C/ applicant, or C/V Vs to use may obtainelectronic means of information and obtaining the documents byemployment history electronic means, information to including, but not increase the limited to,efficiency with telephone,which licensees, facsimile, orapplicants, and C/V email. Thecould obtain the licensee,employment history applicant, or C/V information. The shall make a record proposed paragraph of the contents of would be added in the telephone call response to and shall retain stakeholder that record, and requests at the any documents or public meetings files obtaineddiscussed in electronically, in Section IV.3, and accordance with would be consistent paragraph (o) of with related this section.requirements in 10 CFR part 26. The proposed paragraph would also add a cross-reference to the applicable records retention requirement in proposed Sec. 73.56(o) [Records] to ensure that licensees, applicants, and C/ Vs are aware of the applicability of these requirements to the employment history information obtained electronically.[[Page 62753]]
Sec. 73.56(b)(2)(i) * * * (d)(5) CreditProposed Sec. and develop information history evaluation. 73.56(d)(5) would concerning an individual's The licensees,retain the * * * credit history, * * *. applicants, and C/ requirement for a Vs specified in credit history paragraph (a) of evaluation that is this section shall embedded in current ensure that the Sec. full credit history 73.56(b)(2)(i) and of any individual provide more who is applying for detailed unescorted access requirements, in authorization has response to been evaluated. A stakeholder full credit history requests at the evaluation must public meetings include, but would discussed in not be limited to, Section IV.3. The an inquiry toproposed paragraph detect potential would require the fraud or misuse of credit history social security evaluation to numbers or other include an inquiry financialto detect any past identifiers, and a instances of fraud review andor misuse of social evaluation of all security numbers or of the information other financial that is provided by identifiers. This a national credit- requirement would reporting agency be added because about themost credit- individual's credit reporting agencies history.require a specific request for this information before they report it, and the NRC has determined that instances of fraud or misuse of financial identifiers, such as social security numbers or the names that an individual has used, may provide important information about an individual's trustworthiness and reliability. The proposed paragraph would also require the entities who are subject to this section to review all of the information that is provided by the national credit- reporting agency, as part of the background investigation process. The proposed paragraph would use the term, ``full'' to convey that there is no time limit on the number of years of credit history information that the reviewing official would consider or other limitations on using information contained in the credit history report to assist in determining the individual's trustworthiness and reliability. In the past, licensees' AA program procedures limited the number of years of the individual's credit history that reviewing officials were required to consider in determining an individual's trustworthiness and reliability. As a result, some reviewing officials may not have considered credit history information for several years, even if the reporting agency provided it. As a result, individuals who were subject to different authorization programs were evaluated inconsistently. Furthermore, credit history reporting agencies also provide employment data that can be compared to the information disclosed by the applicant for UAA to validate the individual's disclosure. However, some AA program procedures did not require the reviewing official to make this comparison. Therefore, the proposed paragraph would require the reviewing official to consider the ``full'' credit history report, in order to strengthen the effectiveness of the credit history evaluation element of AA programs and increase the consistency with which licensees, applicants, and C/ Vs would conduct the credit history evaluation.[[Page 62754]]
Sec. 73.56(b)(2)(i) * * * (d)(6) Character and Proposed Sec. and develop information reputation. The 73.56(d)(6) would concerning an individual's licensees,expand on the * * * character andapplicants, and C/ requirement in reputation.
Vs specified in current Sec. paragraph (a) of 73.56(b)(2)(i) for this section shall licensees to verify ascertain thean individual's character andcharacter and reputation of an reputation. The individual who has proposed provision applied forwould require the unescorted access entities who authorization by implement AA conductingprograms to develop reference checks. information about Reference checks an individual's may not betrustworthiness and conducted with any reliability by person who is known contacting and to be a closeinterviewing member of theassociates of the individual'sindividual who family, including would have but not limited to, knowledge of his or the individual's her character and spouse, parents, reputation, but who siblings, orwould not be a children, or any member of the individual whoindividual's resides in theimmediate family or individual'sreside in his or permanenther household. household. TheFamily and reference checks household members must focus on the would be excluded individual'sbecause these reputation forindividuals are trustworthiness and typically reluctant reliability.to reveal any adverse information, if it exists. The term, ``ascertain,'' would replace ``verify,'' in the proposed paragraph because it is consistent with the terminology used by the industry to refer to the actions taken with respect to determining an individual's character and reputation and would, therefore, improve the clarity of this requirement for those who must implement it. In addition, there would be instances in which it is unnecessary for a licensee, applicant, or C/V to conduct the character and reputation evaluation because proposed Sec. 73.56(h)(4) would permit the entities who implement AA programs to rely on the background investigations conducted by other entities who are subject to this section. In such cases, the licensee's, applicant's, or C/ V's reviewing official would not review information that was collected under his or her AA program, but would ascertain the subject individual's character and reputation by reviewing information that had been collected by others. The last sentence of the proposed paragraph would clarify that the scope of the reference checks would be limited to developing information that would be useful to the reviewing official in determining the individual's trustworthiness and reliability for the UAA decision. This requirement would be added in response to stakeholder requests at the public meetings discussed in Section IV.3 for increased clarity and specificity in the regulation's requirements.[[Page 62755]]
Sec. 73.56(b)(2)(i) * * * (d)(7) Criminal Proposed Sec. and develop information history review. The 73.56(d)(7) would concerning an individual's licensee's,amend the * * * criminal history * * applicant's, or C/ requirement in *.
V's reviewingcurrent Sec. official shall73.56(b)(2)(i) for evaluate the entire licensees to criminal history develop information record of anabout an individual who is individual's applying forcriminal history. unescorted access The proposed authorization to provision would assist ineliminate the determining whether current requirement the individual has to develop criminal a record ofhistory information criminal activity because proposed that may adversely Sec. 73.57 impact his or her [Requirements for trustworthiness and criminal history reliability. The checks of criminal history individuals granted record must beunescorted access obtained into a nuclear power accordance with the facility or access requirements of to Safeguards Sec. 73.57.Information by power reactor licensees] would establish the methods by which criminal history information about individuals who are applying for UAA would be obtained and it is unnecessary to repeat those requirements in this section. The proposed paragraph would require the reviewing official to review the individual's entire criminal history record. This requirement would be necessary because, in the past, some licensees limited the criminal history review to the individual's history over the past 5 or fewer years, but did not consider criminal history information from earlier years, even if the reporting agency provided it. However, the NRC has determined that a review of all of the criminal history information that is provided in a criminal history record provides higher assurance that any instances or patterns of lawlessness are considered when determining whether an individual is trustworthy and reliable. Therefore, the proposed rule would incorporate this requirement in order to strengthen the effectiveness of AA programs. Sec. 73.56(d) Requirements Deleted............. Current Sec. during cold shutdown. (1)
73.56(d) The licensee may grant
[Requirements unescorted access during
during cold cold shutdown to an
shutdown] would be individual who does not
eliminated from the possess an access
proposed rule. authorization granted in
Because of an accordance with paragraph
increased concern (b) of this section
with a potential provided the licensee
insider threat, as develops and incorporates
discussed in into its Physical Security
Section IV.3, the Plan measures to be taken
NRC has determined to ensure that the
that the relaxation functional capability of
of UAA requirements equipment in areas for
permitted in the which the access
current provision authorization requirement
does not meet the has been relaxed has not
Commission's been impaired by relaxation
objective of of that requirement. (2)
providing high Prior to incorporating such
assurance that measures into its Physical
individuals who Security Plan the licensee
have unescorted shall submit those plan
access to protected changes to the NRC for
areas in nuclear review and approval
power plants are pursuant to Sec. 50.90.
trustworthy and (3) Any provisions in
reliable. licensees' security plans
Therefore, the that allow for relaxation
current permission of access authorization
to grant unescorted requirements during cold
access to an shutdown are superseded by
individual without this rule. Provisions in
meeting all of the licensees' Physical
requirements of Security Plans on April 25,
proposed Sec. 1991 that provide for
73.56 would be devitalization (that is, a
eliminated from the change from vital to
proposed rule. protected area status)
Licensees and during cold shutdown are
applicants would not affected.
continue to be permitted to seek an exemption from the requirements of proposed Sec. 73.56 under current Sec. 73.5 [Specific exemptions].[[Page 62756]]
Sec. 73.56(b)(2)(ii) A (e) Psychological Proposed Sec. psychological assessment assessment. In73.56(e) would designed to evaluate the order to assist in amend current Sec. possible impact of anydetermining an73.56(b)(2)(ii), noted psychologicalindividual'swhich requires AA characteristics which may trustworthiness and programs to include have a bearing onreliability, the a psychological trustworthiness andlicensees,assessment, by reliability.
applicants, and C/ adding several Vs specified in requirements to the paragraph (a) of current rule. this section shall Because the ensure that arequirements in the psychologicalproposed rule would assessment has been be more detailed, completed of the the current individual who is paragraph would be applying forrestructured and unescorted access subdivided to authorization. The present the new psychologicalrequirements in assessment must be separate designed toparagraphs. This evaluate thechange would be possible adverse made for increased impact of any noted clarity in the psychologicalorganization of the characteristics on rule. The proposed the individual's paragraph would trustworthiness and retain the current reliability.requirement for the psychological assessment to be designed to evaluate the implications of the individual's psychological characteristics on his or her trustworthiness and reliability in a separate sentence for clarity. For the same reason, ``adverse'' would be added to more clearly describe the intended purpose of the psychological assessment. The proposed provision would retain the intent of the current requirement for AA programs to include a psychological assessment, but would use the phrase, ``has been completed,'' because licensees, applicants, and C/ Vs may not be required to complete the psychological assessment each time that an individual applies for UAA. As discussed with respect to proposed Sec. 73.56(h)(1), AA programs would be permitted to rely on psychological assessments that were completed by other AA programs. Individuals who have been subject to a psychological assessment, which was conducted in accordance with requirements of this proposed section and resulted in the granting of UAA, within the time period specified in the licensee's or applicant's Physical Security Plan [as discussed with respect to proposed Sec. 73.56(i)(1)(v)], would not be required to be assessed again in order to be granted UAA. (e)(1) A licensed Proposed Sec. clinical73.56(e)(1) would psychologist or establish minimum psychiatrist shall requirements for conduct thethe credentials of psychologicalindividuals who assessment.perform the psychological assessments that are required under current Sec. 73.56(b)(2)(ii), which are not addressed in the current rule. The proposed provision would require a licensed clinical psychologist or psychiatrist to conduct the psychological assessment, because the extensive education, training, and supervised clinical experience that these professionals must possess in order to be licensed under State laws would provide high assurance that they are qualified to conduct the psychological assessments that are required under the rule. The proposed rule would impose this new requirement because of the key role that the psychological assessment element of AA programs plays in assuring the public health and safety and common defense and security when determining whether an individual is trustworthy and reliable. Therefore, the proposed provision would be added to strengthen the effectiveness of AA programs.[[Page 62757]]
(e)(2) TheA new Sec. psychological73.56(e)(2) would assessment must be require conducted inpsychological accordance with the assessments to be applicable ethical conducted in principles foraccordance with conducting such ethical principles assessmentsfor conducting such established by the assessments that Americanare established by Psychologicalthe American Association orPsychological AmericanAssociation or the PsychiatricAmerican Association.Psychiatric Association, as applicable. In order to meet State licensure requirements, clinical psychologists and psychiatrists are required to practice in accordance with the applicable professional standards. However, the proposed rule would add a reference to these professional standards to emphasize the importance that the NRC places on the proper conduct of psychological assessments, in order to ensure the rights of individuals, consistent treatment, and the effectiveness of the psychological assessment component of AA programs. (e)(3) At a minimum, Proposed Sec. the psychological 73.56(e)(3) would assessment must establish new include therequirements for administration and the psychological interpretation of a testing that standardized,licensees, objective,applicants, and C/ professionallyVs would conduct as acceptedpart of the psychological test psychological that providesassessment. The information toproposed paragraph identifywould require the indications ofadministration and disturbances in interpretation of personality oran objective psychopathology psychological test that may havethat provides implications for an information to aid individual'sin identifying trustworthiness and personality reliability.disturbances and Predeterminedpsychopathology. thresholds must be The proposed rule applied inwould specify interpreting the psychological tests results of thethat are designed psychological test, to identify to determineindications of whether anpersonality individual shall be disturbances and interviewed by a psychopathology psychiatrist or because some of licensed clinical these conditions psychologist under may reflect paragraph (e)(4)(i) adversely on an of this section. individual's trustworthiness and reliability. The proposed rule would not prohibit the use of other types of psychological tests, such as personality inventories and tests of abilities, in the psychological assessment process, but would establish the minimum requirement for a test that identifies indications of personality disturbances and psychopathology because the identification of these conditions is most relevant to the purpose of the psychological assessment element of AA programs. The proposed provision would also require the use of standardized, objective psychological tests to reduce potential variability in the testing that is conducted under this section.[[Page 62758]]
Decreasing potential variability in testing is important to provide greater assurance than in the past that individuals who are applying for or maintaining UAA are treated consistently under the proposed rule. The proposed rule would not prohibit the use of other types of psychological tests, such as projective tests, in the psychological assessment process, but would establish the minimum requirement for a standardized, objective test to facilitate the psychological re- assessments that would be required under proposed Sec. 73.56(i)(1)(v). Comparing scores on a standardized, objective test to identify indications of any adverse changes in the individual's psychological status is simplified when the testing that is performed for a re- assessment is similar to or the same as previous testing that was conducted under this section, particularly when the clinician who conducts the re- assessment did not conduct the previous testing. The proposed paragraph would also require licensees, applicants, and C/ Vs to establish thresholds in interpreting the results of the psychological test, to aid in determining whether an individual would be required to be interviewed by a psychiatrist or licensed clinical psychologist under proposed paragraph (e)(4)(ii) of this section. The NRC is aware of substantial variability in the thresholds used by authorization programs in the past to determine whether an individual's test results provided indications of personality disturbances or psychopathology. Different clinical psychologists providing services to the same or different AA programs would vary in the thresholds they applied in determining whether an individual's test results indicated the need for further evaluation in a clinical interview. As a consequence, whether or not individuals who had the same patterns of scores on the psychological test would be subject to a clinical interview would vary both within and between AA programs. The proposed rule would add a requirement for predetermined thresholds to reduce this variability in order to protect the rights of individuals who are subject to AA programs to fair and consistent treatment.[[Page 62759]]
(e)(4) TheA new Sec. psychological73.56(e)(4) would assessment must establish include a clinical requirements for interview--the conditions (i) If anunder which the individual's scores psychological on the
assessment must psychological test include a clinical in paragraph (e)(3) interview. Proposed of this section Sec. identify73.56(e)(4)(i) indications ofwould require a disturbances in clinical interview personality orif an individual's psychopathology scores on the that may havepsychological test implications for an identified individual'sindications of trustworthiness and disturbances in reliability; or. personality or (ii) If thepsychopathology licensee's orthat would applicant'snecessitate further Physical Security assessment. The Plan requires a clinical interview clinical interview would be performed based on jobby a licensed assignments..clinical psychologist or psychiatrist, consistent with the ethical principles for conducting psychological assessments that are established by the American Psychological Association or the American Psychiatric Association. The purposes of the clinical interview would include, but would not be limited to, validating the test results and assessing their implications for the individual's trustworthiness and reliability. Proposed Sec. 73.56(e)(4)(ii) would also require a clinical interview for some individuals who would be identified in the licensee's or applicant's Physical Security Plan. In general, the individuals who would always receive a clinical interview before being granted UAA would be those who perform critical operational and security-related functions at the licensee's site. The proposed requirements are necessary to ensure that any noted psychological characteristics of individuals who are applying for or maintaining UAA do not adversely affect their trustworthiness and reliability. (e)(5) If, in the A new Sec. course of73.56(e)(5) would conducting therequire the psychologicalpsychologist or assessment, the psychiatrist who licensed clinical conducts the psychologist or psychological psychiatristassessment to identifiesreport to the indications of, or reviewing official information related any information to, a medicalobtained through condition thatconducting the could adversely assessment that impact theindicates the individual'sindividual may have fitness for duty or a medical condition trustworthiness and that could reliability, the adversely affect psychologist or his or her fitness psychiatrist shall for duty or inform thetrustworthiness and reviewing official, reliability. For who shall ensure example, some that an appropriate psychological tests evaluation of the identify possible medical indications of a condition issubstance abuse conducted under the problem. Or, an requirements of individual may part 26 of this disclose during the chapter.clinical interview that he or she is taking prescription medications that could cause impairment. In these instances, the proposed rule would require the reviewing official to ensure that the potential impact of any possible medical condition on the individual's fitness for duty or trustworthiness and reliability is evaluated. The term, ``appropriate,'' would be used with respect to the medical evaluation to recognize that healthcare professionals vary in their qualifications.[[Page 62760]]
For example, a psychiatrist who conducts the assessment would be qualified to assess the potential impacts on an individual's fitness for duty of any psychoactive medications the individual may be taking, whereas a substance abuse professional, nurse practitioner, or other licensed physician may not. The NRC is aware of instances in which indications of a substance problem or other medical condition that could adversely affect an individual's fitness for duty or trustworthiness and reliability were identified during the psychological assessment, but were not communicated to fitness-for-duty program personnel and, therefore, were not evaluated as part of the access authorization decision. The proposed paragraph would be added to ensure that information about potential medical conditions is communicated and evaluated. This provision would be added to strengthen the effectiveness of the access authorization process. Sec. 73.56(b)(2)(iii) (f) BehavioralProposed Sec. Behavioral observation, observation. Access 73.56(f) conducted by supervisors authorization[Behavioral and management personnel, programs mustobservation] would designed to detectinclude areplace current individual behavioralbehavioralSec. changes which, if leftobservation element 73.56(b)(2)(iii), unattended, could lead to that is designed to which requires acts detrimental to the detect behaviors or licensees' AA public health and safety. activities that may programs to include constitute ana behavioral unreasonable risk observation to the health and element, to be safety of theconducted by public and common supervisors and defense andmanagement security, including personnel, and a potential threat designed to detect to commitindividual radiologicalbehavioral changes sabotage.which, if left unattended, could lead to acts detrimental to the public health and safety. The proposed paragraph would amend the requirements of the current paragraph and add others. Proposed Sec. 73.56(f) would amend the objective of the behavioral observation element of AA programs in the current provision. The proposed paragraph would eliminate the current reference to behavior changes which, if left unattended, could lead to detrimental acts. Although detecting and evaluating behavior changes in order to determine whether they may lead to acts detrimental to the public health and safety is important, the behavioral observation element of fitness-for-duty programs that is required under 10 CFR 26.22(a)(4) also addresses this objective. Therefore, the proposed paragraph would be revised, in part, to eliminate this redundancy.[[Page 62761]]
In addition, the current provision's requirement for behavioral observation to focus only on detecting behavior changes is too narrow. The NRC intends that behavioral observation must also be conducted in order to increase the likelihood that potentially adverse behavior patterns and actions will be detected and evaluated before there is an opportunity for such behavior patterns or acts to result in detrimental consequences. For example, experience in other industries has shown that an individual's unusual interest in an organization's security activities and operations that are outside the scope of the individual's normal work assignments may be an indication that the individual is gathering intelligence for adversarial purposes. If the behavioral observation element of AA programs focuses only on behavior changes, and an individual has demonstrated a pattern of ``unusual interest'' since starting work for the licensee, other persons who are aware of the individual's behavior pattern may not consider the behavior to be a potential concern and, therefore, may not raise the concern. As a result, an opportunity to detect and evaluate this behavior pattern would be lost. Therefore, in order to increase the effectiveness of the behavioral observation element of AA programs and more clearly convey the NRC's intent, the proposed paragraph would be revised to clarify that the objective of behavioral observation is to detect behavior or activities that have the potential to constitute an unreasonable risk to the health and safety of the public and common defense and security, including a potential threat to commit radiological sabotage. The portion of current Sec. 73.56(b)(2)(iii) that addresses who must conduct behavioral observation (i.e., supervisors and management personnel) would be moved to a separate paragraph for increased organizational clarity in this section, and would be amended for the reasons discussed with respect to proposed Sec. 73.56(f)(2). (f)(1) TheProposed Sec. licensees,73.56(f)(1) would applicants, and C/ clarify the intent Vs specified in of the current paragraph (a) of requirement by this section shall specifying the ensure that the individuals who individualsmust be subject to specified inbehavioral paragraph (b)(1) of observation. The this section and, proposed paragraph if applicable,would be added to (b)(2) of thisaddress stakeholder section are subject requests at the to behavioralpublic meetings observation.discussed in Section IV.3, for increased specificity in the language of the rule.[[Page 62762]]
(f)(2) TheThe proposed individualsparagraph would specified inamend the portion paragraph (b)(1) of current Sec. and, if applicable, 73.56(b)(2)(iii) (b)(2) of thisthat requires only section shallsupervisors and observe themanagement behavior of other personnel to individuals. The conduct behavioral licensees,observation by applicants, and C/ requiring all Vs specified in individuals who are paragraph (a) of subject to an this section shall authorization ensure thatprogram to conduct individuals who are behavioral subject to this observation. section alsoIncreasing the successfullynumber of complete behavioral individuals who observationconduct behavioral training.observation would enhance the effectiveness of AA programs by increasing the likelihood of detecting behavior or activities that may be adverse to the safe operation and security of the facility and may, therefore, constitute an unreasonable risk to the health and safety and common defense and security. This change is necessary to address the NRC's increased concern with a potential insider threat discussed in Section IV.3. Proposed Sec. 73.56(f)(2) also would require licensees, applicants, and C/ Vs to ensure that individuals who are subject to an authorization program successfully complete behavioral observation training. The means by which licensees, applicants, and C/ Vs would demonstrate that an individual has successfully completed the training would be through the administration of the comprehensive examination discussed with respect to proposed Sec. 73.56(f)(2)(iii). Because all individuals who are subject to the AA program would be required to conduct behavioral observation, training is necessary to ensure that individuals have the knowledge, skills, and abilities necessary to do so. (f)(2)(i) Behavioral Proposed Sec. observation73.56(f)(2)(i) training must be would require all completed before personnel who are the licensee,subject to this applicant, or C/V section to complete grants an initial behavioral unescorted access observation authorization, as training before the defined inlicensee, paragraph (h)(5) of applicant, or C/V this section, and grants initial must be current unescorted access before theauthorization to licensee,the individual, as applicant, or C/V defined in proposed grants anparagraph (h)(5) unescorted access [Initial unescorted authorizationaccess update, as defined authorization]. The in paragraph (h)(6) proposed rule would of this section, or also require that an unescortedan individual's access
training must be authorizationcurrent before the reinstatement, as licensee, defined inapplicant, or C/V paragraph (h)(7) of grants an this section;unescorted access authorization update or reinstatement to the individual, as defined in proposed paragraphs (h)(6) [Updated unescorted access authorization] and (h)(7) [Reinstatement of unescorted access authorization reinstatement] of this section, respectively. Annual refresher training, which would be the means by which licensees, applicants, and C/ Vs would meet the requirement for training to be ``current,'' would be addressed in proposed Sec. 73.56(f)(2)(ii). The proposed requirement to complete behavioral observation training before initial unescorted access authorization is granted is necessary to ensure that individuals have the knowledge, skills, and abilities required to meet their responsibilities for conducting behavioral observation under proposed paragraph (f)(2)(i). The basis for requiring refresher training is discussed with respect to proposed paragraph (f)(2)(ii) of this section.
[[Continued on page 62763]]
From the Federal Register Online via GPO Access [wais.access.gpo.gov] ]
[[pp. 62763-62812]] Power Reactor Security Requirements[[Continued from page 62762]]
[[Page 62763]]
(f)(2)(ii)Proposed Sec. Individuals shall 73.45(f)(2)(ii) complete refresher would require training on aannual refresher nominal 12-month training in frequency, or more behavioral frequently where observation, at a the need isminimum, with more indicated.frequent refresher Individuals may training when the take and pass a need is indicated. comprehensiveThe proposed examination that paragraph would meets therequire annual or requirements of more frequent paragraphrefresher training (f)(2)(iii) of this in order to ensure section in lieu of that individuals completing annual retain the refresher training; knowledge, skills, and abilities gained through initial training. Refresher training may also be necessary if an individual demonstrates a failure to implement behavioral observation requirements in accordance with AA program procedures or new information is added to the behavioral observation training curriculum. The proposed paragraph would also permit individuals who pass a comprehensive ``challenge'' examination that demonstrates their continued understanding of behavioral observation to be excused from the refresher training that would otherwise be required under the proposed paragraph. The proposed rule would require that the ``challenge'' examination must meet the examination requirements specified in proposed paragraph (f)(2)(iii) of this section and individuals who did not pass would undergo remedial training. Permitting individuals to pass a comprehensive ``challenge'' examination rather than take refresher training each year would ensure that they are retaining their knowledge, skills, and abilities while reducing some costs associated with meeting the annual refresher training requirement. (f)(2)(iii)Proposed Sec. Individuals shall 73.56(f)(2)(iii) demonstrate the would require successfulindividuals to completion ofdemonstrate that behavioralthey have observationsuccessfully training by passing completed a comprehensive behavioral examination that observation addresses thetraining by passing knowledge anda comprehensive abilities necessary examination. The to detect behavior proposed provision or activities that would require have the potential remedial training to constitute an and re-testing for unreasonable risk individuals who to the health and fail to achieve a safety of thepassing score on public and common the examination. defense andThese proposed security, including requirements would a potential threat be modeled on other to commitrequired training radiologicalprograms that have sabotage. Remedial been successful in training and re- ensuring that testing areexaminations are required forvalid and individuals who individuals have fail toachieved an satisfactorilyadequate complete theunderstanding of examination.the subject matter. (f)(2)(iv) Initial Proposed Sec. and refresher73.56(f)(2)(iv) training may be would permit the delivered using a use of various variety of media media for (including, but not administering limited to,training in order classroom lectures, to achieve the required reading, efficiencies video, or computer- associated with based trainingcomputer-based systems). Thetraining, for licensee,example, and other applicant, or C/V new training shall monitor the delivery completion oftechnologies that training.may become available. Permitting the use of various media to administer the training would improve the efficiency of AA programs and reduce regulatory burden, by providing flexibility in the methods that licensees and other entities may use to administer the required training. The proposed paragraph would also require the completion of training to be monitored by the licensee, applicant, or C/V.[[Page 62764]]
This requirement is necessary to ensure that individuals who are subject to an authorization program actively participate in and receive the required training. The NRC is aware that some individuals have engaged in successful litigation against licensees on the basis that they were not aware of the requirements to which they were subject, in part, because of deficiencies in licensee processes for ensuring that individuals are trained. Therefore, the proposed rule would add this requirement to improve the effectiveness of the training element of AA programs. (f)(3) Individuals Proposed Sec. who are subject to 73.56(f)(3) would an authorization require individuals program under this to report any section shallconcerns arising report to thefrom behavioral reviewing official observation to the any concernslicensee's, arising fromapplicant's, or C/ behavioralV's reviewing observation,official. This including, but not specificity is limited to,necessary because concerns related to the NRC is aware of any questionable past instances in behavior patterns which individuals or activities of reported concerns others.to supervisors or other licensee personnel who did not then inform the reviewing official of the concern. As a result, the concern was not addressed and any implications of the concern for the individual's trustworthiness and reliability were not evaluated. Therefore, the proposed rule would require individuals to report directly to the reviewing official, to ensure that the reviewing official is made aware of the concern, has the opportunity to evaluate it, and determine whether to grant, maintain, administratively withdraw, deny, or terminate UAA. The proposed provision would be added to clarify and strengthen the behavioral observation element of AA programs by increasing the likelihood that questionable behaviors or activities are appropriately addressed by the licensees and other entities who are subject to the rule. (g) ArrestA new Sec. reporting. Any73.56(g) would individual who has establish applied for or is requirements maintainingrelated to the unescorted access arrest, indictment, authorization under filing of charges, this section shall or conviction of promptly report to any individual who the reviewingis applying for or official any formal maintaining UAA action(s) taken by under this section. a law enforcement The proposed authority or court paragraph would of law to which the require individuals individual has been to promptly report subject, including to the reviewing an arrest, anofficial any such indictment, the formal action(s) to filing of charges, ensure that the or a conviction. On reviewing official the day that the has an opportunity report is received, to evaluate the the reviewingimplications of the official shallformal action(s) evaluate thewith respect to the circumstancesindividual's related to thetrustworthiness and formal action(s) reliability. and determine whether to grant, maintain, administratively withdraw, deny, or unfavorably terminate the individual's unescorted access authorization.[[Page 62765]]
The proposed rule includes other provisions that would also ensure that the reviewing official is aware of and evaluates the implications of any formal action(s) to which an individual may be subject, including the requirement for a criminal history review under proposed Sec. 73.56(d)(7) and regular updates to the criminal history review under proposed Sec. 73.56(i)(1)(v). However, these proposed provisions would not provide for prompt evaluation of any formal action(s) that arise in the intervening time period since a criminal history review was last conducted. Therefore, this requirement would be added to ensure that the reviewing official is made aware of formal actions at the time that they occur, has the opportunity to evaluate the implications of these formal actions with respect to the individual's trustworthiness and reliability, and, if necessary, take timely action to deny or unfavorably terminate the individual's UAA, if the reviewing official determines that the formal actions cast doubt on the individual's trustworthiness and reliability. The proposed rule would also specifically require the formal action(s) to be reported to the licensee's, applicant's, or C/ V's reviewing official. This specificity is necessary because the NRC is aware of past instances in which individuals reported formal actions to supervisors who did not then inform the reviewing official. As a result, some individuals were granted or maintained UAA without the high assurance that they are trustworthy and reliable that AA programs must provide, as discussed with respect to proposed Sec. 73.56(c) [General performance objective]. Therefore, a specific requirement for individuals to report directly to the reviewing official is necessary to ensure that the reviewing official is aware of the actions, has the opportunity to evaluate the circumstances surrounding the actions, and determine whether to grant, maintain, administratively withdraw, deny, or terminate UAA. The proposed paragraph would not establish a specific time limit within which an individual would be required to report a formal action because the time frames within which different formal actions occur may vary widely, depending on the nature of the formal action and characteristics of the locality in which the formal action is taken. However, nothing in the proposed provision would prohibit licensees, applicants, and C/ Vs from establishing, in program procedures, reporting time limits that are appropriate for their local circumstances.[[Page 62766]]
The proposed rule would use the term, ``promptly,'' to clarify the NRC's intent that individuals are responsible for reporting any formal action(s) of the type specified in the proposed paragraph without delay. The proposed paragraph would also require the reviewing official to evaluate the circumstances related to the formal action and decide whether to grant, maintain, administratively withdraw, deny, or unfavorably terminate the individual's UAA on the day that he or she receives the report of an arrest, indictment, the filing of charges, or conviction. The proposed requirement is necessary because the NRC is aware of past instances in which reviewing officials have been informed of a formal action, but have not acted promptly to evaluate the information and determine its implications with respect to the individual's trustworthiness and reliability. As a result, some individuals were granted or maintained UAA without the high assurance that they are trustworthy and reliable that AA programs must provide, as discussed with respect to proposed Sec. 73.56(c) [General performance objective]. The proposed paragraph would provide for the administrative withdrawal of UAA without a positive determination that the individual is trustworthy and reliable (which would permit the granting or maintaining of UAA) or a negative determination of the individual's trustworthiness and reliability (which would require the denial or unfavorable termination of UAA), because the reviewing official may not have sufficient information on the day that the report is received to make the determination. However, if, based on the information available to the reviewing official, he or she is unable to make either a positive or negative determination, the proposed rule would require the administrative withdrawal of UAA until such a determination can be made. The administrative withdrawal of the individual's UAA would be necessary to protect public health and safety and the common defense and security when the trustworthiness and reliability of an individual cannot be positively determined. Sec. 73.56(c) Existing, (c)(1) Deleted...... The proposed rule reinstated, transferred,
would eliminate and temporary access
current Sec. authorization. (1)
73.56(c)(1), which Individuals who have had an
permitted uninterrupted unescorted
individuals who had access authorization for at
an uninterrupted least 180 days on April 25,
unescorted access 1991 need not be further
authorization for evaluated. Such individuals
at least 180 days shall be subject to the
on April 25, 1991, behavioral observation
to retain requirements of this
unescorted access section.
authorization and required them to be subject to behavioral observation. The current paragraph would be eliminated because these requirements no longer apply.[[Page 62767]]
Sec. 73.56(c) Existing, (h) GrantingProposed Sec. reinstated, transferred, unescorted access 73.56(h) would and temporary accessauthorization. The replace and amend authorization.
licensees,current Sec. applicants, and C/ 73.56(c), which Vs specified in permits AA programs paragraph (a) of to specify this section shall conditions for implement thereinstating an requirements of interrupted UAA, this paragraph for for transferring granting initial UAA from another unescorted access licensee, and for authorization,permitting updated unescorted temporary UAA. As access
discussed in authorization, and Section IV.3, the reinstatement of requirements in unescorted access proposed Sec. authorization.73.56 are based upon several fundamental changes to the NRC's approach to access authorization since the terrorist attacks of September 11, 2001, and an increased concern for an active or passive insider who may collude with adversaries to commit radiological sabotage. The primary concern, which many of the amendments to Sec. 73.56 are designed to address, is the necessity of increasing the rigor of the access authorization process to provide high assurance that any individual who is granted and maintains UAA is trustworthy and reliable. Proposed Sec. 73.56(h) would identify three categories of proposed requirements for granting UAA: (1) Initial unescorted access authorization, (2) updated unescorted access authorization, and (3) reinstatement of unescorted access authorization. The proposed categories, which are based upon whether an individual who has applied for UAA has previously held UAA under Sec. 73.56 and the length of time that has elapsed since the individual's last period of UAA ended, would be defined in proposed Sec. 73.56(h)(5) [Initial unescorted access authorization], proposed Sec. 73.56(h)(6) [Updated unescorted access authorization], and proposed Sec. 73.56(h)(7) [Reinstatement of unescorted access authorization]. Proposed Sec. 73.56(h) would direct licensees, applicants, and C/ Vs to use the criteria for granting UAA that are found in proposed Sec. 73.56(h)(5), (h)(6), and (h)(7), depending on which of the proposed paragraphs would apply to the individual seeking UAA. Current Sec. 73.56 permits authorization programs to specify conditions for reinstating an interrupted UAA or transferring UAA from another licensee, but it does not use the concepts of ``initial unescorted access authorization,'' ``updated unescorted access authorization,'' or ``reinstatement of unescorted access authorization.'' These concepts would be used in proposed Sec. 73.56 to focus the requirements for UAA more precisely on whether the individual has established a ``track record'' in the industry, and to specify the amount of original information- gathering that licensees, applicants, and C/ Vs would be required to perform, based on whether previous AA programs have collected information about the individual.[[Page 62768]]
For individuals who have established a favorable track record in the industry, the steps that licensees, applicants, and C/ Vs would complete in order to grant UAA to an individual would also depend upon the length of time that has elapsed since the individual's last period of UAA was terminated and the amount of supervision to which the individual was subject during the interruption. (the term, ``interruption,'' refers to the interval of time between periods during which an individual maintains UAA under Sec. 73.56 and will be discussed in reference to Sec. 73.56 (h)(4)). In general, the more time that has elapsed since an individual's last period of UAA ended, the more steps that the proposed rule would require licensees, applicants, and C/ Vs to complete before granting UAA to the individual. However, if the individual was subject to AA program elements in the recent past, the proposed rule would require licensees, applicants, and C/ Vs to complete fewer steps in order to grant UAA to the individual. Individuals who have established a favorable work history in the industry have demonstrated their trustworthiness and reliability from previous periods of UAA, so they pose less potential risk to public health and safety and the common defense and security than individuals who are new to the industry. Much is known about these individuals. Not only were they subject to the initial background investigation requirements before they were initially granted UAA, but, while they were working under an AA program, they were watched carefully through ongoing behavioral observation, and demonstrated the ability to consistently comply with the many procedural requirements that are necessary to perform work safely at nuclear power plants. Therefore, the proposed rule would decrease the unnecessary regulatory burden associated with granting UAA under Sec. 73.56 by reducing the steps that AA programs would be required to take in order to grant UAA to such individuals.[[Page 62769]]
(h)(1) Accepting Proposed Sec. unescorted access 73.56(h)(1) would authorization from permit licensees, other authorization applicants, and C/ programs.Vs to rely upon the Licensees,authorization applicants, and C/ programs and Vs who are seeking program elements of to grant unescorted other licensees, access
applicants or C/Vs, authorization to an as well as other individual who is authorization subject to another programs and authorizationprogram elements program thatthat meet the complies with this requirements of section may rely on proposed Sec. the program73.56, to meet the elements completed requirements of by the transferring this section for authorizationgranting and program to satisfy maintaining UAA. the requirements of Proposed Sec. this section. An 73.56(h)(1) would individual mayupdate the maintain his or her terminology used in unescorted access current Sec. authorization if he 73.56(a)(4), which or she continues to states that be subject tolicensees may either theaccept an AA receivingprogram used by its licensee's,C/Vs or other applicant's, or C/ organizations V's authorization provided it meets program or thethe requirements of transferringthis section. The licensee's,proposed paragraph applicant's, or C/ would also modify V's authorization current Sec. program, or a73.56(c)(2), which combination ofpermits AA programs elements from both to specify programs thatconditions for collectivelytransferring UAA satisfy thefrom one licensee requirements of to another. The this section. The proposed paragraph receivingwould require the authorizationAA program who is program shallreceiving an ensure that the unescorted access program elements authorization that maintained by the was granted under transferringanother AA program program remainto ensure that each current.of the AA program elements to which individuals must be subject, such as behavioral observation training and psychological re- assessments, remain current, including situations in which the individual is subject to a combination of program elements that are administered separately by the receiving and transferring AA programs. The proposed paragraph would increase the specificity of the requirements that must be met by licensees, applicants, or C/Vs for granting UAA and establish detailed minimum standards that all programs must meet. These proposed detailed minimum standards are designed to address recent changes in industry practices that have resulted in a more transient workforce, as discussed in Section IV.3. The authorization programs of licensees, applicants, and C/ Vs would be substantially more consistent than in the past under these proposed detailed standards. Therefore, permitting licensees, applicants, and C/ Vs to rely on other AA programs to meet the proposed rule's requirements is reasonable and appropriate. In addition, the proposed provisions would reduce unnecessary regulatory burden by eliminating redundancies in the steps required to grant UAA to an individual who is transferring from one program to another.[[Page 62770]]
(h)(2) Information A new Sec. sharing. To meet 73.56(h)(2) would the requirements of permit licensees this section,and other entities licensees,to rely upon applicants, and C/ information that Vs may rely upon was gathered by the information previous licensees, that otherapplicants, and C/ licensees,Vs to meet the applicants, and C/ requirements of Vs who are subject this section. to this section Because information have gathered about will be shared individuals who among licensees, have previously applicants, and C/ applied forVs, this proposed unescorted access provision would authorization and substantially developed about decrease the individuals during likelihood that an periods in which individual would be the individuals inadvertently maintainedgranted UAA by unescorted access another licensee authorization.after having his or her UAA denied or unfavorably terminated under another program. It also recognizes that there have been changes in staffing practices at power reactors, including a greater reliance on personnel transfers and temporary work forces, as discussed in detail in Section IV.3. For individuals who have previously been evaluated under an authorization program, were granted UAA within the past 3 years, and successfully maintained UAA, this proposed provision would eliminate the need to repeat efforts that were completed as part of the prior access authorization process, thereby saving substantial duplication of effort and expenditure of resources. The proposed provision would work in conjunction with proposed Sec. 73.56(o)(6), which would require a mechanism for information sharing. The provision is consistent with the recent access authorization orders and with NRC- endorsed guidance, as well as current industry practices. (h)(3) Requirements Proposed Sec. applicable to all 73.56(h)(3) would unescorted access establish authorizationrequirements that categories. Before the licensee, granting unescorted applicant, or C/V access
would be required authorization to to meet before individuals in any granting UAA to category, including individuals in any individuals whose of the categories unescorted access described in authorization has paragraphs (h)(5), been interrupted (h)(6), or (h)(7) for a period of 30 of this section, or fewer days, the including licensee,individuals whose applicant, or C/V UAA has been shall ensure that-- interrupted for a period of 30 or fewer days. The proposed paragraph would clearly specify that the requirements for granting UAA contained in the paragraph are intended to be applied without exceptions to individuals in the specified categories.[[Page 62771]]
(h)(3)(i) TheProposed Sec. individual's73.46(h)(3)(i) written consent to through (h)(3)(vii) conduct awould specify the backgroundsteps required to investigation, if grant UAA to any necessary, has been individual. The obtained and the proposed paragraph individual's true would require identity has been licensees, verified, inapplicants, and C/ accordance with Vs to ensure that paragraphs (d)(2) the individual's and (d)(3) of this written consent for section,the background respectively;investigation in (ii) A creditproposed paragraph history evaluation (h)(3)(i) of this or re-evaluation section has been has been completed obtained; complete in accordance with a verification of the requirements of the individual's paragraphs (d)(5) true identity in or (i)(1)(v) of proposed (h)(3)(ii) this section, as of this section; applicable;.ensure completion (iii) Theof the credit individual'shistory evaluation character andor re-evaluation, reputation have as applicable, in been ascertained, proposed paragraph in accordance with (h)(3)(ii) of this paragraph (d)(6) of section; ensure this section;.completion of the (iv) Thereference checks individual'srequired to criminal history ascertain the record has been individual's obtained andcharacter and reviewed orreputation in updated, inproposed paragraph accordance with (h)(3)(iii) of this paragraphs (d)(7) section; ensure and (i)(1)(v) of completion of the this section, as initial or updated applicable;.criminal history (v) A psychological review, as assessment orapplicable, in reassessment of the proposed paragraph individual has been (h)(3)(iv) of this completed insection; ensure accordance with the completion of the requirements of psychological paragraphs (e) or assessment or re- (i)(1)(v) of this assessment, as section, asapplicable, in applicable;.proposed paragraph (vi) The individual (h)(3)(v) of this has successfully section; ensure completed thecompletion of initial orinitial or refresher, asrefresher training applicable,in proposed behavioralparagraph observation(h)(3)(vi) of this training that is section; and ensure required underthat the individual paragraph (f) of has been informed, this section; and. in writing, or his or her arrest- reporting responsibilities in paragraph (h)(3)(vii) of this section. (vii) TheThe bases for each individual has of the proposed been informed, requirements listed in writing, of in proposed Sec. his or her73.56(h)(3)(i) arrest-reporting through (h)(3)(vii) responsibilities are discussed in under paragraph detail with respect (g) of thisto proposed Sec. section..73.56(d)(2), (d)(3), (d)(5) through (d)(7), and (e) through (g), respectively. The bases for the proposed requirements for updates to the credit history evaluation, criminal history review, and psychological assessment are discussed with respect to proposed Sec. 73.56(i)(1)(v). The requirements that authorization programs would be required to meet in order to grant UAA to individuals in every access authorization category would be listed in these paragraphs, in response to stakeholder requests at the public meetings discussed in Section IV.3 for increased clarity in the organizational structure of requirements for granting UAA.[[Page 62772]]
(h)(4) Interruptions Proposed Sec. in unescorted73.56(h)(4) would access
describe the term authorization. For ``interruption,'' individuals who which would be used have previously in proposed Sec. held unescorted 73.56(h)(5) access
[Initial unescorted authorization under access this section but authorization], whose unescorted proposed Sec. access
73.56(h)(6) authorization has [Updated unescorted since beenaccess terminated under authorization], and favorableproposed Sec. conditions, the 73.56(h)(7) and licensee,Sec. 73.56(h)(8) applicant, or C/V [Reinstatement of shall implement the unescorted access requirements in authorization] to this paragraph for refer to the initial unescorted interval of time access
between periods authorization in during which an paragraph (h)(5) of individual holds this section,UAA under Sec. updated unescorted 73.56. Licensees, access
applicants, or C/Vs authorization in would calculate an paragraph (h)(6) of interruption in UAA this section, or as the total number reinstatement of of days falling unescorted access between the day authorization in upon which the paragraph (h)(7) of individual's last this section, based period of UAA or UA upon the totalended and the day number of days that upon which the the individual's licensee, unescorted access applicant, or C/V authorization has grants UAA to the been interrupted, individual. This to include the day change would be after themade to enhance and individual's last clarify the access period ofauthorization unescorted access requirement in authorization was current Sec. terminated and the 73.56(c)(2), which intervening days does not define the until the day upon meaning of the term which the licensee, ``interrupted applicant, or C/V access grants unescorted authorization.'' access authorization to the individual. If potentially disqualifying information is disclosed or discovered about an individual, licensees, applicants, and C/ Vs shall take additional actions, as specified in the licensee's or applicant's physical security plan, in order to grant or maintain the individual's unescorted access authorization. (h)(5) InitialA new Sec. unescorted access 73.56(h)(5) authorization.[Initial unescorted Before granting access unescorted access authorization] authorization to an would establish the individual who has category of never held``initial unescorted access unescorted access authorization under authorization'' this section or requirements to whose unescorted apply both to access
individuals who authorization has have not previously been interrupted held UAA under this for a period of 3 section and those years or more and whose UAA has been whose last period interrupted for a of unescortedperiod of 3 or more access
years and whose authorization was last period of UAA terminated under ended favorably. In favorablegeneral, the longer conditions, the the period of time licensee,since the applicant, or C/V individual's last shall ensure that period of UAA an employmentended, the greater history evaluation the possibility has been completed that the individual in accordance with may have undergone paragraph (d)(4) of significant changes this section. The in lifestyle or period of thecharacter that employment history would diminish his that the individual or her shall disclose, and trustworthiness and the licensee,reliability. applicant, or C/V Therefore, this shall evaluate, paragraph would must be the past 3 require an years or since the individual who has individual'snot been subject to eighteenthan AA program for 3 birthday, whichever or more years to is shorter. For the undergo the same 1-year periodfull and extensive immediatelyscreening to which preceding the date an individual who upon which thehas never held UAA individual applies would be subject. for unescortedThe proposed access
paragraph would authorization, the require the licensee,licensee, applicant, or C/V applicant, or C/V, shall ensure that before granting UAA the employmentto an individual, history evaluation to complete an is conducted with evaluation of the every employer, individual's regardless of the employment history length ofover the past 3 employment.years. The 3-year time period to be addressed in the employment history evaluation would be consistent with requirements established in the access authorization orders issued by the NRC to nuclear power plant licensees on January 7, 2003, as discussed in Section IV.3.[[Page 62773]]
For the remaining 2- In addition, this 3- year period, the year time period licensee,has been used applicant, or C/V successfully within shall ensure that AA programs since the employmentSec. 73.56 was history evaluation first promulgated is conducted with and has met the the employer by NRC's goal of whom the individual ensuring that claims to have been individuals who are employed thegranted UAA are longest within each trustworthy and calendar month, if reliable. the individualTherefore, the 3- claims employment year time period during the given would be retained calendar month. in proposed Sec. 73.56. The employment history evaluation would focus on the individual's employment record during the year preceding his or her application for UAA by requiring licensees, applicants, and C/ Vs to make a ``best effort,'' as described with respect to proposed Sec. 73.56(d)(4), to obtain and evaluate employment history information from every employer by whom the individual claims to have been employed during the year. The proposed rule would require this focus on the year preceding the individual's application for UAA because the individual's employment history during the past year provides current information related to the individual's trustworthiness and reliability. For the earlier 2 years of the employment history period, the proposed paragraph would require the licensee, applicant, or C/V to conduct the employment history with every employer by whom the applicant claims to have been employed the longest within each calendar month that would fall within that 2-year period. The proposed provision would permit this ``sampling'' approach to the employment history evaluation for the earlier 2-year period because industry experience has shown that employers are often reluctant to disclose adverse information to other private employers about former employees, and that the longer it has been since an individual was employed, the less likely it is that a former employer will disclose useful information. Experience implementing AA programs has also shown that the shorter the time period during which an individual was employed by an employer, the less likely it is that the employer retains any useful information related to the individual's trustworthiness and reliability. Therefore, the proposed paragraph would not require licensees, applicants, and C/ Vs to conduct the employment history evaluation with every employer by whom the individual claims to have been employed, but, rather, to contact only the employer by whom the individual claims to have been employed the longest within each calendar month that falls within that 2- year period (i.e., the ``given'' calendar month). Contacting these employers would increase the likelihood that the employers would have knowledge of the applicant and would be willing to disclose it.[[Page 62774]]
(h)(6) UpdatedProposed Sec. unescorted access 73.56(h)(6) authorization.[Updated unescorted Before granting access unescorted access authorization] authorization to an would establish a individual whose category of unescorted access ``updated authorization has unescorted access been interrupted authorization'' to for more than 365 apply to days but fewer than individuals whose 3 years and whose UAA has been last period ofinterrupted for unescorted access more than 365 days authorization was but less than 3 terminated under years and whose favorablelast period of UAA conditions, the was terminated licensee,favorably. The applicant, or C/V proposed shall ensure that requirements for an employmentgranting updated history evaluation UAA would be less has been completed stringent than the in accordance with proposed paragraph (d)(4) of requirements for this section. The granting initial period of theUAA. The proposed employment history requirements would that the individual be less stringent shall disclose, and because the the licensee,individual who is applicant, or C/V applying for shall evaluate, updated UAA would must be the period have a more recent since unescorted ``track record'' of access
successful authorization was performance within last terminated, up the industry. Also to and including the licensee, the day theapplicant, or C/V applicant applies would have access for updatedto information unescorted access about the authorization. For individual seeking the 1-year period UAA from the immediatelylicensee, preceding the date applicant, or C/V upon which thewho last granted individual applies UAA to the for unescortedindividual as a access
result of the authorization, the increased licensee,information-sharing applicant, or C/V requirements of the shall ensure that proposed rule. the employmentHowever, the history evaluation licensee, is conducted with applicant, or C/V every employer, would not have regardless of the information about length ofthe individual's employment.activities from the period during which the individual's UAA was interrupted. Therefore, the proposed rule's requirements for updated UAA would focus on gathering and evaluating information from the interruption period. For the remaining For example, in the period sincecase of an unescorted access individual whose authorization was last period of UAA last terminated, ended 2 years ago, the licensee,the licensee, applicant, or C/V applicant or C/V shall ensure that would gather the employmentinformation about history evaluation the individual's is conducted with activities within the employer by the 2-year whom the individual interruption claims to have been period. Similarly, employed theif an individual's longest within each last period of UAA calendar month, if ended 13 months the individualago, the licensee, claims employment applicant, or C/V during the given would gather calendar month. information about the individual's activities within the past 13 months. For the reasons discussed with respect to proposed Sec. 73.56(h)(5), the proposed paragraph would require the employment history evaluation to be conducted with every employer in the year preceding the individual's application for updated UAA, and to contact only the employer by whom the individual claims to have been employed the longest within any earlier calendar month (i.e., the ``given'' calendar month) that would fall within the interruption period.[[Page 62775]]
(h)(7) Reinstatement Proposed Sec. of unescorted73.56(h)(7) access
[Reinstatement of authorization (31 unescorted access to 365 days). In authorization] order to grantwould establish a authorization to an category of individual whose ``reinstatement of unescorted access unescorted access authorization has authorization,'' been interrupted which would apply for a period of to individuals more than 30 days whose UAA has been but no more than interrupted for a 365 days and whose period of more than last period of30 days but no more unescorted access than 365 days and authorization was whose last period terminated under of UAA was favorableterminated conditions, the favorably. The licensee,proposed steps for applicant, or C/V reinstating an shall ensure that individual's UAA an employmentafter an history evaluation interruption of 365 has been completed or fewer days would in accordance with be less stringent the requirements of than those required paragraph (d)(4) of for initial UAA or this section within an updated UAA. 5 business days of This is because reinstatingthese individuals unescorted access have a recent, authorization. The positive ``track period of therecord'' within the employment history industry and that that the individual record provides shall disclose, and evidence that the the licensee,risk to public applicant, or C/V health and safety shall evaluate, or the common must be the period defense and since thesecurity posed by a individual'sless rigorous unescorted access employment history authorization was evaluation is terminated, up to acceptable. The and including the proposed paragraph day the applicant would limit the applies forperiod of time to reinstatement of be addressed in the unescorted access employment history authorization. The to the period of licensee,the interruption in applicant, or C/V UAA and require shall ensure that that the employment the employmenthistory evaluation history evaluation must be conducted has been conducted with the employer with the employer by whom the by whom theindividual claims individual claims to have been to have beenemployed the employed thelongest within each longest within the calendar month, if calendar month, if the individual the individualclaims employment claims employment during a given during a givencalendar month. calendar month. If the employment An employment history evaluation history for earlier is not completed periods of time within 5 business would be days due tounnecessary because circumstances that the granting are outside of the licensee, licensee's,applicant, or C/V applicant's, or C/ would have access V's control and the to information licensee,about the applicant, or C/V individual from the is not aware of any licensee, potentiallyapplicant, or C/V disqualifyingwho had recently informationterminated the regarding theindividual's UAA. individual within However, the the past 5 years, licensee, the licensee,applicant, or C/V applicant, or C/V would not have may maintain the information about individual'sthe individual's unescorted access activities during authorization for the period of an additional 5 interruption, so business days. If the proposed rule's the employmentrequirements for history evaluation reinstating UAA is not completed would focus on within 10 business gathering and days of reinstating evaluating unescorted access information only authorization, the from the licensee,interruption applicant, or C/V period. By contrast may maintain the to the proposed individual'srequirements for an unescorted access initial UAA and an authorization for updated UAA, an additional 5 proposed Sec. business days. If 73.56(h)(7) would the employmentpermit the history evaluation licensee, is not completed applicant, or C/V within 10 business to reinstate an days of reinstating individual's UAA unescorted access without first authorization, the completing the licensee,employment history applicant, or C/V evaluation. As shall
would be required administratively for an updated UAA, withdraw thethe proposed rule individual'swould limit the unescorted access period of time to authorization until be addressed by the the employmentemployment history history evaluation evaluation to the is completed.interruption period.[[Page 62776]]
However, the proposed paragraph would permit the licensee, applicant, or C/V to reinstate the individual's UAA before completing the employment history evaluation because these individuals have a recent, positive track record within the industry and that record demonstrates that they would pose an acceptable risk to public health and safety or the common defense and security. If the employment history evaluation is not completed within the 5-day period permitted, the proposed paragraph would permit the licensee, applicant, or C/V to maintain the individual's UAA for up to 10 days following the day upon which UAA was reinstated, but only if the licensee, applicant, or C/V is unaware of any potentially disqualifying information about the individual. If the employment history evaluation is not completed within the 10 days permitted, the proposed paragraph would require the licensee, applicant, or C/V to administratively withdraw the individual's UAA until the employment history evaluation is completed. The proposed rule would not establish employment history requirements for individuals whose UAA has been interrupted for 30 or fewer days. Proposed Sec. 73.56(h)(3) would require the entities who are subject to this section to obtain and review a personal history disclosure from the applicant for UAA that would address the period since the individual's last period of UAA was terminated. However, the licensee, applicant, or C/V would be permitted to forego conducting an employment history evaluation for individuals whose UAA has been interrupted for such a short period, because there would be little to be learned. Sec. 73.56(b)(3) The(h)(8) Determination Proposed Sec. licensee shall base its basis. The73.56(h)(8) would decision to grant, deny, licensee's,amend but retain revoke, or continue anapplicant's, or C/ the meaning of unescorted accessV's reviewingcurrent Sec. authorization on review and official shall73.56(b)(3), which evaluation of all pertinent determine whether requires licensees information developed.to grant, deny, to base a decision unfavorablyto grant, deny, terminate, orrevoke, or continue maintain or amend UAA on review and an individual's evaluation of all unescorted access pertinent authorizationinformation status, based on an developed. The evaluation of all terms used in the pertinentproposed paragraph, information that such as has been gathered ``unfavorably about theterminate'' to individual as a replace ``revoke'' result of anyand ``maintain'' to application for replace unescorted access ``continue,'' would authorization or be updated for developed during or consistency with following in any the terms currently period during which used by the the individualindustry and in maintainedother portions of unescorted access the proposed authorization.section. In addition, the proposed paragraph would include references to the reviewing official, rather than the licensee, to convey more accurately that the only individual who is authorized to make access authorization decisions under this section is the designated reviewing official.[[Page 62777]]
The licensee's, The terms, ``all applicant's or C/ pertinent'' and V's reviewing``accumulated official may not information,'' determine whether would be used in to grant unescorted the proposed access
paragraph because authorization to an some of the individual orinformation that a maintain anreviewing official individual'smust have before unescorted access making a authorization until determination is all of the required gathered under the information has requirements of 10 been provided to CFR part 26, such the reviewingas drug and alcohol official and he or test results and she determines that the results of the the accumulated suitable inquiry. informationIn addition, the supports a positive proposed paragraph finding ofwould expand on the trustworthiness and current requirement reliability.for a review and evaluation of all pertinent information by adding a prohibition on making an access authorization decision until all of the required information has been provided to the reviewing official and the reviewing official has determined that the information indicates that the subject individual is trustworthy and reliable. These changes would be made to more clearly communicate the NRC's intent by improving the specificity of the language of the rule. Sec. 73.56(c)(3) The(h)(9) Unescorted Proposed Sec. licensee shall grantaccess for NRC- 73.56(h)(9) would unescorted accesscertifiedupdate but retain authorization to allpersonnel. Thethe meaning of individuals who have been licensees andcurrent Sec. certified by the Nuclear applicants73.56(c)(3), which Regulatory Commission as specified inrequires licensees suitable for such access. paragraph (a) of to grant unescorted this section shall access to grant unescorted individuals who access to allhave been certified individuals who by the NRC as have been certified suitable for such by the NRC asaccess. This suitable for such provision ensures access including, that licensees and but not limited to, applicants are contractors to the allowed to grant NRC and NRCUAA to individuals employees.whom the NRC has determined require such access, and whom the NRC has investigated and is certifying as suitable for access, without requiring the licensees or applicants to meet all of the requirements that would otherwise be necessary before granting unescorted access to these individuals. In addition to avoiding duplication of effort, this proposed provision would help to ensure that NRC- certified individuals will obtain prompt unescorted access to protected and vital areas, if necessary. The proposed paragraph would update the entities who are subject to this requirement by adding applicants to reflect the NRC's new licensing processes for nuclear power plants, as discussed with respect to proposed Sec. 73.56(a).[[Page 62778]]
Sec. 73.56(b)(4) Failure (h)(10) AccessA new Sec. by an individual to report prohibited.73.56(h)(10) would any previous suspension, Licensees andprohibit the revocation, or denial of applicants may not entities who are unescorted access topermit ansubject to this nuclear power reactors is individual, who is section from considered sufficient cause identified aspermitting any for denial of unescorted having an access- individual whose access authorization.denied status in most recent the information- application for UAA sharing mechanism has been denied or required undermost recent period paragraph (o)(6) of of UAA was this section, or unfavorably has an accessterminated from authorizationentering any status other than protected or vital favorablyarea, or to have terminated, tothe ability to use enter any nuclear nuclear power plant power plantdigital systems protected area or that could vital area, under adversely impact escort oroperational safety, otherwise, or take security, or actions byemergency response electronic means capabilities. The that could impact proposed paragraph the licensee's or would be added applicant'sbecause the NRC is operational safety, aware that, in the security, orpast, some emergency response licensees permitted capabilities, under individuals whose supervision orUAA was denied or otherwise, except unfavorably if, upon review and terminated to enter evaluation, the protected areas as reviewing official visitors. determines that Licensees' current such access isPhysical Security warranted.Plans require that Licensees andany visitor to a applicants shall protected area or developvital area must be reinstatementescorted and under review procedures the supervision of for assessingan individual who individuals who has UAA and, have been in an therefore, is access-deniedtrained in status.behavioral observation, in accordance with the requirements of this section and related requirements in part 26. However, in the current threat environment, the NRC believes that permitting any individual who has been determined not to be trustworthy and reliable to enter protected or vital areas does not adequately protect public health and safety or the common defense and security. Therefore, the proposed paragraph would prohibit this practice. The proposed paragraph would also prohibit individuals whose UAA has been denied or unfavorably terminated from electronically accessing licensees' and applicants' operational safety, security, and emergency response systems. The proposed prohibition on electronic access would be consistent with other requirements in the proposed regulation and is necessary for the same reasons that physical access would be prohibited. An individual whose most recent application for UAA was denied, or whose most recent period of UAA was terminated unfavorably could be considered again for UAA, but only if the applicable requirements are met, as specified in the licensee's or applicant's Physical Security Plan, and the reviewing official makes a positive determination that the individual is trustworthy and reliable, and, therefore, that UAA is warranted. These provisions are necessary to strengthen the effectiveness of AA programs. (i) Maintaining A new Sec. access
73.56(i) authorization.[Maintaining access authorization] would establish the conditions that must be met in order for an individual who has been granted UAA to maintain UAA under this section, and present them together in one paragraph for organizational clarity in the rule. The proposed paragraph would be added in response to stakeholder requests for this clarification at the public meetings discussed in Section IV.3.[[Page 62779]]
(i)(1) Individuals Proposed Sec. may maintain73.56(i)(1)(i) and unescorted access (i)(1)(ii) would authorization under reiterate the the followingrequirements for conditions:subjecting (i) The individual individuals who are remains subject to maintaining UAA to a behavioralbehavioral observation program observation in that complies with proposed paragraph the requirements of (f) of this section paragraph (f) of and for this section;.successfully (ii) The individual completing successfullyrefresher training completesor passing a behavioral``challenge'' observationexamination each refresher training year during which or testing on the the individual nominal 12-month maintains UAA in frequency required proposed paragraph in (f)(2)(ii) of (f)(2)(ii) of this this section;.section. These proposed requirements would be reiterated in this paragraph to emphasize their applicability to maintaining UAA for organizational clarity in the proposed rule. The bases for these proposed requirements are discussed in detail with respect to proposed Sec. 73.56(f) and (f)(2)(ii), respectively. (i)(1)(iii) The Proposed Sec. individual complies 73.56(i)(1)(iii) with thewould require an licensee's,individual, in applicant's, or C/ order to maintain V's authorization UAA, to comply with program policies the policies and and procedures to procedures to which which he or she is the individual is subject, including subject, including the arrest-the arrest- reportingreporting responsibilityrequirement in specified inproposed paragraph paragraph (g) of Sec. 73.56(g). this section;The requirement to comply with the applicable licensee's, applicant's, and C/ V's policies and procedures would be added because licensees and applicants would establish AA policies and implementing procedures in their Physical Security Plans, required under proposed Sec. 73.56(a), which would include, but would not be limited to, a description of the conditions under which an individual's UAA must be unfavorably terminated. These policies and procedures would prohibit certain acts by individuals, and individuals would be required to avoid committing such acts, in order to maintain UAA. In addition, part 26 requires licensees, applicants, and C/ Vs also to develop, implement, and maintain fitness- for-duty program policies and procedures with which individuals must comply in order to maintain UAA. For example, 10 CFR 26.27(b)(3) requires the unfavorable termination of an individual's UAA, if the individual has been involved in the sale, use, or possession of illegal drugs within a nuclear power plant protected area. The proposed rule would require compliance with these authorization policies and procedures, as well the arrest- reporting requirement in proposed Sec. 73.56(g), for clarity in the proposed rule. The basis for the arrest-reporting requirement is discussed with respect to proposed Sec. 73.56(g). (i)(1)(iv) TheProposed Sec. individual is73.56(i)(1)(iv) subject to awould require supervisoryindividuals, in interview at aorder to maintain nominal 12-month UAA, to be subject frequency,to an annual conducted insupervisory review accordance with the during each year requirements of the that the individual licensee's ormaintains UAA. The applicant'ssupervisory review Physical Security would be conducted Plan; andfor the purposes and in the manner that licensees and applicants would specify in the Physical Security Plans required under proposed Sec. 73.56(a). The proposed paragraph would include a requirement for these annual supervisory reviews for completeness and organizational clarity in the proposed rule.[[Page 62780]]
(i)(1)(v) TheA new Sec. licensee,73.56(i)(1)(v) applicant, or C/V would establish determines that the requirements for individualperiodic updates of continues to be the criminal trustworthy and history review, reliable. Thiscredit history determination must evaluation, and be made as follows: psychological (A) The licensee, assessment in order applicant, or C/V for an individual shall complete a to maintain UAA. criminal history The proposed rule update, creditwould add these history re-update and re- evaluation, and evaluation psychological re- requirements assessment of the because it is individual within 5 necessary to ensure years of the date that individuals on which thesewho are maintaining elements were last UAA over long completed, or more periods of time frequently, based remain trustworthy on job assignment;. and reliable. The (B) The reviewing proposed update official shallrequirements would complete analso apply to evaluation of the transient workers informationwho, under the obtained from the proposed provisions criminal history for granting update, creditupdated UAA in history re-proposed Sec. evaluation,73.56(h)(6) and a psychological re- reinstatement of assessment, and the UAA in proposed supervisorySec. 73.56(h)(7), interview required may be granted UAA under paragraph without undergoing (i)(1)(iv) of this the criminal section within 30 history review, calendar days of credit history initiating any one evaluation, and of these elements;. psychological (C) The results of assessment that are the criminalrequired to grant history update, initial UAA in credit history re- proposed Sec. evaluation,73.56(h)(5) each psychological re- time that the assessment, and the individual supervisorytransfers between interview required licensee sites or under paragraph applies for UAA (i)(1)(iv) of this after an section mustinterruption support a positive period. It is also determination of necessary to ensure the individual's that these continuedtransient workers trustworthiness and remain trustworthy reliability; and. and reliable. Proposed Sec. 73.56(i)(1)(v)(A) would require that the updates and re- evaluation must occur within 5 years of the date on which the program elements were last completed. (D) If the criminal The 5-year interval history update, is consistent with credit history re- the update evaluation,requirements of psychological re- other Federal assessment, and agencies and supervisory review private entities have not beenwho impose similar completed and the requirements on informationindividuals who evaluated by the must be trustworthy reviewing official and reliable. More within 5 years of frequent updates the initialand re-evaluations completion of these would be required elements or the for some most recent update, individuals, as re-evaluation, and specified in the re-assessment under licensee's or this paragraph, or applicant's within the time Physical Security period specified in Plan, based on the the licensee's or nature of their job applicant'sassignments, for Physical Security the reasons Plans, thediscussed with licensee,respect to proposed applicant, or C/V Sec. shall
73.56(e)(4)(ii). administratively The new Sec. withdraw the73.56(i)(1)(v)(B) individual'swould also require unescorted access licensees, authorization until applicants, and C/ these requirements Vs to conduct the have been met.required re- evaluation activities that are specified in the proposed paragraph, and the supervisory review required under proposed Sec. 73.56(i)(1)(iv), within 30 days of the initiating any one of these elements. This requirement is necessary to ensure that the reviewing official has the opportunity to review the information collected in the proper context, comparing each element to the other, which would then provide the best possible composite representation of the individual's continued trustworthiness and reliability.[[Page 62781]]
In a case in which a medical evaluation had been determined to be necessary through the conduct of the psychological re- assessment, the results of the medical evaluation would also become part of the data reviewed by the reviewing official during the 30 day period. Proposed Sec. 73.56(i)(1)(v)(C) would require the reviewing official to determine that the results of the update support a positive determination of the individual's continuing trustworthiness and reliability in order for the individual to maintain UAA. Whereas, Sec. 73.56(i)(1)(v)(D) would require the reviewing official to administratively withdraw the individual's UAA if a positive determination cannot be made, because the information upon which the determination must be made is not yet available. These requirements are necessary to provide high assurance that any individuals who are maintaining UAA have been positively determined to continue to be trustworthy and reliable. (i)(2) If anProposed Sec. individual who has 73.56(i)(2) would unescorted access require licensees, authorization is applicants, and C/ not subject to an Vs to terminate an authorizationindividual's UAA if program that meets the individual, for the requirements of more than 30 this part for more [consecutive] days, than 30 continuous is not subject to days, then thean authorization licensee,program that meets applicant, or C/V the requirements of shall terminate the this section. The individual'srequirements of the unescorted access proposed paragraph authorization and would permit an the individualindividual to be shall meet theaway from all requirements in elements of an AA this section, as program for 30 applicable, toconsecutive days in regain unescorted order to access
accommodate authorization.vacations, extended work assignments away from the individual's normal work location, and significant illnesses when the individual would not be reasonably available for behavioral observation. The proposed paragraph would be consistent with industry practices that have been endorsed by the NRC and related requirements in part 26, and added in response to stakeholder requests at the public meetings discussed in Section IV.3.[[Page 62782]]
(j) Access to vital Proposed Sec. areas. Each73.56(j) would licensee andamend, and move applicant who is into Sec. 73.56, subject to this current Sec. section shall73.55(d)(7)(i), establish,which establishes implement, andrequirements for maintain a list of managing unescorted individuals who are access to nuclear authorized to have power plant vital unescorted access areas. The proposed to specific nuclear paragraph would be power plant vital moved into Sec. areas to assist in 73.56 for limiting access to organizational those vital areas clarity in the during non-rule. The proposed emergencyrequirement is conditions. The necessary to list must include support the only thosemitigation of the individuals who insider threat require access to postulated in 10 those specificCFR 73.1. vital areas inSpecifically, order to perform individuals' access their duties and to vital areas must responsibilities. be controlled to The list must be ensure that no-one approved by amay enter these cognizant licensee vital areas without or applicanthaving a work- manager, orrelated need, and supervisor who is when the need no responsible for longer exists, directing the work access to the vital activities of the areas must be individual who is terminated. The NRC granted unescorted is aware of many access to eachcircumstances in vital area, and the past in which updated and re- some licensees approved no less routinely allowed frequently than access to all vital every 31 days.areas for all persons who had been granted unescorted access to a licensee protected area, even during periods when the individuals were not assigned to be working at the licensee site. The defense-in-depth required to mitigate the insider threat requires that even though persons have been determined to be trustworthy and reliable for unescorted access to a protected area and are under behavioral observation, access to vital areas must be restricted to current work- related need. (k) Trustworthiness A new Sec. and reliability of 73.56(k) would backgroundrequire licensees, screeners andapplicants, and C/ authorizationVs to ensure that program personnel. any individuals who Licensees,collect, process, applicants, and C/ or have access to Vs shall ensure the sensitive that anypersonal individuals who information that is collect, process, required under this or have access to section are, personalthemselves, information that is trustworthy and used to makereliable. The unescorted access proposed rule would authorizationadd this provision determinationsbecause the under this section integrity and have beeneffectiveness of determined to be authorization trustworthy and programs depend, in reliable.large part, on the accuracy of the information that is collected about individuals who are applying for or maintaining UAA. Therefore, it is critical that any individuals who collect, process, or have access to the personal information that is used to make UAA determinations are not vulnerable to compromise or influence attempts to falsify or alter the personal information that is collected. Although the NRC is not aware of any instances in which individuals who collected, processed, or had access to personal information were compromised or subject to influence attempts, there have been past circumstances in which it was discovered that persons collecting and reviewing such personal information were found to have extensive criminal histories, which clearly calls into question their trustworthiness and reliability. Therefore, the proposed requirements would be added to strengthen the effectiveness of AA programs.[[Page 62783]]
(k)(1) Background Proposed Sec. screeners.73.56(k)(1) would Licensees,impose new applicants, and C/ requirements for Vs who rely ondetermining the individuals who are trustworthiness and not directly under reliability of the their control to employees of any collect and process subcontractors or information that vendors that will be used by a licensees, reviewing official applicants, or C/Vs to make unescorted rely upon to access
collect sensitive authorizationpersonal determinationsinformation for the shall ensure that a purposes of background check of determining UAA. such individuals The majority of has been completed licensees contract and determines that (or subcontract, in such individuals the case of C/Vs) are trustworthy and with other reliable. At abusinesses that minimum, thespecialize in following checks background are required:investigation (i) Verification of services, typically the individual's focused on identity;.verifying the (ii) A localemployment criminal history histories and review andcharacter and evaluation from the reputation of State of theindividuals who individual'shave applied for permanentUAA. The proposed residence;.paragraph would (iii) A creditrequire that the history review and employees of these evaluation;.firms are (iv) An employment themselves history review and trustworthy and evaluation for the reliable, and would past 3 years; and. establish means by (v) An evaluation of which licensees, character andapplicants, and C/ reputation..Vs would obtain verification from the subcontractor or vendor that the employees meet the trustworthiness and reliability standards of the licensee, applicant, and C/V. Proposed Sec. 73.56(k)(1)(i) through (v) would require a background investigation of these subcontractor or vendor employees to include a verification of the employee's identity, a review and evaluation of the employee's criminal history record from the State in which the employee permanently resides, a credit history review and evaluation, an employment history review and evaluation from the past 3 years, and an evaluation of the employee's character and reputation, respectively. These requirements would be added for the reasons discussed with respect to proposed Sec. 73.56(k). (k)(2) Authorization A new Sec. program personnel. 73.56(k)(2) would Licensees,require that applicants and C/Vs individuals who shall ensure that evaluate and have any individual who access to any evaluates personal personal information for the information that is purpose ofcollected for the processingpurposes of this applications for section must be unescorted access determined to be authorizationtrustworthy and including, but not reliable, and limited to aestablishes two clinicalalternative methods psychologist of for making this psychiatrist who determination. conductsProposed Sec. psychological73.56(k)(2)(i) assessments under would permit paragraph (e) of licensees, this section; has applicants, and C/ access to theVs to subject such files, records, and individuals to the personalprocess established informationin this proposed associated with section for individuals who granting UAA. have applied for Proposed Sec. unescorted access 73.56(k)(2)(ii) authorization; or would permit is responsible for licensees, managing anyapplicants, or C/Vs databases thatto subject such contain such files, individuals to the records, andrequirements for personalgranting UAA in information has proposed paragraphs been determined to (d)(1) through be trustworthy and (d)(5) and (e) of reliable, asthis section and a follows:local criminal (i) The individual history review and is subject to an evaluation from the authorizationState of the program that meets individuals requirements of permanent this section; or. residence, rather (ii) The licensee, than the criminal applicant, or C/V history review determines that the specified in individual isproposed Sec. trustworthy and 73.56(d)(7). reliable based upon Proposed Sec. an evaluation that 73.56(k)(2)(ii) meets therecognizes that, in requirements of some cases, paragraphs (d)(1) licensees cannot through (d)(5) and legally obtain the (e) of this section same type of and a localcriminal history criminal history information about review andauthorization evaluation from the program personnel State of theas they are able to individual'sobtain for other permanentindividuals who are residence..subject to Sec. 73.56. Therefore, this proposed provision would permit licensees, applicants, and C/ Vs to rely on local criminal history checks in such cases. These requirements would be added for the reasons discussed with respect to proposed Sec. 73.56(k).[[Page 62784]]
Sec. 73.56(e) Review(l) ReviewProposed Sec. procedures. Each licensee procedures. Each 73.56(l) would implementing an unescorted licensee,retain the meaning access authorizationapplicant, and C/V of current Sec. program under thewho is implementing 73.56(e) but update provisions of this section an authorization some of the terms shall include a procedure program under this used in the for the review, at thesection shallprovision. The request of the affected include a procedure proposed paragraph employee, of a denial or for the review, at would replace the revocation by the licensee the request of the term, of unescorted accessaffected``revocation,'' authorization of anindividual, of a with the term, employee of the licensee, denial or``unfavorable contractor, or vendor,unfavorabletermination,'' for which adversely affects termination ofthe reasons employment. The procedure unescorted access discussed with must provide that theauthorization. The respect to proposed employee is informed of the procedure mustparagraph grounds for denial orrequire that the (d)(1)(iii) of this revocation and allow the individual issection. In employee an opportunity to informed of the addition, the provide additional relevant grounds for the proposed paragraph information, and provide an denial orwould add opportunity for anunfavorablereferences to objective review of the termination and applicants to information on which the allow thereflect the NRC's denial or revocation was individual annew licensing based. The procedure may be opportunity toprocesses for an impartial andprovide additional nuclear power independent internalrelevantplants, as management review.information, and discussed with Unescorted access may not provide anrespect to proposed be granted to theopportunity for an Sec. 73.56(a). individual during theobjective review of Reference to C/Vs review process.the information on would also be added which the denial or for completeness, unfavorableas discussed with termination ofrespected to unescorted access proposed Sec. authorization was 73.56(a)(3). based. The procedure may be an impartial and independent internal management review. Licensees and applicants may not grant or permit the individual to maintain unescorted access authorization during the review process. Sec. 73.56(f) Protection (m) Protection of Proposed Sec. of information. (1) Each information. Each 73.56(m) would licensee, contractor, or licensee,retain current Sec. vendor who collectsapplicant, or C/V 73.56(f)(1) but personal information on an who is subject to update it to employee for the purpose of this section who include reference complying with this section collects personal to applicants and C/ shall establish andinformation about Vs for internal maintain a system of files an individual for consistency in the and procedures for thethe purpose ofproposed rule. The protection of the personal complying with this current requirement information.
section shallfor a system of establish andfiles and maintain a system procedures for the of files andprotection of procedures toinformation would protect thebe moved to personalproposed Sec. information.73.56(m)(5) for organizational clarity in the rule. Sec. 73.56(f)(2)(f)(2) Deleted...... Current Sec. Licensees, contractors, and
73.56(f)(2) would vendors small make
be deleted, but the available such personal
intent of the information to another
requirement would licensee, contractor, or
be incorporated vendor provided that the
into proposed Sec. request is accompanied by a
73.56(m)(1) for signed release from the
organizational individual.
clarity in the rule. Sec. 73.56(f)(3)(m)(1) Licensees, Proposed Sec. Licensees, contractors, and applicants, and C/ 73.56(m)(1) would vendors may not disclose Vs shall obtain a amend current Sec. the personal information signed consent from 73.56(f)(3), which collected and maintained to the subjectprohibits persons other than:individual that licensees, (ii) NRC representatives;... authorizes theapplicants, and C/ (iii) Appropriate lawdisclosure of the Vs from disclosing enforcement officials under personalpersonal court order;.
informationinformation (iv) The subject individual collected andcollected under or his or her
maintained under this section to any representative;.this section before individuals other (v) Those licenseedisclosing thethan those listed representatives who have a personalin the regulation. need to have access to the information, except The proposed information in performing for disclosures to paragraph would assigned duties, including the followingcontinue to permit audits of licensee's,individuals:disclosure of the contractor's, and vendor's (i) The subjectpersonal programs;.
individual or his information to the (vi) Persons decidingor her
listed individuals, matters on review orrepresentative, but would add appeal; or.
when the individual permission for the (vii) Other persons pursuant has designated the licensee, to court order. Thisrepresentative in applicant, or C/V section does not authorize writing forto disclose the the licensee, contractor, specifiedpersonal or vendor to withholdunescorted access information to evidence of criminalauthorizationothers if the conduct from lawmatters;.licensee or other enforcement officials.. (ii) NRCentity has obtained representatives;. a signed release (iii) Appropriate for such a law enforcement disclosure from the officials under subject individual. court order;.The proposed (iv) A licensees, provision would be applicant's or C/ added because some V's representatives licensees have who have a need to misinterpreted the have access to the current requirement information inas prohibiting them performing assigned from releasing the duties, including personal determinations of information under trustworthiness and any circumstances, reliability, and except to the audits ofparties listed in authorizationthe current programs;.provision. In some (v) The presiding instances, such officer in afailures to release judicial orinformation have administrativeinappropriately proceeding that is inhibited an initiated by the individual's subject individual;. ability to obtain (vi) Personsinformation that deciding matters was necessary for a under the review review or appeal of procedures inthe licensee's paragraph (k) of determination for this section; and. UAA. Therefore, the (vii) Other persons explicit permission pursuant to court for licensees and order..other entities to release personal information when an individual consents to the release, in writing, would be to have access to a full and complete evidentiary record in review procedures and legal proceedings.[[Page 62785]]
Proposed Sec. 73.56(m)(1)(i) through (m)(1)(vii) would list in separate paragraphs the individuals to whom licensees and other entities would be permitted to release personal information about an individual. Proposed Sec. 73.56(m)(1)(ii), (m)(1)(iii), and (m)(1)(vii) would retain the current Sec. 73.56 permission for the release of information to NRC representatives, appropriate law enforcement officials under court order, and other persons pursuant to court order. Proposed Sec. 73.56(m)(1)(i) would retain the current permission for the release of information to the subject individual and his or her designated representative. The proposed paragraph would add requirements for the individual to designate his or her representative in writing and specify the UAA matters to be disclosed. The proposed changes would be made in response to implementation questions from licensees who have sought guidance from the NRC related to the manner in which an individual must ``designate'' a representative. Proposed Sec. 73.56 (m)(1)(iv) would amend the current reference to licensee representatives who have a need to have access to the information in performing assigned duties. The current rule refers only to individuals who are performing audits of access. The intent of the provision was that licensees and C/Vs would be permitted to release information to their representatives who must have access to the personal information in order to perform assigned job duties related to the administration of the program. Therefore, the proposed rule would clarify the provision by adding licensee representatives who perform determinations of trustworthiness and reliability as a further example of individuals who may be permitted access to personal information but only to the extent that such access is required to perform their assigned functions. Proposed Sec. 73.56(m)(1)(v) and (m)(1)(vi) would amend the portion of current Sec. 73.56(f)(3)(vi) that refers to ``persons deciding matters on review or appeal.'' The proposed changes would be made in response to implementation questions from licensees, including whether the rule covers persons deciding matters in judicial proceedings or only the internal review process specified in current Sec. 73.56(e) [Review procedures] as well as whether information could be released in a judicial proceeding that was not initiated by the subject individual. The proposed rule would clarify that the permission includes individuals who are presiding in a judicial or administrative proceeding, but only if the proceeding is initiated by the subject individual.[[Page 62786]]
Sec. 73.56(f)(3)(i) Other (m)(2) Personal Proposed Sec. licensees, contractors, or information that is 73.56(m)(2) would vendors, or theircollected under enhance the current authorized representatives, this section must requirement for the legitimately seeking the be disclosed to disclosure of information as required by other licensees, relevant this section for unescorted applicants, and C/ information to access decisions and who Vs, or theirlicensees, have obtained a signedauthorizedapplicants, and C/ release from the individual. representatives, Vs, and their who are seeking the authorized information for representatives who unescorted access have a legitimate authorizationneed for the determinationsinformation and a under this section signed release from and who havean individual who obtained a signed is seeking UAA release from the under this part. subject individual. This proposed provision would be added to further clarify current Sec. 73.56 requirements because some licensees have misinterpreted the current provision as prohibiting the release of information to C/Vs who have licensee- approved authorization programs and require such information in determining individuals' trustworthiness and reliability. The proposed change would be made in order to further clarify the NRC's intent that C/Vs shall have access to personal information for the specified purposes. (m)(3) Upon receipt A new Sec. of a written73.56(m)(3) would request by therequire the subject individual licensee, or his or herapplicant, or C/V designatedpossessing the representative, the records specified licensee, applicant in Sec. 73.56(m) or C/V possessing to promptly provide such records shall copies of all promptly provide records pertaining copies of allto a denial or records pertaining unfavorable to a denial ortermination of the unfavorableindividual's UAA to termination of the the subject individualsindividual or his unescorted access or her designated authorization.representative upon written request. This paragraph would be added to protect individuals' ability to have access to a full and complete evidentiary record in review procedures and legal proceedings. (m)(4) A licensee's, Proposed Sec. applicant's, or C/ 73.56(m)(4) would V's contracts with require that a any individual or licensee's, organization who applicant's, or C/ collects andV's contracts with maintains personal any individual or information that is organization who relevant to ancollects and unescorted access maintains personal authorizationinformation that is determination must relevant to a UAA require that such determination must records be held in require that such confidence, except records be as provided inmaintained in paragraphs (m)(1) confidence. The through (m)(3) of paragraph would this section.make an exception for the disclosure of information to the individuals identified in Sec. 73.56(m)(1) through (m)(3). This paragraph would be added to ensure that entities who collect and maintain personal information use and maintain those records with the highest regard for individual privacy. (m)(5) Licensees, A new Sec. applicants, and C/ 73.56(m)(5) would Vs who collect and require licensees, maintain personal applicants, and C/ information under Vs, and any this section, and individual or any individual or organization who organization who collects and collects andmaintains personal maintains personal information on information ontheir behalf, to behalf of aestablish, licensee, applicant implement, and or C/V, shallmaintain a system establish,and procedures to implement, andensure that the maintain a system personal and procedures for information is the secure storage secure and cannot and handling of the be accessed by any personalunauthorized informationindividuals. The collected.proposed rule would add this specific requirement because the NRC is aware of circumstances in which the personal information of individuals applying for UAA has been removed from a C/V's business location and transported to the personal residences of its employees. The proposed provision would prohibit such practices in order to further protect the privacy rights of individuals who are subject to the proposed rule.[[Page 62787]]
Sec. 73.56(f)(3)(vii) (m)(6) ThisProposed Sec. Other persons pursuant to paragraph does not 73.56(m)(5) would court order. This section authorize theretain the meaning does not authorize thelicensee,of the second licensee, contractor, or applicant, or C/V sentence of current vendor to withhold evidence to withholdSec. of criminal conduct from evidence of73.56(f)(3)(vii), law enforcement officials. criminal conduct which states that from lawthe protection of enforcementinformation officials.requirements in current Sec. 73.56(f)(3)(vii) do not authorize the licensee to withhold evidence of criminal conduct from law enforcement officers, but renumber the second sentence as a separate paragraph. The first sentence of current Sec. 73.56(f)(3)(vii) permits licensees to release personal information about an individual without his or her written consent under a court order. Therefore, the proposed rule would present the second sentence of current Sec. 73.56(f)(3)(vii) is a separate paragraph to emphasize that the prohibition on withholding personal information from law enforcement officials applies to any information that may be developed under the requirements of this section. This change would be made to improve the clarity of the rule. Sec. 73.56(g) Audits...... (n) Audits andProposed Sec. Sec. 73.56(g)(2) Eachcorrective action. 73.56(n) [Audits licensee retainsEach licensee and and corrective responsibility for theapplicant who is action] would effectiveness of anysubject to this rename and amend contractor and vendorsection shall be current Sec. program it accepts and the responsible for the 73.56(g) [Audits]. implementation ofcontinuingThe phrase, ``and appropriate correctiveeffectiveness of corrective action..
the authorization action,'' would be program, including added to the authorizationsection title to program elements emphasize the NRCs that are provided intent that by C/Vs, and the licensees, authorizationapplicants, and C/ programs of any C/ Vs must ensure that Vs that arecomprehensive accepted by the corrective actions licensee andare taken in applicant. Each response to any licensee,violations of the applicant, and C/V requirements of who is subject to this section this section shall identified from an ensure thataudit. The second authorizationsentence of programs andproposed Sec. program elements 73.56(n) would are audited torestate the confirm compliance requirement for AA with theprogram audits in requirements of current Sec. this section and 73.56(g)(1) and add that comprehensive a requirement for actions are taken comprehensive to correct any non- corrective actions conformance that is to be taken to any identified.violations identified as a result of the audits. These changes would be made because NRC is aware that some licensees have met the requirements for scheduling audits in current Sec. 73.56(g)(1), but have not acted promptly to resolve violations that were identified. Therefore, the proposed requirements would clarify the NRC's intent that comprehensive corrective actions must be taken in response to audit findings. The first sentence of proposed Sec. 73.56(n) would be added to clarify that licensees and applicants are responsible for the continued effectiveness of their AA programs, as well as those C/ V programs or program elements upon which they rely to meet the requirements of this section. The proposed sentence would retain the meaning of the last sentence of current Sec. 73.56(g)(2), which states that each licensee retains responsibility for the effectiveness of any contractor and vendor program it accepts and the implementation of appropriate corrective action, but would move it to proposed Sec. 73.56(n) for organizational clarity.[[Page 62788]]
Sec. 73.56(g)(1) Each (n)(1) EachProposed Sec. licensee shall audit its licensee, applicant 73.56(n)(1) would access authorizationand C/V who isretain the required program within 12 months of subject to this 24-month audit the effective date ofsection shallfrequency in implementation of thisensure that their current Sec. program and at least every entire
73.56(g)(1). 24 months thereafter to authorizationLicensees, ensure that theprogram is audited applicants, and C/ requirements of thisas needed, but no Vs would be section are satisfied.less frequently required to monitor than nominallyprogram performance every 24 months. indicators and Licensees,operating applicants and C/Vs experience, and are responsible for audit AA program determining the elements more appropriatefrequently than frequency, scope, every 24 months, as and depth ofneeded. In additional auditing determining the activities within need for more the nominal 24- frequent audits, month period based the entities who on the review of are subject to this program performance section would indicators, such as consider the the frequency,frequency, nature, nature, andand severity of severity ofdiscovered program discovereddeficiencies, problems, personnel personnel or or proceduralprocedural changes, changes, andprevious audit previous auditfindings, as well findings.as ``lessons learned.'' The proposed change is intended to promote performance-based rather than compliance-based audit activities and clarify that programs must be audited following a significant change in personnel, procedures, or equipment as soon as reasonably practicable. The NRC recognizes that AA programs evolve and new issues and problems continue to arise. A high rate of turnover of AA program personnel in contracted services exacerbates this concern. Licensee audits have identified problems that were associated in some way with personnel changes, such as new personnel not understanding their duties or procedures, the implications of actions that they took or did not take, and changes in processes. The purpose of these focused audits would be to ensure that changes in personnel or procedures do not adversely affect the operation of a particular element within the AA program, or function in question. Accordingly, the proposed audit requirement would ensure that any programmatic problems that may result from significant changes in personnel or procedures would be detected and corrected on a timely basis.[[Page 62789]]
Sec. 73.56(g)(2) Each (n)(2) Authorization Proposed Sec. licensee who accepts the program services 73.56(n)(2) would access authorizationthat are provided add a new program of a contractor or to a licensee, or requirement vendor as provided for by applicant, by C/V specifying that if paragraph (a)(4) of this personnel who are a licensee or section shall have access off site or are not applicant relies to records and shall audit under the direct upon a C/V program contractor or vendordaily supervision or program element programs every 12 months to or observation of to meet the ensure that thethe licensee's or requirements of requirements of thisapplicant'sthis section, and section are satisfied.personnel must be if the C/V audited on apersonnel providing nominal 12-month the AA program frequency. Inservice are off addition, anysite or, if they authorizationare on site but not program services under the direct that are provided daily supervision to C/Vs byor observation of subcontractorthe personnel of personnel who are the licensee or off site or are not applicant, then the under the direct licensee or daily supervision applicant must or observation of audit the C/V the C/V's personnel program or program must be audited on element on a a nominal 12-month nominal 12-month frequency.frequency. The proposed rule would also require that any authorization program services that are provided to C/Vs by subcontractor personnel who are off site or are not under the direct daily supervision or observation of the C/V's personnel must be audited on a nominal 12-month frequency. The activities of C/V personnel who work on site and are under the daily supervision of AA program personnel would be audited under proposed Sec. 73.56(n). The proposed rule expands and clarifies the current requirement in Sec. 73.56(g)(2), which requires licensees who accept the access authorization program of a contractor or vendor to audit the C/V programs every 12 months, but does not distinguish between C/V personnel who work off site and other C/V personnel, and does not address personnel who work as subcontractors to C/Vs. Requiring annual audits for C/V personnel who work off site and for C/ V subcontractors is necessary to ensure that the services provided continue to be effective, given that other means of monitoring their effectiveness, such as daily oversight, are unavailable. (n)(3) Licensees' Proposed Sec. and applicants' 73.56(n)(3) would contracts with C/Vs add a new must reserve the requirement that right to audit the addresses C/V and the C/V's contractual subcontractorsrelationships providingbetween licensees, authorizationapplicants, and C/ program services at Vs. The proposed any time, including rule would specify at unannouncedthat contracts times, as well as between licensees, to review allapplicants, and C/ information and Vs must allow the documentation that licensees or is reasonablyapplicants the relevant to the right to audit the performance of the C/Vs and the C/V's program.subcontractors providing authorization program services at any time, including at unannounced times, as well as to review all information and documentation that is reasonably relevant to the performance of the AA program. The proposed paragraph would apply to any C/V with whom the licensee or applicant contracts for authorization program services. The proposed rule would specify that contracts must allow audits at unannounced times, which the NRC considers necessary to enhance the effectiveness of the audits.[[Page 62790]]
Such unannounced audits could be necessary, for example, if a licensee or applicant receives an allegation that an off-site C/V is falsifying records and the licensee or applicant determines that an unannounced audit would provide the most effective means to investigate such an allegation. The proposed paragraph would ensure that the licensee's or other entity's contract with the C/ V would permit the unannounced audit as well as access to any information necessary to conduct the audit and ensure the proper performance of the AA program. (n)(4) Licensees' A new Sec. and applicants' 73.56(n)(4) would contracts with C/ ensure that Vs, and a C/V's licensees' and contracts withapplicants' subcontractors, contracts with C/Vs must also require permit the licensee that the licensee or applicant to be or applicant shall provided with or be provided with, permitted to obtain or permitted access copies of and take to, copies of any away any documents documents and take that auditors may away any documents, need to assure that that may be needed the C/V or its to assure that the subcontractors are C/V and itsperforming their subcontractors are functions properly performing their and that staff and functions properly procedures meet and that staff and applicable procedures meet requirements. This applicableproposed provision requirements.would respond to several incidents in which parties under contract to licensees did not permit AA program auditors to remove documents from a C/ V's premises that were necessary to document audit findings, develop corrective actions, and ensure that the corrective actions were comprehensive and effective. (n)(5) Audits must A new Sec. focus on the73.56(n)(5) would effectiveness of require audits to the authorization focus on the program or program effectiveness of AA element(s), asprograms and appropriate. At program elements in least one member of response to the audit teamindustry and NRC shall be a person experience that who is
some licensees' AA knowledgeable of program audits have and practiced with focused only on the meetingextent to which the authorizationprogram or program program performance elements meet the objectives andminimum regulatory requirements. The requirements in the individualscurrent rule. performing theConsistent with a audit of theperformance-based authorizationapproach, the program or program proposed paragraph element(s) shall be would more clearly independent from communicate the both the subject NRC's intent that authorizationAA programs must programs management meet the and from personnel performance who are directly objective of responsible for providing high implementing the assurance that authorizationindividuals who are program(s) being subject to the audited.program are trustworthy and reliable, and do not constitute an unreasonable risk to public health and safety or the common defense and security, including the potential to commit radiological sabotage. The proposed paragraph would also require that the audit team must include at least one individual who has practical experience in implementing all facets of AA programs and that the team members must be independent. These provisions would be added in response to issues that have arisen since the requirements for AA programs were first promulgated, in which licensee audits were ineffective because the personnel who conducted the audits:[[Page 62791]]
(1) lacked the requisite knowledge to evaluate the wholistic implications of individual requirements or the complexities associated with meeting the rule's performance objective and, therefore, could not adequately evaluate program effectiveness, or (2) were not independent from the day-to-day operation of the AA program and, therefore, could not be objective, because in some cases, these persons were auditing their own activities. The proposed requirements would be necessary to correct these audit deficiencies. (n)(6) The result of Proposed Sec. the audits, along 73.56(n)(6) would with anyclarify the recommendations, requirements for must be documented documentation and and reported to dissemination of senior corporate audit results. and siteSection 73.56(h)(2) management. Each of the current rule audit report must specifies that identify conditions licensees shall that are adverse to retain records of the properresults of audits, performance of the resolution of the authorizationaudit findings, and program, the cause corrective actions. of the
The proposed rule condition(s), and, would retain the when appropriate, requirement that recommendedlicensees, corrective actions, applicants, and C/ and correctiveVs document audit actions taken. The findings. The licensee, applicant proposed rule would or C/V shall review add a requirement the audit findings that any and take anyrecommendations additionalmust be documented, corrective actions, and also would add to include re-a requirement that auditing of the findings and deficient areas recommendations where indicated, to must be reported to preclude, within senior corporate reason, repetition and site of the condition. management. The The resolution of proposed rule the audit findings specifies more and correctivefully than the actions must be current rule what documented.an audit report must contain. The second sentence of the proposed paragraph would require each audit report to identify conditions that are adverse to the proper performance of the AA program, the cause of the condition(s), and, when appropriate, recommended corrective actions, and corrective actions already taken. The third sentence of the proposed paragraph would require the licensee, applicant, or C/V to review the audit findings and, where warranted, take additional corrective actions, to include re- auditing of the deficient areas where indicated, to preclude, within reason, repetition of the condition. Finally, the proposed rule would require the resolution of the audit findings and corrective actions to be documented. The current rule does not state explicitly that resolution of the audit findings and corrective actions must be documented; it provides only that records of resolution of the audit findings and corrective actions must be retained for 3 years. The additional sentences in the proposed rule would provide consistency with Criterion XVI in appendix B to 10 CFR part 50 and would indicate that AA audit reports must be included in licensees' and applicants' corrective action programs, and that any nonconformance is not only identified, but corrected.[[Page 62792]]
(n)(7) Licensees and Proposed Sec. applicants may73.56(n)(7) would jointly conduct clarify the audits, or maycircumstances in accept audits of C/ which licensees, Vs that wereapplicants, and C/ conducted by other Vs may accept and licensees andrely on others' applicants who are audits. The current subject to this rule in Sec. section, if the 73.56(g) states audit addresses the only that licensees services obtained may accept audits from the C/V by of contractors and each of the sharing vendors conducted licensees andby other licensees. applicants. C/Vs The proposed rule may jointly conduct would amend the audits, or maycurrent provision accept audits of to incorporate its subcontractors specific permission that were conducted for licensees and by other licensees, other entities to applicants and C/Vs jointly conduct who are subject to audits as well as this section, if rely on one the audit addresses anothers audits, if the servicesthe audits upon obtained from the which they are subcontractor by relying address the each of the sharing services obtained licensees,from the C/V by applicants and C/Vs. each of the sharing licensees or applicants. These proposed changes would make the rule consistent with current licensee practices that have been endorsed by the NRC and reduce unnecessary regulatory burden by reducing the number of redundant audits that would be performed. (n)(7)(i) Licensees, Proposed Sec. applicants and C/Vs 73.56(n)(7)(i) shall review audit would require records and reports licensees, to identify any applicants, and C/ areas that were not Vs to identify any covered by theareas that were not shared or accepted covered by a shared audit and ensure or accepted audit that authorization and ensure that any program elements unique services and services upon used by the which the licensee, licensee, applicant or C/V applicant, or C/V relies are audited, that were not if the programcovered by the elements andshared audit are services were not audited. The addressed in the proposed provision shared audit.is necessary to ensure that all authorization program elements and services upon which each of the licensees, applicants, and C/ Vs relies are audited, and that elements not included in the shared audits are not overlooked or ignored. Sec. 73.56(g)(2) * * * (n)(7)(ii) Sharing Proposed Sec. Licensees may accept audits licensees and73.56 (n)(7)(ii) of contractors and vendors applicants need not would add a new conducted by otherre-audit the same C/ paragraph licensees.
V for the sameclarifying that period of time. licensees, Sharing C/Vs need applicants, and C/ not re-audit the Vs need not re- same subcontractor audit the same C/V for the same period for the same period of time.of time, and that C/ Vs who share the services of the same subcontractor with other C/Vs or licensees and applicants, need not re-audit the same subcontractor for the same period of time. The proposed rule would include this provision in response to implementation questions from stakeholders at the public meetings discussed in Section IV.3 who reported that some industry auditors and quality assurance personnel have misunderstood the intent of the current provision and have required licensees to re- audit C/V programs that have been audited by other licensees during the same time period. However, such re-auditing would be unnecessary, as the shared program elements and services should be identical, and the period of time covered by the audit should be the same nominal 12- month period. Therefore, the proposed provision would be added to clarify the intent of current Sec. 73.56(g)(2).[[Page 62793]]
Sec. 73.56(g)(2) * * * (n)(7)(iii) Each Proposed Sec. Each sharing utility shall sharing licensee, 73.56(n)(7)(iii) maintain a copy of theapplicant and C/V would retain the audit report, to include shall maintain a requirement in findings, recommendations copy of the shared current Sec. and corrective actions. audit, including 73.56(g)(2) that findings,each sharing entity recommendations, shall maintain a and correctivecopy of the shared actions.audit report. The proposed provision would specify that the requirement to retain a copy of a shared audit report includes a requirement to retain a copy of findings, recommendations, and corrective actions, and that the requirement pertains to each sharing licensee, applicant and C/V. This provision is necessary to ensure that the audit documents are available for NRC review. Sec. 73.56(h) Records..... (o) Records. Each Proposed Sec. Sec. 73.56(h)(1) Eachlicensee,73.56(o) [Records] licensee who issues anapplicant, and C/V would establish a individual unescortedwho is subject to requirement that access authorization shall this section shall licensees, retain the records on which maintain theapplicants and C/Vs the authorization is based records that are who are subject to for the duration of the required by the this section must unescorted accessregulations in this retain the records authorization and for a section for the required under the five-year period following period specified by proposed rule for its termination..the appropriate either the periods regulation. If a that are specified retention period is by the appropriate not otherwiseregulation or for specified, these the life of the records must be facility's license, retained until the certificate, or Commissionother regulatory terminates theapproval, if no facility's license, records retention certificate, or requirement is other regulatory specified. The approval.proposed rule would replace the current records requirement in Sec. 73.56(h)(1), which requires retention of records on which UAA is granted for a period of 5 years following termination of UAA, and retention of records upon which a denial of UAA is based for 5 years, and in Sec. 73.56(h)(2), which requires retention of audit records for 3 years. The proposed records retention requirement is a standard administrative provision that is used in all other parts of 10 CFR that contain substantive requirements applicable to licensees and applicants. (o)(1) All records Proposed Sec. may be stored and 73.56(o)(1) would archivedpermit the records electronically, that would be provided that the required under the method used toprovisions of the create theproposed section to electronic records be stored and meets the following archived criteria:electronically if (i) Provides anthe method used to accuratecreate the representation of electronic records: the original(1) Provides an records;.accurate (ii) Preventsrepresentation of unauthorized access the original to the records;. records; (2) (iii) Prevents the prevents access to alteration of any the information by archivedany individuals who information and/or are not authorized data once it has to have such been committed to access; (3) storage; and.prevents the (iv) Permits easy alteration of any retrieval and re- archived creation of the information and/or original records.. data once it has been committed to storage; and (4) allows easy retrieval and re- creation of the original records. The proposed paragraph would be added to recognize that most records are now stored electronically and must be protected to ensure the integrity of the data. Records are now stored electronically and must be protected to ensure the integrity of the data.[[Page 62794]]
(o)(2) EachProposed Sec. licensee,73.56(o)(2) would applicant, and C/V require licensees, who is subject to applicants, and C/ this section shall Vs to retain retain thecertain records following records related to UAA for at least 5determinations for years after the at least 5 years licensee,after an applicant, or C/V individual's UAA terminates orhas been terminated denies anor denied, or until individual'sthe completion of unescorted access all related legal authorization or proceedings, until thewhichever is later. completion of all The proposed related legalrequirement to proceedings,retain records whichever is later: until the (i) Records of the completion of all information that related legal must be collected proceedings would under paragraphs address the fact (d) and (e) of this that legal actions section thatinvolving records results in theof the type granting ofspecified in the unescorted access proposed paragraph authorization;. can continue longer (ii) Recordsthan the 5 years pertaining tothat the current denial orrule requires these unfavorablerecords to be termination ofretained. Adding a unescorted access requirement to authorization and retain the records related management until all legal actions; and.proceedings are (iii) Documentation complete would of the granting and protect termination ofindividuals' unescorted access ability to have authorization.. access to a full and complete evidentiary record in legal proceedings. The proposed rule would identify more specifically the records to be retained than the current rule, which in Sec. 73.56(h)(1) specifies only ``the records on which authorization is based'' and ``the records on which denial is based.'' Proposed Sec. 73.56(o)(2) would require licensees, applicants, and C/ Vs to retain three specified types of records: (1) Records listed in proposed Sec. 73.56(o)(2)(i), which specifies records of the information that must be collected under Sec. 73.56(d) [Background investigation] and Sec. 73.56(e) [Psychological assessment] of the proposed rule that results in the granting of UAA; (2) records listed in proposed Sec. 73.56(o)(2)(ii), which specifies records pertaining to denial or unfavorable termination of UAA and related management actions; and (3) records listed in proposed Sec. 73.56(o)(2)(iii), which specifies documentation of the granting and termination of UAA. Proposed Sec. 73.56(o)(2)(iii), requiring retention of records that are related to the granting and termination of an individual's UAA, would be added to ensure that licensees, applicants, and C/ Vs who may be considering granting UAA to an individual can determine which category of UAA requirements would apply to the individual, based upon the length of time that has elapsed since the individual's last period of UAA was terminated and whether the individual's last period of UAA was terminated favorably.[[Page 62795]]
Sec. 73.56(h)(2) Each (o)(3) EachProposed Sec. licensee shall retainlicensee,73.56(o)(3)(i) and records of results ofapplicant, and C/V (ii) would require audits, resolution of the who is subject to licensees, audit findings andthis section shall applicants, and C/ corrective actions forretain theVs to retain three years.
following records records related to for at least 3behavioral years or until the observation completion of all training and related legalrecords related to proceedings,audits, audit whichever is later: findings, and (i) Records ofcorrective actions behavioralfor at least 3 observationyears, or until the training conducted completion of all under paragraph related legal (f)(2) of thisproceedings, section; and.whichever is later. (ii) Records ofProposed Sec. audits, audit73.56(o)(3)(i) findings, andwould add a new corrective actions requirement, not taken underaddressed in the paragraph (n) of current rule, to this section..retain records of behavioral observation training. Because the proposed rule is adding a requirement that all individuals who are subject to the AA program must perform behavioral observation, and therefore that they must all be trained in behavioral observation, this proposed record retention requirement is necessary to allow the NRC to review the implementation of the training requirement. Proposed Sec. 73.56(o)(3)(i) would retain the 3- year recordkeeping requirements of the current rule in Sec. 73.56(h)(2) for audit findings and corrective action records. (o)(4) Licensees, Proposed Sec. applicants, and C/ 73.56(o)(4) would Vs shall retain add a new written agreements requirement that for the provision licensees, of services under applicants, and C/ this section for Vs shall retain the life of the written agreements agreement or until for the provision completion of all of authorization legal proceedings program services related to a denial for the life of the or unfavorableagreement or until termination ofcompletion of all unescorted access legal proceedings authorization that related to a denial involved thoseor unfavorable services, whichever termination of UAA is later.that involved those services, whichever is later. The proposed requirement for retention of the agreement for the life of the agreement would ensure that the agreement is available for use as a source of information about the scope of duties under the agreement. The proposed requirement to retain the written agreements for any matter under legal challenge until the matter is resolved is necessary to ensure that the materials remain available, should an individual, the NRC, a licensee, or another entity who would be subject to the rule require access to them in a legal or regulatory proceeding. (o)(5) Licensees, Proposed Sec. applicants, and C/ 73.56(o)(5) would Vs shall retain be added to require records of thelicensees, background checks, applicants, and C/ and psychological Vs to retain assessments ofrecords related to authorizationthe background program personnel, checks and conducted under psychological paragraphs (d) and assessments of AA (e) of thisprogram personnel, section, for the conducted under length of theproposed paragraphs individual's(d) and (e) of Sec. employment by or73.56, for the contractuallength of the relationship with individual's the licensee,employment by or applicant, or C/V, contractual or until therelationship with completion of any the licensee, legal proceedings applicant, or C/V, relating to the or until the actions of such completion of all authorizationrelated legal program personnel, proceedings, whichever is later. whichever is later. The proposed period during which these records must be maintained would be based on the NRC's need to have access to the records for inspection purposes and the potential need for the records to remain available should an individual, the NRC, a licensee, or another entity who would be subject to this rule require access to them in a legal or regulatory proceeding. However, the proposed rule would establish a limit on the period during which the records must be retained in order to reduce the burden associated with storing such records indefinitely.[[Page 62796]]
(o)(6) Licensees, A new Sec. applicants, and C/ 73.56(o)(6) would Vs shall ensure require licensees, that theapplicants and C/Vs information about to establish and individuals who administer an have applied for information-sharing unescorted access mechanism (i.e., a authorization,database) that which is specified permits all of the in the licensee's entities who are or applicant'ssubject to Sec. Physical Security 73.56 to access Plan, is recorded certain information and retained in an about individuals information-sharing who have applied mechanism that is for UAA under this established and section. The administered by the information that licensees,must be shared applicants, and C/ would be specified Vs who are subject in the Physical to his section. Security Plans that Licensees,licensees and applicants, and C/ entities would be Vs shall ensure required to submit that only correct for NRC review and and completeapproval under information isproposed Sec. included in the 73.56(a). The information-sharing proposed paragraph mechanism. If, for would require any reason, the licensees, shared information applicants, and C/ used forVs to enter this determining aninformation about individual'sindividuals who trustworthiness and have applied for reliability changes UAA into the or new information information-sharing is developed about mechanism and the individual, update the shared licensees,information, if the applicants, and C/ licensee, applicant Vs shall correct or or C/V determines augment the shared that information informationpreviously entered contained in the is incorrect or information-sharing develops new mechanism.information about the individual. The proposed requirement for an information-sharing mechanism is necessary to address several long-standing weaknesses in the sharing of information about individuals among licensee and C/V authorization programs that is required under current Sec. 73.56. If the changed or Although the developedindustry has information has maintained a implications for database for many adversely affecting years, some an individual's licensees did not trustworthiness and participate, some reliability, the programs did not licensee,enter complete applicant, or C/V information, some who has discovered programs did not the incorrectenter the information, or information in a develops newtimely manner, and information, shall C/Vs who were inform theimplementing reviewing official authorization of any
programs were not authorizationpermitted to program under which participate. As a the individual is result, some maintaininglicensees and C/Vs unescorted access were at risk of authorization of granting UAA to the updatedindividuals without information on the being aware, in a day of discovery. few instances, that The reviewingthe individual's official shalllast period of UAA evaluate thehad been terminated information and unfavorably or that take appropriate potentially actions, which may disqualifying include denial or information about unfavorablethe individual had termination of the been developed by a individual'sprevious licensee unescorted access after the authorization. If, individual was for any reason, the granted UAA by a information-sharing subsequent mechanism islicensee, because unavailable and a that additional notification of information was not changes or updated communicated. information isTherefore, the required,proposed rule would licensees,require applicants, and C/ establishing and Vs shall takeadministering an manual actions to information-sharing ensure that the mechanism to information isstrengthen the shared, and update effectiveness of the records in the authorization information-sharing programs by mechanism as soon ensuring that as reasonablyinformation that possible. Records has implications maintained in the for an individual's database must be trustworthiness and available for NRC reliability is review.available in a timely manner, accurate, and complete.[[Page 62797]]
The proposed paragraph would also require licensees, applicants, and C/ Vs to inform the reviewing official of any licensee, applicant, or C/V who may be considering an individual for UAA or has granted UAA to an individual of any corrected or new information about that individual on the day that incorrect or new information is discovered. The proposed requirement to inform the subsequent licensee's, applicant's, or C/ V's reviewing official would be added to ensure that the corrected or new information is actively communicated, in addition to entering it into the information- sharing mechanism. The proposed rule would also require the receiving reviewing official to evaluate the corrected or new information and determine its implications for the individual's trustworthiness and reliability. If the information indicates that the individual cannot be determined to be trustworthy and reliable, the proposed rule would require the receiving reviewing official to deny or unfavorably terminate the individual's UAA. The proposed requirement to inform subsequent AA programs of corrected or new information is necessary because receiving AA programs would not otherwise become aware of the information unless and until the individual seeks UAA from another AA program or is subject to the re- evaluation required under proposed Sec. 73.56(i)(1)(v). The proposed paragraph would also require licensees, applicants, and C/ Vs to take manual actions to share the required information, if the industry database is unavailable for any reason. These manual actions could include, but would not be limited to, telephone contacts, faxes, and email communications. However, the proposed rule would also require that any records created manually must be entered into the database once it is again available. These provisions would be necessary to maintain the effectiveness of the information- sharing component of AA programs. Finally, the proposed paragraph would also require the information- sharing mechanism to be available for NRC review. This requirement is necessary to ensure that NRC personnel have access to the information-sharing mechanism for required inspection activities.[[Page 62798]]
(o)(7) If aA new Sec. licensee,73.56(o)(7) would applicant, or C/V ensure that the administratively temporary withdraws anadministrative individual'swithdrawal of an unescorted access individual's UAA, authorization under caused by a delay the requirements of in completing any this section, the portion of the licensee,background applicant, or C/V investigation or re- may not record the evaluation that is administrativenot under the action to withdraw individual's the individual's control, would not unescorted access be treated as an authorization as an unfavorable unfavorabletermination, except termination and may if the reviewing not disclose it in official determines response to athat the delayed suitable inquiry information conducted under the requires denial or provisions of part unfavorable 26 of this chapter, termination of the a backgroundindividual's UAA. investigationThis proposed conducted under the provision would be provisions of this necessary to ensure section, or any that individuals other inquiry or are not unfairly investigation.subject to any Immediately upon adverse favorableconsequences for completion of the the licensee's or backgroundother entity's investigationdelay in completing element that caused the background the administrative investigation or withdrawal, the other requirements licensee,of the proposed applicant, or C/V section. shall ensure that any matter that could link the individual to the temporary administrative action is eliminated from the subject individual's access authorization or personnel record and other records, except if a review of the information obtained or developed causes the reviewing official to unfavorably terminate the individual's unescorted access.
Table 4.--Proposed Part 73 Section 73.58 [Safety/security interface]Proposed language
ConsiderationsSec. 73.58 Safety/security interface Proposed Sec. 73.58 would be requirements for nuclear powera new requirement in part 73. reactors.
The need for the proposed rulemaking is based on: (i) The Commission's comprehensive review of its safeguards and security programs and requirements, (ii) the variables in the current threat environment, (iii) the analyses made during the development of the changes to the Design Basis Threat, (iv) the plant-specific security analyses, and (v) the increased complexity of licensee security measures now being required with an attendant increase in the potential for adverse interactions between safety and security. Additionally, it is based on plant events that demonstrated that changes made to a facility, its security plan, or implementation of the plan can have adverse effects if the changes are not adequately assessed and managed. The Commission has determined that the proposed safety/security rule requirements are necessary for reasonable assurance that the public health and safety and common defense and security continue to be adequately protected because the current regulations do not specifically require evaluation of the effects of plant changes on security or the effects of security plan changes on plant safety. Further, the regulations do not require communication about the implementation and timing of changes, which would promote awareness of the effects of changing conditions, and result in appropriate assessment and response.[[Page 62799]]
Each operating nuclear power reactor The introductory text would licensee with a license issued under indicate this section would part 50 or 52 of this chapter shall apply to power reactors comply with the requirements of this licensed under 10 CFR parts 50 section.
or 52. Paragraph (a)(1) of (a)(1) The licensee shall assess and this section would require manage the potential for adverselicensees to assess proposed affects on safety and security,changes to plant including the site emergency plan, configurations, facility before implementing changes to plant conditions, or security to configurations, facility conditions, identify potential adverse or security..
effects on the capability of the licensee to maintain either safety or security before implementing those changes. The assessment would be qualitative or quantitative. If a potential adverse effect would be identified, the licensee shall take appropriate measures to manage the potential adverse effect. Managing the potential adverse effect would be further described in paragraph (b). The requirements of the proposed Sec. 73.58 would be additional requirements to assess proposed changes and to manage potential adverse effects contained in other NRC regulations, and would not be intended to substitute for them. The primary function of this proposed rule would be to explicitly require that licensees consider the potential for changes to cause adverse interaction between security and safety, and to appropriately manage any adverse results. Documentation of assessments performed per paragraph (a)(1) would not be required so as not to delay plant and security actions unnecessarily. (a)(2) The scope of changes to beParagraph (a)(2) of this assessed and managed must includesection would identify that planned and emergent activities (such changes identified by either as, but not limited to, physicalplanned or emergent activities modifications, procedural changes, must be assessed by the changes to operator actions orlicensee. Paragraph (a)(2) of security assignments, maintenancethis section would also activities, system reconfiguration, provide a description of access modification or restrictions, typical activities for which and changes to the security plan and changes must be assessed and its implementation).
for which resultant adverse interactions must be managed. (b) Where potential adverseParagraph (b) of this section interactions are identified, thewould require that, when licensee shall communicate them to potential adverse interactions appropriate licensee personnel and would be identified, licensees take compensatory and/or mitigative shall communicate the actions to maintain safety andpotential adverse interactions security under applicable Commission to appropriate licensee regulations, requirements, and license personnel. The licensee shall conditions.
also take appropriate compensatory and mitigative actions to maintain safety and security consistent with the applicable NRC requirements. The compensatory and/or mitigative actions taken must be consistent with existing requirements for the affected activity.
Table 5.--Proposed Part 73 Section 73.71 [Reporting of safeguards events]Current languageProposed language Considerations(a) Each licensee This paragraph would subject to thebe added to provide provisions of Sec. for the very rapid 73.55 shall notify communication to the NRC Operations the Commission of Center,\1\ as soon an imminent or as possible but not actual threat to a later than 15power reactor minutes afterfacility. The discovery of an proposed 15-minute imminent or actual requirement would safeguards threat more accurately against thereflect the current facility and other threat environment. safeguards events Because an actual described inor imminent threat paragraph I ofcould quickly appendix G to this result in a part \2\.security event, a Footnote: 1.shorter reporting Commercial (secure time would be and non-secure) required. This telephone number of shortened time the NRC Operations would permit the Center areNRC to contact specified inFederal authorities appendix A to this and other licensees part..
in a rapid manner Footnote: 2.to inform them of Notifications to this event, the NRC for the especially if this declaration of an event is the emergency class opening action on a shall be performed coordinated in accordance with multiple-target Sec. 50.72 of attack. Such notice this chapter..may permit other licensees to escalate to a higher protective level in advance of an attack. The Commission would expect licensees to notify the NRC Operations Center as soon as possible after they notify local law enforcement agencies, but within 15 minutes. The Commission may consider the applicability of this requirement to other types of licensees in future rulemaking. Footnote 1 would provide a cross reference to appendix A to part 73 which contains NRC contact information. Footnote 2 would remind licensees of their concurrent emergency declaration responsibilities under 10 CFR 50.72.[[Page 62800]]
(a)(1) When making a The proposed rule report underwould include this paragraph (a) of introductory this section, the statement, which licensees shall: provides a structure for the following list of information to be provided in the 15- minute report. (a)(1)(i) Identify This requirement the facility name; would be added to and
ensure the licensee's facility is clearly identified when a report is made. (a)(1)(ii) Briefly This requirement describe the nature would be added to of the threat or ensure the nature event, including: and substance of the event would be clearly articulated based on the best information available to the licensee at the time of the report. The information should be as factual and as succinct as possible. Additional information regarding the identification of events to be reported and the nature of the information to be provide will be described in guidance. (a)(1)(ii)(A) Type This requirement of threat or event would be added to (e.g., armedprovide for a assault, vehicle minimum, succinct bomb, credible bomb categorization of threat, etc.); and the information described in the report. This would allow the licensee the opportunity to provide a scope for the information included in the report. The information should be as factual and as succinct as possible at the time of the report. Additional information regarding identification of events to be reported will be provided in guidance. (a)(1)(ii)(B) Threat This requirement or event status would be added to (i.e., imminent, in provide information progress, orregarding the most neutralized).current status of the event or information being reported. The information should be as factual as possible at the time of the report. (b)(2) This notification (a)(2) Notifications This paragraph would must be made in accordance must be madebe revised to with the requirements of according toreflect the new Paragraphs (a) (2), (3), paragraph (e) of location for the (4), and (5) of thisthis section, as methods for these section.
applicable.notifications. The requirements for the methods all of the verbal notifications [under this section] would be consolidated under paragraph (e). (a)(1) Each licensee subject (b) Each licensee This requirement to the provisions of Sec. subject to thewould be renumbered Sec. 73.25, 73.26,provisions of Sec. and retained with 73.27(c), 73.37, 73.67(e), Sec. 73.25,minor revision. or 73.67(g) shall notify 73.26, 73.27(c), Footnote (1) would the NRC Operations Center1 73.37, 73.67(e), or be relocated to new within one hour after73.67(g) shallparagraph (a) and discovery of the loss of notify the NRCrevised. The any shipment of SNM orOperations Center acronym ``SNM'' spent fuel, and within one within one (1) hour would be spelled hour after recovery of or after discovery of out as ``special accounting for such lost the loss of any nuclear material.'' shipment.
shipment of special The word Footnote: 1. Commercialnuclear material ``nuclear'' would telephone number of the NRC (SNM) or spentbe added to ``spent Operation Center is (301) nuclear fuel, and fuel'' to be 816-5100.
within one (1) hour consistent with after recovery of terminology used or accounting for elsewhere in part the lost shipment. 73. Reference to Notifications must the methods of be made according telephonic to paragraph (e) of reporting would be this section, as added to specify applicable.paragraph (e) of this section. (b)(1) Each licensee subject (c) Each licensee This requirement to the provisions of Sec. subject to thewould be renumbered Sec. 73.20, 73.37, 73.50, provisions of Sec. and retained with 73.51, 73.55, 73.60, or Sec. 73.20,minor revision. The 73.67 shall notify the NRC 73.37, 73.50,words ``1 hour of'' Operations Center within 1 73.51, 73.55,would be replaced hour of discovery of the 73.60, or 73.67 by the words ``one safeguards events described shall notify the (1) hour after'' to in Paragraph I(a)(1) of NRC Operationsclarify the time appendix G to this part. Center within one frame established (1) hour afterby this discovery of the requirement. The safeguards events reference to described inappendix G would be paragraph II of revised as a appendix G to this conforming change part. Notifications to specify the must be madeevents to be according toreported. Reference paragraph (e) of to the methods of this section, as reporting would be applicable.added to specify paragraph (e) of this section.[[Page 62801]]
(d) Each licensee This paragraph would subject to thebe added to provide provisions of Sec. a requirement for 73.55 shall notify power reactor the NRC Operations licensees to notify Center, as soon as the Commission of possible but not suspicious later than four (4) activities, hours afterattempts at access, discovery of the etc., that may safeguards events indicate pre- described inoperational paragraph III of surveillance, appendix G to this reconnaissance, or part. Notifications intelligence must be madegathering according toactivities targeted paragraph (e) of against the this section, as facility. This applicable.would more accurately reflect the current threat environment; would assist the Commission in evaluating threats to multiple licensees; and would assist the intelligence and homeland security communities in evaluating threats across critical infrastructure sectors. The reporting process intended in this proposed rule would be similar reporting process that the licensees currently use under guidance issued by the Commission subsequent to September 11, 2001, and would formalize Commission expectations; however, the reporting interval would be lengthened from 1 hour to 4 hours. The Commission views this length of time as reasonable to accomplish these broader objectives. This reporting requirement does not include a followup written report. The Commission believes that a written report from the licensees would be of minimal value and would be an unnecessary regulatory burden, because the types of incidents to be reported are transitory in nature and time- sensitive. The proposed text would be neither a request for intelligence collection activities nor authority for the conduct of law enforcement or intelligence activities. This paragraph would simply require the reporting of observed activities. The Commission may consider the applicability of this requirement to other types of licensees in future rulemaking. (a)(2) This notification (e) The licensees This requirement must be made to the NRC shall make thewould be renumbered Operations Center via the notificationsand revised as a Emergency Notificationrequired byconforming change System, if the licensee is paragraphs (a), to new paragraph party to that system.(b), (c), and (d) (d). Other of this section to revisions would the NRC Operations include changing Center via thethe phrase ``This Emergencynotification must Notificationbe made to'' would System, or other be replaced by the dedicatedactive-voice phrase telephonic system ``The licensee that may beshall make'' to designated by the clarify that it Commission, if the would be the licensee has access licensee who takes to that system. the notification action. The phrase ``or other dedicated telephonic system that may be designated by the Commission'' would be added to allow flexibility to address advances in communications systems. (a)(2) If the Emergency (e)(1) If theThis requirement Notification System isEmergencywould be renumbered inoperative or unavailable, Notification System and retained with the licensee shall make the or other designated minor revision. The required notification via telephonic system phrase ``within one commercial telephonicis inoperative or hour'' would be service or other dedicated unavailable,replaced with the telephonic system or any licensees shall phrase ``within the other methods that will make the required timeliness ensure that a report is notification via requirements of received by the NRCcommercialparagraphs (a), Operations Center within telephonic service (b), (c), and (d) one hour.
or any otherof this section, as methods that will applicable.'' This ensure that awould provide report is received consistency with by the NRCthe varying Operations Center submission within theintervals for timelinessnotifications under requirements of paragraphs (a) paragraphs (a), through (d). (b), (c), and (d) of this section, as applicable. (a)(2) The exemption of (e)(2) The exception This requirement Section 73.21(g)(3) applies of Sec.would be renumbered to all telephonic reports 73.21(g)(3) for and retained with required by this section. emergency orminor revision to extraordinaryprovide clarity conditions applies [and consistency to all telephonic with Sec. 73.21 reports required by safeguards this section.information regulations] on what types of telephonic notifications are exempt from the secure communications requirements of Sec. 73.21.[[Page 62802]]
(a)(3) The licensee shall, (e)(3) For events This requirement upon request to the NRC, reported underwould be retained maintain an open andparagraph (a) of and revised into continuous communication this section, the three separate channel with the NRClicensee may be requirements. The Operations Center.requested by the first sentence NRC to maintain an would be reworded open, continuous to reflect the communicationrenumbered event channel with the reports under this NRC Operationssection. For the 15- Center, once the minute reports, the licensee hasparagraph would completed other indicate that a requiredlicensee may be notifications under requested to this section, Sec. establish a 50.72 of this``continuous chapter, orcommunications appendix E of part channel'' following 50 of this chapter the initial 15- and any immediate minute actions tonotification. The stabilize theestablishment of a plant. Whencontinuous established, the communications continuouschannel would not communicationssupercede current channel shall be emergency staffed by apreparedness or knowledgeablesecurity individual in the requirements to licensee's security notify State or operationsofficials or local organizationslaw enforcement (e.g., a security authorities, nor supervisor, anwould it supercede alarm stationrequirements to operator,take immediate operationsaction to stabilize personnel, etc.) the reactor plant from a location (e.g.>, in response deemed appropriate to a reactor scram by the licensee. or to the loss of offsite power). The continuousA new requirement communicationswould be added for channel may bethe person established via the communicating to be Emergencyknowledgeable and Notification System from the licensee's or other dedicated security or telephonic system operations that may beorganization. This designated by the language would Commission, if the provide licensees licensee has access with flexibility in to that system, or choosing personnel a commercialto fulfill this telephonic system. communications role and in choosing the location for this communication (e.g., control room, security alarm station, technical support center, etc.). This language would also provide licensees direction and flexibility on the telephonic systems that may be used for this communications channel. (a)(3) The licensee shall, (e)(4) For events This requirement upon request to the NRC, reported underwould be renumbered maintain an open andparagraphs (b) or and retained with continuous communication (c) of thisminor revision to channel with the NRCsection, thesupport the Operations Center.licensee shallrenumbering of maintain an open, existing paragraphs continuous(a) and (b) to new communication(b) and (c). channel with the NRC Operations Center upon request from the NRC. (e)(5) ForThis would be a new suspicious events requirement. For reported undersuspicious activity paragraph (d) of reports, no this section, the continuous licensee is not communication required tochannel would be maintain an open, required. The continuousCommission's view communicationis that because channel with the these reports are NRC Operationsintended for law Center.enforcement, threat assessment, and intelligence community purposes, rather than event followup purposes, a continuous communications channel is not necessary. (c) Each licensee subject to (f) Each licensee This requirement the provisions of Sec.subject to thewould be renumbered Sec. 73.20, 73.37, 73.50, provisions of Sec. and retained with 73.51, 73.55, 73.60, or Sec. 73.20,minor revision. The each licensee possessing 73.37, 73.50,term ``safeguards SSNM and subject to the 73.51, 73.55,event'' would be provisions of Sec.73.60, or eachadded between 73.67(d) shall maintain a licensee possessing ``current'' and current log * * *.SSNM and subject to ``log'' to provide the provisions of greater clarity and Sec. 73.67(d) consistency with shall maintain a appendix G. current safeguards event log. (c) * * * and record the (f)(1) The licensee This requirement safeguards events described shall record the would be renumbered in Paragraphs II (a) and safeguards events and retained with (b) of appendix G to this described inrevision. This part within 24 hours of paragraph IV of paragraph would discovery by a licensee appendix G of this also be revised to employee or member of the part within 24reflect the licensee's contracthours of discovery. renumbering of security organization.
appendix G. The language on discovery by a licensee or licensee contractor would be removed to reduce confusion. The Commission expects all logable events to be recorded, irrespective of who identifies the security issue (i.e., recordable events discovered by licensee staff, contractors, NRC or State inspectors, or independent auditors should be logged). (c) * * * The licensee shall (f)(2) The licensees This requirement retain the log of events shall retain the would be renumbered recorded under this section log of eventsand retained with as a record for three years recorded under this minor revision by after the last entry is section as a record adding ``(3)'' made in each log or until for three (3) years after ``three'' termination of the license. after the last[years]. entry is made in each log or until termination of the license.[[Page 62803]]
(a)(4) The initial(g) Written reports. This requirement telephonic notification (1) Each licensee would be renumbered must be followed within a making an initial and retained with period of 60 days by atelephonicrevision. The written report submitted to notification under current text would the NRC by an appropriate paragraphs (a), be retained method listed in Sec.(b), and (c) of requiring a written 73.4.
this section shall 60-day report be also submit asubmitted for 1- written report to hour notifications the NRC within a under paragraph (b) period of 60 days and (c). A written by an appropriate 60-day report would method listed in also be required Sec. 73.4.for 15-minute notifications under paragraph (a). (g)(2) Licenses are This paragraph would not required to be a new submit a written requirement. report following a Licensees would not telephonicbe required to notification made submit a written under paragraph (d) report for a of this section. suspicious activity notification made under paragraph (d) as no ``security event'' has occurred. Any followup that might be necessary would be handled through the Commission's threat assessment procedures. (d) Each licensee shall (g)(3) Each licensee This requirement submit to the Commission shall submit to the would be renumbered the 60-day written reports Commission written and retained. The required under thereports that are of timing requirement provisions of this section a quality that will and the quality that are of a quality that permit legiblerequirement would will permit legiblereproduction and be split into reproduction andprocessing.paragraph (g)(1) processing. * * *.
and (g)(3), respectively. (d) * * * [I]f the facility (g)(4) Licensees These requirements is subject to Sec. 50.73 subject to Sec. would be renumbered of this chapter, the50.73 of thisand retained. licensee shall prepare the chapter shall written report on NRC Form prepare the written 366. If the facility is not report on NRC Form subject to Sec. 50.73 of 366. this chapter, the licensee (g)(5) Licensees not shall not use this form but subject to Sec. shall prepare the written 50.73 of this report in letter format * * chapter, shall *.
prepare the written report in letter format. (a)(4) In addition to the (g)(6) In addition This requirement addressees specified in to the addressees would be renumbered Sec. 73.4, the licensee specified in Sec. and retained with shall also provide one copy 73.4, the licensees minor revision. The of the written reportshall also provide paragraph would be addressed to the Director, one copy of the revised to change Division of Nuclearwritten report and the organization Security, Office of Nuclear any revisionswithin the NRC, Security and Incidentaddressed to the that should receive Response.
Director, Office of an extra copy of Nuclear Security the written, or any and Incidentrevisions to the Response.written report, in addition to the standard submission addresses under Sec. 73.4. The phrase ``Director, Division of Nuclear Security'' would be replaced with the ``Director, Office of Nuclear Security and Incident Response.'' to reflect changes within the Office of Nuclear Security and Incident Response and reduce the need for future changes to this regulation with realignment of the NRC's internal structure. (a)(4) The report must(g)(7) The report This requirement include sufficientmust includewould be retained information for NRCsufficientand be renumbered. analysis and evaluation. information for NRC analysis and evaluation. (a)(5) Significant(g)(8) Significant This requirement supplemental information supplementalwould be renumbered which becomes available information which and revised. after the initialbecomes available Language would be telephonic notification to after the initial added to clarity the NRC Operations Center telephonicthe updating of or after the submission of notification to the notifications made the written report must be NRC Operationsunder paragraph (e) telephonically reported to Center or after the and to require the NRC Operations Center submission of the revised written and also submitted in a written report must reports. Written revised written reportbe telephonically initial and revised (with the revisionsreported to the NRC reports would be indicated) to the Regional Operations Center submitted in Office and the Document under paragraph (e) accordance with Control Desk.
of this section and paragraph (g)(6) of also submitted in a this section. revised written report (with the revisions indicated) as required under paragraph (g)(6) of this section. (a)(5) Errors discovered in (g)(9) ErrorsThis requirement a written report must be discovered in a would be renumbered corrected in a revisedwritten report must and retained. report with revisionsbe corrected in a indicated.
revised report with revisions indicated. (a)(5) The revised report (g)(10) The revised This requirement must replace the previous report must replace would be renumbered report; the update must be the previousand retained with a complete entity and not report; the update minor grammatical contain only supplementary must be complete changes. or revised information. and not be limited to only supplementary or revised information. (a)(5) Each licensee shall (g)(11) EachThis requirement maintain a copy of thelicensee shallwould be renumbered written report of an event maintain a copy of and retained with submitted under thisthe written report minor revision by section as record for a of an eventadding ``(3)'' period of three years from submitted under after ``three'' the date of the report. this section as [years]. record for a period of three (3) years from the date of the report. (e) Duplicate reports are (h) DuplicateThis requirement not required for events reports are not would be retained that are also reportable in required for events and be renumbered. accordance with Sec. Sec. that are also 50.72 and 50.73 of this reportable in chapter.
accordance with Sec. Sec. 50.72 and 50.73 of this chapter.
[[Page 62804]]
Table 6.--Proposed Part 73 Appendix B [Nuclear Power Reactor Training and Qualification]Current languageProposed language ConsiderationsAppendix B to Part 73....... Appendix B to Part This proposed General Criteria for73.
Paragraph VI and Security Personnel.VI. Nuclear Power header would be Reactor Training added to the and Qualification current appendix B Plan.
to replicate current requirements, ensure continuity between training and qualification programs and requirements for security personnel, and provide for the separation, modification, addition, and clarification of training and qualification requirements as they apply specifically to operating nuclear power reactors. Introduction................ A. GeneralThe phrase ``General Requirements and Requirements and'' Introduction.would be added to this header for formatting purposes. Appendix B, Introduction, A.1. The licensee This requirement Paragraph 1: Securityshall ensure that would retain the personnel who areall individuals who requirement for responsible for theare assigned duties security personnel protection of specialand
to meet minimum nuclear material on site or responsibilities criteria to ensure in transit and for therequired to prevent that they will protection of the facility significant core effectively perform or shipment vehicle against damage and spent their assigned radiological sabotagefuel sabotage,security-related should, like other elements implement thejob duties. The of the physical security Commission-approved phrase ``security system, be required to meet security plans, personnel'' would minimum criteria to ensure licensee response be replaced with that they will effectively strategy, andthe phrase ``all perform their assignedimplementingindividuals'' to security-related job duties. procedures, meet describe the minimum training Commission and qualification determination that requirements to any individual who ensure eachis assigned to individualperform a security possesses thefunction must be knowledge, skills, trained and and abilitiesqualified to required toeffectively perform effectively perform that security the assigned duties function. The and
phrase ``on site or responsibilities. in transit and for the protection of the facility or shipment vehicle'' would be deleted to remove language not applicable to power reactors. The phrase ``against radiological sabotage'' would be replaced with the phrase ``required to prevent core damage and spent fuel sabotage,''. The phrase ``implementation of the Commission- approved security plans, licensee response strategy, and implementing procedures'' would provide a detailed list of programmatic areas for which the licensee must provide effective training and qualification to satisfy the performance objective for protection against radiological sabotage. The word ``should'' would be deleted because training and qualification would be required not suggested. The phrase ``like other elements of the physical security system, be required to meet minimum criteria to ensure that they will effectively perform their assigned security- related job duties'' would be replaced with the phrase ``meet minimum training and qualification requirements to ensure each individual possesses the knowledge, skills, and abilities required to effectively perform the assigned duties and responsibilities'' to describe the Commission determination that minimum training and qualification requirements are met to provide assurance that assigned individuals possess the knowledge, skills, and abilities that are required to effectively perform the assigned function. Appendix B, Introduction: In A.2. To ensure that This requirement order to ensure that those those individuals would retain the individuals responsible for who are assigned to requirement for the security are properlyperform duties and licensee to ensure equipped and qualified to responsibilities that all personnel execute the job dutiesrequired for the assigned security prescribed for them, the implementation of duties and NRC has developed general the Commission- responsibilities criteria that specifyapproved security are properly security personnelplans, licensee trained and qualification requirements. response strategy, qualified. The and implementing word, ``suited'' procedures arewould be added to properly suited, reflect the trained, equipped, suitability and qualified to requirements of the perform theircurrent appendix B. assigned duties and The word, responsibilities, ``trained'' would the Commission has be added to reflect developed minimum the training training andrequirements of the qualificationcurrent appendix B. requirements that must be implemented through a Commission-approved training and qualification plan.[[Page 62805]]
The phrase ``responsible for security'' would be replaced with the phrase ``who are assigned to perform duties and responsibilities required for the implementation of the Commission- approved security plans, licensee response strategy, and implementing procedures'' to identify the major programmatic areas from which security duties are derived. The phrase ``execute the job duties prescribed for them'' would be replaced with the phrase ``perform their assigned duties and responsibilities'' to for consistency with the updated language used in the proposed rule. The acronym ``NRC'' would be replaced with the word ``Commission'' to remove the use of this acronym. The phrase ``general criteria that specify security personnel qualification requirements'' would be replaced with the phrase ``minimum training and qualification requirements'' for consistency with the use of the word ``minimum'' and the phrase ``general criteria that specify''. The phrase ``that shall be implemented through a Commission-approved training and qualification plan'' would be added for consistency with the proposed 10 CFR 73.55. Appendix B, Introduction: A.3. The licensee This requirement for These general criteriashall establish, selection, establish requirements for maintain, andtraining, the selection, training, follow a Commission- equipping, testing, equipping, testing, and approved training and qualification qualification ofand qualification would be retained individuals who will be plan, describing and reformatted to responsible for protecting how the minimum combine two current special nuclear materials, training andrequirements. An nuclear facilities, and qualificationexpansion of the nuclear shipments.requirements set plan requirements Appendix B, Introduction: forth in thiswould describe the When required to haveappendix will be content of an security personnel that met, to include the approved training have been trained,processes by which and qualification equipped, and qualified to all members of the plan that would perform assigned security securitydemonstrate how the job duties in accordance organization, will requirements in the with the criteria in this be selected,appendix are met. appendix, the licensee must trained, equipped, establish, maintain, and tested, and follow a plan that shows qualified. how the criteria will be met. Appendix B, II.D: EachA.4. Each individual This requirement to individual assigned toassigned to perform demonstrate perform the securitysecurity program knowledge, skills related task identified in duties andwould be retained. the licensee physicalresponsibilities The requirement to security or contingency required todemonstrate plan shall demonstrate the effectivelyknowledge, skills, required knowledge, skill, implement theand abilities prior and ability in accordance Commission-approved to assignment would with the specifiedsecurity plans, be added to ensure standards for each task as licensee protective that each stated in the NRC approved strategy, and the individual licensee training andlicenseedemonstrates the qualifications plan.implementingability to apply procedures, shall formal classroom demonstrate the training to knowledge, skills, assigned duties and and abilitiesresponsibilities. required to effectively perform the assigned duties and responsibilities before the individual is assigned the duty or responsibility. Appendix B, Paragraph I.C. * A.5. The licensee This requirement * * shall consider job- shall ensure that would be based upon related functions such as the training and the current strenuous activity,qualificationrequirement of physical exertion, levels program simulates, appendix B, of stress, and exposure to as closely asParagraph I.C., and the elements as theypracticable, the require that due to pertain to eachspecific conditions changes in the individual's assignedunder which the threat environment security job duties for individual shall be that personnel must both normal and emergency required to perform be trained in a operations.
assigned duties and manner which responsibilities. simulates the site specific conditions under which the assigned duties and responsibilities are required to be performed.[[Page 62806]]
Appendix B, Introduction: A.6. The licensee This requirement Security personnel who are may not allow any would be based upon responsible for theindividual tothe current protection of specialperform anyappendix B, nuclear material on site or security function, Introduction. Due in transit and for theassume any security to changes to the protection of the facility duties orthreat environment, or shipment vehicle against responsibilities, this requirement radiological sabotageor return towould identify the should, like other elements security duty,applicability of of the physical security until thatappendix B training system, be required to meet individualand qualification minimum criteria to ensure satisfies thestandards to all that they will effectively training andsecurity-related perform their assignedqualificationduties, whether security-related job duties. requirements of they be performed this appendix and by traditional the Commission- security approved training organization and qualification personnel or other plan, unlessplant staff. specificallyLicensees would be authorized by the required by the Commission.proposed rule to describe how non- security personnel would be trained to perform the specific functions to which they are assigned in accordance with the Commission-approved training and qualification plan, and that non- security personnel would be required to meet the requirements of this proposed appendix that are specifically articulated and necessary to perform the required, specific duty or responsibility assigned. Appendix B, Paragraph I.E. A.7. AnnualThis annual training At least every 12 months, requirements must requirement would central alarm stationbe scheduled at a be retained and operators shall be required nominal twelve (12) revised for to meet the physicalmonth periodicity. consistency with requirements of B.1.b of Annual requirements the proposed Sec. this section, and guards, may be completed up 73.55. The intent armed response personnel, to three (3) months would be to provide and armed escorts shall be before or three (3) regulatory required to meet themonths after the stability and physical requirements of scheduled date. consistency by Paragraphs B.1.b(1) and However, the next requiring annual (2), and C of this section. annual training training at a must be scheduled nominal 12 month twelve (12) months intervals, while from the previously providing for those scheduled dateinstances when a rather than the licensee may not be date the training able to conduct was actuallyannual training on completed.the scheduled date due to site specific conditions or unforseen circumstances. This would provide needed flexibility in accomplishing required training. This requirement would provide for annual training to be conducted up to three (3) months prior to, or three (3) months after the scheduled initial date. However, to insure that the required training period would be not repeatedly extended beyond the required 12 months, this requirement would require that the next subsequent training date be 12 months from the originally scheduled date. The intent would be to provide licensees with the necessary flexibility to resolve scheduling issues due to unexpected circumstances such as forced outages, unforseen weather conditions, and ensure that training would be completed within the minimum required frequency. I. Employment suitability B. EmploymentThis header would be and qualification.suitability and retained without qualification.change. Appendix B, Paragraph I.A. B.1. Suitability.... This header would be Suitability:
retained without change. Appendix B, Paragraph I.A.1. B.1.a. BeforeThis requirement Prior to employment, or employment, orwould be retained assignment to the security assignment to the with only minor organization, an individual securitygrammatical shall meet the following organization, an changes. suitability criteria:individual shall: Appendix B, ParagraphB.1.a.(1) Possess a This requirement to I.A.1.a. Educationalhigh school diploma possess a high development--Possess a high or pass anschool diploma or school diploma or pass an equivalentpass an equivalent equivalent performanceperformanceperformance examination designed to examinationexamination would measure basic job-related designed to measure be retained. The mathematical, language, and basic mathematical, title ``Educational reasoning skills, ability, language, anddevelopment'' would and knowledge, required to reasoning skills, be deleted because perform security job duties. abilities, andit would not be knowledge required needed. The phrase to perform security ``job-related'' duties andwould be deleted responsibilities; because it would be addressed by the phrase ``required to perform''. The word ``job'' would be replaced with the word ``responsibilities' ' to more accurately reflect the skills required. The word ``ability'' would be replaced with the word ``abilities'' to correct grammar.[[Page 62807]]
Appendix B, Paragraph I.A.2. B.1.a.(2) HaveThis age requirement Prior to employment orattained the age of for armed personnel assignment to the security 21 for an armed would be retained. organization in an armed capacity or the age The phrase ``or the capacity, the individual, of 18 for anage of 18 for an in addition to (a) and (b) unarmed capacity; unarmed capacity'' above, must be 21 years of and
would be added to age or older.
specify a minimum age since the current NRC approved training and qualification plans for all licensees requires unarmed members to have attained the age of 18 prior to assignment. Appendix B, ParagraphB.1.a.(3) An unarmed The phrase ``Have no I.A.1.b. Felonyindividual assigned felony convictions convictions--Have no felony to the security involving the use convictions involving the organization may of a weapon'' would use of a weapon and nonot have any felony be deleted because felony convictions that convictions that the proposed rule reflect on the individual's reflect on thewould address this reliability.
individual'srequirement in 10 reliability.CFR 73.18 for an armed member of the security organization. The phrase ``An unarmed individual assigned to the security organization may not have any felony convictions'' would be added to retain the current requirement for unarmed individuals. Appendix B, Paragraph II.C. B.1.b. TheThe ``attested to by The qualifications of each qualification of a security individual must beeach individual to supervisor'' documented and attested by perform assigned requirement would a licensee securityduties andbe retained. The supervisor.
responsibilities phrase ``to perform must be documented assigned duties and by a qualifiedresponsibilities'' training instructor would be added to and attested to by clarify the a securityperformance supervisor.standard for documentation. The phrase ``by a qualified training instructor'' would be added to require that the security supervisor must attest to the fact that the required training for each individual was administered by a qualified instructor and documentation was obtained and properly completed. The word ``licensee'' would be deleted because a contract security supervisor may attest to an individual's qualification. These changes would better describe the requirement for verification and documentation of training by a supervisor. Appendix B, Paragraph I.B. B.2. PhysicalThis header would be Physical and mentalqualifications. retained and the qualifications.
two topics separately addressed. The word ``mental'' is deleted because psychological qualifications are set forth separately. Appendix B, Paragraph I.B.1. B.2.a. GeneralThis header would be Physical qualifications: Physicalretained. The word Qualifications. ``General'' would be added to indicate that site specific physical qualifications would be applicable if not addressed herein. Appendix B, ParagraphB.2.a.(1)The requirement I.B.1.a. Individuals whose Individuals whose would be retained. security tasks and jobduties andThe phrase ``tasks duties are directlyresponsibilities and job duties'' associated with theare directlywould be replaced effective implementation of associated with the with the phrase the licensee physicaleffective``duties and security and contingency implementation of responsibilities'' plans shall have nothe Commission- to reflect current physical weaknesses orapproved security language usage. The abnormalities that would plans, licensee phrase ``licensee adversely affect theirprotectivephysical security performance of assigned strategy, andand contingency security job duties.implementingplans'' would be procedures, may not replaced with the have any physical phrase ``Commission- conditions that approved security would adversely plans, licensee affect theirprotective performance.strategy, and implementing procedures'' to specify the source of the duties and responsibilities. The phrase ``of assigned security job duties'' would be deleted because it would be addressed by the phrase ``whose duties and responsibilities'' at the beginning of this proposed requirement. The phrase ``weaknesses or abnormalities'' would be replaced with ``conditions'' to specify that all physical attributes affecting performance should be considered.[[Page 62808]]
Appendix B, ParagraphB.2.a.(2) Armed and This physical I.B.1.b. In addition to a. unarmed members of examination above, guards, armedthe securityrequirement would response personnel, armed organization shall be retained. escorts, and central alarm be subject to a Proposed revisions station operators shall physicalwould combine two successfully pass aexaminationcurrent physical examinationdesigned to measure requirements, administered by a licensed the individual's reflect current physician. The examination physical ability to language usage, and shall be designed toperform assigned describe the measure the individual's duties andrequirement for physical ability to perform responsibilities as measuring the assigned security jobidentified in the individual's duties as identified in the Commission-approved physical ability to licensee physical security security plans, assure they can and contingency plans.licensee protective perform assigned strategy, andduties. implementing procedures. Appendix B, ParagraphB.2.a.(3) ThisThis physical I.B.1.b. In addition to a. physicalexamination above, guards, armedexamination must be requirement would response personnel, armed administered by a be retained. escorts, and central alarm licensed health Proposed revisions station operators shall professional with would describe the successfully pass afinal determination minimum physical examinationbeing made by a qualifications of administered by a licensed licensed physician the individual physician.
to verify theadministering the individual'sphysical physical capability examination and to perform assigned separate the duties andprofessional responsibilities. qualifications that must be met by the individual(s) administering the physical examination and the person making the determination of the individual's physical capability to perform assigned duties. Appendix B, ParagraphB.2.a.(4) TheThe physical I.B.1.b. Armed personnel licensee shallrequirements shall meet the following ensure that both requirement would additional physicalarmed and unarmed be retained. requirements:
members of theProposed revisions securitydue to changes to organization who the threat are assignedenvironment would security duties and describe the responsibilities minimum physical identified in the requirements for Commission-approved both armed and security plans, the unarmed security licensee protective personnel. strategy, andInclusion of implementingunarmed personnel procedures, meet would be necessary the followingto account for minimum physical those instances requirements, as where the two types required toof security effectively perform personnel share their assignedsimilar duties and duties.responsibilities required to implement the approved plans and procedures. The requirement would not apply to administrative security staff, such as clerks or secretaries, for the performance of their assigned administrative duties and responsibilities. However, should such personnel, or other non-security personnel be assigned to perform security functions required to implement the Commission-approved security plans and implementing procedures, these personnel must be trained and qualified to perform these duties and possess appropriate vision, hearing, and physical capabilities that are required to effectively perform the assigned duties or responsibilities. Appendix B, ParagraphB.2.b. Vision:This header would be I.B.1.b.(1) Vision:
retained. Appendix B, ParagraphB.2.b.(1) For each This requirement I.B.1.b.(1)(a) For each individual, distant would be retained. individual, distant visual visual acuity in acuity in each eye shall be each eye shall be correctable to 20/30correctable to 20/ (Snellen or equivalent) in 30 (Snellen or the better eye and 20/40 in equivalent) in the the other eye withbetter eye and 20/ eyeglasses or contact40 in the other eye lenses.
with eyeglasses or contact lenses. Appendix B, ParagraphB.2.b.(2) NearThis requirement I.B.1.b.(1)(a) Near visual visual acuity,would be retained. acuity, corrected orcorrected or uncorrected, shall be at uncorrected, shall least 20/40 in the better be at least 20/40 eye.
in the better eye. Appendix B, ParagraphB.2.b.(3) Field of This requirement I.B.1.b.(1)(a) Field of vision must be at would be retained. vision must be at least 70 least 70 degrees degrees horizontal meridian horizontal meridian in each eye.
in each eye. Appendix B, ParagraphB.2.b.(4) TheThis requirement I.B.1.b.(1)(a) The ability ability towould be retained. to distinguish red, green, distinguish red, and yellow colors isgreen, and yellow required.
colors is required. Appendix B, ParagraphB.2.b.(5) Loss of This requirement I.B.1.b.(1)(a) Loss ofvision in one eye would be retained. vision in one eye isis disqualifying. disqualifying.[[Page 62809]]
Appendix B, ParagraphB.2.b.(6) Glaucoma This requirement I.B.1.b.(1)(a) Glaucoma is disqualifying, would be retained. shall be disqualifying, unless controlled unless controlled byby acceptable acceptable medical ormedical or surgical surgical means, provided means, provided such medications as may be that medications used for controllingused for glaucoma do not causecontrolling undesirable side effects glaucoma do not which adversely affect the cause undesirable individual's ability to side effects which perform assigned security adversely affect job duties, and provided the individual's the visual acuity and field ability to perform of vision requirementsassigned security stated above are met.job duties, and provided the visual acuity and field of vision requirements stated previously are met. Appendix B, ParagraphB.2.b.(7) On-the-job This requirement I.B.1.b.(1)(a) On-the-job evaluation must be would be retained. evaluation shall be used used for for individuals who exhibit individuals who a mild color vision defect. exhibit a mild color vision defect. Appendix B, ParagraphB.2.b.(8) IfThe vision I.B.1.b.(1)(a) Ifuncorrectedrequirements in uncorrected distance vision distance vision is Paragraphs is not at least 20/40 in not at least 20/40 I.B.1.b.(1)(a) and the better eye, thein the better eye, I.B.1.b.(1)(b) individual shall carry an the individualwould be retained extra pair of corrective shall carry anand combined. The lenses.
extra pair ofphrase ``in the Appendix B, Paragraphcorrective lenses event that the I.B.1.b.(1)(b) Wherein the event that primaries are corrective eyeglasses are the primaries are damaged'' would be required, they shall be of damaged. Corrective added to ensure the safety glass type.eyeglasses must be that the individual of the safety glass would continue to type.
meet minimum vision requirements should one pair be damaged and not usable. The phrase ``carry an extra pair of corrective lenses'' would include any future technological advancements in vision correction and would include glasses and/or contact lenses, or other materials by any name whose purpose would be to correct an individual's vision. Appendix B, ParagraphB.2.b.(9) The use of This requirement I.B.1.b.(1)(c) The use of correctivewould be retained. corrective eyeglasses or eyeglasses or contact lenses shall not contact lenses may interfere with annot interfere with individual's ability to an individual's effectively performability to assigned security jobeffectively perform duties during normal or assigned duties and emergency operations.responsibilities during normal or emergency conditions. Appendix B, ParagraphB.2.c. Hearing: This header would be I.B.1.b.(2) Hearing:
retained. Appendix B, ParagraphB.2.c.(1)The requirement I.B.b.(2)(a) Individuals Individuals may not concerning hearing shall have no hearing loss have hearing loss loss would be in the better ear greater in the better ear retained. than 30 decibels average at greater than 30 Referenced 500 Hz, 1,000 Hz, and 2,000 decibels average at standards would be Hz with no level greater 500 Hz, 1,000 Hz, deleted. The NRC that 40 decibels at any one and 2,000 Hz with staff has frequency (by ISO 389no level greater determined that ``Standard Reference Zero that 40 decibels at reference to for the Calibration ofany one frequency. specific Puritone Audiometer''
calibration (1975) or ANSI S3.6-1969 R.
standards would no 1973) ``Specifications for
longer be necessary Audiometers''). ISO 389 and
and that it would ANSI S3.6-1969 have been
not be appropriate approved for incorporation
to require these by reference by the
standards by this Director of the Federal
proposed rule Register.
because such standards may become outdated and obsolete, and equipment may change due to technological advancements, which would require future rule changes to update the referenced documents. The expectation would be that a licensed professional will perform this examination using professionally accepted standards to include calibration standards for equipment used. Appendix B, ParagraphB.2.c.(2) A hearing This requirement I.B.1.b.(2)(b) A hearing aid is acceptable would be retained. aid is acceptable provided provided suitable suitable testing procedures testing procedures demonstrate auditory acuity demonstrate equivalent to the above auditory acuity stated requirement.equivalent to the hearing requirement. Appendix B, ParagraphB.2.c.(3) The use of This requirement I.B.1.b.(2)(c) The use of a a hearing aid may would be retained. hearing aid shall notnot decrease the decrease the effectiveeffective performance of theperformance of the individual's assignedindividual's security job duties during assigned security normal or emergencyjob duties during operations.
normal or emergency operations. Appendix B, ParagraphB.2.d. Existing This requirement I.B.1.b.(3) Diseases--medical conditions. would be revised to require that the licensee consider all existing medical conditions that would adversely effect performance and not limit consideration to only pre- existing conditions or ``diseases.''[[Page 62810]]
Appendix B, ParagraphB.2.d.(1)The requirement I.B.1.b.(3) * * *Individuals may not concerning medical Individuals shall have no have an established history would be established medical history medical history or retained. Proposed or medical diagnosis of medical diagnosis revisions would epilepsy or diabetes, or, of existing medical require that the where such a conditionconditions which licensee consider exists * * *.
could interfere any existing with or prevent the medical conditions individual from and not limit this effectivelyconsideration to performing assigned only specified duties andconditions. The responsibilities. phrase ``epilepsy or diabetes, or, where such a condition exists'' would be replaced with the phrase ``existing medical conditions which could interfere with or prevent the individual from effectively performing assigned duties and responsibilities'' to state the requirement that the licensee must consider all medical conditions that could adversely affect performance. Appendix B, ParagraphB.2.d.(2) If aThis requirement to I.B.1.b.(3) * * * themedical condition provide medical individual shall provide exists, theevidence that a medical evidence that the individual shall condition can be condition can be controlled provide medical controlled would be with proper medication so evidence that the retained. The that the individual will condition can be phrase ``proper not lapse into a coma or controlled with medication'' is unconscious state while medical treatment replaced with the performing assignedin a manner which phrase ``medical security job duties.does not adversely treatment'' to affect theaccount for individual'sconditions that may fitness-for-duty, be treated without mental alertness, medication and physical condition, future changes in or capability to medicine. The otherwisephrase ``so that effectively perform the individual will assigned duties and not lapse into a responsibilities. coma or unconscious state while'' would be replaced with the phrase ``in a manner which does not adversely affect the individual's fitness-for-duty, mental alertness, physical condition, or capability to otherwise effectively'' to describe the requirement that the ability to perform duties would be the criteria and not be limited to the current specific conditions of coma or unconscious state. The phrase ``job duties'' would be replaced with the phrase ``duties and responsibilities'' to reflect plain language requirements. Appendix B, ParagraphB.2.e. Addiction. This requirement I.B.1.b.(4) Addiction-- Individuals may not regarding addiction Individuals shall have no have anywould be retained. established medical history established medical The word or medical diagnosis of history or medical ``effectively'' habitual alcoholism or drug diagnosis ofwould be added to addiction, or, where such a habitual alcoholism describe the condition has existed, the or drug addiction, requirement that individual shall provide or, where this type the individual must certified documentation of of condition has be able to carry having completed aexisted, theout tasks in a rehabilitation programindividual shall manner that would which would give aprovide certified provide the reasonable degree ofdocumentation of necessary results. confidence that thehaving completed a The phrase ``job individual would be capable rehabilitationduties'' would be of performing assignedprogram which would replaced with the security job duties.give a reasonable phrase ``duties and degree ofresponsibilities'' confidence that the to satisfy plain individual would be language capable ofrequirements. effectively performing assigned duties and responsibilities. Appendix B, ParagraphB.2.f. OtherThis requirement to I.B.1.b.(5) Other physical physicalprovide medical requirements--An individual requirements. An evidence of who has been incapacitated individual who has recovery from an due to a serious illness, been incapacitated incapacitation injury, disease, ordue to a serious would be retained. operation, which couldillness, injury, The phrase ``job interfere with thedisease, orduties'' would be effective performance of operation, which replaced with the assigned security jobcould interfere phrase ``duties and duties shall, prior towith the effective responsibilities'' resumption of such duties, performance offor consistency provide medical evidence of assigned duties and with other proposed recovery and ability to responsibilities rule and plain perform such security job shall, beforelanguage duties.
resumption ofrequirements. assigned duties and responsibilities, provide medical evidence of recovery and ability to perform these duties and responsibilities. Appendix B, Paragraph I.B.2. B.3. Psychological This mental Mental qualifications:qualifications: qualifications requirement would be retained. The word ``mental'' would be replaced by the word ``psychological'' to be consistent with other proposed changes and plain language requirements.[[Page 62811]]
Appendix B, ParagraphB.3.a. Armed and This requirement to I.B.2.a. Individuals whose unarmed members of demonstrate good security tasks and jobthe securityjudgement, ability duties are directlyorganization shall to implement associated with thedemonstrate the instructions/tasks, effective implementation of ability to apply and to communicate the licensee physicalgood judgment,would be retained. security and contingency mental alertness, The phrase plans shall demonstrate the capability to ``Individuals whose mental alertness and the implementsecurity tasks and capability to exercise good instructions and job duties are judgment, implementassigned tasks, and directly associated instructions, assimilate possess the acuity with the effective assigned security tasks, of senses andimplementation of and possess the acuity of ability ofthe licensee senses and ability ofexpressionphysical security expression sufficient to sufficient toand contingency permit accuratepermit accurate plans'' would be communication by written, communication by replaced with the spoken, audible, visible, written, spoken, phrase ``Armed and or other signals required audible, visible, unarmed members of by assigned job duties. or other signals the security required byorganization'' to assigned duties and describe the responsibilities. requirement that these mental requirements are minimum standards that must apply to both armed and unarmed security personnel because they share similar duties and responsibilities for the physical protection of the site. Appendix B, ParagraphB.3.b. A licensed The requirement I.B.2.b. Armed individuals, clinicalregarding emotional and central alarm station psychologist,instability would operators, in addition to psychiatrist, or be retained. The meeting the requirement physician trained phrase ``Armed stated in Paragraph a.in part to identify individuals, and above, shall have noemotionalcentral alarm emotional instability that instability shall station operators'' would interfere with the determine whether would be replaced effective performance of armed members of with the phrase assigned security jobthe security``armed members of duties. The determination organization and the security shall be made by a licensed alarm stationorganization and psychologist oroperators inalarm station psychiatrist, or physician, addition to meeting operators'' to or other personthe requirement refer to both alarm professionally trained to stated in Paragraph station operators, identify emotionala. of this section, and for consistency instability.
have no emotional with the instability that terminology used in would interfere the proposed rule. with the effective performance of assigned duties and responsibilities. Appendix B, ParagraphB.3.c. A person Section B.3.c. would I.B.2.b. Armed individuals, professionallybe added to and central alarm station trained to identify describe that these operators, in addition to emotionalemotional meeting the requirement instability shall instability stated in Paragraph a.determine whether requirements are above, shall have nounarmed members of minimum standards emotional instability that the securitythat must apply to would interfere with the organization in armed and unarmed effective performance of addition to meeting security personnel assigned security jobthe requirement because they share duties. The determination stated in Paragraph similar duties and shall be made by a licensed a. of this section, responsibilities psychologist orhave no emotional for the physical psychiatrist, or physician, instability that protection of the or other personwould interfere site. professionally trained to with the effective identify emotionalperformance of instability.
assigned duties and responsibilities. Appendix B, Paragraph I.C. B.4. MedicalThis header would be Medical examinations and examinations and retained. physical fitnessphysical fitness qualifications.qualifications. Appendix B, Paragraph I.C. B.4.a. Armed members This medical Guards, armed responseof the security examination personnel, armed escorts organization shall requirement would and other armed security be subject to a be retained. force members shall bemedical examination Current given a medical examination by a licensedrequirements for an including a determination physician, toexamination and and written certification determine thecertification would by a licensed physician individual'sbe reformatted to that there are no medical fitness toseparate the two contraindications asparticipate inrequirements in disclosed by the medical physical fitness order to specify examination to
tests.
the requirements participation by the
for medical individual in physical
examinations and fitness tests.
certifications. Appendix B, Paragraph I.C. B.4.a. The licensee This requirement for Guards, armed responseshall obtain and written personnel, armed escorts retain a written certification would and other armed security certification from be retained. force members shall bethe licensedCurrent given a medical examination physician that no requirements for an including a determination medical conditions examination and and written certification were disclosed by certification would by a licensed physician the medicalbe reformatted to that there are no medical examination that separate the two contraindications aswould preclude the requirements in disclosed by the medical individual'sorder to specify examination to
ability tothe requirements participation by theparticipate in the for medical individual in physicalphysical fitness examinations and fitness tests.
tests or meet the certifications. The physical fitness licensee must attributes orobtain and retain a objectiveswritten associated with certification from assigned duties. the licensed physician who performed the examination, which clearly states that the individual has no medical condition that would cause the licensee to doubt the individual's ability to perform the physical requirements of the fitness test and therefore, could not effectively perform assigned duties. The phrase ``associated with assigned duties'' would be added to require that the test simulates the conditions under which the assigned duties and responsibilities are required to be performed.[[Page 62812]]
Appendix B, Paragraph I.C. B.4.b. BeforeThis medical Subsequent to this medical assignment, armed examination and examination, guards, armed members of thephysical fitness response personnel, armed securityrequirement would escorts and other armed organization shall be retained. The security force membersdemonstratephrase ``guards, shall demonstrate physical physical fitness armed response fitness for assignedfor assigned duties personnel, armed security job duties byand
escorts and other performing a practicalresponsibilities by armed security physical exercise program performing aforce members'' within a specific timepractical physical would be replaced period.
fitness test.with the phrase ``armed members of the security organization'' for consistency with terminology used in the proposed rule. The phrase ``security job duties'' would be replaced with the phrase ``assigned duties and responsibilities'' for consistency with terminology used in the proposed rule. The phrase ``exercise program'' would be replaced with the phrase ``practical physical fitness test'' for consistency with terminology used in the proposed rule. The term ``practical'' would mean that the test must be representative of the physical requirements of duties and responsibilities assigned to armed members of the security organization. The phrase ``specific time period'' would be deleted because specific time periods are delineated in Commission-approved security plans. Appendix B, Paragraph I.C. B.4.b.(1) TheThis requirement The exercise programphysical fitness related to physical performance objectivestest must consider conditions would be shall be described in the physical conditions retained. The license training andsuch as strenuous phrase ``and shall qualifications plan and activity, physical consider job- shall consider job-related exertion, levels of related functions functions such as strenuous stress, andsuch as strenuous activity, physicalexposure to the activity, physical exertion, levels of stress, elements as they exertion, levels of and exposure to thepertain to each stress, and elements as they pertain to individual'sexposure to the each individual's assigned assigned security elements as they security job duties for job duties for both pertain to each both normal and emergency normal andindividual's operations.
emergencyassigned security operations and must job duties for both simulate sitenormal and specific conditions emergency under which the operations'' is individual will be replaced with the required to perform phrase ``The assigned duties and physical fitness responsibilities. test must consider physical conditions such as strenuous activity, physical exertion, levels of stress, and exposure to the elements as they pertain to each individual's assigned security job duties for both normal and emergency operations'' for consistency with the terminology used by the proposed rule. The phrase ``and shall simulate site specific conditions under which the individual will be required to perform assigned duties and responsibilities'' would be added to specify that site specific conditions such as facility construction and layout, weather, terrain, elements, should be simulated to the extent reasonably practical. Appendix B, Paragraph I.C. B.4.b.(2) TheThis approved plan The exercise programlicensee shallrequirement would performance objectivesdescribe thebe retained and shall be described in the physical fitness separated to license training andtest in theaddress this qualifications plan * * *. Commission-approved requirement training andindividually. The qualification plan. phrase ``The exercise program performance objectives shall be described in the license training and qualifications plan'' would be replaced with the phrase ``The licensee shall describe the physical fitness test in the Commission-approved training and qualification plan'' to reflect plain language requirements. Appendix B, Paragraph I.C. * B.4.d.(3) TheThis requirement * * shall consider job- physical fitness would be based on related functions such as test must include the current strenuous activity,physical attributes appendix B, physical exertion, levels and performance Paragraph I.C. and of stress, and exposure to objectives which would require that the elements as theydemonstrate the the licensee pertain to eachstrength,include, as part of individual's assignedendurance, andthe physical security job duties for agility, consistent fitness test, both normal and emergency with assignedperformance operations.
duties in theobjectives that are Commission-approved designed to security plans, demonstrate the licensee protective ability of each strategy, andindividual to meet implementingthe physical procedures during attributes required normal andof assigned duties emergencyand conditions.responsibilities.
[[Continued on page 62813]]
From the Federal Register Online via GPO Access [wais.access.gpo.gov] ]
[[pp. 62813-62862]] Power Reactor Security Requirements[[Continued from page 62812]]
[[Page 62813]]
Appendix B, Paragraph I.C. B.4.b(4) TheThis documentation The physical fitnessphysical fitness and attesting qualification of eachqualification of requirement would guard, armed responseeach armed member be retained. This person, armed escort, and of the security requirement would other security force member organization must be intended to shall be documented and be documented by a include adequate attested to by a licensee qualified training oversight and security supervisor.instructor andverification of attested to by a qualification while security supervisor. providing flexibility to the licensee to determine how to best use management resources. The phrase ``by a qualified training instructor'' would be added to specify the training instructor observes and documents that the qualification criteria are met while the security supervisor attests to the fact that the required training for each individual was administered by a qualified instructor and documentation was obtained and properly completed. The word ``licensee'' would be deleted because the proposed rule would permit a contract security supervisor to attest to an individual's qualification. The phrase ``guard, armed response person, armed escort, and other security force member'' would be replaced with the phrase ``each armed member of the security organization'' for consistency with the terminology used in the proposed rule. Appendix B, Paragraph I.E. B.5. PhysicalThis header would be Physical requalification-- requalification. retained. Appendix B, Paragraph I.E. B.5.a. At least This requirement to At least every 12 months, annually, armed and demonstrate the central alarm stationunarmed members of capability to meet operators shall be required the securitythe physical to meet the physicalorganization shall requirements would requirements of B.1.b of be required tobe retained. The this section, and guards, demonstrate the phrase ``every 12 armed response personnel, capability to meet months'' would be and armed escorts shall be the physicalreplaced with the required to meet therequirements of word ``annually'' physical requirements of this appendix and to specify that Paragraphs B.1.b (1) and the licenseeannual requirements (2), and C of this section. training andmust be scheduled qualification plan. at a nominal 12 month periodicity but may be conducted up to three (3) months prior to three (3) months after the scheduled date with the next scheduled date 12 months from the originally scheduled date. This requirement would be intended to provide flexibility to the licensee to account for those instances when site specific conditions, such as outages, preclude conducting requalification at the scheduled dates, while ensuring that the intent of the requirement would be still met without requiring the next scheduled date to be changed to correspond with the month in which the requalification is performed. Appendix B, Paragraph I.E. B.5.b. The physical This documentation The physical fitnessrequalification of and attesting qualification of eacheach armed andrequirement would guard, armed responseunarmed member of be retained. This person, armed escort, and the securityrequirement would other security force member organization must be intended to shall be documented and be documented by a include adequate attested to by a licensee qualified training oversight and security supervisor.instructor andverification of attested to by a qualification while security supervisor. providing flexibility to the licensee to determine how to best use management resources. The phrase ``by a qualified training instructor'' would be added to specify the training instructor observes and documents that the qualification criteria is met while the security supervisor attests to the fact that the required documentation is retained and properly completed. The phrase ``guard, armed response person, armed escort, and other security force member'' would be replaced with the phrase ``each armed and unarmed member of the security organization'' for consistency with the terminology used in the proposed rule. The word ``licensee'' would be deleted because the proposed rule would permit a contract security supervisor attest to an individual's qualification.[[Page 62814]]
II. Training andC. Duty training.... This new header qualifications.
would be added to provide a section under which the current and proposed non- weapons-related training requirements may be grouped. Appendix B, Paragraph II.A. C.1. Duty training This training Training requirements. Each and qualification requirement would individual who requires requirements. All be retained and training to performpersonnel who are revised to combine assigned security-related assigned to perform the two current job tasks or job duties as any security-requirements of identified in the licensee related duty or appendix B, physical security orresponsibility, Paragraph II.A. and contingency plans shall, shall be trained II.B. This prior to assignment, be and qualified to requirement would trained to perform these perform assigned account for those tasks and duties induties andinstances where the accordance with theresponsibilities to licensee may use, licensee or the licensee's ensure that each in addition to agent's documented training individualmembers of the and qualifications plan. possesses thesecurity Appendix B, Paragraph II.B.. minimum knowledge, organization, site Qualification requirement. skills, andpersonnel from Each person who performs abilities required outside of the security-related job tasks to effectivelysecurity or job duties required to carry out those organization to implement the licenseeassigned duties and perform security physical security orresponsibilities. related duties, contingency plan shall,
such as, but not prior to being assigned to
limited to, these tasks or duties, be
escorts, tampering, qualified in accordance
detection, and with the licensee's NRC-
compensatory approved training and
measures. The qualifications plan.
Commission views are that security personnel must obtain the requisite knowledge, skills, and abilities of all security- related duties prior to unsupervised assignment. Appendix B, Paragraph II.D. C.1.a. The areas of This requirement The areas of knowledge, knowledge, skills, would be retained skills, and abilities that and abilities that and revised to shall be considered in the are required to replace the current licensee's training and perform assigned list of 100 topic qualifications plan are as duties andareas with a follows:
responsibilities requirement for the[NOTE: The list of 100must be identified licensee to provide specific training subjects in the licensee's a site specific is omitted here forCommission-approved list in the conservation of space.] . training andapproved security qualification plan. plans and specify assigned duties in the training and qualification plan. The Commission has determined that the current list would no longer be necessary to ensure that the listed topic areas are addressed by each licensee. In accordance with this proposed appendix, all licensees are required to ensure that all personnel are trained and qualified to perform their assigned duties and responsibilities. Those requirements would encompass topics that are currently listed, making it unnecessary to specifically list the 100 areas of knowledge, skills, and abilities. Appendix B, Paragraph II.A. C.1.b. EachThis training Each individual whoindividual who is requirement would requires training toassigned duties and be retained. The perform assigned security- responsibilities requirement would related job tasks or job identified in the specify training of duties as identified in the Commission-approved all individuals licensee physical security security plans, assigned to perform or contingency plans shall, licensee protective security functions prior to assignment, be strategy, andrequired to trained to perform these implementingimplement the tasks and duties inprocedures shall, Commission-approved accordance with thebefore assignment,: security plans, licensee or the licensee's (1) be trained to licensee response agent's documented training perform assigned strategy, and and qualifications plan. duties andimplementing responsibilities in procedures. The accordance with the phrase ``requires requirements of training to perform this appendix and assigned security- the Commission- related job tasks approved training or job duties as'' and qualification would be replaced plan.
with the phrase ``is assigned duties and responsibilities'' to reflect changes to terminology used. The phrase ``in the licensee physical security or contingency'' would be replaced with the phrase ``Commission- approved security plans, licensee protective strategy, and implementing procedures'' to reflect changes to terminology used. The phrase ``these tasks and duties'' would be replaced with the phrase ``assigned duties and responsibilities'' to reflect changes to terminology used. The phrase ``licensee or the licensee's agent's documented training and qualifications plan'' would be replaced with the phrase ``requirements of this appendix and the Commission- approved training and qualification plan'' to reflect changes to terminology used.[[Page 62815]]
Appendix B, Paragraph II.B. C.1.b. (2) meet the This qualification Each person who performs minimumrequirement would security-related job tasks qualificationbe retained. The or job duties required to requirements of requirement would implement the licenseethis appendix and specify the physical security orthe Commission- qualification contingency plan shall, approved training standard for all prior to being assigned to and qualification individuals these tasks or duties, be plan.
assigned to perform qualified in accordance
security functions with the licensee's NRC-
required to approved training and
implement the qualifications plan.
Commission-approved security plans, licensee response strategy, and implementing procedures. The phrase ``be qualified in accordance with'' would be replaced with the phrase ``meet the minimum qualification requirements of this appendix and'' to specify that the approved T&Q plan implements the requirements of this proposed rule. The phrase ``licensee's NRC- approved'' would be replaced with the phrase ``Commission approved'' to reflect changes to terminology used. Appendix B, Paragraph II.A. C.1.b. (3) beThis requirement Training Requirements--Each trained andwould be based on individual who requires qualified in the the current training to performuse of allappendix B, assigned security-related equipment orParagraph II.A. and job tasks or job duties as devices required to specify the identified in the licensee effectively perform requirement for physical security orall assigned duties training in the use contingency plans shall, and
of equipment prior to assignment, be responsibilities. required to trained to perform these
effectively perform tasks and duties in
all assigned duties accordance with the
and licensee or licensee's
responsibilities. agent's documented training
The Commission and qualification plan.
views this as facilitating the performance objective of the proposed Sec. 73.55 B.1. C.2. On-the-job This new header training.would be added for consistency with the format of this proposed paragraph. This new topic area would be intended to specify the requirement that the licensee training and qualification program must include an on-the- job training program to ensure that assigned personnel have demonstrated an acceptable level of performance and proficiency within the actual work environment, prior to assignment to an unsupervised position. Appendix B, Paragraph II.A. C.2.a. The licensee This new requirement Training Requirements--Each training andwould be based on individual who requires qualificationthe current training to performprogram mustappendix B, assigned security-related include on-the-job Paragraph II.A. and job tasks or job duties as trainingwould specify the identified in the licensee performancerequirement that physical security orstandards andthe licensee contingency plans shall, criteria to ensure include on-the-job prior to assignment, be that eachtraining as part of trained to perform these individualthe training and tasks and duties indemonstrates the qualification accordance with therequisiteprogram to ensure licensee or licensee'sknowledge, skills, each individual agent's documented training and abilitiesdemonstrates, in an and qualification plan. needed toon-the-job setting, Appendix B, Paragrapheffectively carry- an acceptable level I.B.1.b.(1)(a) On-the-job out assigned duties of performance and evaluation shall be used and
proficiency to for individuals who exhibit responsibilities in carry-out assigned a mild color vision defect. accordance with the duties and Commission-approved responsibilities security plans, prior to an licensee protective assignment. The strategy, andexpectation would implementingbe that on-the-job procedures, before training would be the individual is conducted by assigned the duty qualified security or responsibility. personnel who will observe the trainee's performance and provide input for improvement and final qualification of the trainee and allow each individual to develop and apply, in a controlled but realistic training environment, the knowledge, skills, and abilities presented in formal and informal classroom settings. This requirement would be in addition to licensee specific classroom training that may include instruction on security practices and theory and other training activities for security-related duties.[[Page 62816]]
Appendix B, Paragraph II. A. C.2.b. In addition This new requirement Training Requirements--Each to meeting thewould be based on individual who requires requirement stated the current training to performin paragraphappendix B, assigned security-related C.2.a., beforeParagraph II.A. and job tasks or job duties as assignment,would specify the identified in the licensee individualsrequirement for on- physical security orassigned duties and the-job training. contingency plans shall, responsibilities to This requirement prior to assignment, be implement thewould specify that trained to perform these Safeguards40 hours is the tasks and duties inContingency Plan minimum time for accordance with theshall complete a practical skill licensee or licensee'sminimum of 40 hours development and agent's documented training of on-the-jobperformance and qualification plan. training todemonstration demonstrate their necessary to fully ability toassess an effectively apply individual's the knowledge,knowledge, skills, skills, andand abilities to abilities required effectively carry- to effectivelyout assigned duties perform assigned and duties andresponsibilities responsibilities in prior to assignment accordance with the to an unsupervised approved security position. This plans, licensee requirement would protectivebe in addition to strategy, andformal and informal implementingclassroom procedures. On-the- instruction. The job training must phrase ``by a be documented by a qualified training qualified training instructor'' would instructor andbe added to require attested to by a that the security security supervisor. supervisor must attest to the fact that the required training for each individual was administered by a qualified instructor and documentation was obtained and properly completed. Appendix B, ParagraphC.2.c. On-the-job This new requirement I.B.1.b.(1)(a) On-the-job training forwould be based on evaluation shall be used contingencythe current for individuals who exhibit activities andrequirements a mild color vision defect. drills mustappendix B, Appendix B, Paragraph I.C. include, but is not Paragraph II.A. and The exercise programlimited to, hands- appendix B, performance objectiveson application of Paragraph II.D. shall be described in the knowledge, skills, This requirement license training andand abilitieswould provide a qualifications plan and related to:list of minimum shall consider job-related (1) Response team generic topics functions such as strenuous duties..which are activity, physical(2) Use of force.... applicable to all exertion, levels of stress, (3) Tacticalsites and must be and exposure to themovement..addressed, but are elements as they pertain to (4) Cover andnot intended to each individual's assigned concealment..limit the licensee security job duties for (5) Defensive-such that site both normal and emergency positions..specific topics are operations.
(6) Fields-of-fire.. not also included. Appendix B, Paragraph II. A. (7) Re-deployment... This requirement Training Requirements--Each (8) Communications would also specify individual who requires (primary andthat the licensee training to performalternate)..identify and assigned security-related (9) Use of assigned document in the job tasks or job duties as equipment..training and identified in the licensee (10) Target sets.... qualification plan, physical security or(11) Table topthe specific contingency plans shall, drills..knowledge, skills, prior to assignment, be (12) Command and and abilities trained to perform these control duties.. required by each tasks and duties in
individual to accordance with the
perform their licensee or licensee's
assigned duties and agent's documented training
responsibilities and qualification plan.
and would Appendix B, Paragraph II.D.
generically include The areas of knowledge,
any specific items skills, and abilities that
that are currently shall be considered in the
listed in the licensee's training and
current appendix B, qualifications plan are as
Paragraph II.D., follows:.
and therefore,[NOTE: The list of one
would require that hundred specific training
any applicable subjects is omitted here
topics from the for conservation of space.] .
deleted list are addressed. C.3. TacticalThis new header response teamwould be added for drills andformatting. exercises. Appendix B, Paragraph II. A. C.3.a. Licensees This requirement Training Requirements--Each shall demonstrate would be based on individual who requires responsethe current training to performcapabilitiesappendix B, assigned security-related through aParagraph II.A. Due job tasks or job duties as performanceto changes in the identified in the licensee evaluation program threat environment, physical security oras described in the requirement contingency plans shall, appendix C to this would specify that prior to assignment, be part.
the licensee trained to perform these
develop and follow tasks and duties in
a performance accordance with the
evaluation program licensee or licensee's
designed to agent's documented training
demonstrate the and qualification plan.
effectiveness of the onsite response capabilities. Appendix B, Paragraph II. A. C.3.b. The licensee This requirement Training Requirements--Each shall conductwould be based on individual who requires drills andthe current training to performexercises inappendix B, assigned security-related accordance with Paragraph II.A. Due job tasks or job duties as Commission-approved to changes in the identified in the licensee security plans, threat environment, physical security orlicensee protective the requirement contingency plans shall, strategy, andwould specify that prior to assignment, be implementingthe licensee trained to perform these procedures.conduct drills and tasks and duties in
exercises to accordance with the
demonstrate the licensee or licensee's
effectiveness of agent's documented training
security plans, and qualification plan.
licensee protective strategy, and implementing procedures.[[Page 62817]]
Appendix B, Paragraph II. A. C.3.b.(1) Drills and This requirement Training Requirements--Each exercises must be would be based on individual who requires designed tothe current training to performchallengeappendix B, assigned security-related participants in a Paragraph II.A. Due job tasks or job duties as manner whichto changes in the identified in the licensee requires eachthreat environment, physical security orparticipant tothe requirement contingency plans shall, demonstratewould specify that prior to assignment, be requisitethe licensee trained to perform these knowledge, skills, conduct drills and tasks and duties inand abilities.exercises that are accordance with the
designed to licensee or licensee's
demonstrate each agent's documented training
participants and qualification plan.
requisite knowledge, skills, and abilities to perform security responsibilities. Appendix B, Paragraph II. A. C.3.b.(2) Tabletop This requirement Training Requirements--Each exercises may be would be based on individual who requires used to supplement the current training to performdrills andappendix B, assigned security-related exercises toParagraph II.A. Due job tasks or job duties as accomplish desired to changes in the identified in the licensee training goals and threat environment, physical security orobjectives.the requirement contingency plans shall,
would convey the prior to assignment, be
Commission view trained to perform these
that licensees may tasks and duties in
use tabletop accordance with the
exercises to licensee or licensee's
supplement drills agent's documented training
and exercises as a and qualification plan.
means of achieving training goals and objectives. D. DutyThis new header qualification and would be added for requalification. formatting purposes. The word ``duty'' would be used to clarify that the following sections relate to non-weapons training topics. D.1. Qualification This new header demonstration.would be added for formatting purposes. Sec. 73.55(b)(4)(i) Upon D.1.a. Armed and This requirement the request of anunarmed members of would be based on authorized representative the securitythe current of the Commission, theorganization shall requirement of 10 licensee shall demonstrate demonstrate the CFR 73.55(b)(4)(i). the ability of the physical required knowledge, Due to changes in security personnel to carry skills, andthe threat out their assigned duties abilities to carry environment, it is and responsibilities.out assigned duties the Commission's and
view that licensees responsibilities as must be able to stated in thedemonstrate the Commission-approved ability of security security plans, personnel to carry licensee protective out their assigned strategy, andduties and implementingresponsibilities. procedures. Sec. 73.55(b)(4)(i) Upon D.1.b. ThisThis requirement the request of andemonstration must would be based on authorized representative include an annual the current of the Commission, thewritten exam and requirement of 10 licensee shall demonstrate hands-onCFR 73.55(b)(4)(i) the ability of the physical performanceand would specify a security personnel to carry demonstration.licensee out their assigned duties
requirement to and responsibilities.
perform written examinations and hands-on performance tests to demonstrate knowledge of the skill or ability being tested. The Commission's view is that written examinations and hands-on performance tests are two components that are necessary to demonstrate the overall qualification and proficiency of an individual performing security duties. Sec. 73.55(b)(4)(i) Upon (1) Written Exam. This requirement the request of anThe written exams would be based on authorized representative must include those the current of the Commission, theelements listed in requirement of 10 licensee shall demonstrate the Commission- CFR 73.55(b)(4)(i). the ability of the physical approved training Due to changes in security personnel to carry and qualification the threat out their assigned duties plan and shallenvironment, the and responsibilities.require a minimum rule would require score of 80 percent a minimum exam to demonstrate an score of 80 percent acceptableusing accepted understanding of training and assigned duties and evaluation responsibilities, techniques. The to include theCommission has recognition ofdetermined that a potential tampering score of 80 percent involving bothdemonstrates the safety and security minimum level of equipment andunderstanding and systems. (2) Hands- familiarity of the on Performancematerial acceptable Demonstration.and would be Armed and unarmed consistent with members of theminimum scores securitycommonly accepted organization shall throughout the demonstrate hands- Nuclear Industry. on performance for assigned duties and responsibilities by performing a practical hands-on demonstration for required tasks. The hands-on demonstration must ensure that theory and associated learning objectives for each required task are considered and each individual demonstrates the knowledge, skills, and abilities required to effectively perform the task.[[Page 62818]]
Sec. 73.55(b)(4)(i) Upon D.1.c. Upon request This requirement the request of anby an authorized would be based upon authorized representative representative of the current of the Commission, thethe Commission, any requirement of 10 licensee shall demonstrate individual assigned CFR 73.55(b)(4)(i) the ability of the physical to perform anyand would include, security personnel to carry security-related upon request, that out their assigned duties duty oran individual and responsibilities.responsibilityassigned security shall demonstrate duties or the requiredresponsibilities knowledge, skills, demonstrate and abilities for knowledge, skills each assigned duty and abilities and responsibility, required for such as stated in the assignments or Commission-approved responsibilities. security plans, This requirement licensee protective would be distinct strategy, orfrom the required implementingannual written procedures.demonstration above and would be necessary for regulatory consistency. This rule would require that any individual who is assigned to perform any security-related duty or responsibility must demonstrate their capability to effectively perform those assigned duties or responsibilities when requested, regardless of the individual's specific organizational affiliation. These demonstrations would provide the Commission with independent verification and validation that individuals can actually perform their assigned security duties. Appendix B, Paragraph II.E. D.2. Requalification This header would be Requalification--
retained. Appendix B, Paragraph II.E. D.2.a. Armed and This requalification Security personnel shall be unarmed members of requirement would requalified at least every the securitybe retained and 12 months to performorganization shall revised to combine assigned security-related be requalified at two requirements of job tasks and duties for least annually in the current both normal and contingency accordance with the appendix B, operations.
requirements of Paragraph II.E. The Appendix B, Paragraph II.E. this appendix and rule would require Requalification shall be in the Commission- that armed and accordance with the NRC- approved training unarmed members of approved licensee training and qualification the security and qualifications plan. plan.
organization must be requalified annually to demonstrate that each individual continues to be capable of effectively performing assigned duties and responsibilities. The phrase ``Security personnel'' would be replaced with the phrase ``Armed and unarmed members of the security organization'' for consistency with the proposed rule. The phrase ``every 12 months'' would be replaced with the word ``annual'' for consistency with the proposed rule. Appendix B, Paragraph II.E. D.2.b. The results The requalification The results of
of requalification requirement would requalification must be must be documented be retained. The documented and attested by by a qualifiedproposed rule would a licensee securitytraining instructor require that the supervisor.
and attested by a licensee provide security supervisor. adequate oversight and verification of qualification process. The phrase ``by a qualified training instructor'' would be added to specify that the training instructor observes and documents that qualification criteria is met while the security supervisor attests to the fact that the required documentation is retained and properly completed. The word ``licensee'' would be deleted to provide flexibility to the licensee to determine the best use of management resources and to specify that contract security supervisors may be used to satisfy this requirement. III. Weapons training and E. Weapons training. This header would be Qualification.
retained and revised. The word ``Qualification'' would be deleted because ``qualification'' is addressed individually in this proposed rule. E.1. GeneralThis new header is firearms training. added for formatting purposes.[[Page 62819]]
Appendix B, Paragraph III.A. E.1.a. Armed members This training Guards, armed responseof the security requirement would personnel and armed escorts organization shall be retained and requiring weapons training be trained andrevised to specify to perform assignedqualified inthat the training security related job tasks accordance with the be conducted in or job duties shall berequirements of accordance with the trained in accordance with this appendix and appendix and the licensees' documented the Commission- training and weapons training programs. approved training qualification and qualification plans. The phrase plan.
``Guards, armed response personnel and armed escorts'' would be replaced with the phrase ``Armed members of the security organization'' for consistency with language used in the proposed rule. The phrase ``requiring weapons training to perform assigned security related job tasks or job duties'' would be deleted because that requirement is implied in the proposed rule language. The phrase ``licensees' documented weapons training programs'' would be replaced with the phrase ``Commission- approved training and qualification plan'' for consistency with language used in the proposed rule. E.1.b. Firearms This new header instructors.would be added for formatting purposes. Appendix B, Paragraph III.A. E.1.b.(1) Each armed This requirement Each individual shall be member of thewould be based on proficient in the use of securitythe current his assigned weapon(s) and organization shall appendix B, shall meet prescribedbe trained andParagraph III.A. standards in the following qualified by aand would be areas:
certified firearms revised to instructor for the incorporate current use and maintenance requirements in of each assigned approved training weapon to include and qualification but not limited to, plans. qualification scores, assembly, disassembly, cleaning, storage, handling, clearing, loading, unloading, and reloading, for each assigned weapon. Appendix B, Paragraph III.A. E.1.b.(2) Firearms This requirement Each individual shall be instructors shall would be based on proficient in the use of be certified from a the current his assigned weapon(s) and national or State appendix B, shall meet prescribedrecognized entity. Paragraph III.A. standards in the following
and revised to areas:
require that licensees only use certified instructors. It is the Commission view that certification would be required from a national or State recognized entity such as Federal, State military or nationally recognized entities such as National Rifle Association (NRA), International Association of Law Enforcement Firearms Instructors (IALEFI). Appendix B, Paragraph III.A. E.1.b.(3)This requirement Each individual shall be Certification must would be based on proficient in the use of specify the weapon the current his assigned weapon(s) and or weapon type(s) appendix B, shall meet prescribedfor which theParagraph III.A. standards in the following instructor isand revised to areas:
qualified to teach. establish minimum standards for those conducting firearms instruction. This requirement would not intend that each firearm instructor be certified on the different manufacturers or brands, but rather that certification be obtained by weapon type such as handgun, shotgun, rifle, machine gun, or other enhanced weapons since each type requires different skills and abilities. Appendix B, Paragraph III.A. E.1.b.(4) Firearms This requirement Each individual shall be instructors shall would be based upon proficient in the use of be recertified in the current his assigned weapon(s) and accordance with the appendix B, shall meet prescribedstandardsParagraph III.A. standards in the following recognized by the and revised to areas:
certifying national establish minimum or state entity, standards for those but in no caseconducting firearms shall re-instruction. certificationFirearms instructor exceed three (3) skills are years.
perishable and therefore the proposed rule would require periodic re- qualification to demonstrate proficiency. The Commission has determined that three (3) years is a commonly accepted interval for re- certification throughout the firearms community.[[Page 62820]]
Appendix B, Paragraph IV. E.1.c. AnnualThis requirement Qualification firing for firearmswould be based upon the handgun and the rifle familiarization. the current must be for daylightThe licensee shall appendix B, firing, and each individual conduct annualParagraph IV. Due shall perform night firing firearmsto changes in the for familiarization with familiarization threat environment, assigned weapon(s).training inthe Commission Appendix B, Paragraph IV. accordance with the seeks to establish Each individual shall be Commission-approved minimum standards requalified at least every training andfor weapons 12 months.
qualification plan. familiarization. This requirement would require individuals receive basic firearms familiarization and skills training with each weapon type such as nomenclature, stance, grip, sight alignment, sight stance, grip, sight alignment, sight picture, trigger squeeze, safe handling, range rules, prior to participating in a qualifying course of fire. The specifics of the familiarization must be included in the Commission- approved plan. Appendix B, Paragraph III.A. E.1.d. TheThis proposed rule Each individual shall be Commission-approved would retain the proficient in the use of training andcurrent standards his assigned weapon(s) and qualification plan listed in appendix shall meet prescribedshall include, but B, Paragraph III.A standards in the following is not limited to, as weapons training areas:
the followingareas to be 1. Mechanical assembly,areas:
addressed in the disassembly, range(1) MechanicalCommission-approved penetration capability of assembly,T&Q plan. Due to weapon, and bull's-eyedisassembly, range changes in the firing..
penetrationthreat environment, 2. Weapons cleaning andcapability ofit is the storage..
weapon, and bull's- Commission view 3. Combat firing, day and eye firing..that additional night..
(2) Weapons cleaning areas of 4. Safe weapons handling.... and storage..demonstrated weapon 5. Clearing, loading,(3) Combat firing, proficiency should unloading, and reloading. day and night.. be added to the 6. When to draw and point a (4) Safe weapons current weapon..
handling..regulations. The 7. Rapid fire techniques.... (5) Clearing,proposed rule would 8. Close quarter firing..... loading, unloading, require an 9. Stress firing............ and reloading.. individual 10. Zeroing assigned(6) When to draw and demonstrate weapon(s)..
point a weapon.. proficiency in the (7) Rapid firefollowing areas: techniques..target engagement, (8) Closed quarter weapon firing..malfunctions, cover (9) Stress firing... and concealment (10) Zeroingweapon transition assigned weapon(s) between strong (sight and sight/ (primary) and weak scope adjustments).. (support) hands, (11) Targetand weapon engagement..familiarization (12) Weapon(areas 11 through malfunctions..15.) (13) Cover and concealment.. (14) Weapon transition between strong (primary) and weak (support) hands.. (15) Weapon familiarization.. Appendix B, Paragraph II.D. E.1.e. The licensee The requirements of Security knowledge, skills, shall ensure that appendix B, and abilities--Eacheach armed member Paragraph II.D. individual assigned toof the security would be modified perform the security-organization is to clarify training related task identified in instructed on the requirements the licensee physicaluse of deadly force regarding the use security or contingency as authorized by of deadly force. plan shall demonstrate the applicable State The proposed rule required knowledge, skill, law.
would specify that and ability in accordance
the substance of with the specified
training in the use standards for each task as
of deadly force stated in the NRC approved
should be focused licensee training and
on applicable state qualifications plan. The
laws. areas of knowledge, skills, and abilities that shall be considered in the licensee's training and qualifications plan are as follows: The use of deadly force. Appendix B, Paragraph IV.D. E.1.f. Armed members This requirement Individuals shall beof the security would be based upon weapons requalified atorganization shall the current least every 12 months in participate inrequalification accordance with the NRC weapons rangerequirements stated approved licensee training activities on a in appendix B, and qualifications plan, nominal four (4) Paragraph IV.D. It and in accordance with the month periodicity. is the Commission requirements stated in A, Performance may be view that the B, and C of this section. conducted up to proposed rule, five (5) weeksrequiring weapons before to five (5) range activities, weeks after the would ensure scheduled date. The individuals next scheduled date maintain must be four (4) proficiency in the months from the use of assigned originallyweapons and scheduled date. associated perishable skills. IV. Weapons qualification F. WeaponsThis header would be and requalification program. qualification and retained. requalification program. F.1. General weapons This header would be qualificationadded for requirements.formatting purposes. Appendix B, Paragraph IV. F.1.a. Qualification The requirement Qualification firing for firing must bewould retain the the handgun and the rifle accomplished in qualification must be for daylightaccordance with requirements stated firing, and each individual Commissionin appendix B, shall perform night firing requirements and Paragraph IV. The for familiarization with the Commission- proposed rule would assigned weapon(s).approved training specify that such and qualification qualifications have plan for assigned to be accomplished weapons.in accordance with Commission-approved training and qualification plans.[[Page 62821]]
The results of weaponsF.1.b. The results This weapons qualification andof weaponsqualification and requalification must be qualification and requalification documented by the licensee requalification requirement would or the licensee's agent. must be documented be retained. The and retained as a word ``must'' would record.be replaced with the word ``shall'' for consistency with this proposed rule. The phrase ``by the licensee or the licensee's agent'' would be replaced with the phrase ``and retained as a record'' for consistency with the terminology used in the proposed rule. Each individual shall be F.1.c. EachThis requalification requalified at least every individual shall be requirement would 12 months.
re-qualified at be retained. The least annually. phrase ``every 12 months'' would be replaced with the word ``annually'' for consistency with this proposed rule. Energy Policy Act of 2005... F.2. AlternateThis new requirement weaponswould be added for qualification. Upon consistency with written request by the proposed Sec. the licensee, the 73.19. The proposed Commission mayrule would require authorize anthe licensee to applicant orrequest NRC licensee to provide authorization to firearmsimplement qualificationalternative programs other than firearms those listed in qualification this appendix if programs pursuant the applicant or to the licensee's licenseerequest for demonstrates that authorization to the alternative use ``enhanced firearmweapons'' as qualificationdefined in the program satisfies proposed Sec. Commission73.19. requirements. Written requests must provide details regarding the proposed firearms qualification programs and describe how the proposed alternative satisfies Commission requirements. Appendix B, Paragraph IV. F.3. TacticalThis requirement Qualification firing for weaponswould be based upon the handgun and the rifle qualification. The the current must be for daylightlicensee Training qualification firing, and each individual and Qualification requirement in shall perform night firing Plan must describe appendix B, for familiarization with the firearms used, Paragraph IV. Due assigned weapon(s).the firearmsto changes to the qualificationthreat environment, program, and other the proposed rule tactical training would require that required tothe licensee implement thedevelop and Commission-approved implement a site security plans, specific firearms licensee protective qualification strategy, andprogram and other implementingtactical training procedures.to simulate site Licensee developed conditions under qualification and which the re-qualification protective strategy courses for each will be firearm mustimplemented. The describe theexamples given performance(lighting, criteria needed, to elevation and include the site fields-of-fire) are specific conditions intended to be (such as lighting, neither all elevation, fields- inclusive nor of-fire) underlimiting. which assigned personnel shall be required to carry- out their assigned duties. Appendix B, Paragraph IV. F.4. FirearmsThis requirement Qualification firing for qualificationwould be based upon the handgun and the rifle courses. Thethe current must be for daylightlicensee shallqualification firing, and each individual conduct therequirements in shall perform night firing followingappendix B, for familiarization with qualificationParagraph IV. The assigned weapon(s).courses for weapons proposed rule would used.
specify performance expectations for weapons courses.[[Page 62822]]
Appendix B, Paragraph IV. F.4.a. AnnualThis requirement Qualification firing for daylightwould combine the the handgun and the rifle qualificationcurrent appendix B, must be for daylightcourse. Qualifying Paragraph IV.A., firing, and each individual score must be an B., and C. Because shall perform night firing accumulated total of changes to the for familiarization with of 70 percent with threat environment, assigned weapon(s).handgun andit is the Appendix B, Paragraph IV.A. shotgun, and 80 Commission view Handgun--Guards, armedpercent with semi- that a higher escorts and armed response automatic rifle and/ qualification personnel shall qualify or enhancedpercentage is with a revolver orweapons, of the required. The semiautomatic pistol firing maximum obtainable Commission has the national police course, target score.determined that or an equivalent nationally
among law recognized course.
enforcement Appendix B, Paragraph IV.B.
authorities, 70 Semiautomatic Rifle--
percent is a Guards, armed escorts and
commonly accepted armed response personnel,
fire qualification assigned to use the
value requirement semiautomatic rifle by the
for handguns and licensee training and
shotguns and that qualifications plan, shall
80 percent is the qualify with a
commonly accepted semiautomatic rifle by
value for semi- firing the 100-yard course
automatic and of fire specified in
enhanced weapons. section 17.5(1) of the
The proposed rule National Rifle Association,
would increase the High Power Rifle Rules book
acceptable level of (effective March 15, 1976),
proficiency to 70 (1) or a nationally
percent for handgun recognized equivalent
and shotgun, and 80 course of fire.
percent for the Appendix B, Paragraph IV.C.
semi-automatic Shotgun--Guards, armed
rifle and enhanced escorts, and armed response
weapons. personnel assigned to use the 12 gauge shotgun by the licensee training and qualifications plan shall qualify with a full choke or improved modified choke 12 gauge shotgun firing the following course:. Appendix B, Paragraph IV. F.4.b. Annual night This requirement Qualification firing for fire qualification would combine the the handgun and the rifle course. Qualifying qualification must be for daylightscore must be an standards stated in firing, and each individual accumulated total the current shall perform night firing of 70 percent with appendix B, for familiarization with handgun andParagraph IV.A., assigned weapon(s).shotgun, and 80 B., and C. Because percent with semi- of changes to the automatic rifle and/ threat environment, or enhancedit is the weapons, of the Commission view maximum obtainable that a higher target score.qualification percentage is required. The Commission has determined that among law enforcement authorities, 70 percent is a commonly accepted night fire qualification value requirement for handguns and shotguns and that, under the same conditions, 80 percent is the commonly accepted value for semi- automatic and enhanced weapons. The proposed rule would increase the Night Fire qualification score from familiarization in the current rule, to an acceptable level of proficiency of 70 percent for handgun and shotgun, and 80 percent for the semi-automatic rifle and enhanced weapons.[[Page 62823]]
Appendix B, Paragraph IV. F.4.c. AnnualThis requirement Qualification firing for tacticalwould combine the the handgun and the rifle qualificationcurrent must be for daylightcourse. Qualifying qualification firing, and each individual score must be an requirements in shall perform night firing accumulated total appendix B, for familiarization with of 80 percent of Paragraph IV.A., assigned weapon(s).the maximumB., and C. In the obtainable score. proposed rule, the annual tactical course of fire would be developed and implemented to simulate the licensee protective strategy in accordance with the Commission-approved training and qualification plan. Licensees would not be not required to include every aspect of its site protective strategy into one tactical course of fire. Instead, licensees should periodically evaluate and change their tactical course of fire to incorporate different or changed elements of the site protective strategy so that armed security personnel are exposed to multiple and different site contingency scenarios. In the current threat environment, LLEA tactical teams typically require a minimum qualification score of 80 percent to ensure that a higher percentage of rounds hit the intended target to neutralize the threat. This correlates to licensee protective strategies in which a higher percentage of rounds that hit the intended target increase the ability of the security force to neutralize the adversarial threat to prevent radiological sabotage. As a result, the proposed rule would specify 80 percent as the minimum acceptable qualification score for the Tactical Qualification Course. F.5. Courses of fire This heading would be added to clarify the subsequent information and to be consistent with the remainder of this appendix. Appendix B, Paragraph IV.A. F.5.a. Handgun...... This heading would Handgun--
be brought forward from current rule and would be renumbered accordingly. Appendix B, Paragraph IV.A. F.5.a.(1) Armed The qualification Guards, armed escorts and members of therequirement would armed response personnel securitybe retained. The shall qualify with aorganization,phrase ``national revolver or semiautomatic assigned duties and police course'' pistol firing the national responsibilities would be replaced police course, or aninvolving the use with ``law equivalent nationallyof a revolver or enforcement recognized course.semiautomaticcourse'' for pistol shallconsistency with qualify inthe terminology accordance with used nationally in standards andreference to scores established firearms standards by a lawand courses. enforcement course, or an equivalent nationally recognized course. Appendix B, Paragraph IV.A. F.5.a.(2) Qualifying This requirement Qualifying score shall be scores must be an would be brought an accumulated total of 70 accumulated total forward from percent of the maximumof 70 percent of current rule and obtainable score.the maximumwould be renumbered obtainable target accordingly. score. Appendix B, Paragraph IV.B. F.5.b. Semiautomatic This header would be Semiautomatic Rifle--rifle.
retained. Appendix B, Paragraph IV.B. F.5.b.(1) Armed The qualification Guards, armed escorts and members of therequirement would armed response personnel, securitybe retained. The assigned to use theorganization,phrase ``national semiautomatic rifle by the assigned duties and police course'' licensee training andresponsibilities would be replaced qualifications plan, shall involving the use with ``law qualify with a
of a semiautomatic enforcement semiautomatic rifle byrifle shall qualify course'' for firing the 100-yard course in accordance with consistency with of fire specified inthe standards and the terminology Section 17.5(1) of thescores established used nationally in National Rifle Association, by a lawreference to High Power Rifle Rules book enforcement course, firearms standards (effective March 15, 1976), or an equivalent and courses. (1) or a nationallynationally recognized equivalentrecognized course. course of fire. Qualifying score shall be an F.5.b.(2) Qualifying This requirement accumulated total of 80 scores must be an would be retained. percent of the maximumaccumulated total obtainable score.of 80 percent of the maximum obtainable score. Appendix B, Paragraph IV.C. F.5.c. Shotgun...... This header would be Shotgun--
retained.[[Page 62824]]
Appendix B, Paragraph IV.C. F.5.c.(1) Armed The qualification Guards, armed escorts, and members of therequirement would armed response personnel securitybe retained. The assigned to use the 12organization,phrase ``national gauge shotgun by theassigned duties and police course'' licensee training andresponsibilities would be replaced qualifications plan shall involving the use with ``law qualify with a full choke of a shotgun shall enforcement or improved modified choke qualify incourse'' for 12 gauge shotgun firing the accordance with consistency with following course:standards andthe terminology scores established used nationally in by a lawreference to enforcement course, firearms standards or an equivalent and courses. The nationallyphrase ``12 gauge'' recognized course. would be deleted to account for future changes and because this specific requirement would be no longer needed in this proposed appendix. Appendix B, Paragraph IV.C. F.5.c.(2) Qualifying The qualification To qualify the individual scores must be an requirement would shall be required to place accumulated total be retained. Due to 50 percent of all pellets of 70 percent of changes in the (36 pellets) within the the maximumthreat environment, black silhouette.obtainable target the qualification score.
score would be increased from 50 percent in the current rule, to an acceptable level of proficiency. The proposed 70 percent requirement is a commonly accepted minimum qualification score, for shotguns in the law enforcement community. F.5.d. Enhanced This header would be weapons.added for formatting purposes. Appendix B, Paragraph III.A. F.5.d.(1) Armed This new requirement Each individual shall be members of thewould be added to proficient in the use of securityaccount for future his assigned weapon(s) and organization,technological shall meet prescribedassigned duties and advancements in standards in the following responsibilities weaponry available areas:
involving the use to licensees. The of any weapon or phrase ``national weapons notpolice course'' described above, would be replaced shall qualify in with ``law accordance with enforcement applicablecourse'' for standards andconsistency with scores established the terminology by a lawused nationally in enforcement course reference to or an equivalent firearms standards nationallyand courses. recognized course Examples of ``Law for these weapons. enforcement course or an equivalent nationally recognized course for such weapons'' includes those by the Departments of Justice, Energy, or Defense. Appendix B, Paragraph III.A. F.5.d.(2) Qualifying This new 80 percent Each individual shall be scores must be an qualification score proficient in the use of accumulated total requirement would his assigned weapon(s) and of 80 percent of be consistent and shall meet prescribedthe maximumcomparable with the standards in the following obtainable score. requirements for areas:
semi-automatic rifles. Appendix B, Paragraph IV.D. F.6. Requalification This header would be Requalification--.
retained. Appendix B, Paragraph IV.D. F.6.a. Armed members This requalification Individuals shall beof the security requirement would weapons requalified atorganization shall be retained. The least every 12 months in be re-qualified for phrase ``every 12 accordance with the NRC each assignedmonths'' would be approved licensee training weapon at least replaced with the and qualifications plan, annually inword ``annually'' and in accordance with the accordance with for consistency requirements stated in A, Commissionwith this proposed B, and C of this section. requirements and rule. The phrase the Commission- ``Individuals shall approved training be weapons and qualification requalified'' would plan.
be replaced with the phrase ``Armed members of the security organization shall be re-qualified for each assigned weapon'' to reflect changes in the terminology used to describe this topic. The phrase ``the NRC approved licensee training and qualifications plan, and in accordance with the requirements stated in A, B, and C of this section'' would be replaced with the phrase ``Commission requirements and the Commission- approved training and qualification plan'' to reflect changes in the terminology used to describe this topic. Appendix B, Paragraph IV.D. F.6.b. Firearms This requalification Individuals shall berequalification requirement would weapons requalified atmust be conducted be retained. Due to least every 12 months in using the courses changes in the accordance with the NRC of fire outlined in threat environment, approved licensee training Paragraph 5 of this the proposed rule and qualifications plan, section.would specify the and in accordance with the
criteria for requirements stated in A,
weapons B, and C of this section.
requalification. V. Guard, armed response G. Weapons, personal This heading would personnel, and armed escort equipment andbe retained and equipment.
maintenance.modified by adding the word ``maintenance'' for clarity. G.1. Weapons........ This header was added for formatting purposes.[[Page 62825]]
Appendix B, Paragraph III.A. G.1.a. The licensee This new requirement Each individual shall be shall provide armed would be based upon proficient in the use of personnel withthe current 10 CFR his assigned weapon(s) and weapons that are 73.55 b.(4)(i) and shall meet prescribedcapable ofappendix B, standards in the following performing theParagraph III.A. It areas:
function stated in also reflects new 10 CFR 73.55 b.(4)(i) The the Commission- requirements that licensee may not permit an approved security would implement the individual to act as aplans, licensee Energy Policy Act guard, watchman armedprotectiveof 2005. This response person, or other strategy, andrequirement would member of the securityimplementingbe intended to organization unless the procedures.account for individual has been
technological trained, equipped, and
advancements in qualified to perform each
this area. Under assigned security job duty
the proposed rule, in accordance with appendix
licensees could B, in accordance with
request Commission appendix B, ``General
authorization to Criteria for Security
possess and use Personnel,'' to this part..
enhanced weapons Section 653 of the Energy
that may otherwise Policy Act of 2005..
be prohibited by individual state laws. This authority has been granted to the NRC through Section 653 of the Energy Policy Act of 2005. G.2. PersonalThis header would be equipment.added for formatting purposes. Appendix B, Paragraph V.A. G.2.a. The licensee This requirement Fixed Site--Fixed siteshall ensure that would be based upon guards and armed response each individual is the current personnel shall either be equipped or has appendix B, equipped with or haveready access to all Paragraph V.A. This available the following personal equipment requirement would security equipmentor devices required be intended to appropriate to thefor the effective specify that the individual's assignedimplementation of licensee is contingency securitythe Commission- responsible for related tasks or job duties approved security ensuring that each as described in theplans, licensee individual is licensee physical security protectiveprovided all and contingency plans:strategy, andpersonal equipment implementingrequired to procedures.effectively perform assigned duties and responsibilities. The phrase ``has ready access to'' would mean that equipment or devices, that are required to perform assigned duties, are available as described in the Commission-approved security plans, licensee. Appendix B, ParagraphG.2.b. The licensee This requirement V.A.5.(a) Helmet, Combat. shall provide armed combines the Appendix B, Paragraphsecurity personnel, current V.A.5.(b) Gas mask, full at a minimum, but requirements face..
is not limited to, appendix B, Appendix B, Paragraphthe following.Paragraph V.A.5(b), V.A.5.(c) Body armor(1) Gas mask, full 5(c), 5(g), 9, and (bullet-resistant vest).. face..
10. Due to changes Appendix B, Paragraph(2) Body armorin the threat V.A.5.(d) Flashlights and (bullet-resistant environment, the batteries..
vest)..NRC has determined Appendix B, Paragraph(3) Ammunition/that this list of V.A.5.(e) Baton..equipment belt.. equipment would be Appendix B, Paragraph(4) Duress alarms... the minimum V.A.5.(f) Handcuffs..(5) Two-way portable required to Appendix B, Paragraphradios (handi-effectively perform V.A.5.(g) Ammunition-talkie) 2 channels response duties. equipment belt..minimum, 1 Appendix B, Paragraph V.A.6. operating and 1 Binoculars..
emergency.. Appendix B, Paragraph V.A.7. Night vision aids, i.e., hand-fired illumination flares or equivalent.. Appendix B, Paragraph V.A.8. Tear gas or other nonlethal gas.. Appendix B, Paragraph V.A.9. Duress alarms.. Appendix B, Paragraph V.A.10. Two-way portable radios (handi-talkie) 2 channels minimum, 1 operating and 1 emergency..[[Page 62826]]
Appendix B, ParagraphG.2.c. Based upon This requirement V.A.5.(a) Helmet, Combat. the licenseewould be based upon Appendix B, Paragraphprotective strategy the current V.A.5.(b) Gas mask, full and the specific appendix B, face..
duties andParagraph V.A.5. Appendix B, Paragraphresponsibilities The NRC has V.A.5.(c) Body armorassigned to each determined that (bullet-resistant vest).. individual, the this list of Appendix B, Paragraphlicensee should additional V.A.5.(d) Flashlights and provide, but is not equipment must be batteries..
limited to, the provided because Appendix B, Paragraphfollowing.such equipment is V.A.5.(e) Baton..(1) Flashlights and required to Appendix B, Paragraphbatteries..effectively V.A.5.(f) Handcuffs..(2) Baton or other implement the Appendix B, Paragraphnon-lethal weapons.. licensee protective V.A.5.(g) Ammunition-(3) Handcuffs....... strategy and the equipment belt..(4) Binoculars...... specific duties and Appendix B, Paragraph V.A.6 (5) Night vision responsibilities Binoculars..
aids (e.g. goggles, assigned to each Appendix B, Paragraph V.A.7. weapons sights).. individual. The Night vision aids, i.e., (6) Hand-firedcurrent requirement hand-fired illumination illumination flares appendix B, flares or equivalent..or equivalent.. Paragraph V.A.5.(a) Appendix B, Paragraph V.A.8. (7) Tear gas or``Helmet, combat'' Tear gas or other nonlethal other non-lethal would be deleted gas..
gas..
because the NRC has Appendix B, Paragraph V.A.9.
determined that Duress alarms..
although the use of Appendix B, Paragraph
this item is V.A.10. Two-way portable
recommended it is radios (handi-talkie) 2
an optional item channels minimum, 1
that is not operating and 1 emergency..
required to effectively implement a protective strategy or perform assigned duties and responsibilities. The proposed addition in (2) `` . . . or other non- lethal weapons'' would recognize that the use of batons and other non-lethal weapons by armed security officers is subject to state law. Related to the use of non-lethal weapons, each state has minimum training requirements for armed private security officers. G.3. Maintenance.... This heading would be added for formatting purposes. Appendix B, Paragraph III.A. G.3.a. Firearms This requirement Each individual shall be maintenancewould be based upon proficient in the use of program. Eachthe current his assigned weapon(s) and licensee shallappendix B, shall meet prescribedimplement aParagraph III.A. standards in the following firearmsThis proposed rule areas:
maintenance and would require a accountabilityfirearms program inmaintenance program accordance with the to ensure weapons Commissionand ammunition are regulations and the properly Commission-approved maintained, training andfunction as qualification plan. designed, and are The program must properly stored and include:accounted for. In (1) Semiannual test order to certify firing for accuracy armorer, each and functionality.. weapon manufacturer (2) Firearmsprovides training maintenanceregarding the procedures that maintenance, care include cleaning and repair of schedules andweapons they cleaningprovide to requirements..licensees. The (3) Program activity Commission believes documentation.. that armorers must (4) Control andbe certified to Accountabilityensure that the (Weapons andquality of ammunition)..maintenance, care (5) Firearm storage and repair of the requirements..weapons are in (6) Armoreraccordance with certification.. manufacturers specifications. H. Records.......... This heading would be added formatting purposes. Appendix B, Paragraph II.A. H.1. The licensee This requirement The licensee or the agent shall retain all would be added to shall maintain
reports, records, replace the current documentation of theor otherappendix B, current plan and retain documentationParagraph II.A, for this documentation of the required by this consistency with plan as a record for three appendix inthe proposed Sec. years after the close of accordance with the 73.55(r), and to period for which therequirements of specify the records licensee possesses theSec. 73.55(r). retention special nuclear material
requirement. This under each license for
requirement would which the plan was
be intended to developed and, if any
consolidate all portion of the plan is
records retention superseded, retain the
requirements. material that is superseded for three years after each change.[[Page 62827]]
Appendix B, Paragraph I.C. H.2. The licensee This requirement The physical fitnessshall retain each would combine all qualification of eachindividual'srecord retention guard, armed responseinitialrequirements person, armed escort, and qualificationcurrently in other security force member record for three appendix B. shall be documented.(3) years after Appendix B, Paragraph I.C. termination of the The licensee shall retain individual's this documentation as a employment and record for three years from shall retain each the date of eachre-qualification qualification..record for three Appendix B, Paragraph I.E. (3) years after it The licensee shall document is superceded. each individual's physical requalification and shall retain this documentation of requalification as a record for three years from the date of each requalification.. Appendix B, Paragraph II.B. The qualifications of each individual must be documented.. Appendix B, Paragraph II.B. The licensee shall retain this documentation of each individual's qualifications as a record for three years after the employee ends employment in the security- related capacity and for three years after the close of period for which the licensee possesses the special nuclear material under each license, and superseded material for three years after each change.. Appendix B, Paragraph II.E. The results of requalification must be documented.. Appendix B, Paragraph II.E. The licensee shall retain this documentation of each individual's requalification as a record for three years from the date of each requalification.. Appendix B, Paragraph IV. The results of weapons qualification and requalification must be documented by requalification must be documented by the licensee or the licensee's agent.. Appendix B, Paragraph IV. The licensee shall retain this documentation of each qualification as a record for three years from the date of the qualification or requalification, as appropriate.. Appendix B, Paragraph I.F. H.3. The licensee This requirement The results of suitability, shall document data would combine two physical, and mentaland test results requirements qualifications data and from eachcurrently in test results must beindividual'sappendix B. documented by the licensee suitability, or the licensee's agent. physical, and The licensee or the agent psychological shall retain thisqualification and documentation as a record shall retain this for three years from the documentation as a date of obtaining andrecord for three recording these results. years from the date of obtaining and recording these results. I. Audits andThis heading would reviews.be added to ensure consistency with the structure of the appendix. The licensee shall This requirement review thewould be added for Commission-approved consistency with training andaudit and review qualification plan requirements of the in accordance with proposed 10 CFR the requirements of 73.55(n). Sec. 73.55(n). Definitions................. J. Definitions...... This heading would be brought forward from the current rule and would be renumbered accordingly. Terms defined in parts 50, Terms defined in This requirement 70, and 73 of this chapter parts 50, 70, and would be brought have the same meaning when 73 of this chapter forward from the used in this appendix.have the samecurrent rule and meaning when used would be renumbered in this appendix. accordingly.
[[Page 62828]]
Table 7.--Part 73 Appendix C Section II [Nuclear Power Plants Safeguards Contingency Plans]Current languageProposed language ConsiderationsAppendix C.................. Section II: Nuclear This paragraph and power plantheader would be safeguardsadded to contingency plans. independently address Nuclear Power Reactor Safeguards Contingency Plan requirements without impacting other licensees. The proposed requirements addressed in this proposed paragraph retain and incorporate the requirements of the appendix C. Introduction................ (a) Introduction.... This requirement would be retained. The safeguardsThis requirement contingency plan would be added to must describe how generally describe the criteria set the Commission's forth in thisexpectations for appendix will be the content of the satisfied through safeguards implementation and contingency plan. must provide specific goals, objectives and general guidance to licensee personnel to facilitate the initiation and completion of predetermined and exercised responses to threats, up to and including the design basis threat described in Sec. 73.1(a)(1). Contents of the Plan........ Contents of the plan This requirement would be retained. Each licensee safeguards (b) Each safeguards This requirement contingency plan shallcontingency plan would be retained include five categories of must include the with editorial information:
following twelve changes. The 1. Background.
(12) categories of current categories 2. Generic Planning Base. information:of information (1) 3. Licensee Planning Base. (1) Background...... through (5) would 4. Responsibility Matrix. (2) Generic Planning be retained with 5. Procedures.
Base..
(5) being (3) Licenseereformatted to (12) Planning Base.. and renamed (4) Responsibility ``Implementing Matrix..Procedures'' to (5) Primary Security update the Functions..terminology used to (6) Responseidentify this Capabilities..category of (7) Protectiveinformation. The Strategy..proposed categories (8) Integratedof information (5) Response Plan.. through (11) would (9) Threat Warning be added to improve System..the usefulness and (10) Performance applicability of Evaluation Program.. the safeguards (11) Audits andcontingency plan. Reviews.. (12) Implementing Procedures.. 1. Background............... (c) Background...... This header would be retained with editorial changes. Under the following topics, (c)(1) Consistent This requirement this category ofwith the design would be retained information shall identify basis threatwith information and define the perceived specified in Sec. added to identify dangers and incidents with 73.1(a)(1),specific goals, which the plan will deal licensees shall objectives and and the general way it will identify andgeneral information handle these:
describe thefor the development perceived dangers, of the safeguards threats, andcontingency plan. incidents against which the safeguards contingency plan is designed to protect. 1.b. Purpose of the Plan--A (c)(2) Licensees This requirement discussion of the general shall describe the would be retained aims and operationalgeneral goals and with editorial concepts underlyingoperationalchanges. The header implementation of the plan. concepts underlying ``Purpose of the Introduction: The goals of implementation of Plan'' would be licensee safeguardsthe approveddeleted because contingency plans forsafeguardspurpose is responding to threats,contingency plan, described in the thefts, and radiological to include, but not proposed paragraph sabotage are:
limited to the(a)(2). The phrase following:``A discussion of the general aims and'' would be deleted because the specific goals and objectives discussed in the proposed paragraph (c)(1) would include ``general aims'', therefore, it is not necessary to further break this topic area into individual components. The phrase ``, to include, but not limited to the following'' would be added to provide flexibility for the licensee to add information not specifically listed. 1.c. Scope of the Plan--A (c)(2)(i) The types This requirement delineation of the types of of incidentswould be retained incidents covered in the covered.with editorial plan.
changes. The header ``Scope of the Plan'' would be deleted because the scope of the safeguards contingency plan under this proposed rule would not be limited to only a delineation of the types of incidents covered in the plan. Introduction: A licensee (c)(2)(ii) TheThis requirement safeguards contingency plan specific goals and would be retained is a documented plan to objectives to be with additional give guidance to licensee accomplished.information added personnel in order to
for the accomplish specific defined
identification of objectives * * *.
specific goals and objectives to be accomplished to ensure the plan is appropriately oriented toward mission accomplishment.[[Page 62829]]
Background: Under the(c)(2)(iii) The This requirement following topics, thisdifferent elements would be retained category of information of the onsitewith additional shall identify and define physical protection information added the perceived dangers and program that are to describe defense- incidents with which the used to provide at in-depth concepts plan will deal and theall times theas they apply at general way it will handle capability toeach site and how these:
detect, assess, the individual intercept,components that challenge, delay, make up the onsite and neutralizephysical protection threats, up to and program would work including thetogether to ensure design basis threat the capability to relative to the detect, assess, perceived dangers intercept, and incidentschallenge, delay, described in the and neutralize the Commission-approved threats consistent safeguardswith the proposed contingency plan. requirements of Sec. 73.55. Introduction: The goals of (c)(2)(iv) How the This requirement licensee safeguardsonsite response would be retained contingency plans * * * effort is organized with additional are:
and coordinated to information added (1) to organize the response ensure thatto describe the effort at the licenseelicensees,elements of a site level,.
capability tointegrated response prevent significant to prevent core damage and significant core spent fuel sabotage damage and spent is maintainedfuel sabotage. throughout each type of incident covered. Introduction: The goals of (c)(2)(v) How the This requirement licensee safeguardsonsite response would be retained contingency plans * * * effort iswith additional are:
integrated toinformation (3) to ensure theinclude specific provided for an integration of the licensee procedures,integrated response response with the responses guidance, andas addressed in the by other entities, and; strategies toproposed paragraph Introduction: It ismaintain or restore (j). Reference to important to note that a core cooling,appendix E to part licensee's safeguardscontainment, and 50 or to Sec. contingency plan isspent fuel pool 70.22(I) would no intended to be
coolinglonger be required complimentary to anycapabilities using because the emergency plans developed existing or readily performance pursuant to appendix E to available resources standard for this part 50 or to Sec.(equipment andproposed 70.22(I) of this chapter. personnel) that can requirement would be effectivelybe broad enough to implemented under include these the circumstances references and any associated with other emergency loss of large areas plans developed as of the plant due to a result of explosions or fires. Commission mandated enhancements. 1.d. Definitions--A list of (c)(2)(vi) A list of This requirement terms and their definitions terms and their would be retained used in describingdefinitions used in with editorial operational and technical describingchanges. The header aspects of the plan.operational and ``Definitions'' is technical aspects deleted because it of the approved would no longer be safeguardsrequired under the contingency plan. new format of this proposed rule. The phrase ``approved safeguards contingency'' would be added to reflect changes to the terminology used to describe this topic. 2. Generic Planning Base.... (d) Generic planning This requirement base.
would be retained. 2. Under the following(d)(1) Licensees This requirement topics, this category of shall define the would be retained information shall define criteria forwith editorial the criteria for initiation initiation andchanges. The phrase and termination oftermination of``Under the responses to safeguards responses tofollowing topics'' contingencies together with threats to include would be replaced the specific decisions, the specificwith the phrase actions, and supporting decisions, actions, ``The licensee information needed to bring and supportingshall define'' to about such responses:information needed establish the to respond to each required action to type of incident be taken by the covered by thelicensee. The approved safeguards phrase ``safeguards contingency plan. contingencies'' would be replaced by the word ``threats'' to reflect changes in the terminology used to describe this topic. The phrase ``together with'' would be replaced with the phrase ``to include''. The phrase ``bring about such responses'' is replaced by the phrase ``respond to each type of incident covered by the approved safeguards contingency plan.'' 2.a. Such events may include (d)(2) Licensees This requirement alarms or other indications shall ensure early would be retained signaling penetration of a detection ofwith editorial protected area, vital area, unauthorizedchanges. Reference or material access area; activities andto specific site material control orshall respond to areas would be material accountingall alarms or other deleted. The indications of material indications of a licensee would be missing or unaccounted for; threat condition required to respond or threat indications-- such as, tampering, to unauthorized either verbal, such asbomb threats,activities where telephoned threats, orunauthorizeddetection has implied, such as escalating barrier penetration occurred. Examples civil disturbances.(vehicle orprovided would be personnel), missing revised for or unaccounted for consistency with nuclear material, the terminology escalating civil used in the disturbances,proposed rule and imminent threat would not be notification, or intended to be all other threatinclusive. warnings. Appendix C--Introduction. An (d)(3) TheThis requirement acceptable safeguardssafeguardswould be retained contingency plan mustcontingency plan with editorial contain:
must:.
changes. The phrase ``an acceptable'' is deleted because the requirements of this proposed rule address what would be acceptable.[[Page 62830]]
2.a. Identification of those (d)(3)(i) Identify This requirement events that will be used the types of events would be retained for signaling the beginning that signal the with editorial or aggravation of abeginning orchanges. The phrase safeguards contingencyinitiation of a ``according to how according to how they are safeguardsthey are perceived perceived initially bycontingency event. initially by licensee's personnel.
licensee's personnel'' would be deleted because the concept of perceived is captured through assessment. Introduction: The goals of (d)(3)(ii) Provide This requirement licensee safeguardspredetermined and would be retained contingency plans * * * structuredwith editorial are: (2) to provideresponses to each changes. The phrase predetermined, structured type of postulated ``safeguards responses by licensees to event.
contingencies'' has safeguards contingencies,
been replaced with ``each type of postulated event'' to include a wider range of potential events. 2.b. Definition of the(d)(3)(iii) Define This requirement specific objective to be specific goals and would be retained accomplished relative to objectives forwith editorial each identified event.response to each changes. The word postulated event. ``goals'' would be added for consistency with the proposed Paragraph (a)(3). 2.b.(1) a predetermined set (d)(3)(iv) Identify This requirement of decisions and actions to the predetermined would be retained satisfy stated objectives, decisions andwith more specific actions which are information being required to satisfy provided to ensure the written goals that written goals and objectives for and objectives are each postulated identified for each event.
postulated event. 2.b.(2) an identification of (d)(3)(v) Identify This requirement the data, criteria,the data, criteria, would be retained procedures, and mechanisms procedures,with editorial necessary to efficiently mechanisms andchanges. The word implement the decisions, logistical support ``efficiently'' and;
necessary towould be deleted implement thebecause it is predeterminedconsidered to be an decisions andarbitrary term that actions.would not describe the performance standard of this proposed requirement. 2.b.(3) a stipulation of the (d)(3)(vi) Identify This requirement individual, group, orthe individuals, would be retained organizational entitygroups, orwith editorial responsible for eachorganizationalchanges. The use of decision and action.entitiesthe word responsible for ``predetermined'' each predetermined has been inserted decision and action. to organizationally align decisions and actions to responsible entities. 2.b.(3) a stipulation of the (d)(3)(vii) Define This requirement individual, group, orthe command-and- would be retained organizational entitycontrol structure with editorial responsible for eachrequired tochanges. The decision and action.coordinate each required elements individual, group, of command and or organizational control have been entity carrying out added to establish predeterminedclear lines of actions.authority. Introduction: The goals of (d)(3)(viii)This requirement has licensee safeguardsDescribe howbeen retained with contingency plans * * * effectiveness will editorial changes. are: (4) to achieve abe measured and A change has been measurable performance in demonstrated to made to replace the response capability.include theword ``response'' effectiveness of with the phrase the capability to ``detect, assess, detect, assess, intercept, intercept,challenge, delay, challenge, delay, and neutralize'' to and neutralizeprovide a more threats, up to and detailed including thedescription of design basis threat. system effectiveness. 3. Licensee Planning Base... (e) LicenseeThis requirement planning base.would be retained. This category of information (e) Licensees shall This requirement shall include the factors describe the site- would be retained affecting contingencyspecific factors with editorial planning that are specific affectingchanges. The phrase for each facility or means contingency``or means of of transportation. To the planning and shall transportation'' is extent that the topics are develop plans for deleted because treated in adequate detail actions to be taken this phrase does in the licensee's approved in response tonot apply to physical security plan, postulated threats. nuclear power they may be incorporated by The followingreactor licensees. cross reference to that topics must beThe phrase ``To the plan. The following topics addressed:extent that the should be addressed:
topics are treated in adequate detail in the licensee's approved physical security plan, they may be incorporated by cross reference to that plan'' would be deleted because this information would be required to be specifically detailed in contingency planning. 3.a. Licensee's(e)(1)
This requirement has Organizational Structure Organizationalbeen retained with for Contingency Responses. Structure. Themore detailed A delineation of thesafeguardsinformation being organization's chain of contingency plan provided for the command and delegation of must describe the integration of authority as these apply to organization'scommand groups, safeguards contingencies. chain of command succession of and delegation of command, and authority during control functions. safeguards contingencies, to include a description of how command-and-control functions will be coordinated and maintained. 3.b. Physical Layout........ (e)(2) Physical This requirement layout.would be retained. 3.b.(i) Fixed Sites. A(e)(2)(i) TheThis requirement description of the physical safeguardswould be retained structures and theircontingency plan with editorial location on the site * * *. must include a site changes. The header description, to ``Fixed Sites'' include maps and would be deleted drawings, of the because it would physical structures not be necessary and their locations. for the purpose of this proposed rule. Specific information to permit orientation and familiarization of the site would also be included.[[Page 62831]]
3.b.(i) A description * * * (e)(2)(i)(A) Site This requirement has and a description of the Description. The been retained with site in relation to nearby site description more detailed towns, roads, and other must address the information being environmental featuressite location in included to important to the effective relation to nearby consider the site's coordination of response towns,
geographic operations.
transportationrelationship to the routes (e.g., rail, community and water, air, roads), environment. pipelines, hazardous material facilities, onsite independent spent fuel storage installations, and pertinent environmental features that may have an effect upon coordination of response operations. 3.b.(i) Particular emphasis (e)(2)(i)(B)This requirement should be placed on main Approaches.would be retained and alternate entry routes Particular emphasis with editorial for law enforcementmust be placed on changes. The word assistance forces and the main and alternate ``should'' has been location of control points entry routes for replaced with the for marshaling andlaw enforcement or word ``must'' to coordinating responseother offsiteestablish this activities.
support agencies language as a and the location of requirement. control points for marshaling and coordinating response activities. (e)(2)(ii) Licensees This requirement with co-located would be retained Independent Spent with more detailed Fuel Storageinformation being Installations shall provided for describe response response to procedures for both incidents occurring the operatingoutside the reactor and the protected area and Independent Spent for the utilization Fuel Storageof assets. Installation to include how onsite and offsite responders will be coordinated and used for incidents occurring outside the protected area. 3.c. Safeguards Systems (e)(3) Safeguards This requirement Hardware. A description of Systems Hardware. would be retained the physical security and The safeguardswith editorial accounting system hardware contingency plan changes to specify that influence how themust contain ahardware for licensee will respond to an description of the material event. Examples of systems physical security accountability. to be discussed areand material communications, alarms, accounting system locks, seals, area access, hardware that armaments, and surveillance. influence how the licensee will respond to an event. 3.d. Law Enforcement(e)(4) LawThis requirement Assistance.
enforcementwould be retained. assistance. 3.d. A listing of available (e)(4)(i) TheThis requirement local law enforcementsafeguardswould be retained agencies and a description contingency plan with more detailed of their responsemust contain ainformation being capabilities and theirlisting ofprovided for criteria for response; and available local, documenting * * *.
State, and Federal supporting agency law enforcement capabilities and agencies and aassets. general description of response capabilities, to include number of personnel, types of weapons, and estimated response time lines. 3.d. * * * and a discussion (e)(4)(ii) TheThis requirement of working agreements or safeguardswould be retained arrangements forcontingency plan with the addition communicating with these must contain aof written agencies.
discussion ofinformation to be working agreements included in working with offsite law agreements with enforcementoffsite law agencies to include enforcement criteria foragencies. response, command and control protocols, and communication procedures. 3.e. Policy Constraints and (e)(5) PolicyThis requirement Assumptions. A discussion constraints and would be retained. of State laws, localassumptions. The The text of 3.e.(2) ordinances, and company safeguards``Use of Employee policies and practices that contingency plan property'' would be govern licensee response to must contain adeleted because incidents. Examples that discussion of State this information may be discussed include: laws, localwould not be (1) Use of deadly force;.... ordinances, and considered relevant (2) Use of employeecompany policies for discussion property;.
and practices that under policy (3) Use of off-dutygovern licensee constraints and employees;.
response toassumptions. The (4) Site securityincidents and must requirement would jurisdictional boundaries.. include, but is not be added to limited to, the implement following.applicable (i) Use of deadly provisions from the force..EPAct of 2005. This (ii) Recall of off- requirement is not duty employees.. applicable to (iii) Sitelicensees that jurisdictionalpossess such boundaries..weaponry under (iv) Use of enhanced authority separate weapons, iffrom EPAct 2005. applicable.. 3.f. Administrative and (e)(6)
This requirement Logistical Considerations-- Administrative and would be retained. logistical considerations. 3.f. Descriptions of(e)(6)(i) TheThis requirement licensee practices that may safeguardswould be retained have an influence on the contingency plan with information response to safeguardsmust contain aadded to reflect contingency events. The description ofchanges in the considerations shalllicensee practices terminology used to include a description of which influence how describe this the procedures that will be the licenseetopic. used for ensuring that all responds to a equipment needed to effect threat to include, a successful response to a but not limited to, safeguards contingency will a description of be easily accessible, in the procedures that good working order, and in will be used for sufficient supply toensuring that all provide redundancy in case equipment needed to of equipment failure.effect a successful response will be readily accessible, in good working order, and in sufficient supply to provide redundancy in case of equipment failure. 4. Responsibility Matrix.... (f) Responsibility This requirement matrix.would be retained.[[Page 62832]]
This category of information (f)(1) TheThis requirement consists of detailedsafeguardswould be retained identification of thecontingency plan with information organizational entities must describe the added to reflect responsible for eachorganizationalchanges in the decision and actionentities that are terminology used to associated with specific responsible for describe this responses to safeguards each decision and topic. contingencies.
action associated with responses to threats. For each initiating event, a (f)(1)(i) For each This requirement tabulation shall be made identifiedwould be retained for each response entity initiating event, a with editorial depicting the assignment of tabulation must be changes. The responsibilities for all made for eachparenthetical decisions and actions to be response depicting phrase ``(Not all taken in response to the the assignment of entities will have initiating event. (Not all responsibilities assigned entities will have assigned for all decisions responsibilities responsibilities for any and actions to be for any given given initiating event.). taken.
initiating event)'' would be deleted because it is considered to be constricting information. The tabulations in the(f)(1)(ii) TheThis requirement Responsibility Matrix shall tabulationswould be retained provide an overall picture described in the with editorial of the response actions and responsibilitychanges. The word their interrelationships. matrix must provide ``shall'' has been an overallreplaced with description of``must'' to response actions establish this and
language as a interrelationships. requirement. Safeguards responsibilities (f)(2) Licensees This requirement shall be assigned in ashall ensure that would be retained manner that precludesduties andwith editorial conflict in duties orresponsibilities changes. responsibilities that would required by the prevent the execution of approved safeguards the plan in any safeguards contingency plan do contingency.
not conflict with or prevent the execution of other site emergency plans. Safeguards responsibilities (f)(3) Licensees This requirement shall be assigned in ashall identify and would be retained manner that precludesdiscuss potential with added written conflict in duties orareas of conflict discussion (text) responsibilities that would between site plans in the plan to prevent the execution of in the integrated document the plan in any safeguards response planconsideration of contingency.
required by Section other plans to II(b)(8) of this preclude conflict appendix.between multiple plans. (f)(4) Licensees This requirement shall addresswould be added to safety/security address interface issues in communication accordance with the between licensee requirements of safety and security Sec. 73.58 to entities, to ensure ensure activities that activities by the security involving one organization,organizational maintenance,entity do not operations, and adversely affect other onsiteanother. Details entities arewould be addressed coordinated in a in the proposed manner thatSec. 73.58 safety/ precludes conflict security interface. during both normal and emergency conditions. (g) Primary security This requirement functions.would be added to improve the usefulness and applicability of the safeguards contingency plan. Sec. 73.55(h)(4)(iii)(A) (g)(1) Licensees This requirement Requiring responding guards shall establish and would be retained or other armed response maintain at all with editorial personnel to interposetimes, thechanges. The phrase themselves between vital capability to``radiological areas and material access detect, assess, and sabotage'' is areas and any adversary respond to allreplaced with the attempting entry for the threats to thephrase ``all purpose of radiological facility up to and threats up to and sabotage or theft ofincluding theincluding the special nuclear material design basis threat. design basis and to intercept any person
threat'' to more exiting with special
accurately nuclear material, and, * *
represent the *.
standard that the licensee also protect against perceived threats not contained in the design basis threat. Sec. 73.55(h)(6) To(g)(2) To facilitate This requirement facilitate initial response initial response to would be retained to detection of penetration a threat, licensees with editorial of the protected area and shall ensure the changes. Early assessment of the existence capability todetection has been of a threat, a capability observe all areas added to permit a of observing the isolation of the facility in timely and zones and the physicala manner thateffective response. barrier at the perimeter of ensures earlyThe goal is to the protected area shall be detection ofobserve and detect provided, preferably by unauthorizedpotential threats means of closed circuit activities andas far from the television or by otherlimits exposure of facility as suitable means which limit respondingpossible. exposure of respondingpersonnel to personnel to possiblepossible attack. attack. (g)(3) Licensees This requirement shall generally would be added to describe how the describe the primary security concept of defense- functions arein-depth for integrated toimproved system provide defense-in- effectiveness. depth and are maintained despite the loss of any single element of the onsite physical protection program. (g)(4) Licensees' This requirement description must would be added to begin with onsite further describe physical protection the concept of measuresdefense-in-depth implemented in the for improved system outermost facility effectiveness. perimeter, and must move inward through those measures implemented to protect vital and target set equipment. (h) ResponseThis requirement capabilities.would be added.[[Page 62833]]
Sec. 73.55(h)(4)(iii)(A) (h)(1) Licensees This requirement Requiring responding guards shall establish and would be retained or other armed response maintain at all with editorial personnel to interposetimes thechanges. The phrase themselves between vital capability to``radiological areas and material access intercept,sabotage'' is areas and any adversary challenge, delay, replaced with the attempting entry for the and neutralizephrase ``all purpose of radiological threats up to and threats up to and sabotage or theft ofup to and including including the special nuclear material the design basis design basis and to intercept any person threat.threat'' for exiting with special
consistency with nuclear material, and, * *
the proposed Sec. *.
73.55. Appendix C, Paragraph 4. For (h)(2) Licensees The requirement each initiating event, a shall identify the would be retained tabulation shall be made personnel,with information for each response entity equipment, andadded to identify depicting the assignment of resources necessary the allocation of responsibilities for all to perform thepersonnel and the decisions and actions to be actions required to availability of taken in response to the prevent significant assets required to initiating event.core damage and be implemented in spent fuel sabotage response to in response topostulated events. postulated events. (h)(3) Licensees This requirement shall ensure that would be added. The predeterminedword actions can be``predetermined'' completed under the is used to provide postulatedfor the conditions.accomplishment of automatic actions to achieve the security mission. Sec. 73.55(h)(3) The total (h)(4) Licensees This requirement number of guards, andshall provide at would be retained armed, trained personnel all times an armed with editorial immediately available at response teamchanges. The the facility to fulfill comprised ofrequirement would these response requirements trained andbe based on Sec. shall nominally be tenqualified personnel 73.55(h)(3) and (10), unless specifically who possess the would describe the required otherwise on a knowledge, skills, performance case by case basis by the abilities, andstandard for Commission; however, this equipment required personnel assigned number may not be reduced to implement the armed response to less than five (5)Commission-approved duties. guards.
safeguards contingency plan and site protective strategy. The plan must include a description of the armed response team including the following: Sec. 73.55(h)(3) The total (h)(4)(i) TheThis requirement number of guards, andauthorized minimum would be retained armed, trained personnel number of armed with information immediately available at responders,added to establish the facility to fulfill available at all the number of these response requirements times inside the personnel required shall nominally be tenprotected area. to be assigned (10), unless specifically
armed response required otherwise on a
duties within the case by case basis by the
protected area. Commission; however, this
This is intended to number may not be reduced
ensure that to less than five (5)
predetermined guards.
positions documented in approved contingency plans and are occupied during threat situations. Sec. 73.55(h)(3) The total (h)(4)(ii) TheThis requirement number of guards, andauthorized minimum would be retained armed, trained personnel number of armed with information immediately available at security officers, added to establish the facility to fulfill available onsite at the number of these response requirements all times.personnel required shall nominally be ten
to be assigned (10), unless specifically
armed response required otherwise on a
duties on site. case by case basis by the
This is intended to Commission; however, this
ensure that number may not be reduced
predetermined to less than five (5)
positions guards.
documented in approved contingency plans and are occupied during threat situations. (h)(5) The total This requirement number of armed would be added to responders anddocument the number armed securityof armed response officers must be personnel and their documented in the roles and approved security relationships to plans andthe protective documented as a strategy. component of the protective strategy. (h)(6) Licensees This requirement shall ensure that would be added to individualsensure assigned assigned duties and personnel are responsibilities to trained to perform implement thetheir assigned Safeguardsduties and Contingency Plan responsibilities. are trained and qualified in accordance with appendix B of this part and the Commission-approved security plans. (i) ProtectiveThis header is added strategy.for formatting purposes. (i)(1) Licensees This requirement shall develop,would be added to maintain, andprovide tactical implement a written planning protective strategy information for the that describes the armed response team deployment of the and each individual armed response team in response to relative to the threats. general goals, operational concepts, performance objectives, and specific actions to be accomplished by each individual in response to postulated events. (i)(2) TheThis header is added protective strategy for formatting must:
purposes.[[Page 62834]]
Sec. 73.55(h)(4)(iii)(A) (i)(2)(i) BeThis requirement Requiring responding guards designed to prevent would be retained or other armed response significant core and revised to personnel to interposedamage and spent describe the design themselves between vital fuel sabotageof the licensee areas and material access through theprotective strategy areas and any adversary coordinatedconsistent with the attempting entry for the implementation of proposed Sec. purpose of radiological specific actions 73.55(b)(2). Most sabotage or theft ofand strategiessignificantly, the special nuclear material required toword ``interpose'' and to intercept any person intercept,would be replaced exiting with specialchallenge, delay, by the phrase nuclear material, and, * * and neutralize``intercept, *.
threats up to and challenge, delay, including theand neutralize'' to design basis threat provide a of radiological measurable sabotage.performance based requirement that identifies the specific actions required to satisfy the action ``interpose'' as required by the current Sec. 73.55(h)(4)(iii)(A) , and to provide a measurable performance based requirement against which the effectiveness of the licensee protective strategy could be measured. (i)(2)(ii) Describe This requirement and consider site would be added specificbased on changes to conditions, tothe threat include but not environment the limited to,Commission has facility layout, determined that it the location of is necessary to target setemphasize equipment andconsideration of elements, target the listed areas set equipment that for design and is in maintenance planning purposes. or out of service, and the potential effects that unauthorized electronic access to safety and security systems may have on the protective strategy capability to prevent significant core damage and spent fuel sabotage. (i)(2)(iii) Identify This requirement predeterminedwould be added to actions and time identify lines for the``predetermined deployment of armed actions'' to personnel.provide for automatic actions toward accomplishing the security mission. (i)(2)(iv) Provide This requirement bullet resisting would be added to protected positions provide a with appropriate performance based fields of fire. requirement for the placement/location of Bullet-Resisting Enclosures (BREs). This proposed requirement would ensure that each position would be of sufficient strength to enhance survivability of armed personnel against the design basis threat and would ensure that assigned areas of responsibility are clearly visible and within the functional capability of assigned weapons. Sec. 73.55(h)(6) To(i)(2)(v) Limit This requirement facilitate initial response exposure ofwould be retained to detection of penetration security personnel with editorial * * * which limit exposure to possible attack. changes added to of responding personnel to
describe the possible attack.
ballistic protection or use of available cover and concealment for security personnel. Sec. 73.55(f)(1) Each (i)(3) Licensees This requirement guard, watchman or armed shall provide a would be retained response individual on duty command and control with editorial shall be capable ofstructure, tochanges added to maintaining continuousinclude response by describe the communication with anoff-site lawelements of individual in eachenforcementintegrated incident continuously manned alarm agencies, which command during station required byensures thatpostulated events. paragraph (e)(1) of this decisions and section, who shall beactions are capable of calling forcoordinated and assistance from othercommunicated in a guards, watchmen, and armed timely manner and response personnel and from that facilitates local law enforcementresponse in authorities.
accordance with the integrated response plan. (j) IntegratedThis new header Response Plan.would be added for formatting purposes. Introduction: It is(j)(1) Licensees This requirement important to note that a shall document, would be retained licensee's safeguardsmaintain, andwith editorial contingency plan isimplement anchanges. The intended to be
Integrated Response requirement would complimentary to anyPlan which must describe integrated emergency plans developed identify, describe, and coordinated pursuant to appendix E to and coordinateresponses to part 50 or to Sec.actions to be taken threats. 70.22(i) of this chapter. by licensee personnel and offsite agencies during a contingency event or other emergency situation. (j)(2) TheThis requirement Integrated Response would be added to Plan must:improve the usefulness and applicability of the safeguards contingency plan. (j)(2)(i) BeThis requirement designed towould be added to integrate andensure the design coordinate allof an integrated actions to be taken response plan that in response to an has been developed emergency event in in coordination and a manner that will conjunction with ensure that each other plans. site plan and procedure can be successfully implemented without conflict from other plans and procedures.[[Page 62835]]
(j)(2)(ii) Include This requirement specificwould be added to procedures,ensure the design guidance, andof an integrated strategies toresponse plan that maintain or restore addresses a myriad core cooling,of postulated containment, and events within the spent fuel pool design basis threat coolingenvironment and to capabilities using develop mitigating existing or readily strategies for available resources events that may (equipment andexceed the design personnel) that can basis threat. be effectively implemented under the circumstances associated with loss of large areas of the plant due to explosions or fires. (j)(2)(iii) Ensure This requirement that onsitewould be added to staffing levels, describe the facilities, and availability of equipment required systems and assets for response to any to ensure a high identified event, state of readiness are readilyis maintained for available andpostulated events. capable of fulfilling their intended purpose. (j)(2)(iv) Provide This requirement emergency action would be added to levels to ensure ensure that event that threats result information is in at least acommunicated in a notification of timely and accurate unusual event and manner. implement procedures for the assignment of a predetermined classification to specific events. (j)(2)(v) Include This requirement specificwould be added to procedures,consider advanced guidance, andthreats related to strategiescomputer describing cyber technology. incident response and recovery. (j)(3) Licensees This new header is shall:
added for formatting purposes. (j)(3)(i) Reconfirm This requirement on an annual basis, would be added to liaison with local, establish a State, and Federal periodic standard law enforcement for maintaining agencies,liaison with off- established insite law accordance with enforcement Sec. 73.55(k)(8), resources to ensure to includea continual and communicationongoing protocols, command understanding of and controlall aspects of a structure,response to marshalingpotential threats. locations, estimated response times, and anticipated response capabilities and specialized equipment. (j)(3)(ii) Provide This requirement required training would be added to to includeprovide for simulator training training of for the operations personnel to ensure response tothey possess the security events knowledge, skills, (e.g. loss ofand abilities ultimate heat sink) required to perform for nuclear power assigned duties and reactor personnel responsibilities. in accordance with site procedures to ensure the operational readiness of personnel commensurate with assigned duties and responsibilities. (j)(3)(iii)This requirement Periodically train would be added to personnel inprovide training of accordance with personnel to ensure site procedures to they possess the respond to atactical and hostage or duress negotiations situation.skills, knowledge and abilities needed to respond to a hostage or duress situation. (j)(3)(iv) Determine This requirement the possiblewould be added to effects that nearby provide for the hazardous material identification of facilities may have site specific upon site response operational plans and modify conditions that may response plans, affect how the procedures, and licensee responds equipment asto threats. necessary. (j)(3)(v) Ensure This requirement that identified would be added to actions areensure that actions achievable under identified in the postulatedsafeguards conditions.contingency plan, protective strategy, integrated response plan, and any other emergency plans, are achievable under postulated conditions. (k) Threat warning This new header is system.added for formatting purposes. (k)(1) Licensees This requirement shall implement a would be added to ``Threat warning provide for system'' whichprogressive steps identifies specific to gradually graduatedenhance security protective measures based on perceived and actions to be or identified taken to increase threat. licensee preparedness against a heightened or imminent threat of attack.[[Page 62836]]
(k)(2) Licensees This requirement shall ensure that would be added to the specificensure preplanned protective measures actions (protective and actionsmeasures) are identified for each consistent with threat level are other plans. The consistent with the Commission has Commission-approved determined that safeguardsbecause of changes contingency plan, to the threat and other siteenvironment this security, andproposed emergency plans and requirement would procedures.be needed to emphasize the importance of coordinating all site plans in a manner that precludes conflict. (k)(3) UponThis requirement notification by an would be added to authorizedprovide for the representative of implementation of the Commission, preplanned actions licensees shall in response to implement thespecific threat specific protective levels or measures assigned conditions. to the threat level indicated by the Commission representative. (l) Performance This new header Evaluation Program. would be added for formatting purposes. (l)(1) Licensees This requirement shall document and would be added to maintain aensure that the Performancelicensee maintains Evaluation Program a Performance that describes how Evaluation Plan to the licensee will test, evaluate, demonstrate and determine and assess theimprove upon the effectiveness of effectiveness of the onsite physical onsite physical protection program protection program to preventto protect the significant core identified targets damage and spent and target sets in fuel sabotage, and accordance with the to include thesecurity mission. capability of armed personnel to carry out their assigned duties and responsibilities. (l)(2) TheThis requirement Performancewould be added to Evaluation Program establish must includeprocedures and procedures for the frequencies for the conduct ofconduct of drills quarterly drills and exercises to and annual force-on- ensure that system force exercises effectiveness that are designed determinations are to demonstrate the made. effectiveness of the licensee's capability to detect, assess, intercept, challenge, delay, and neutralize a simulated threat. (l)(2)(i) The scope This requirement of drills conducted would be added to for trainingprovide for the purposes must be conduct of drills determined by the for training licensee as needed, purposes only. and can be limited to specific portions of the site protective strategy. (l)(2)(ii) Drills, This requirement exercises, andwould be added to other training must ensure drills and be conducted under exercises are conditions that realistic in that simulate as closely they simulate as as practical the closely as site specificpossible, the conditions under physical conditions which each member (running, lifting, will, or may be, climbing) and required to perform mental stress assigned duties and levels (decision responsibilities. making, radio communications, strategy changes) that will be experienced in an actual event. (l)(2)(iii)This requirement Licensees shall would be added to document eachensure that performancecomprehensive evaluation torecords are include, but not maintained. limited to, scenarios, participants, and critiques. (l)(2)(iv) Each This requirement drill and exercise would be added to must include aensure that documented post comprehensive exercise critique reports are in whichdeveloped to ensure participantsthat observed identify failures, issues are deficiencies, or identified in the other findings in after action performance, plans, report. equipment, or strategies. (l)(2)(v) Licensees This requirement shall enter all would be added to findings,ensure that deficiencies, and corrective action failures identified plans are developed by each performance and tracked to evaluation into the provide resolution. corrective action program to ensure that timely corrections are made to the onsite physical protection program and necessary changes are made to the approved security plans, licensee protective strategy, and implementing procedures. (l)(2)(vi) Licensees This requirement shall protect all would be added to findings,provide for the deficiencies, and appropriate level failures relative of protection for to the
the type of effectiveness of information being the onsite physical developed. protection program Information in accordance with involving findings, the requirements of deficiencies and Sec. 73.21.failures is considered sensitive and must be protected accordingly. (l)(3) For theThis new header purpose of drills would be added for and exercises,formatting licensees shall: purposes.[[Page 62837]]
(l)(3)(i) Use no This requirement more than thewould be added to number of armed ensure that personnel specified realistic tests are in the approved conducted against security plans to those forces demonstrateavailable onsite on effectiveness.a routine basis. Conducting drills under other than with actual or non typical staffing levels would not provide for accurate system effectiveness determinations. (l)(3)(ii) Minimize This requirement the number andwould be added to effects ofensure that artificialities exercises are associated with conducted as drills andrealistically as exercises.possible. Artificialities if not minimized would result in inaccurate system effectiveness determinations. (l)(3)(iii)This requirement Implement the use would be added to of systems orprovide for the methodologies that utilization of simulate thetechnological realities of armed advancements for engagement through simulating live visual and audible fire combat means, and reflects situations in a the capabilities of controlled armed personnel to environment. These neutralize a target may include but are though the use of not limited to the firearms during use of laser drills andengagement systems exercises.or dye marking cartridges. (l)(3)(iv) Ensure This requirement that each scenario would be added to used is capable of ensure that challenging the scenarios are ability of armed developed to stress personnel tothe protective perform assigned strategy in manner duties andthat deficiencies implement required or weaknesses can elements of the be identified. protective strategy. (l)(4) TheThis requirement Performancewould be added to Evaluation Program improve the must be designed to usefulness and ensure that:applicability of the safeguards contingency plan. (l)(4)(i) EachThis requirement member of eachwould be added to shift who isensure that assigned duties and individual members responsibilities of the security required toforce participate implement thein drills at a approved safeguards frequency that contingency plan provides them with and licenseeknowledge and protective strategy performance based participates in at experience applying least one (1) drill the protective on a quarterlystrategy. basis and one (1) force on force exercise on an annual basis. (l)(4)(ii) The mock This requirement adversary force would be added to replicates, asensure that the closely asmock adversary possible, adversary force is capable of characteristics and portraying the capabilities in the design basis threat design basis threat in terms of size, described in Sec. activity, movement, 73.1(a)(1), and is tactics, equipment capable ofand weaponry. exploiting and challenging the licensee protective strategy, personnel, command and control, and implementing procedures. (l)(4)(iii)This requirement Protectivewould be added to strategies areprovide an evaluated andopportunity to challenged through evaluate protective tabletopstrategies focusing demonstrations. on incident command in an open discussion format. (l)(4)(iv) Drill and This requirement exercisewould be added to controllers are ensure the use of trained andqualified qualified to ensure controllers who are each controller has knowledgeable of the requisitesafety, knowledge andenvironmental experience toconditions, control andhazards, tactics, evaluate exercises. weapons equipment, and physical security systems. (l)(4)(v) Drills and This requirement exercises arewould be added to conducted safely in ensure licensee accordance with safety plans are site safety plans. considered in the conduct of drills and exercises. (l)(5) Members of This requirement the mock adversary would be added to force used for NRC ensure that the observed exercises mock adversary shall beforce is not independent of both influenced by the securitysecurity management program management or personnel and personnel who responsible for have directsecurity. This responsibility for mitigates the implementation of potential for the the securityscenario to be program, including compromised or not contractors, to carried out to the avoid thedesired possibility for a expectation. This conflict-of-proposed interest.requirement is based on the EPAct 2005 section 651. (l)(6) Scenarios .................... (l)(6)(i) Licensees This requirement shall develop and would be added to document multiple ensure that varying scenarios for use scenarios with in conductingdiffering adversary quarterly drills configurations are and annual force-on- used against all force exercises. target sets for increased readiness. This permits a better determination of overall system effectiveness.[[Page 62838]]
(l)(6)(ii) Licensee This requirement scenarios must be would be added to designed to test ensure that and challenge any scenarios are component ordeveloped in a combination ofmanner that each components, of the aspect of the onsite physical security system and protection program strategy will be and protectiveanalyzed to strategy.determine effectiveness. (l)(6)(iii) Each This requirement scenario must use a would be added to unique target set ensure that or target sets, and scenarios are varyingdeveloped in a combinations of manner that each adversaryaspect of the equipment,security system and strategies, and strategy will be tactics, to ensure analyzed to that thedetermine overall combination of all system scenarioseffectiveness. challenges every component of the onsite physical protection program and protective strategy to include, but not limited to, equipment, implementing procedures, and personnel. (l)(6)(iv) Licensees This requirement shall ensure that would be added to scenarios used for ensure the required drills and development of exercises are not scenarios with repeated within any differing adversary twelve (12) month configurations period for drills against varying and three years (3) target sets. This for exercises.promotes increased readiness and permits a better determination of overall system effectiveness. Audit and Review............ (m) Records, audits, This header would be and reviews.retained and revised to add records retention requirements. App. C 5.(1) For nuclear (m)(1) Licensees This requirement power reactor licensees shall review and would be revised to subject to the requirements audit theensure that the of Sec. 73.55, theCommission-approved protective strategy licensee shall provide for safeguardsis revised as a a review of the safeguards contingency plan in result of any contingency plan either: accordance with the significant changes App. C 5.(1)(i) At intervals requirements Sec. that would effect not to exceed 12 months, or 73.55(n) of this the ability to * * *
part.
respond in App. C 5.(1)(ii) As
accordance with the necessary, based on an
existing assessment by the licensee
contingency plan. against performance indicators, and as soon as reasonably practicable after a change occurs in personnel, procedures, equipment, or facilities that potentially could adversely affect security, but no longer than 12 months after the change. App. C 5.(1)(ii) * * * In any case, each element of the safeguards contingency plan must be reviewed at least every 24 months. App. C 5.(2) A licensee subject to the requirements of either Sec. 73.46 or Sec. 73.55, shall ensure that the review of the safeguards contingency plan is by individuals independent of both security program management and personnel who have direct responsibility for implementation of the security program. Appendix C Paragraph 5(3). The licensee shall document the results and the recommendations of the safeguards contingency plan review, management findings on whether the safeguards contingency plan is currently effective, and any actions taken as a result of recommendations from prior reviews in a report to the licensee's plant manager and to corporate management at least one level higher than that having responsibility for the day-to-day plant operation. Appendix C Paragraph 5.(2) (m)(2) The licensee This requirement The review must include an shall makewould be revised to audit of safeguardsnecessaryensure that the contingency procedures and adjustments to the protective strategy practices, and an audit of Commission-approved is revised as a commitments established for safeguardsresult of any response by local lawcontingency plan to significant changes enforcement authorities. ensure successful that would affect implementation of the ability to Commissionrespond in regulations and the accordance with the site protective existing strategy.contingency plan. Appendix C Paragraph 5.(2) (m)(3) TheThis requirement The review must include an safeguardswould be revised to audit of safeguardscontingency plan ensure that an contingency procedures and review must include audit of the practices, and an audit of an audit ofsafeguards commitments established for implementingcontingency plan is response by local lawprocedures andconducted to enforcement authorities. practices, the site validate essential protectiveaspects of the strategy, andplan. response agreements made by local, State, and Federal law enforcement authorities.[[Page 62839]]
Appendix C Paragraph 5.(3) (m)(4) Licensees This requirement The report must beshall retain all would be added to maintained in an auditable reports, records, improve the form, available foror otherusefulness and inspection for a period of documentationapplicability of 3 years.
required by this the safeguards appendix incontingency plan. accordance with the requirements of Sec. 73.55(r). Appendix C Paragraph 5. (n) Implementing This requirement Procedures.
procedures.would be retained with editorial changes. The word ``Implementing'' has been added to further define the requirement. In order to aid execution of (n)(1) Licensees This requirement the detailed plan asshall establish and would be revised to developed in themaintain written ensure that plans Responsibility Matrix, this implementingare developed to category of information procedures that cover security shall detail the actions to provide specific force routine, be taken and decisions to guidance andemergency, be made by each member or operating details administrative, and unit of the organization as that identify the other operational planned in the
actions to be taken duties. Responsibility Matrix.and decisions to be Contents of the Plan:made by each member Although the implementing of the security procedures (the fifthorganization who is category of Planassigned duties and information) are theresponsibilities culmination of the planning required for the process, and therefore are effective an integral and important implementation of part of the safeguardsthe Commission- contingency plan, theyapproved security entail operating details plans and the site subject to frequent changes. protective strategy. Contents of the Plan: The (n)(2) Licensees This requirement licensee is responsible for shall ensure that would be revised to ensuring that theimplementingensure that plans implementing procedures proceduresare developed to reflect the information in accurately reflect cover security the Responsibility Matrix, the information force routine, appropriately summarized contained in the emergency, and suitably presented for Responsibilityadministrative, and effective use by theMatrix required by other operational responding entities.this appendix, the duties. The phrase Commission-approved ``appropriately security plans, the summarized and Integrated Response suitably presented Plan, and other for effective use site plans.by the responding entities'' would be deleted because this concept would be covered under demonstration. Contents of the Plan: They (n)(3) Implementing This requirement need not be submitted to procedures need not would be retained the Commission forbe submitted to the with editorial approval, but will beCommission forchanges. inspected by NRC staff on a approval but are periodic basis.subject to inspection.
Table 8.--Part 73 Appendix G [Reportable safeguards events]Current languageProposed language Considerations
[Introductory text to App. [Introductory text This appendix would G] to App. G]be revised by Pursuant to the provisions Under the provisions adding new of 10 CFR 73.71 (b) and of Sec. 73.71(a), requirements for (c), licensees subject to (d), and (f) of nuclear power the provisions of 10 CFR this part,reactor licensees. 73.20, 73.37, 73.50, 73.55, licensees subject Power reactor 73.60, and 73.67 shallto the provisions licensees subject report or record, asof Sec. 73.55 of to the provisions appropriate, the following this part shall of Sec. 73.55 safeguards events.report or record, would be required as appropriate, the to notify the followingCommission (1) safeguards events within 15 minutes under paragraphs I, after discovery of II, III, and IV of an imminent or this appendix.actual threat Under theagainst the provisions of Sec. facility and (2) 73.71(b), (c), and within four hours (f) of this part, of discovery of licensees subject suspicious events. to the provisions The proposed 15- of Sec. Sec.minute requirement 73.20, 73.37,would more 73.50, 73.60, and accurately reflect 73.67 of this part the current threat shall report or environment. record, asBecause an actual appropriate, the or potential threat followingcould quickly safeguards events result in an event, under paragraphs II a shorter reporting and IV of thistime would be appendix. Licensees required. However, shall make such the requirement for reports to theCommission Commission under notification within the provisions of 15 minutes would be Sec. 73.71 of applied only to this part.nuclear power reactor licensees, at this time. The Commission may consider the applicability of this requirement to other licensees in future rulemaking. The new 4-hour notification would be intended to aid the Commission, law enforcement, and the intelligence community in assessing suspicious activity that may be indicative of pre- operational surveillance, reconnaissance, or intelligence gathering efforts. Events reported under paragraphs I or II would require a followup written report. Events reported under paragraph III would not require a followup written report.[[Page 62840]]
I. Events to be Paragraph I would be reported as soon as added to establish possible, but no the type of events later than 15to be reported minutes afterwithin 15 minutes. discovery, followed Because the by a written report identification of within sixty (60) information days.
relating to an (a) The initiation actual or imminent of a securitythreat could response consistent quickly result in with a licensee's an event, which physical security might necessitate plan, safeguards expedited contingency plan, Commission action or defensive(e.g., notification strategy based on of other licensees actual or imminent or Federal threat against a authorities), a nuclear powershortened reporting plant..time would be required. This proposed requirement would also ensure that threat-related information would be made available to the Commission's threat assessment process in a timely manner. Initiation of response consistent with plans and the defensive strategy that are not related to an imminent or actual threat against the facility would not need to be reported (e.g false, or nuisance responses). Additional information regarding identification of events to be reported would be provided in guidance. I.(b) The licensee This provision would is not required to be added to reduce report security unnecessary responses initiated regulatory burden as a result ofon the licensees to informationnotify the communicated to the Commission of licensee by the security responses Commission, such as initiated in the threat warning response to system addressed in communications from appendix C to this the Commission part.
(e.g., changes to the threat level). I. Events to be reported II. Events to be This requirement within one hour ofreported within one would be retained discovery, followed by a (1) hour ofand renumbered. written report within 60 discovery, followed days.
by a written report within sixty (60) days. (a) Any event in which there II.(a) Any event in This requirement is reason to believe that a which there iswould be retained person has committed or reason to believe with minor revision caused, or attempted to that a person has and renumbered. The commit or cause, or has committed orterm credible would made a credible threat to caused, orbe removed. The commit or cause:attempted to commit Commission's view or cause, or has is that a made a threat to determination of commit or cause: the ``credibility'' of a threat is not a licensee responsibility, but rests with the Commission and the intelligence community. (1) A theft or unlawful II.(a)(1) A theft or This requirement diversion of specialunlawful diversion would be retained nuclear material; orof special nuclear and renumbered. material; or (2) Significant physical II.(a)(2)This requirement damage to a power reactor Significantwould be retained or any facility possessing physical damage to with minor SSNM or its equipment or any NRC-regulated editorial changes carrier equipmentpower reactor or to improve clarity transporting nuclear fuel facility possessing and readability and or spent nuclear fuel, or strategic special renumbered. The to the nuclear fuel ornuclear material or phrase ``NRC- spent nuclear fuel ato carrierregulated'' would facility or carrierequipmentbe added to specify possesses; or
transportingthat all Commission nuclear fuel or licensed facilities spent nuclear fuel, and transport would or to the nuclear be covered by this fuel or spentrequirement. This nuclear fuelchange would facility which is simplify the possessed by alanguage in this carrier; orsection while retaining the basic requirement. (3) Interruption of normal II.(a)(3)This requirement operation of a licensed Interruption of would be retained nuclear power reactornormal operation of with minor revision through the unauthorized any NRC-licensed and renumbered. The use of or tampering with nuclear powerword ``machinery'' its machinery, components, reactor through the would be deleted or controls including the unauthorized use of since security system.or tampering with ``components'' its components or includes machinery controls, including and other physical the security system. structures at a licensed facility. This proposed requirement would continue to be applied only to nuclear power reactors licensed by the Commission, at this time. The Commission may consider the applicability of this requirement to other classes of licensees in future rulemaking. (b) An actual entry of an II.(b) An actual or This requirement unauthorized person into a attempted entry of would be renumbered protected area, material an unauthorized and revised to access area, controlled person into any delete the access area, vital area, or area or transport previously transport.
for which thespecifically licensee ismentioned areas required by(``protected area, Commissionmaterial access regulations toarea, controlled control access. access area, vital area'') requiring access controls and change the language to include the actual or attempted entry of an unauthorized individual into any area required to be controlled by Commission regulations. This change would more accurately reflect the current threat environment.[[Page 62841]]
The revision also reflects Commission experience with implementation of the 2003 security order's requirements and review of revised license security plans. Licensee's defensive strategies and revised Safeguards Contingency Plans have introduced additional significant locations (e.g. target sets) that may not be limited to the previously specified areas. Additional information regarding identification of events to be reported will be provided in guidance. (c) Any failure,II.(c) Any failure, This requirement degradation, or thedegradation, or the would be renumbered discovered vulnerability in discoveredand revised to a safeguard system that vulnerability in a delete the could allow unauthorized or safeguard system previously undetected access to athat could allow specifically protected area, material unauthorized or mentioned areas access area, controlled undetected access (``protected area, access area, vital area, or to any area ormaterial access transport for whichtransport for which area, controlled compensatory measures have the licensee is access area, vital not been employed.required byarea'') requiring Commissionaccess controls and regulations toto broaden the control access and language to include for whichany area required compensatoryto be controlled by measures have not the Commission been employed.regulations (see considerations for paragraph II.(b) above). Additional information regarding identification of events to be reported will be provided in guidance. (d) The actual or attempted II.(d) The actual or This requirement introduction of contraband attemptedwould be renumbered into a protected area,introduction of and revised to material access area, vital contraband into any delete the area, or transport.area or transport previously for which thespecifically licensee ismentioned areas required byrequiring access Commissioncontrols and change regulations tothe language to control access. include the actual or attempted entry of an unauthorized individual into any area or transport required to be controlled by Commission regulations (see considerations for paragraph II.(b) above). Additional information regarding identification of events to be reported will be provided in guidance. NRC Information Assessment III. Events to be This paragraph would Team (IAT) Advisories dated reported within add a requirement October 16, and November four (4) hours of for power reactor 15, 2001; May 20, 2003; discovery. Nolicensees to report March 1, 2004; and October written followup suspicious 5, 2005.
report is required. activities, FBI's ``Terrorist Threats to (a) Any otherattempts at access, the U.S. Homeland:informationetc., that may Reporting Guide forreceived by the indicate pre- Critical and Key Resource licensee ofoperational Owners and Operators''suspicioussurveillance, dated January 24, 2005, surveillancereconnaissance, or (Official Use Only)..activities orintelligence attempts at access, gathering targeted including:.against the (1) Any security- facility. This related incident change would more involvingaccurately reflect suspicious activity the current threat that may beenvironment; would indicative ofassist the potential pre-Commission in operationalevaluating threats surveillance,to multiple reconnaissance, or licensees; and intelligence-would assist the gatheringintelligence and activities directed homeland security against thecommunities in facility. Suchevaluating threats activity mayacross critical include, but is not infrastructure limited to,sectors. The attemptedreporting process surveillance or intended in this reconnaissanceproposed rule would activity,be similar to the elicitation ofreporting process information from that the licensees security or other currently use under site personnelguidance issued by relating to the the Commission security or safe subsequent to operation of the September 11, 2001, plant, orand would formalize challenges toCommission security systems expectations; (e.g., failure to however, the stop for security reporting interval checkpoints,would be lengthened possible tests of from 1 hour to 4 security response hours. The and securityCommission views screeningthis length of time equipment, oras reasonable to suspicious entry of accomplish these watercraft into broader objectives. posted off-limits This reporting areas)..requirement does (2) Any security- not include a related incident followup written involvingreport. The suspicious aircraft Commission believes overflightthat a written activity.report from the Commercial orlicensees would be military aircraft of minimal value activity considered and would be an routine by theunnecessary licensee is not regulatory burden, required to bebecause the types reported..of incidents to be reported are transitory in nature and time- sensitive. The proposed text would be neither a request for intelligence collection activities nor authority for the conduct of law enforcement or intelligence activities. This paragraph would simply require the reporting of observed activities.[[Page 62842]]
Paragraphs III(a)(1) and (2) provide broad examples of events that should be reported, or need not be reported. Additional information regarding identification of events to be reported will be provided in guidance. The Commission may consider the applicability of this requirement to other licensees in future rulemaking. III.(a)(3) Incidents This paragraph would resulting in the be added to notification of establish a local, State or performance national lawstandard for enforcement, or law additional types of enforcementincidents or response to the activities site not included involving law in paragraphs I or enforcement II of thisauthorities not appendix;otherwise specified in paragraphs I and II of this appendix. Additional information regarding identification of events to be reported will be provided in guidance. III.(b) TheThis paragraph would unauthorized use of be added to address or tampering with ``tampering'' the components or events that do not controls, including rise to the the securitysignificance of system, of nuclear affecting plant power reactors. operations as specified in paragraph II.(a)(3) and would use similar language to the proposed paragraph II.(a)(3). III.(c) Follow-up This requirement communicationswould be added to regarding these establish a incidents will be performance completed through standard for any the NRC threatfollow-up assessment process communication via the NRCbetween licensees Operations Center and the Commission \1\.
regarding the Footnote: 1.initial report of Commercial (secure ``suspicious'' and non-secure) activity. This telephone numbers process has been of the NRCset forth in Operations Center guidance documents are specified in and the Commission appendix A of this intends that part..
licensees would continue to implement the existing process with little change. II. Events to be recorded IV. Events to be This requirement within 24 hours ofrecorded within 24 would be retained discovery in the safeguards hours of discovery and renumbered. event log.
in the safeguards event log. (a) Any failure,IV.(a) Any failure, The current degradation, or discovered degradation, or requirement would vulnerability in adiscoveredbe renumbered and safeguards system thatvulnerability in a revised to delete could have allowedsafeguards system the previously unauthorized or undetected that could have specifically access to a protected area, allowedmentioned areas material access area,unauthorized or (``protected area, controlled access area, undetected access material access vital area, or transport to any area orarea, controlled had compensatory measures transport in which access area, vital not been established.the licensee is area'') requiring required byaccess controls and Commissionchange the language regulations toto include the control access had actual or attempted compensatoryentry of an measures not been unauthorized established.individual into any area required to be controlled by Commission regulations (see considerations for paragraph II.(b) above). Additional information regarding identification of events to be recorded will be provided in guidance. (b) Any other threatened, IV.(b) Any other This requirement attempted, or committed act threatened,would be renumbered not previously defined in attempted, orand retained with appendix G with thecommitted act not minor revisions. potential for reducing the previously defined This paragraph effectiveness of thein this appendix would be changed to safeguards system below with the potential replace ``the that committed to in afor reducing the physical protection licensed physical security effectiveness of system'' with ``the or contingency plan or the the physicalsafeguards system'' actual condition of such protection program and ``described'' reduction in effectiveness. below thatfor ``committed.'' described in aThese changes would licensee physical reflect Commission security orexperience with safeguardsimplementation of contingency plan, security order or the actualrequirements and condition of such a reviews of reduction inrevisions to effectiveness.licensee security plans.
V. GuidanceThe NRC is preparing new regulatory guides that will contain detailed guidance on the implementation of the proposed rule requirements. These regulatory guides, currently under development, will consolidate and update or eliminate previous guidance that was used to develop, review, and approve the power reactor security plans that licensees revised in response to the post-September 11, 2001, security orders. Development of the regulatory guides is ongoing and the publication of the regulatory guides is planned after the publication of the final rule. Because this regulatory guidance may contain Safeguard Information (SGI) and/or classified information, these documents would only be available to those individuals with a need-to-know, and are qualified to have access to SGI and/or classified information, as applicable. However, the NRC has determined that access to these guidance documents is not necessary for the public or other stakeholders to provide informed comment on this proposed rule.VI. Criminal PenaltiesFor the purposes of Section 223 of the Atomic Energy Act, as amended, the Commission is proposing to amend 10[[Page 62843]]CFR parts 50, 72, and 73 under sections 161b, 161i, or 161o of the AEA. Criminal penalties, as they apply to regulations in part 73, are discussed in Sec. 73.81. The new Sec. Sec. 73.18, 73.19, and 73.58 are issued under Sections 161b, 161i, or 161o of the AEA, and are not included in Sec. 73.81(b).VII. Compatibility of Agreement State RegulationsUnder the ``Policy Statement on Adequacy and Compatibility of Agreement States Programs,'' approved by the Commission on June 20, 1997, and published in the Federal Register (62 FR 46517; September 3, 1997), this rule is classified as compatibility ``NRC.'' Compatibility is not required for Category ``NRC'' regulations. The NRC program elements in this category are those that relate directly to areas of regulation reserved to the NRC by the AEA or the provisions of Title 10 of the Code of Federal Regulations (10 CFR), and although an Agreement State may not adopt program elements reserved to NRC, it may wish to inform its licensees of certain requirements via a mechanism that is consistent with the particular State's administrative procedure laws, but does not confer regulatory authority on the State.VIII. Availability of DocumentsThe following table indicates which documents relating to this rulemaking are available to the public and how they may be obtained.Public Document Room (PDR). The NRC's Public Document Room is located at the NRC's headquarters at 11555 Rockville Pike, Rockville, MD 20852.Rulemaking Web site (Web). The NRC's interactive rulemaking Web site is located at http://ruleforum.llnl.gov. These documents may be viewed and downloaded electronically via this Web site.NRC's Electronic Reading Room (ERR). The NRC's electronic reading room is located at http://www.nrc.gov/reading-rm.html.
Document
PDRWeb
ERR (ADAMS)Environmental Assessment.......................XX ML061920093 Regulatory Analysis Regulatory Analysis--appendices................XX ML061920012 ML061380796 ML061440013 Information Collection Analysis................XX ML062340362 ML062830016 NRC Form 754...................................XX ML060930319 Memorandum: Status of Security-Related
XX ML041180532 Rulemaking (July 19, 2004). Commission SRM (August 23, 2004)...............XX ML042360548 Memorandum: Schedule for Part 73 RulemakingsXX ML043060572 (November 16, 2004). Revised Schedule for Completing Part 73
XX ML051800350 rulemaking (July 29, 2005). COMSECY-05-0046 (September 29, 2005)...........XX ML052710167 SRM on COMSECY-05-0046 (November 1, 2005)......XX ML053050439 EA-02-026, ``Interim Compensatory MeasuresXX ML020520754 (ICM) Order''(67 FR 9792). EA-02-261, ``Issuance of Order for CompensatoryXX ML030060360 Measures Related to Access Authorization'' (68 FR 1643). EA-03-039, ``Issuance of Order for CompensatoryXX ML030980015 Measures Related to Training Enhancements on Tactical and Firearms Proficiency and Physical Fitness Applicable to Armed Nuclear Power Plant Security Force Personnel'' (68 FR 24514). NRC Bulletin 2005-02, ``Emergency PreparednessXX ML051740058 and ResponseActions for Security-based Events''. Petition for Rulemaking (PRM-50-80)............XX ML031681105 SECY-05-0048, Petition for Rulemaking on
XX ML051790404 Protection of U.S.Nuclear Power Plants Against Radiological Sabotage (PRM-50-80). SRM-SECY-05-0048, Staff Requirements on SECY-05-XX ML053000500 0048. Table 9 Cross-walk table for proposed Sec.XX ML060910004 73.55. Table 10 Cross-walk table for proposed 10 CFRXX ML060910006 part 73 appendix B. Table 11 Cross-walk table for proposed 10 CFRXX ML060910007 part 73 appendix C.
IX. Plain LanguageThe Presidential memorandum dated June 1, 1998, entitled ``Plain Language in Government Writing'' directed that the Government's writing be in plain language. This memorandum was published on June 10, 1998 (63 FR 31883). In complying with this directive, the NRC made editorial changes to improve the organization and readability of the existing language of the paragraphs being revised. These types of changes are not discussed further in this document. The NRC has used the phrase ``may not'' throughout this proposed rule to indicate that a person or entity is prohibited from taking a specific action. The NRC requests comments on the proposed rule specifically with respect to the clarity and reflectiveness of the language used. Comments should be sent to the address listed under the ADDRESSES caption of the preamble.X. Voluntary Consensus StandardsThe National Technology Transfer and Advancement Act of 1995, Pub. L. 104-113, requires that Federal agencies use technical standards that are developed or adopted by voluntary consensus standards bodies unless using such a standard is inconsistent with applicable law or is otherwise impractical. The NRC is not aware of any voluntary consensus standard that could be used instead of the proposed Government-unique standards. The NRC will consider using a voluntary consensus standard if an appropriate standard is identified.XI. Finding of No Significant Environmental ImpactThe Commission has determined under the National Environmental Policy Act of 1969, as amended, and the Commission's regulations in subpart A of 10 CFR part 51, that this rule, if adopted, would not be a major Federal action significantly affecting the quality of the human environment and, therefore, an environmental impact statement is not required.The determination of this environmental assessment is that there will be no significant offsite impact to[[Page 62844]]the public from this action. However, the general public should note that the NRC is seeking public participation; availability of the environmental assessment is provided in Section VIII. Comments on any aspect of the environmental assessment may be submitted to the NRC as indicated under the ADDRESSES heading.The NRC has sent a copy of the environmental assessment and this proposed rule to every State Liaison Officer and requested their comments on the environmental assessment.XII. Paperwork Reduction Act StatementThis proposed rule contains new or amended information collection requirements that are subject to the Paperwork Reduction Act of 1995 (44 U.S.C. 3501, et seq.). This rule has been submitted to the Office of Management and Budget for review and approval of the information collection requirements.Type of submission, new or revision: Revision and new.The title of the information collection: 10 CFR part 73, ``Power Reactor Security Requirements'' proposed rule, and NRC Form 754, ``Armed Security Personnel Background Check.''The form number if applicable: NRC Form 754.How often the collection is required: Collections will be initially required due to the need for power reactor licensees to revise security plans and submit the plans for staff review and approval. New records requirements are imposed to: document target sets in procedures, maintain records of storage locations for unirradiated MOX fuel, document the onsite physical protection system review, document problems and deficiencies, implement a cyber security program including the requirement to develop associated implementing procedures, implement a cyber incident response and recovery plan, implement a cyber security awareness and training plan, and implement the access authorization program. New annual collection requirements will be imposed including requirements to maintain a record of all individuals to whom access control devices were issued. Collections will also be required on a continuing basis due to new proposed reporting requirements which include: to notify the NRC within 72 hours of taking action to remove security personnel per proposed Sec. 73.18, to notify the NRC within 15 minutes after discovery of an imminent threat or actual safeguards threat against the facility including a requirement to follow this report with a written report within 60 days, and a requirement to report to NRC within 4 hours of incidents of suspicious activity or tampering. A new NRC form 754 background check would be required to be completed by all security personnel to be assigned armed duties.Who will be required or asked to report: Power reactor licensees will be subject to all the proposed requirements in this rulemaking. Category I special nuclear material facilities will be required to report for only the collections in proposed Sec. 73.18 and Sec. 73.19.An estimate of the number of annual responses: 10 CFR part 73-- 15,156 (8,523 annualized one-time plus 6,644 annual responses).The estimated number of annual respondents: 65 to 68 and, additionally, decommissioning sites for Sec. 73.55(a)(1).An estimate of the total number of hours needed annually to complete the requirement or request: 10 CFR 73--145,613 hours (84,190 hours annualized one-time and 49,013 hours annual recordkeeping [732 hours per recordkeeper] plus 821 hours annualized one-time and 11,590 hours annual reporting [173 hours per licensee]; NRC form 754--1,250 hours (or an average of 18.7 hours per site) for one-time collections and 261 hours (or an average of 3.9 hours per site) annually.Abstract: The Nuclear Regulatory Commission (NRC) is proposing to amend the current security regulations and add new security requirements pertaining to nuclear power reactors. Additionally, this rulemaking includes new security requirements for Category I strategic special nuclear material (SSNM) facilities for access to enhanced weapons and firearms background checks. The proposed rulemaking would: (1) Make generically applicable security requirements imposed by Commission orders issued after the terrorist attacks of September 11, 2001, based upon experience and insights gained by the Commission during implementation, (2) fulfill certain provisions of the Energy Policy Act of 2005, (3) add several new requirements that resulted from insights from implementation of the security orders, review of site security plans, and implementation of the enhanced baseline inspection program and force-on-force exercises, (4) update the regulatory framework in preparation for receiving license applications for new reactors, and (5) impose requirements to assess and manage site activities that can adversely affect safety and security.The U.S. Nuclear Regulatory Commission is seeking public comment on the potential impact of the information collections contained in this proposed rule and on the following issues:1. Is the proposed information collection necessary for the proper performance of the functions of the NRC, including whether the information will have practical utility?2. Estimate of burden?3. Is there a way to enhance the quality, utility, and clarity of the information to be collected?4. How can the burden of the information collection be minimized, including the use of automated collection techniques?A copy of the OMB clearance package may be viewed free of charge at the NRC Public Document Room, One White Flint North, 11555 Rockville Pike, Room O-1 F21, Rockville, MD 20852. The OMB clearance package and rule are available at the NRC worldwide Web site: http://www.nrc.gov/public-involve/doc-comment/omb/index.html for 60 days after the signature date of this notice and are also available at the rule forum site, http://ruleforum.llnl.gov.Send comments on any aspect of these proposed information collections, including suggestions for reducing the burden and on the above issues, by November 27, 2006 to the Records and FOIA/Privacy Services Branch (T-5 F52), U.S. Nuclear Regulatory Commission, Washington, DC 20555-0001, or by Internet electronic mail to INFOCOLLECTS@NRC.GOV and to the Desk Officer, John A. Asalone, Office of Information and Regulatory Affairs, NEOB-10202, (3150-0002 and 3150- new), Office of Management and Budget, Washington, DC 20503. Comments received after this date will be considered if it is practical to do so, but assurance of consideration cannot be given to comments received after this date. You may also e-mail comments to John_A._Asalone@omb.eop.gov or comment by telephone at (202) 395-4650.XIII. Public Protection NotificationThe NRC may not conduct or sponsor, and a person is not required to respond to, a request for information or an information collection requirement unless the requesting document displays a currently valid OMB control number.XIV. Regulatory AnalysisThe Commission has prepared a draft regulatory analysis on this proposed regulation. The analysis examines the costs and benefits of the alternatives considered by the Commission. The Commission requests public comments on the draft regulatory analysis. Availability of the regulatory analysis is[[Page 62845]]provided in Section VIII. Comments on the draft analysis may be submitted to the NRC as indicated under the ADDRESSES heading.XV. Regulatory Flexibility CertificationIn accordance with the Regulatory Flexibility Act (5 U.S.C. 605(b)), the Commission certifies that this rule would not, if promulgated, have a significant economic impact on a substantial number of small entities. This proposed rule affects only the licensing and operation of nuclear power plants, production facilities, spent fuel reprocessing or recycling facilities, fuel fabrication facilities, and uranium enrichment facilities. The companies that own these plants do not fall within the scope of the definition of ``small entities'' set forth in the Regulatory Flexibility Act or the size standards established by the NRC (10 CFR 2.810).XVI. Backfit AnalysisThe NRC evaluated the aggregated set of requirements in this proposed rulemaking that constitute backfits in accordance with 10 CFR 50.109 to determine if the costs of implementing the rule would be justified by a substantial increase in public health and safety or common defense and security. The NRC finds that qualitative safety benefits of the proposed part 73 rule provisions that qualify as backfits in this proposed rulemaking, considered in the aggregate, would constitute a substantial increase in protection to public health and safety and the common defense and security, and that the costs of this rule would be justified in view of the increase in protection to safety and security provided by the backfits embodied in the proposed rule. The backfit analysis is contained within Section 4.2 of the regulatory analysis. Availability of the regulatory analysis is provided in Section VIII.List of Subjects10 CFR Part 50Antitrust, Classified information, Criminal penalties, Fire protection, Intergovernmental relations, Nuclear power plants and reactors, Radiation protection, Reactor siting criteria, Reporting and recordkeeping requirements.10 CFR Part 72Administrative practice and procedure, Criminal penalties, Manpower training programs, Nuclear materials, Occupational safety and health, Penalties, Radiation protection, Reporting and recordkeeping requirements, Security measures, Spent fuel, Whistleblowing.10 CFR Part 73Criminal penalties, Export, Hazardous materials transportation, Import, Nuclear materials, Nuclear power plants and reactors, Reporting and recordkeeping requirements, Security measures.For the reasons set out in the preamble and under the authority of the AEA, as amended; the Energy Reorganization Act of 1974, as amended; and 5 U.S.C. 553; the NRC is proposing to adopt the following amendments to 10 CFR parts 50, 72, and 73.PART 50--DOMESTIC LICENSING OF PRODUCTION AND UTILIZATION FACILITIES1. The authority citation for part 50 is revised to read as follows:Authority: Secs. 102, 103, 104, 105, 161, 182, 183, 186, 189, 68 Stat. 936, 937, 938, 948, 953, 954, 955, 956, as amended, sec. 234, 83 Stat. 444, as amended (42 U.S.C. 2132, 2133, 2134, 2135, 2201, 2232, 2233, 2236, 2239, 2282); secs. 201, as amended, 202, 206, 88 Stat. 1242, as amended, 1244, 1246 (42 U.S.C. 5841, 5842, 5846); sec. 1704, 112 Stat. 2750 (44 U.S.C. 3504 note); Energy Policy Act of 2005, Pub. L. No. 109-58, 119 Stat. 594 (2005). Section 50.7 also issued under Pub. L. 95-601, sec. 10, 92 Stat. 2951 (42 U.S.C. 5841). Section 50.10 also issued under secs. 101, 185, 68 Stat. 955, as amended (42 U.S.C. 2131, 2235); sec. 102, Pub. L. 91-190, 83 Stat. 853 (42 U.S.C. 4332). Sections 50.13, 50.54(dd), and 50.103 also issued under sec. 108, 68 Stat. 939, as amended (42 U.S.C. 2138).Sections 50.23, 50.35, 50.55, and 50.56 also issued under sec. 185, 68 Stat. 955 (42 U.S.C. 2235). Sections 50.33a, 50.55a and appendix Q also issued under sec. 102, Pub. L. 91-190, 83 Stat. 853 (42 U.S.C. 4332). Sections 50.34 and 50.54 also issued under sec. 204, 88 Stat. 1245 (42 U.S.C. 5844). Sections 50.58, 50.91, and 50.92 also issued under Pub. L. 97-415, 96 Stat. 2073 (42 U.S.C. 2239). Section 50.78 also issued under sec. 122, 68 Stat. 939 (42 U.S.C. 2152). Sections 50.80-50.81 also issued under sec. 184, 68 Stat. 954, as amended (42 U.S.C. 2234). Appendix F also issued under sec. 187, 68 Stat. 955 (42 U.S.C. 2237).2. In Sec. 50.34, footnote 9 is removed and reserved, and paragraph (d) is revised to read as follows:Sec. 50.34 Contents of applications; technical information.* * * * *(d) Safeguards contingency plan. (1) Each application for a license to operate a production or utilization facility that will be subject to Sec. Sec. 73.50 and 73.60 of this chapter must include a licensee safeguards contingency plan in accordance with the criteria set forth in section I of appendix C to part 73 of this chapter. The ``Implementation Procedures'' required per section I of appendix C to part 73 of this chapter do not have to be submitted to the Commission for approval.(2) Each application for a license to operate a utilization facility that will be subject to Sec. 73.55 of this chapter must include a licensee safeguards contingency plan in accordance with the criteria set forth in section II of appendix C to part 73 of this chapter. The ``Implementation Procedures'' required in section II(g)(12) of appendix C to part 73 of this chapter do not have to be submitted to the Commission for approval. * * * * *3. In Sec. 50.54, paragraph (p)(1) is revised to read as follows:Sec. 50.54 Conditions of licenses.* * * * *(p)(1) The licensee shall prepare and maintain safeguards contingency plan procedures in accordance with appendix C of part 73 of this chapter for affecting the actions and decisions contained in the Responsibility Matrix of the safeguards contingency plan. The licensee may make no change which would decrease the effectiveness of a physical security plan, or guard training and qualification plan, prepared under Sec. 50.34(c) or part 73 of this chapter, or of any category of information with the exception of the ``Implementation Procedures'' category contained in a licensee safeguards contingency plan prepared under Sec. 50.34(d) or part 73 of this chapter, as applicable, without prior approval of the Commission. A licensee desiring to make such a change shall submit an application for an amendment to the licensee's license under Sec. 50.90. * * * * *4. In Sec. 50.72, paragraph (a), footnote 1 is revised and the heading of paragraph (a) is republished for the convenience of the user to read as follows:Sec. 50.72 Immediate notification requirements for operating nuclear power reactors.(a) General Requirements.\1\ * * *
\1\ Other requirements for immediate notification of the NRC by licensed operating nuclear power reactors are contained elsewhere in this chapter, in particular Sec. Sec. 20.1906, 20.2202, 50.36, 72.216, and 73.71, and may require NRC notification before that required under Sec. 50.72.
* * * * *[[Page 62846]]PART 72--LICENSING REQUIREMENTS FOR THE INDEPENDENT STORAGE OF SPENT NUCLEAR FUEL, HIGH-LEVEL RADIOACTIVE WASTE, AND REACTOR- RELATED GREATER THAN CLASS C WASTE5. The authority citation for part 72 is revised to read as follows:Authority: Secs. 51, 53, 57, 62, 63, 65, 69, 81, 161, 182, 183, 184, 186, 187, 189, 68 Stat. 929, 930, 932, 933, 934, 935, 948, 953, 954, 955, as amended, sec. 234, 83 Stat. 444, as amended (42 U.S.C. 2071, 2073, 2077, 2092, 2093, 2095, 2099, 2111, 2201, 2232, 2233, 2234, 2236, 2237, 2238, 2282); sec. 274, Pub. L. 86-373, 73 Stat. 688, as amended (42 U.S.C. 2021); sec. 201, as amended, 202, 206, 88 Stat. 1242, as amended, 1244, 1246 (42 U.S.C. 5841, 5842, 5846); Pub. L. 95-601, sec. 10, 92 Stat. 2951 as amended by Pub. L. 102- 486, sec. 7902, 106 Stat. 3123 (42 U.S.C. 5851); sec. 102, Pub. L. 91-190, 83 Stat. 853 (42 U.S.C. 4332); secs. 131, 132, 133, 135, 137, 141, Pub. L. 97-425, 96 Stat. 2229, 2230, 2232, 2241, sec. 148, Pub. L. 100-203, 101 Stat. 1330-235 (42 U.S.C. 10151, 10152, 10153, 10155, 10157, 10161, 10168); sec. 1704, 112 Stat. 2750 (44 U.S.C. 3504 note); Energy Policy Act of 2005, Pub. L. No. 109-58, 119 Stat. 549 (2005).Section 72.44(g) also issued under secs. 142(b) and 148(c), (d), Pub. L. 100-203, 101 Stat. 1330-232, 1330-236 (42 U.S.C. 10162(b), 10168(c), (d). Section 72.46 also issued under sec. 189, 68 Stat. 955 (42 U.S.C. 2239); sec. 134, Pub. L. 97-425, 96 Stat. 2230 (42 U.S.C. 10154). Section 72.96(d) also issued under sec. 145(g), Pub. L. 100-203, 101 Stat. 1330-235 (42 U.S.C. 10165(g). Subpart J also issued under secs. 2(2), 2(15), 2(19), 117(a), 141(h), Pub. L. 97- 425, 96 Stat. 2202, 2203, 2204, 2222, 2224 (42 U.S.C. 10101, 10137(a), 10161(h). Subparts K and L are also issued under sec. 133, 98 Stat. 2230 (42 U.S.C. 10153) and sec. 218(a), 96 Stat. 2252 (42 U.S.C. 10198).6. In Sec. 72.212, paragraphs (b)(5)(ii), (b)(5)(iii), (b)(5)(iv), and (b)(5)(v) are revised to read as follows:Sec. 72.212 Conditions of general license issued under Sec. 72.210.* * * * *(b) * * *(5) * * *(ii) Storage of spent fuel must be within a protected area, in accordance with Sec. 73.55(e) of this chapter, but need not be within a separate vital area. Existing protected areas may be expanded or new protected areas added for the purpose of storage of spent fuel in accordance with this general license.(iii) For purposes of this general license, personnel searches required by Sec. 73.55(h) of this chapter before admission to a new protected area may be performed by physical pat-down searches of persons in lieu of firearms and explosives detection equipment.(iv) The observational capability required by Sec. 73.55(i)(7) of this chapter as applied to a new protected area may be provided by a guard or watchman on patrol in lieu of closed circuit television.(v) For the purpose of this general license, the licensee is exempt from Sec. Sec. 73.55(k)(2) and 73.55(k)(7)(ii) of this chapter. * * * * *PART 73--PHYSICAL PROTECTION OF PLANTS AND MATERIALS7. The authority citation for part 73 is revised to read as follows:Authority: Secs. 53, 161, 149, 68 Stat. 930, 948, as amended, sec. 147, 94 Stat. 780 (42 U.S.C. 2073, 2167, 2169, 2201); sec. 201, as amended, 204, 88 Stat. 1242, as amended, 1245, sec. 1701, 106 Stat. 2951, 2952, 2953 (42 U.S.C. 5841, 5844, 2297f); sec. 1704, 112 Stat. 2750 (44 U.S.C. 3504 note); Energy Policy Act of 2005, Pub. L. No. 109-58, 119 Stat. 594 (2005).Section 73.1 also issued under secs. 135, 141, Pub. L. 97-425, 96 Stat. 2232, 2241 (42 U.S.C. 10155, 10161). Section 73.37(f) also issued under sec. 301, Pub. L. 96-295, 94 Stat. 789 (42 U.S.C. 5841 note). Section 73.57 is issued under sec. 606, Pub. L. 99-399, 100 Stat. 876 (42 U.S.C. 2169).8. In Sec. 73.2, definitions for covered weapon, enhanced weapon, safety/security interface, security officer, standard weapon, and target set are added in alphabetical order to read as follows:Sec. 73.2 Definitions.* * * * *Covered weapon means any handgun, rifle, shotgun, short-barreled shotgun, short-barreled rifle, semi-automatic assault weapon, machinegun, ammunition for any such gun or weapon, or a large capacity ammunition feeding device as specified under section 161A of the Atomic Energy Act of 1954, as amended. As used here, the terms ``handgun, rifle, shotgun, short-barreled shotgun, short-barreled rifle, semi- automatic assault weapon, machinegun, ammunition, or large capacity ammunition feeding device'' have the same meaning as set forth for these terms under 18 U.S.C. 921(a). Covered weapons include both enhanced weapons and standard weapons. However, enhanced weapons do not include standard weapons. * * * * *Enhanced weapon means any short-barreled shotgun, short-barreled rifle, or machinegun. Enhanced weapons do not include destructive devices, including explosives or weapons greater than 50 caliber (i.e., weapons with a bore greater than 1.27 cm [0.5 in] diameter). * * * * *Safety/Security interface (SSI) means the actual or potential interactions that may adversely affect security activities due to any operational activities, or vice versa. * * * * *Security officer means a uniformed individual, either armed with a covered weapon or unarmed, whose primary duty is the protection of a facility, of radioactive material, or of other property against theft or diversion or against radiological sabotage. * * * * *Standard weapon means any handgun, rifle, shotgun, semi-automatic assault weapon, or a large capacity ammunition feeding device. * * * * *Target set means the combination of equipment or operator actions which, if all are prevented from performing their intended safety function or prevented from being accomplished, would likely result in significant core damage (e.g., non-incipient, non-localized fuel melting, and/or core disruption) barring extraordinary action by plant operators. A target set with respect to spent fuel sabotage is draining the spent fuel pool leaving the spent fuel uncovered for a period of time, allowing spent fuel heat up and the associated potential for release of fission products. * * * * *9. In Sec. 73.8, paragraph (b) is revised and paragraph (c) is added to read as follows:Sec. 73.8 Information collection requirements: OMB approval.* * * * *(b) The approved information collection requirements contained in this part appear in Sec. Sec. 73.5, 73.18, 73.19, 73.20, 73.21, 73.24, 73.25, 73.26, 73.27, 73.37, 73.40, 73.45, 73.46, 73.50, 73.55, 73.56, 73.57, 73.58, 73.60, 73.67, 73.70, 73.71, 73.72, 73.73, 73.74, and Appendices B, C, and G to this part.(c) This part contains information collection requirements in addition to those approved under the control number specified in paragraph (a) of this section. These information collection requirements and control numbers under which they are approved are as follows:(1) In Sec. 73.18, NRC Form 754 is approved under control number 3150-xxxx;(2) In Sec. 73.71, NRC Form 366 is approved under control number 3150-0104; and[[Page 62847]]
(3) In Sec. Sec. 73.18 and 73.57, Form FD-258 is approved under control number 1110-yyyy.10. Section 73.18 is added to read as follows:Sec. 73.18 Firearms background check for armed security personnel.(a) Purpose. This section sets forth the requirements for completion of firearms background checks on armed security personnel at selected NRC-regulated facilities. Firearms background checks are intended to verify that armed security personnel whose duties require access to covered weapons are not prohibited from receiving, possessing, transporting, importing, or using such weapons under applicable Federal or State law. Licensees and certificate holders listed under paragraph (c) of this section who have applied for preemption authority under Sec. 73.19 (i.e., Sec. 73.19 authority), or who have been granted preemption authority by Commission order, are subject to the requirements of this section.(b) General requirements. (1) Licensees and certificate holders listed in paragraph (c) of this section who have received NRC approval of their application for preemption authority shall ensure that a firearms background check has been satisfactorily completed for all security personnel requiring access to covered weapons as part of their official security duties prior to granting access to any covered weapons to those personnel. Security personnel who have satisfactorily completed a firearms background check, but who have had a break in employment with the licensee, certificate holder, or their security contractor of greater than one (1) week subsequent to their most recent firearms background check, or who have transferred from a different licensee or certificate holder (even though the other licensee or certificate holder satisfactorily completed a firearms background check on such individuals), are not excepted from the requirements of this section.(2) Security personnel who have satisfactorily completed a firearms background check pursuant to Commission orders are not subject to a further firearms background check under this section, unless these personnel have a break in service or transfer as set forth in paragraph (b)(1) of this section.(3) A change in the licensee, certificate holder, or ownership of a facility, radioactive material, or other property designated under Sec. 73.19, or a change in the security contractor that provides security personnel responsible for protecting such facilities, radioactive material, or other property, shall not constitute `a break in service' or `transfer,' as those terms are used in paragraph (b)(2) of this section.(4) Licensees and certificate holders listed in paragraph (c) of this section may begin the application process for firearms background checks under this section for security personnel whose duties require access to covered weapons immediately on application to the NRC for preemption authority.(5) Firearms background checks do not replace any other background checks or criminal history checks required for the licensee's or certificate holder's security personnel under this chapter.(c) Applicability. This section applies to licensees or certificate holders who have applied for or received NRC approval of their application for Sec. 73.19 authority or were issued Commission orders requiring firearms background checks.(d) Firearms background check requirements. A firearms background check for security personnel must include--(1) A check of the individual's fingerprints against the Federal Bureau of Investigation's (FBI's) fingerprint system; and(2) A check of the individual's identifying information against the FBI's National Instant Criminal Background Check System (NICS).(e) Firearms background check submittals. (1) Licensees and certificate holders shall submit to the NRC, in accordance with Sec. 73.4, for all security personnel requiring a firearms background check under this section--(i) A set of fingerprints, in accordance with paragraph (o) of this section, and(ii) A completed NRC Form 754.(2) Licensees and certificate holders shall retain a copy of all NRC Forms 754 submitted to the NRC for a period of one (1) year subsequent to the termination of an individual's access to covered weapons or to the denial of an individual's access to covered weapons.(f) NICS portion of a firearms background check. The NRC will forward the information contained in the submitted NRC Forms 754 to the FBI for evaluation against the NICS. Upon completion of the NICS portion of the firearms background check, the FBI will inform the NRC of the results with one of three responses under 28 CFR part 25; ``proceed,'' ``denied,'' or ``delayed,'' and the associated NICS transaction number. The NRC will forward these results and the associated NICS transaction number to the submitting licensee or certificate holder. The submitting licensee or certificate holder shall provide these results to the individual who completed the NRC Form 754.(g) Satisfactory and adverse firearms background checks. (1) A satisfactorily completed firearms background check means a ``proceed'' response for the individual from the FBI's NICS.(2) An adversely completed firearms background check means a ``denied'' or ``delayed'' response from the FBI's NICS.(h) Removal from access to covered weapons. Licensees or certificate holders who have received NRC approval of their application for Sec. 73.19 authority shall ensure security personnel are removed from duties requiring access to covered weapons upon the licensee's or certificate holder's knowledge of any disqualifying status or the occurrence of any disqualifying events under 18 U.S.C. 922(g) or (n), and the ATF's implementing regulations in 27 CFR part 478.(i) [Reserved].(j) Security personnel responsibilities. Security personnel assigned duties requiring access to covered weapons shall promptly [within three (3) working days] notify their employing licensee's or certificate holder's security management (whether directly employed by the licensee or certificate holder or employed by a security contractor to the licensee or certificate holder) of the existence of any disqualifying status or upon the occurrence of any disqualifying events listed under 18 U.S.C. 922(g) or (n), and the ATF's implementing regulations in 27 CFR part 478 that would prohibit them from possessing or receiving a covered weapon.(k) Awareness of disqualifying events. Licensees and certificate holders who have received NRC approval of Sec. 73.19 authority shall include within their NRC-approved security training and qualification plans instruction on--(1) Disqualifying status or events specified in 18 U.S.C. 922(g) and (n), and ATF's implementing regulations in 27 CFR part 478 (including any applicable definitions) identifying categories of persons who are prohibited from possessing or receiving any covered weapons; and(2) The continuing responsibility of security personnel assigned duties requiring access to covered weapons to promptly notify their employing licensee or certificate holder of the occurrence of any disqualifying events.(l) [Reserved].(m) Notification of removal. Within 72 hours after taking action to remove security personnel from duties requiring access to covered weapons, because of[[Page 62848]]the existence of any disqualifying status or the occurrence of any disqualifying event--other than due to the prompt notification by the security officer under paragraph (j) of this section--licensees and certificate holders who have received NRC approval of Sec. 73.19 authority shall notify the NRC Operations Center of such removal actions, in accordance with appendix A of this part.(n) Reporting violations of law. The NRC will promptly report suspected violations of Federal law to the appropriate Federal agency or suspected violations of State law to the appropriate State agency.(o) Procedures for processing of fingerprint checks. (1) Licensees and certificate holders who have applied for Sec. 73.19 authority, using an appropriate method listed in Sec. 73.4, shall submit to the NRC's Division of Facilities and Security one (1) completed, legible standard fingerprint card (Form FD-258, ORIMDNRCOOOZ) or, where practicable, other fingerprint record for each individual requiring a firearms background check, to the NRC's Director, Division of Facilities and Security, Mail Stop T6-E46, ATTN: Criminal History Check. Copies of this form may be obtained by writing the Office of Information Services, U.S. Nuclear Regulatory Commission, Washington, DC 20555-0001, by calling (301) 415-6157, or by e-mail to FORMS@nrc.gov. Guidance on what alternative formats, including electronic submissions, may be practicable are referenced in Sec. 73.4.(2) Licensees and certificate holders shall indicate on the fingerprint card or other fingerprint record that the purpose for this fingerprint check is the accomplishment of a firearms background check.(3) Licensees and certificate holders shall establish procedures to ensure that the quality of the fingerprints taken results in minimizing the rejection rate of fingerprint cards or records due to illegible or incomplete information.(4) The Commission will review fingerprints for firearms background checks for completeness. Any Form FD-258 or other fingerprint record containing omissions or evident errors will be returned to the licensee or certificate holder for corrections. The fee for processing fingerprint checks includes one (1) free re-submission if the initial submission is returned by the FBI because the fingerprint impressions cannot be classified. The one (1) free re-submission must have the FBI Transaction Control Number reflected on the re-submission. If additional submissions are necessary, they will be treated as an initial submittal and require a second payment of the processing fee. The payment of a new processing fee entitles the submitter to an additional free re-submittal, if necessary. Previously rejected submissions may not be included with the third submission because the submittal will be rejected automatically. Licensees and certificate holders may wish to consider using different methods for recording fingerprints for re-submissions, if difficulty occurs with obtaining a legible set of impressions.(5)(i) Fees for the processing of fingerprint checks are due upon application. Licensees and certificate holders shall submit payment with the application for the processing of fingerprints, and payment must be made by corporate check, certified check, cashier's check, money order, or electronic payment, made payable to ``U.S. NRC.'' \1\ Combined payment for multiple applications is acceptable.
\1\ For guidance on making electronic payments, contact the NRC's Security Branch, Division of Facilities and Security, Office of Adminsitration at (301) 415-7404.
(ii) The application fee is the sum of the user fee charged by the FBI for each fingerprint card or other fingerprint record submitted by the NRC on behalf of a licensee or certificate holder, and an administrative processing fee assessed by the NRC. The NRC processing fee covers administrative costs associated with NRC handling of licensee and certificate holder fingerprint submissions. The Commission publishes the amount of the fingerprint check application fee on the NRC's public Web site.\2\ The Commission will directly notify licensees and certificate holders who are subject to this regulation of any fee changes.
\2\ For information on the current fee amount, refer to the Electronic Submittals page at http://www.nrc.gov/site-help/eie.html and select the link for the Criminal History Program.
(6) The Commission will forward to the submitting licensee or certificate holder all data received from the FBI as a result of the licensee's or certificate holder's application(s) for fingerprint background checks, including the FBI's fingerprint record.(p) Appeals and correction of erroneous system information. (1) Individuals who require a firearms background check under this section and who receive a ``denied'' NICS response or a ``delayed'' NICS response may not be assigned duties requiring access to covered weapons during the pendency of an appeal of the results of the check or during the pendency of providing and evaluating any necessary additional information to the FBI to resolve the ``delayed'' response, respectively.(2) Licensees and certificate holders shall provide information on the FBI's procedures for appealing a ``denied'' response to the denied individual or on providing additional information to the FBI to resolve a ``delayed'' response.(3) An individual who receives a ``denied'' or ``delayed'' NICS response to a firearms background check under this section may request the reason for the response from the FBI. The licensee or certificate holder shall provide to the individual who has received the ``denied'' or ``delayed'' response the unique NICS transaction number associated with the specific firearms background check.(4) These requests for the reason for a ``denied'' or ``delayed'' NICS response must be made in writing, and must include the NICS transaction number. The request must be sent to the Federal Bureau of Investigation; NICS Section; Appeals Service Team, Module A-1; PO Box 4278; Clarksburg, WV 26302-9922. The FBI will provide the individual with the reasons for the ``denied'' response or ``delayed'' response. The FBI will also indicate whether additional information or documents are required to support an appeal or resolution, for example, where there is a claim that the record in question does not pertain to the individual who was denied.(5) If the individual wishes to challenge the accuracy of the record upon which the ``denied'' or ``delayed'' response is based, or if the individual wishes to assert that his or her rights to possess or receive a firearm have been restored by lawful process, he or she may make application first to the FBI. The individual shall file an appeal of a ``denied'' response or file a request to resolve a ``delayed'' response within 45 calender days of the date the NRC forwards the results of the firearms background check to the licensee or certificate holder. The appeal or request must include appropriate documentation or record(s) establishing the legal and/or factual basis for the challenge. Any record or document of a court or other government entity or official furnished in support of an appeal must be certified by the court or other government entity or official as a true copy. The individual may supplement their initial appeal or request--subsequent to the 45 day filing deadline--with additional information as it becomes available, for example, where obtaining a true copy of a court transcript may take longer than 45 days. The individual should note in their appeal or request any information or[[Page 62849]]records that are being obtained, but are not yet available.(6) If the individual is notified that the FBI is unable to resolve the appeal, the individual may then apply for correction of the record directly to the agency from which the information forming the basis of the denial was originated. If the individual is notified by the originating agency, that additional information or documents are required the individual may provide them to the originating agency. If the record is corrected as a result of the appeal to the originating agency, the individual may so notify the FBI and submit written proof of the correction.(7) An individual who has satisfactorily appealed a ``denied'' response or resolved a ``delayed'' response may provide written consent to the FBI to maintain information about himself or herself in a Voluntary Appeal File (VAF) to be established by the FBI and checked by the NICS for the purpose of preventing the erroneous denial or extended delay by the NICS of any future NICS checks.(8) Individuals appealing a ``denied'' response or resolving a ``delayed'' response are responsible for providing the FBI any additional information the FBI requires to resolve the ``delayed'' response.11. Section 73.19 is added to read as follows:Sec. 73.19 Authorization for preemption of firearms laws and use of enhanced weapons.(a) Purpose. This section sets forth the requirements for licensees and certificate holders to obtain NRC approval to use the expanded authorities provided under section 161A of the Atomic Energy Act of 1954 (AEA), in protecting NRC-designated facilities, radioactive material, or other property. These authorities include ``preemption authority'' and ``enhanced-weapons authority.''(b) General requirements. Licensees and certificate holders listed in paragraph (c) of this section may apply to the NRC, in accordance with the provisions of this section, to receive stand-alone preemption authority or combined enhanced weapons authority and preemption authority.(1) Preemption authority, as provided in section 161A of the AEA, means the authority of the Commission to permit licensees or certificate holders, or the designated security personnel of the licensee or certificate holder, to transfer, receive, possess, transport, import, or use one (1) or more category of standard and enhanced weapons, as defined in Sec. 73.2, notwithstanding any local, State, or certain Federal firearms laws (including regulations).(2) Enhanced weapons authority, as provided in section 161A of the AEA, means the authority of the Commission to permit licensees or certificate holders, or the designated security personnel of the licensee or certificate holder, to transfer, receive, possess, transport, import, and use one (1) or more category of enhanced weapons, as defined in Sec. 73.2, notwithstanding any local, State, or certain Federal firearms laws (including regulations).(3) Prior to receiving NRC approval of enhanced-weapons authority, the licensee or certificate holder must have applied for and received NRC approval for preemption authority, in accordance with this section or under Commission orders.(4) Prior to granting either authority, the NRC must determine that the proposed use of this authority is necessary in the discharge of official duties by security personnel engaged in protecting--(i) Facilities owned or operated by a licensee or certificate holder and designated by the Commission under paragraph (c) of this section, or(ii) Radioactive material or other property that is owned or possessed by a licensee or certificate holder, or that is being transported to or from an NRC-regulated facility. Before granting such approval, the Commission must determined that the radioactive material or other property is of significance to the common defense and security or public health and safety and has designated such radioactive material or other property under paragraph (c) of this section.(c) Applicability. (1) The following classes of licensees or certificate holders may apply for stand-alone preemption authority--(i) Power reactor facilities; and(ii) Facilities authorized to possess a formula quantity or greater of strategic special nuclear material with security plans subject to Sec. Sec. 73.20, 73.45, and 73.46.(2) The following classes of licensees or certificate holders may apply for combined enhanced-weapons authority and preemption authority--(i) Power reactor facilities; and(ii) Facilities authorized to possess a formula quantity or greater of strategic special nuclear material with security plans subject to Sec. Sec. 73.20, 73.45, and 73.46.(3) With respect to the possession and use of firearms by all other NRC licensees or certificate holders, the Commission's requirements in effect before [effective date of final rule] remain applicable, except to the extent those requirements are modified by Commission order or regulations applicable to such licensees and certificate holders.(d) Application for preemption authority. (1) Licensees and certificate holders listed in paragraph (c) of this section may apply to the NRC for the preemption authority described in paragraph (b)(1) of this section. Licensees and certificate holders seeking such authority shall submit an application to the NRC in writing, in accordance with Sec. 73.4, and indicate that the licensee or certificate holder is requesting preemption authority under section 161A of the AEA.(2) Licensees and certificate holders who have applied for preemption authority under this section may begin firearms background checks under Sec. 73.18 for their armed security personnel.(3) Licensees and certificate holders who have applied for preemption authority under this section and who have satisfactorily completed firearms background checks for a sufficient number of security personnel (to implement their security plan while meeting security personnel fatigue requirements of this chapter or Commission order) shall notify the NRC, in accordance with Sec. 73.4, of their readiness to receive NRC approval of preemption authority and implement all the provisions of Sec. 73.18.(4) Based upon the licensee's or certificate holder's readiness notification and any discussions with the licensee or certificate holder, the NRC will document in writing to the licensee or certificate holder that the Commission has approved or disapproved the licensee's or certificate holder's application for preemption authority.(e) Application for enhanced-weapons authority. (1) Licensees and certificate holders listed in paragraph (c)(2) of this section may apply to the NRC for enhanced-weapons authority described in paragraph (a)(2) of this section. Licensees and certificate holders applying for enhanced-weapons authority shall have also applied for preemption authority. Licensees and certificate holders may make these applications concurrently.(2) Licensees and certificate holders seeking enhanced-weapons authority shall submit an application to the NRC, in accordance with Sec. 73.4, indicating that the licensee or certificate holder is requesting enhanced-weapons authority under section 161A of the AEA. Licensees and certificate holders shall also include with their application--[[Page 62850]]
(i) The additional information required by paragraph (f) of this section;(ii) The date they applied to the NRC for preemption authority (if not concurrent with the application for enhanced weapons authority); and(iii) If applicable, the date when the licensee or certificate holder received NRC approval of their application for preemption authority under this section or by Commission order.(3) The NRC will document in writing to the licensee or certificate holder that the Commission has approved or disapproved the licensee's or certificate holder's application for enhanced-weapons authority. The NRC must approve, or have previously approved, a licensee's or certificate holder's application for preemption authority under paragraph (d) of this section, or via Commission order, to approve the application for enhanced weapons authority.(4) Licensees and certificate holders who have applied to the NRC for and received enhanced-weapons authority shall then apply to the U.S. Bureau of Alcohol, Tobacco, Firearms, and Explosives (ATF) for a federal firearms license (FFL) and also register under the National Firearms Act (NFA) in accordance with ATF's regulations under 27 CFR parts 478 and 479 to obtain the enhanced weapons. Licensees and certificate holders shall include a copy of the NRC's written approval with their NFA registration application.(f) Application for enhanced-weapons authority additional information. (1) Licensees and certificate holders applying to the Commission for enhanced-weapons authority under paragraph (e) of this section shall also submit to the NRC for prior review and written approval new, or revised, physical security plans, security personnel training and qualification plans, safeguards contingency plans, and safety assessments incorporating the use of the specific enhanced weapons the licensee or certificate holder intends to use. These plans and assessments must be specific to the facility, radioactive material, or other property being protected.(2) In addition to other requirements set forth in this part, these plans and assessments must--(i) For the physical security plan, identify the specific types or models, calibers, and numbers of enhanced weapons to be used;(ii) For the training and qualification plan, address the training and qualification requirements to use these specific enhanced weapons; and(iii) For the safeguards contingency plan, address how these enhanced and any standard weapons will be employed by the licensee's or certificate holder's security personnel in meeting the NRC-required protective strategy, including tactical approaches and maneuvers.(iv) For the safety assessment--(A) Assess any potential safety impact on the facility, radioactive material, or other property from the use of these enhanced weapons;(B) Assess any potential safety impact on public or private facilities, public or private property, or on members of the public in areas outside of the site boundary from the use of these enhanced weapons; and(C) Assess any potential safety impact on public or private facilities, public or private property, or on members of the public from the use of these enhanced weapons at training facilities intended for proficiency demonstration and qualification purposes.(3) The licensee's or certificate holder's training and qualification plan on possessing, storing, maintaining, qualifying on, and using enhanced weapons must include information from applicable firearms standards developed by nationally-recognized firearms organizations or standard setting bodies or standards developed by Federal agencies, such as: The U.S. Department of Homeland Security's Federal Law Enforcement Training Center, the U.S. Department of Energy's National Training Center, and the U.S. Department of Defense.(4) Licensees or certificate holders shall submit any new or revised plans and assessments for prior NRC review and written approval notwithstanding the provisions of Sec. Sec. 50.54(p), 70.32(e), and 76.60 of this chapter which otherwise permit a license or certificate holder to make changes to such plans ``that would not decrease their effectiveness'' without prior NRC review.(g) Completion of training and qualification prior to use of enhanced weapons. Licensees and certificate holders who have applied for and received enhanced-weapons authority under paragraph (e) of this section shall ensure security personnel complete required firearms training and qualification in accordance with the licensee's or certificate holder's NRC-approved training and qualification plan. Such training must be completed prior to security personnel's use of enhanced weapons to protect NRC-designated facilities, radioactive material, or other property and must be documented in accordance with the requirements of the licensee's or certificate holder's training and qualification plan.(h) Use of enhanced weapons. Requirements regarding the use of enhanced weapons by security personnel in the performance of their official duties are contained in Sec. Sec. 73.46 and 73.55 and in appendices B and C of this part, as applicable.(i) [Reserved].(j) Notification of adverse ATF findings or notices. NRC licensees and certificate holders with an ATF federal firearms license (FFL) and/ or enhanced weapons shall notify the NRC, in accordance with Sec. 73.4, of instances involving any adverse ATF findings or ATF notices related to their FFL or such weapons.12. Section 73.55 is revised to read as follows:Sec. 73.55 Requirements for physical protection of licensed activities in nuclear power reactors against radiological sabotage.(a) Introduction. (1) By [date--180 days--after the effective date of the final rule published in the Federal Register], each nuclear power reactor licensee, licensed under 10 CFR part 50, shall incorporate the revised requirements of this section through amendments to its Commission-approved Physical Security Plan, Training and Qualification Plan, and Safeguards Contingency Plan, referred to collectively as ``approved security plans,'' and shall submit the amended security plans to the Commission for review and approval.(2) The amended security plans must be submitted as specified in Sec. 50.4 of this chapter and must describe how the revised requirements of this section will be implemented by the licensee, to include a proposed implementation schedule.(3) The licensee shall implement the existing approved security plans and associated Commission orders until Commission approval of the amended security plans, unless otherwise authorized by the Commission.(4) The licensee is responsible for maintaining the onsite physical protection program in accordance with Commission regulations and related Commission-directed orders through the implementation of the approved security plans and site implementing procedures.(5) Applicants for an operating license under the provisions of part 50 of this chapter, or holders of a combined license under the provisions of part 52 of this chapter, shall satisfy the requirements of this section before the receipt of special nuclear material in the form of fuel assemblies.(6) For licenses issued after [effective date of the final rule], licensees shall[[Page 62851]]design construct, and equip the central alarm station and secondary alarm station to equivalent standards.(i) Licensees shall apply the requirements for the central alarm station listed in paragraphs (e)(6)(v), (e)(7)(iii), and (i)(8)(ii) of this section to the secondary alarm station as well as the central alarm station.(ii) Licensees shall comply with the requirements of paragraph (i)(4) of this section such that both alarm stations are provided with equivalent capabilities for detection, assessment, monitoring, observation, surveillance, and communications.(b) General performance objective and requirements. (1) The licensee shall establish and maintain a physical protection program, to include a security organization which will have as its objective to provide high assurance that activities involving special nuclear material are not inimical to the common defense and security and do not constitute an unreasonable risk to the public health and safety.(2) The physical protection program must be designed to detect, assess, intercept, challenge, delay, and neutralize threats up to and including the design basis threat of radiological sabotage as stated in Sec. 73.1(a), at all times.(3) The licensee physical protection program must be designed and implemented to satisfy the requirements of this section and ensure that no single act, as bounded by the design basis threat, can disable the personnel, equipment, or systems necessary to prevent significant core damage and spent fuel sabotage.(4) The physical protection program must include diverse and redundant equipment, systems, technology, programs, supporting processes, and implementing procedures.(5) Upon the request of an authorized representative of the Commission, the licensee shall demonstrate the ability to meet Commission requirements through the implementation of the physical protection program, including the ability of armed and unarmed personnel to perform assigned duties and responsibilities required by the approved security plans and licensee procedures.(6) The licensee shall establish and maintain a written performance evaluation program in accordance with appendix B and appendix C to this part, to demonstrate and assess the effectiveness of armed responders and armed security officers to perform their assigned duties and responsibilities to protect target sets described in paragraph (f) of this section and appendix C to this part, through implementation of the licensee protective strategy.(7) The licensee shall establish, maintain, and follow an access authorization program in accordance with Sec. 73.56.(i) In addition to the access authorization program required above, and the fitness-for-duty program required in part 26 of this chapter, each licensee shall develop, implement, and maintain an insider mitigation program.(ii) The insider mitigation program must be designed to oversee and monitor the initial and continuing trustworthiness and reliability of individuals granted or retaining unescorted access authorization to a protected or vital area and implement defense-in-depth methodologies to minimize the potential for an insider to adversely affect, either directly or indirectly, the licensee capability to prevent significant core damage or spent fuel sabotage.(8) The licensee shall ensure that its corrective action program assures that failures, malfunctions, deficiencies, deviations, defective equipment and nonconformances in security program components, functions, or personnel are promptly identified and corrected. Measures shall ensure that the cause of any of these conditions is determined and that corrective action is taken to preclude repetition.(c) Security plans. (1) Licensee security plans. Licensee security plans must implement Commission requirements and must describe:(i) How the physical protection program will prevent significant core damage and spent fuel sabotage through the establishment and maintenance of a security organization, the use of security equipment and technology, the training and qualification of security personnel, and the implementation of predetermined response plans and strategies; and(ii) Site-specific conditions that affect implementation of Commission requirements.(2) Protection of security plans. The licensee shall protect the approved security plans and other related safeguards information against unauthorized disclosure in accordance with the requirements of Sec. 73.21.(3) Physical security plan. (i) The licensee shall establish, maintain, and implement a Commission-approved physical security plan that describes how the performance objective and requirements set forth in this section will be implemented.(ii) The physical security plan must describe the facility location and layout, the security organization and structure, duties and responsibilities of personnel, defense-in-depth implementation that describes components, equipment and technology used.(4) Training and qualification plan. (i) The licensee shall establish, maintain, and follow a Commission-approved training and qualification plan, that describes how the criteria set forth in appendix B ``General Criteria for Security Personnel,'' to this part will be implemented.(ii) The training and qualification plan must describe the process by which armed and unarmed security personnel, watchpersons, and other members of the security organization will be selected, trained, equipped, tested, qualified, and re-qualified to ensure that these individuals possess and maintain the knowledge, skills, and abilities required to carry out their assigned duties and responsibilities effectively.(5) Safeguards contingency plan. (i) The licensee shall establish, maintain, and implement a Commission-approved safeguards contingency plan that describes how the criteria set forth in section II of appendix C, ``Licensee Safeguards Contingency Plans,'' to this part will be implemented.(ii) The safeguards contingency plan must describe predetermined actions, plans, and strategies designed to intercept, challenge, delay, and neutralize threats up to and including the design basis threat of radiological sabotage.(6) Implementing procedures. (i) The licensee shall establish, maintain, and implement written procedures that document the structure of the security organization, detail the specific duties and responsibilities of each position, and implement Commission requirements through the approved security plans.(ii) Implementing procedures need not be submitted to the Commission for prior approval, but are subject to inspection by the Commission.(iii) Implementing procedures must detail the specific actions to be taken and decisions to be made by each position of the security organization to implement the approved security plans.(iv) The licensee shall:(A) Develop, maintain, enforce, review, and revise security implementing procedures.(B) Provide a process for the written approval of implementing procedures and revisions by the individual with overall responsibility for the security functions.(C) Ensure that changes made to implementing procedures do not[[Page 62852]]decrease the effectiveness of any procedure to implement and satisfy Commission requirements.(7) Plan revisions. The licensee shall revise approved security plans as necessary to ensure the effective implementation of Commission regulations and the licensee's protective strategy. Commission approval of revisions made pursuant to this paragraph is not required, provided that revisions meet the requirements of Sec. 50.54(p) of this chapter. Changes that are beyond the scope allowed per Sec. 50.54(p) of this chapter shall be submitted as required by Sec. Sec. 50.90 of this chapter or Sec. 73.5.(d) Security organization. (1) The licensee shall establish and maintain a security organization designed, staffed, trained, and equipped to provide early detection, assessment, and response to unauthorized activities within any area of the facility.(2) The security organization must include:(i) A management system that provides oversight of the onsite physical protection program.(ii) At least one member, onsite and available at all times, who has the authority to direct the activities of the security organization and who is assigned no other duties that would interfere with this individual's ability to perform these duties in accordance with the approved security plans and licensee protective strategy.(3) The licensee may not permit any individual to act as a member of the security organization unless the individual has been trained, equipped, and qualified to perform assigned duties and responsibilities in accordance with the requirements of appendix B to part 73 and the Commission-approved training and qualification plan.(4) The licensee may not assign an individual to any position involving detection, assessment, or response to unauthorized activities unless that individual has satisfied the requirements of Sec. 73.56.(5) If a contracted security force is used to implement the onsite physical protection program, the licensee's written agreement with the contractor must be retained by the licensee as a record for the duration of the contract and must clearly state the following conditions:(i) The licensee is responsible to the Commission for maintaining the physical protection program in accordance with Commission orders, Commission regulations, and the approved security plans.(ii) The Commission may inspect, copy, retain, and remove all reports and documents required to be kept by Commission regulations, orders, or applicable license conditions whether the reports and documents are kept by the licensee or the contractor.(iii) An individual may not be assigned to any position involving detection, assessment, or response to unauthorized activities unless that individual has satisfied the requirements of Sec. 73.56.(iv) An individual may not be assigned duties and responsibilities required to implement the approved security plans or licensee protective strategy unless that individual has been properly trained, equipped, and qualified to perform their assigned duties and responsibilities in accordance with appendix B to part 73 and the Commission-approved training and qualification plan.(v) Upon the request of an authorized representative of the Commission, the contractor security employees shall demonstrate the ability to perform their assigned duties and responsibilities effectively.(vi) Any license for possession and ownership of enhanced weapons will reside with the licensee.(e) Physical barriers. Based upon the licensee's protective strategy, analyses, and site conditions that affect the use and placement of physical barriers, the licensee shall install and maintain physical barriers that are designed and constructed as necessary to deter, delay, and prevent the introduction of unauthorized personnel, vehicles, or materials into areas for which access must be controlled or restricted.(1) The licensee shall describe in the approved security plans, the design, construction, and function of physical barriers and barrier systems used and shall ensure that each barrier and barrier system is designed and constructed to satisfy the stated function of the barrier and barrier system.(2) The licensee shall retain in accordance with Sec. 73.70, all analyses, comparisons, and descriptions of the physical barriers and barrier systems used to satisfy the requirements of this section, and shall protect these records as safeguards information in accordance with the requirements of Sec. 73.21.(3) Physical barriers must:(i) Clearly delineate the boundaries of the area(s) for which the physical barrier provides protection or a function, such as protected and vital area boundaries and stand-off distance.(ii) Be designed and constructed to protect against the design basis threat commensurate to the required function of each barrier and in support of the licensee protective strategy.(iii) Provide visual deterrence, delay, and support access control measures.(iv) Support effective implementation of the licensee's protective strategy.(4) Owner controlled area. The licensee shall establish and maintain physical barriers in the owner controlled area to deter, delay, or prevent unauthorized access, facilitate the early detection of unauthorized activities, and control approach routes to the facility.(5) Isolation zone. (i) An isolation zone must be maintained in outdoor areas adjacent to the protected area perimeter barrier. The isolation zone shall be:(A) Designed and of sufficient size to permit unobstructed observation and assessment of activities on either side of the protected area barrier.(B) Equipped with intrusion detection equipment capable of detecting both attempted and actual penetration of the protected area perimeter barrier and assessment equipment capable of facilitating timely evaluation of the detected unauthorized activities before completed penetration of the protected area perimeter barrier.(ii) Assessment equipment in the isolation zone must provide real- time and play-back/recorded video images in a manner that allows timely evaluation of the detected unauthorized activities before and after each alarm annunciation.(iii) Parking facilities, storage areas, or other obstructions that could provide concealment or otherwise interfere with the licensee's capability to meet the requirements of paragraphs (e)(5)(i)(A) and (B) of this section, must be located outside of the isolation zone.(6) Protected area. (i) The protected area perimeter must be protected by physical barriers designed and constructed to meet Commission requirements and all penetrations through this barrier must be secured in a manner that prevents or delays, and detects the exploitation of any penetration.(ii) The protected area perimeter physical barriers must be separated from any other barrier designated as a vital area physical barrier, unless otherwise identified in the approved physical security plan.(iii) All emergency exits in the protected area must be secured by locking devices that allow exit only and alarmed.(iv) Where building walls, roofs, or penetrations comprise a portion of the protected area perimeter barrier, an isolation zone is not necessary, provided that the detection, assessment, observation, monitoring, and[[Page 62853]]surveillance requirements of this section are met, appropriately designed and constructed barriers are installed, and the area is described in the approved security plans.(v) The reactor control room, the central alarm station, and the location within which the last access control function for access to the protected area is performed, must be bullet-resisting.(vi) All exterior areas within the protected area must be periodically checked to detect and deter unauthorized activities, personnel, vehicles, and materials.(7) Vital areas. (i) Vital equipment must be located only within vital areas, which in turn must be located within protected areas so that access to vital equipment requires passage through at least two physical barriers designed and constructed to perform the required function, except as otherwise approved by the Commission in accordance with paragraph (f)(3) of this section.(ii) More than one vital area may be located within a single protected area.(iii) The reactor control room, the spent fuel pool, secondary power supply systems for intrusion detection and assessment equipment, non-portable communications equipment, and the central alarm station, must be provided protection equivalent to vital equipment located within a vital area.(iv) Vital equipment that is undergoing maintenance or is out of service, or any other change to site conditions that could adversely affect plant safety or security, must be identified in accordance with Sec. 73.58, and adjustments must be made to the site protective strategy, site procedures, and approved security plans, as necessary.(v) The licensee shall protect all vital areas, vital area access portals, and vital area emergency exits with intrusion detection equipment and locking devices. Emergency exit locking devices shall be designed to permit exit only.(vi) Unoccupied vital areas must be locked.(8) Vehicle barrier system. The licensee must:(i) Prevent unauthorized vehicle access or proximity to any area from which any vehicle, its personnel, or its contents could disable the personnel, equipment, or systems necessary to meet the performance objective and requirements described in paragraph (b) of this section.(ii) Limit and control all vehicle approach routes.(iii) Design and install a vehicle barrier system, to include passive and active barriers, at a stand-off distance adequate to protect personnel, equipment, and systems against the design basis threat.(iv) Deter, detect, delay, or prevent vehicle use as a means of transporting unauthorized personnel or materials to gain unauthorized access beyond a vehicle barrier system, gain proximity to a protected area or vital area, or otherwise penetrate the protected area perimeter.(v) Periodically check the operation of active vehicle barriers and provide a secondary power source or a means of mechanical or manual operation, in the event of a power failure to ensure that the active barrier can be placed in the denial position within the time line required to prevent unauthorized vehicle access beyond the required standoff distance.(vi) Provide surveillance and observation of vehicle barriers and barrier systems to detect unauthorized activities and to ensure the integrity of each vehicle barrier and barrier system.(9) Waterways. (i) The licensee shall control waterway approach routes or proximity to any area from which a waterborne vehicle, its personnel, or its contents could disable the personnel, equipment, or systems necessary to meet the performance objective and requirements described in paragraph (b) of this section.(ii) The licensee shall delineate areas from which a waterborne vehicle must be restricted and install waterborne vehicle control measures, where applicable.(iii) The licensee shall monitor waterway approaches and adjacent areas to ensure early detection, assessment, and response to unauthorized activity or proximity, and to ensure the integrity of installed waterborne vehicle control measures.(iv) Where necessary to meet the requirements of this section, licensees shall coordinate with local, State, and Federal agencies having jurisdiction over waterway approaches.(10) Unattended openings in any barrier established to meet the requirements of this section that are 620 cm2(96.1 in2) or greater in total area and have a smallest dimension of 15 m (5.9 in) or greater, must be secured and monitored at a frequency that would prevent exploitation of the opening consistent with the intended function of each barrier.(f) Target sets. (1) The licensee shall document in site procedures the process used to develop and identify target sets, to include analyses and methodologies used to determine and group the target set equipment or elements.(2) The licensee shall consider the effects that cyber attacks may have upon individual equipment or elements of each target set or grouping.(3) Target set equipment or elements that are not contained within a protected or vital area must be explicitly identified in the approved security plans and protective measures for such equipment or elements must be addressed by the licensee's protective strategy in accordance with appendix C to this part.(4) The licensee shall implement a program for the oversight of plant equipment and systems documented as part of the licensee protective strategy to ensure that changes to the configuration of the identified equipment and systems do not compromise the licensee's capability to prevent significant core damage and spent fuel sabotage.(g) Access control. (1) The licensee shall:(i) Control all points of personnel, vehicle, and material access into any area, or beyond any physical barrier or barrier system, established to meet the requirements of this section.(ii) Control all points of personnel and vehicle access into vital areas in accordance with access authorization lists.(iii) During non-emergency conditions, limit unescorted access to the protected area and vital areas to only those individuals who require unescorted access to perform assigned duties and responsibilities.(iv) Monitor and ensure the integrity of access control systems.(v) Provide supervision and control over the badging process to prevent unauthorized bypass of access control equipment located at or outside of the protected area.(vi) Isolate the individual responsible for the last access control function (controlling admission to the protected area) within a bullet- resisting structure to assure the ability to respond or to summon assistance in response to unauthorized activities.(vii) In response to specific threat and security information, implement a two-person (line-of-sight) rule for all personnel in vital areas so that no one individual is permitted unescorted access to vital areas. Under these conditions, the licensee shall implement measures to verify that the two person rule has been met when a vital area is accessed.(2) In accordance with the approved security plans and before granting unescorted access through an access control point, the licensee shall:(i) Confirm the identity of individuals.(ii) Verify the authorization for access of individuals, vehicles, and materials.[[Page 62854]]
(iii) Search individuals, vehicles, packages, deliveries, and materials in accordance with paragraph (h) of this section.(iv) Confirm, in accordance with industry shared lists and databases, that individuals have not been denied access to another power reactor facility.(3) Access control points must be:(i) Equipped with locking devices, intrusion detection equipment, and monitoring, observation, and surveillance equipment, as appropriate.(ii) Located outside or concurrent with, the physical barrier system through which it controls access.(4) Emergency conditions. (i) The licensee shall design the access control system to accommodate the potential need for rapid ingress or egress of authorized individuals during emergency conditions or situations that could lead to emergency conditions.(ii) Under emergency conditions, the licensee shall implement procedures to ensure that:(A) Authorized emergency personnel are provided prompt access to affected areas and equipment.(B) Attempted or actual unauthorized entry to vital equipment is detected.(C) The capability to prevent significant core damage and spent fuel sabotage is maintained.(iii) The licensee shall ensure that restrictions for site access and egress during emergency conditions are coordinated with responses by offsite emergency support agencies identified in the site emergency plans.(5) Vehicles. (i) The licensee shall exercise control over all vehicles while inside the protected area and vital areas to ensure they are used only by authorized persons and for authorized purposes.(ii) Vehicles inside the protected area or vital areas must be operated by an individual authorized unescorted access to the area, or must be escorted by an individual trained, qualified, and equipped to perform vehicle escort duties, while inside the area.(iii) Vehicles inside the protected area must be limited to plant functions or emergencies, and must be disabled when not in use.(iv) Vehicles transporting hazardous materials inside the protected area must be escorted by an armed member of the security organization.(6) Access control devices. (i) Identification badges. The licensee shall implement a numbered photo identification badge/key-card system for all individuals authorized unescorted access to the protected area and vital areas.(A) Identification badges may be removed from the protected area only when measures are in place to confirm the true identity and authorization for unescorted access of the badge holder before allowing unescorted access to the protected area.(B) Except where operational safety concerns require otherwise, identification badges must be clearly displayed by all individuals while inside the protected area and vital areas.(C) The licensee shall maintain a record, to include the name and areas to which unescorted access is granted, of all individuals to whom photo identification badge/key-cards have been issued.(ii) Keys, locks, combinations, and passwords. All keys, locks, combinations, passwords, and related access control devices used to control access to protected areas, vital areas, security systems, and safeguards information must be controlled and accounted for to reduce the probability of compromise. The licensee shall:(A) Issue access control devices only to individuals who require unescorted access to perform official duties and responsibilities.(B) Maintain a record, to include name and affiliation, of all individuals to whom access control devices have been issued, and implement a process to account for access control devices at least annually.(C) Implement compensatory measures upon discovery or suspicion that any access control device may have been compromised. Compensatory measures must remain in effect until the compromise is corrected.(D) Retrieve, change, rotate, deactivate, or otherwise disable access control devices that have been, or may have been compromised.(E) Retrieve, change, rotate, deactivate, or otherwise disable all access control devices issued to individuals who no longer require unescorted access to the areas for which the devices were designed.(7) Visitors. (i) The licensee may permit escorted access to the protected area to individuals who do not have unescorted access authorization in accordance with the requirements of Sec. 73.56 and part 26 of this chapter. The licensee shall:(A) Implement procedures for processing, escorting, and controlling visitors.(B) Confirm the identity of each visitor through physical presentation of a recognized identification card issued by a local, State, or Federal Government agency that includes a photo or contains physical characteristics of the individual requesting escorted access.(C) Maintain a visitor control register in which all visitors shall register their name, date, time, purpose of visit, employment affiliation, citizenship, and name of the individual to be visited before being escorted into any protected or vital area.(D) Issue a visitor badge to all visitors that clearly indicates that an escort is required.(E) Escort all visitors, at all times, while inside the protected area and vital areas.(ii) Individuals not employed by the licensee but who require frequent and extended unescorted access to the protected area and vital areas shall satisfy the access authorization requirements of Sec. 73.56 and part 26 of this chapter and shall be issued a non-employee photo identification badge that is easily distinguished from other identification badges before being allowed unescorted access to the protected area. Non-employee photo identification badges must indicate:(A) Non-employee, no escort required.(B) Areas to which access is authorized.(C) The period for which access is authorized.(D) The individual's employer.(E) A means to determine the individual's emergency plan assembly area.(8) Escorts. The licensee shall ensure that all escorts are trained in accordance with appendix B to this part, the approved training and qualification plan, and licensee policies and procedures.(i) Escorts shall be authorized unescorted access to all areas in which they will perform escort duties.(ii) Individuals assigned to escort visitors shall be provided a means of timely communication with both alarm stations in a manner that ensures the ability to summon assistance when needed.(iii) Individuals assigned to vehicle escort duties shall be provided a means of continuous communication with both alarm stations to ensure the ability to summon assistance when needed.(iv) Escorts shall be knowledgeable of those activities that are authorized to be performed within the areas for which they are assigned to perform escort duties and must also be knowledgeable of those activities that are authorized to be performed by any individual for which the escort is assigned responsibility.(v) Visitor to escort ratios shall be limited to 10 to 1 in the protected area and 5 to 1 in vital areas, provided that the necessary observation and control requirements of this section can be[[Page 62855]]maintained by the assigned escort over all visitor activities.(h) Search programs. (1) At each designated access control point into the owner controlled area and protected area, the licensee shall search individuals, vehicles, packages, deliveries, and materials in accordance with the requirements of this section and the approved security plans, before granting access.(i) The objective of the search program must be to deter, detect, and prevent the introduction of unauthorized firearms, explosives, incendiary devices, or other unauthorized materials and devices into designated areas in which the unauthorized items could be used to disable personnel, equipment, and systems necessary to meet the performance objective and requirements of paragraph (b) of this section.(ii) The search requirements for unauthorized firearms, explosives, incendiary devices, or other unauthorized materials and devices must be accomplished through the use of equipment capable of detecting these unauthorized items and through visual and hands-on physical searches, as needed to ensure all items are identified before granting access.(iii) Only trained and qualified members of the security organization, and other trained and qualified personnel designated by the licensee, shall perform search activities or be assigned duties and responsibilities required to satisfy observation requirements for the search activities.(2) The licensee shall establish and implement written search procedures for all access control points before granting access to any individual, vehicle, package, delivery, or material.(i) Search procedures must ensure that items possessed by an individual, or contained within a vehicle or package, must be clearly identified as not being a prohibited item before granting access beyond the access control point for which the search is conducted.(ii) The licensee shall visually and physically hand search all individuals, vehicles, and packages containing items that cannot be or are not clearly identified by search equipment.(3) Whenever search equipment is out of service or is not operating satisfactorily, trained and qualified members of the security organization shall conduct a hands-on physical search of all individuals, vehicles, packages, deliveries, and materials that would otherwise have been subject to equipment searches.(4) When an attempt to introduce unauthorized items has occurred or is suspected, the licensee shall implement actions to ensure that the suspect individuals, vehicles, packages, deliveries, and materials are denied access and shall perform a visual and hands-on physical search to determine the absence or existence of a threat.(5) Vehicle search procedures must be performed by at least two (2) properly trained and equipped security personnel, at least one of whom is positioned to observe the search process and provide a timely response to unauthorized activities if necessary.(6) Vehicle areas to be searched must include, but are not limited to, the cab, engine compartment, undercarriage, and cargo area.(7) Vehicle search checkpoints must be equipped with video surveillance equipment that must be monitored by an individual capable of initiating and directing a timely response to unauthorized activity.(8) Exceptions to the search requirements of this section must be submitted to the Commission for prior review and approval and must be identified in the approved security plans.(i) Vehicles and items that may be excepted from the search requirements of this section must be escorted by an armed individual who is trained and equipped to observe offloading and perform search activities at the final destination within the protected area.(ii) To the extent practicable, items excepted from search must be off loaded only at specified receiving areas that are not adjacent to a vital area.(iii) The excepted items must be searched at the receiving area and opened at the final destination by an individual familiar with the items.(i) Detection and assessment systems.(1) The licensee shall establish and maintain an intrusion detection and assessment system that must provide, at all times, the capability for early detection and assessment of unauthorized persons and activities.(2) Intrusion detection equipment must annunciate, and video assessment equipment images shall display, concurrently in at least two continuously staffed onsite alarm stations, at least one of which must be protected in accordance with the requirements of paragraphs (e)(6)(v), (e)(7)(iii), and (i)(8)(ii) of this section.(3) The licensee's intrusion detection system must be designed to ensure that both alarm station operators:(i) Are concurrently notified of the alarm annunciation.(ii) Are capable of making a timely assessment of the cause of each alarm annunciation.(iii) Possess the capability to initiate a timely response in accordance with the approved security plans, licensee protective strategy, and implementing procedures.(4) Both alarm stations must be equipped with equivalent capabilities for detection and communication, and must be equipped with functionally equivalent assessment, monitoring, observation, and surveillance capabilities to support the effective implementation of the approved security plans and the licensee protective strategy in the event that either alarm station is disabled.(i) The licensee shall ensure that a single act cannot remove the capability of both alarm stations to detect and assess unauthorized activities, respond to an alarm, summon offsite assistance, implement the protective strategy, provide command and control, or otherwise prevent significant core damage and spent fuel sabotage.(ii) The alarm station functions in paragraph (i)(4) of this section must remain operable from an uninterruptible backup power supply in the event of the loss of normal power.(5) Detection. Detection capabilities must be provided by security organization personnel and intrusion detection equipment, and shall be defined in implementing procedures. Intrusion detection equipment must be capable of operating as intended under the conditions encountered at the facility.(6) Assessment. Assessment capabilities must be provided by security organization personnel and video assessment equipment, and shall be described in implementing procedures. Video assessment equipment must be capable of operating as intended under the conditions encountered at the facility and must provide video images from which accurate and timely assessments can be made in response to an alarm annunciation or other notification of unauthorized activity.(7) The licensee intrusion detection and assessment system must:(i) Ensure that the duties and responsibilities assigned to personnel, the use of equipment, and the implementation of procedures provides the detection and assessment capabilities necessary to meet the requirements of paragraph (b) of this section.(ii) Ensure that annunciation of an alarm indicates the type and location of the alarm.(iii) Ensure that alarm devices, to include transmission lines to[[Page 62856]]annunciators, are tamper indicating and self-checking.(iv) Provide visual and audible alarm annunciation and concurrent video assessment capability to both alarm stations in a manner that ensures timely recognition, acknowledgment and response by each alarm station operator in accordance with written response procedures.(v) Provide an automatic indication when the alarm system or a component of the alarm system fails, or when the system is operating on the backup power supply.(vi) Maintain a record of all alarm annunciations, the cause of each alarm, and the disposition of each alarm.(8) Alarm stations. (i) Both alarm stations must be continuously staffed by at least one trained and qualified member of the security organization.(ii) The interior of the central alarm station must not be visible from the perimeter of the protected area.(iii) The licensee may not permit any activities to be performed within either alarm station that would interfere with an alarm station operator's ability to effectively execute assigned detection, assessment, surveillance, and communication duties and responsibilities.(iv) The licensee shall assess and respond to all alarms and other indications of unauthorized activities in accordance with the approved security plans and implementing procedures.(v) The licensee's implementing procedures must ensure that both alarm station operators are knowledgeable of all alarm annunciations, assessments, and final disposition of all alarms, to include but not limited to a prohibition from changing the status of a detection point or deactivating a locking or access control device at a protected or vital area portal, without the knowledge and concurrence of the other alarm station operator.(9) Surveillance, observation, and monitoring. (i) The physical protection program must include the capability for surveillance, observation, and monitoring in a manner that provides early detection and assessment of unauthorized activities.(ii) The licensee shall provide continual surveillance, observation, and monitoring of all areas identified in the approved security plans as requiring surveillance, observation, and monitoring to ensure early detection of unauthorized activities and to ensure the integrity of physical barriers or other components of the physical protection program.(A) Continual surveillance, observation, and monitoring responsibilities must be performed by security personnel during routine patrols or by other trained and equipped personnel designated as a component of the protective strategy.(B) Surveillance, observation, and monitoring requirements may be accomplished by direct observation or video technology.(iii) The licensee shall provide random patrols of all accessible areas containing target set equipment.(A) Armed security patrols shall periodically check designated areas and shall inspect vital area entrances, portals, and external barriers.(B) Physical barriers must be inspected at random intervals to identify tampering and degradation.(C) Security personnel shall be trained to recognize indications of tampering as necessary to perform assigned duties and responsibilities as they relate to safety and security systems and equipment.(iv) Unattended openings that are not monitored by intrusion detection equipment must be observed by security personnel at a frequency that would prevent exploitation of that opening.(v) Upon detection of unauthorized activities, tampering, or other threats, the licensee shall initiate actions consistent with the approved security plans, the licensee protective strategy, and implementing procedures.(10) Video technology. (i) The licensee shall maintain in operable condition all video technology used to satisfy the monitoring, observation, surveillance, and assessment requirements of this section.(ii) Video technology must be:(A) Displayed concurrently at both alarm stations.(B) Designed to provide concurrent observation, monitoring, and surveillance of designated areas from which an alarm annunciation or a notification of unauthorized activity is received.(C) Capable of providing a timely visual display from which positive recognition and assessment of the detected activity can be made and a timely response initiated.(D) Used to supplement and limit the exposure of security personnel to possible attack.(iii) The licensee shall implement controls for personnel assigned to monitor video technology to ensure that assigned personnel maintain the level of alertness required to effectively perform the assigned duties and responsibilities.(11) Illumination. (i) The licensee shall ensure that all areas of the facility, to include appropriate portions of the owner controlled area, are provided with illumination necessary to satisfy the requirements of this section.(ii) The licensee shall provide a minimum illumination level of 0.2 footcandle measured horizontally at ground level, in the isolation zones and all exterior areas within the protected area, or may augment the facility illumination system, to include patrols, responders, and video technology, with low-light technology capable of meeting the detection, assessment, surveillance, observation, monitoring, and response requirements of this section.(iii) The licensee shall describe in the approved security plans how the lighting requirements of this section are met and, if used, the type(s) and application of low-light technology used.(j) Communication requirements. (1) The licensee shall establish and maintain, continuous communication capability with onsite and offsite resources to ensure effective command and control during both normal and emergency situations.(2) Individuals assigned to each alarm station shall be capable of calling for assistance in accordance with the approved security plans, licensee integrated response plan, and licensee procedures.(3) Each on-duty security officer, watchperson, vehicle escort, and armed response force member shall be capable of maintaining continuous communication with an individual in each alarm station.(4) The following continuous communication capabilities must terminate in both alarm stations required by this section:(i) Conventional telephone service.(ii) Radio or microwave transmitted two-way voice communication, either directly or through an intermediary.(iii) A system for communication with all control rooms, on-duty operations personnel, escorts, local, State, and Federal law enforcement agencies, and all other personnel necessary to coordinate both onsite and offsite responses.(5) Non-portable communications equipment must remain operable from independent power sources in the event of the loss of normal power.(6) The licensee shall identify site areas where communication could be interrupted or can not be maintained and shall establish alternative communication measures for these areas in implementing procedures.(k) Response requirements. (1) Personnel and equipment.(i) The licensee shall establish and maintain, at all times, the minimum number of properly trained and[[Page 62857]]equipped personnel required to intercept, challenge, delay, and neutralize threats up to and including the design basis threat of radiological sabotage as defined in Sec. 73.1, to prevent significant core damage and spent fuel sabotage.(ii) The licensee shall provide and maintain firearms, ammunition, and equipment capable of performing functions commensurate to the needs of each armed member of the security organization to carry out their assigned duties and responsibilities in accordance with the approved security plans, the licensee protective strategy, implementing procedures, and the site specific conditions under which the firearms, ammunition, and equipment will be used.(iii) The licensee shall describe in the approved security plans, all firearms and equipment to be possessed by and readily available to, armed personnel to implement the protective strategy and carry out all assigned duties and responsibilities. This description must include the general distribution and assignment of firearms, ammunition, body armor, and other equipment used.(iv) The licensee shall ensure that all firearms, ammunition, and equipment required by the protective strategy are in sufficient supply, are in working condition, and are readily available for use in accordance with the licensee protective strategy and predetermined time lines.(v) The licensee shall ensure that all armed members of the security organization are trained in the proper use and maintenance of assigned weapons and equipment in accordance with appendix B to part 73.(2) The licensee shall instruct each armed response person to prevent or impede attempted acts of theft or radiological sabotage by using force sufficient to counter the force directed at that person, including the use of deadly force, when the armed response person has a reasonable belief that the use of deadly force is necessary in self- defense or in the defense of others, or any other circumstances as authorized by applicable State law.(3) The licensee shall provide an armed response team consisting of both armed responders and armed security officers to carry out response duties, within predetermined time lines.(i) Armed responders. (A) The licensee shall determine the minimum number of armed responders necessary to protect against the design basis threat described in Sec. 73.1(a), subject to Commission approval, and shall document this number in the approved security plans.(B) Armed responders shall be available at all times inside the protected area and may not be assigned any other duties or responsibilities that could interfere with assigned response duties.(ii) Armed security officers. (A) Armed security officers designated to strengthen response capabilities shall be onsite and available at all times to carry out assigned response duties.(B) The minimum number of armed security officers must be documented in the approved security plans.(iii) The licensee shall ensure that training and qualification requirements accurately reflect the duties and responsibilities to be performed.(iv) The licensee shall ensure that all firearms, ammunition, and equipment needed for completing the actions described in the approved security plans and licensee protective strategy are readily available and in working condition.(4) The licensee shall describe in the approved security plans, procedures for responding to an unplanned incident that reduces the number of available armed response team members below the minimum number documented by the licensee in the approved security plans.(5) Licensees shall develop, maintain, and implement a written protective strategy in accordance with the requirements of this section and appendix C to this part.(6) The licensee shall ensure that all personnel authorized unescorted access to the protected area are trained and understand their roles and responsibilities during security incidents, to include hostage and duress situations.(7) Upon receipt of an alarm or other indication of threat, the licensee shall:(i) Determine the existence of a threat in accordance with assessment procedures.(ii) Identify the level of threat present through the use of assessment methodologies and procedures.(iii) Determine the response necessary to intercept, challenge, delay, and neutralize the threat in accordance with the requirements of appendix C to part 73, the Commission-approved safeguards contingency plan, and the licensee response strategy.(iv) Notify offsite support agencies such as local law enforcement, in accordance with site procedures.(8) The licensee shall document and maintain current agreements with local, State, and Federal law enforcement agencies, to include estimated response times and capabilities.(l) Facilities using mixed-oxide (MOX) fuel assemblies. In addition to the requirements described in this section for protection against radiological sabotage, operating commercial nuclear power reactors licensed under 10 CFR parts 50 or 52 and using special nuclear material in the form of MOX fuel assemblies shall protect unirradiated MOX fuel assemblies against theft or diversion.(1) Licensees shall protect the unirradiated MOX fuel assemblies against theft or diversion in accordance with the requirements of this section and the approved security plans.(2) Commercial nuclear power reactors using MOX fuel assemblies are exempt from the requirements of Sec. Sec. 73.20, 73.45, and 73.46 for the physical protection of unirradiated MOX fuel assemblies.(3) Administrative controls. (i) The licensee shall describe in the approved security plans, the operational and administrative controls to be implemented for the receipt, inspection, movement, storage, and protection of unirradiated MOX fuel assemblies.(ii) The licensee shall implement the use of tamper-indicating devices for unirradiated MOX fuel assembly transport and shall verify their use and integrity before receipt.(iii) Upon delivery of unirradiated MOX fuel assemblies, the licensee shall:(A) Inspect unirradiated MOX fuel assemblies for damage.(B) Search unirradiated MOX fuel assemblies for unauthorized materials.(iv) The licensee may conduct the required inspection and search functions simultaneously.(v) The licensee shall ensure the proper placement and control of unirradiated MOX fuel assemblies as follows:(A) At least one armed security officer, in addition to the armed response team required by paragraphs (h)(4) and (h)(5) of appendix C to part 73, shall be present during the receipt and inspection of unirradiated MOX fuel assemblies.(B) The licensee shall store unirradiated MOX fuel assemblies only within a spent fuel pool, located within a vital area, so that access to the unirradiated MOX fuel assemblies requires passage through at least three physical barriers.(vi) The licensee shall implement a material control and accountability program for the unirradiated MOX fuel assemblies that includes a predetermined and documented storage location for each unirradiated MOX fuel assembly.[[Page 62858]]
(vii) Records that identify the storage locations of unirradiated MOX fuel assemblies are considered safeguards information and must be protected and stored in accordance with Sec. 73.21.(4) Physical controls. (i) The licensee shall lock or disable all equipment and power supplies to equipment required for the movement and handling of unirradiated MOX fuel assemblies.(ii) The licensee shall implement a two-person line-of-sight rule whenever control systems or equipment required for the movement or handling of unirradiated MOX fuel assemblies must be accessed.(iii) The licensee shall conduct random patrols of areas containing unirradiated MOX fuel assemblies to ensure the integrity of barriers and locks, deter unauthorized activities, and to identify indications of tampering.(iv) Locks, keys, and any other access control device used to secure equipment and power sources required for the movement of unirradiated MOX fuel assemblies or openings to areas containing unirradiated MOX fuel assemblies must be controlled by the security organization.(v) Removal of locks used to secure equipment and power sources required for the movement of unirradiated MOX fuel assemblies or openings to areas containing unirradiated MOX fuel assemblies must require approval by both the on-duty security shift supervisor and the operations shift manager.(A) At least one armed security officer shall be present to observe activities involving the movement of unirradiated MOX fuel assemblies before the removal of the locks and providing power to equipment required for the movement or handling of unirradiated MOX fuel assemblies.(B) At least one armed security officer shall be present at all times until power is removed from equipment and locks are secured.(C) Security officers shall be trained and knowledgeable of authorized and unauthorized activities involving unirradiated MOX fuel assemblies.(5) At least one armed security officer shall be present and shall maintain constant surveillance of unirradiated MOX fuel assemblies when the assemblies are not located in the spent fuel pool or reactor.(6) The licensee shall maintain at all times the capability to detect, assess, intercept, challenge, delay, and neutralize threats to unirradiated MOX fuel assemblies in accordance with the requirements of this section.(m) Digital computer and communication networks. (1) The licensee shall implement a cyber-security program that provides high assurance that computer systems, which if compromised would likely adversely impact safety, security, and emergency preparedness, are protected from cyber attacks.(i) The licensee shall describe the cyber-security program requirements in the approved security plans.(ii) The licensee shall incorporate the cyber-security program into the onsite physical protection program.(iii) The cyber-security program must be designed to detect and prevent cyber attacks on protected computer systems.(2) Cyber-security assessment. The licensee shall implement a cyber-security assessment program to systematically assess and manage cyber risks.(3) Policies, requirements, and procedures. (i) The licensee shall apply cyber-security requirements and policies that identify management expectations and requirements for the protection of computer systems.(ii) The licensee shall develop and maintain implementing procedures to ensure cyber-security requirements and policies are implemented effectively.(4) Incident response and recovery. (i) The licensee shall implement a cyber-security incident response and recovery plan to minimize the adverse impact of a cyber-security incident on safety, security, or emergency preparedness systems.(ii) The cyber-security incident response and recovery plan must be described in the integrated response plan required by appendix C to this part.(iii) The cyber-security incident response and recovery plan must ensure the capability to respond to cyber-security incidents, minimize loss and destruction, mitigate and correct the weaknesses that were exploited, and restore systems and/or equipment affected by a cyber- security incident.(5) Protective strategies. The licensee shall implement defense-in- depth protective strategies to protect computer systems from cyber attacks, detecting, isolating, and neutralizing unauthorized activities in a timely manner.(6) Configuration and control management program. The licensee shall implement a configuration and control management program, to include cyber risk analysis, to ensure that modifications to computer system designs, access control measures, configuration, operational integrity, and management process do not adversely impact facility safety, security, and emergency preparedness systems before implementation of those modifications.(7) Cyber-security awareness and training. (i) The licensee shall implement a cyber-security awareness and training program.(ii) The cyber-security awareness and training program must ensure that appropriate plant personnel, including contractors, are aware of cyber-security requirements and that they receive the training required to effectively perform their assigned duties and responsibilities.(n) Security program reviews and audits.(1) The licensee shall review the physical protection program at intervals not to exceed 12 months, or(i) As necessary based upon assessments or other performance indicators.(ii) Within 12 months after a change occurs in personnel, procedures, equipment, or facilities that potentially could adversely affect security.(2) As a minimum, each element of the onsite physical protection program must be reviewed at least every twenty-four (24) months.(i) The onsite physical protection program review must be documented and performed by individuals independent of those personnel responsible for program management and any individual who has direct responsibility for implementing the onsite physical protection program.(ii) Onsite physical protection program reviews and audits must include, but not be limited to, an evaluation of the effectiveness of the approved security plans, implementing procedures, response commitments by local, State, and Federal law enforcement authorities, cyber-security programs, safety/security interface, and the testing, maintenance, and calibration program.(3) The licensee shall periodically review the approved security plans, the integrated response plan, the licensee protective strategy, and licensee implementing procedures to evaluate their effectiveness and potential impact on plant and personnel safety.(4) The licensee shall periodically evaluate the cyber-security program for effectiveness and shall update the cyber-security program as needed to ensure protection against changes to internal and external threats.(5) The licensee shall conduct quarterly drills and annual force- on-force exercises in accordance with appendix C to part 73 and the licensee performance evaluation program.(6) The results and recommendations of the onsite physical protection program reviews and audits, management's findings regarding[[Page 62859]]program effectiveness, and any actions taken as a result of recommendations from prior program reviews, must be documented in a report to the licensee's plant manager and to corporate management at least one level higher than that having responsibility for day-to-day plant operation.(7) Findings from onsite physical protection program reviews, audits, and assessments must be entered into the site corrective action program and protected as safeguards information, if applicable.(8) The licensee shall make changes to the approved security plans and implementing procedures as a result of findings from security program reviews, audits, and assessments, where necessary to ensure the effective implementation of Commission regulations and the licensee protective strategy.(9) Unless otherwise specified by the Commission, onsite physical protection program reviews, audits, and assessments may be conducted up to thirty days prior to, but no later than thirty days after the scheduled date without adverse impact upon the next scheduled annual audit date.(o) Maintenance, testing, and calibration. (1) The licensee shall:(i) Implement a maintenance, testing and calibration program to ensure that security systems and equipment are tested for operability and performance at predetermined intervals, are maintained in operable condition, and are capable of performing their intended function when needed.(ii) Describe the maintenance, testing and calibration program in the approved physical security plan. Implementing procedures must specify operational and technical details required to perform maintenance, testing, and calibration activities to include, but not limited to, purpose of activity, actions to be taken, acceptance criteria, the intervals or frequency at which the activity will be performed, and compensatory actions required.(iii) Document problems, failures, deficiencies, and other findings, to include the cause of each, and enter each into the site corrective action program. The licensee shall protect this information as safeguards information, if applicable.(iv) Implement compensatory measures in a timely manner to ensure that the effectiveness of the onsite physical protection program is not reduced by failure or degraded operation of security-related components or equipment.(2) Each intrusion alarm must be tested for operability at the beginning and end of any period that it is used for security, or if the period of continuous use exceeds seven (7) days, the intrusion alarm must be tested at least once every seven (7) days.(3) Intrusion detection and access control equipment must be performance tested in accordance with the approved security plans.(4) Equipment required for communications onsite must be tested for operability not less frequently than once at the beginning of each security personnel work shift.(5) Communication systems between the alarm stations and each control room, and between the alarm stations and offsite support agencies, to include back-up communication equipment, must be tested for operability at least once each day.(6) Search equipment must be tested for operability at least once each day and tested for performance at least once during each seven (7) day period and before being placed back in service after each repair or inoperative state.(7) All intrusion detection equipment, communication equipment, physical barriers, and other security-related devices or equipment, to include back-up power supplies must be maintained in operable condition.(8) A program for testing or verifying the operability of devices or equipment located in hazardous areas must be specified in the approved security plans and must define alternate measures to be taken to ensure the timely completion of testing or maintenance when the hazardous condition or radiation restrictions are no longer applicable.(p) Compensatory measures. (1) The licensee shall identify measures and criteria needed to compensate for the loss or reduced performance of personnel, equipment, systems, and components, that are required to meet the requirements of this section.(2) Compensatory measures must be designed and implemented to provide a level of protection that is equivalent to the protection that was provided by the degraded or inoperable personnel, equipment, system, or components.(3) Compensatory measures must be implemented within specific time lines necessary to meet the requirements stated in paragraph (b) of this section and described in the approved security plans.(q) Suspension of safeguards measures. (1) The licensee may suspend implementation of affected requirements of this section under the following conditions:(i) In accordance with Sec. Sec. 50.54(x) and 50.54(y) of this chapter, the licensee may suspend any safeguards measures pursuant to this section in an emergency when this action is immediately needed to protect the public health and safety and no action consistent with license conditions and technical specifications that can provide adequate or equivalent protection is immediately apparent. This suspension of safeguards measures must be approved as a minimum by a licensed senior operator prior to taking this action.(ii) During severe weather when the suspension is immediately needed to protect personnel whose assigned duties and responsibilities in meeting the requirements of this section would otherwise constitute a life threatening situation and no action consistent with the requirements of this section that can provide equivalent protection is immediately apparent. Suspension of safeguards due to severe weather must be initiated by the security supervisor and approved by a licensed senior operator prior to taking this action.(2) Suspended security measures must be reimplemented as soon as conditions permit.(3) The suspension of safeguards measures must be reported and documented in accordance with the provisions of Sec. 73.71.(4) Reports made under Sec. 50.72 of this chapter need not be duplicated under Sec. 73.71.(r) Records. (1) The Commission may inspect, copy, retain, and remove copies of all records required to be kept by Commission regulations, orders, or license conditions whether the records are kept by the licensee or a contractor.(2) The licensee shall maintain all records required to be kept by Commission regulations, orders, or license conditions, as a record until the Commission terminates the license for which the records were developed and shall maintain superseded portions of these records for at least three (3) years after the record is superseded, unless otherwise specified by the Commission.(s) Safety/security interface. In accordance with the requirements of Sec. 73.58, the licensee shall develop and implement a process to inform and coordinate safety and security activities to ensure that these activities do not adversely affect the capabilities of the security organization to satisfy the requirements of this section, or overall plant safety.(t) Alternative measures. (1) The Commission may authorize an applicant or licensee to provide a measure for protection against radiological sabotage other than one required by this section if the applicant or licensee demonstrates that:[[Page 62860]]
(i) The measure meets the same performance objective and requirements as specified in paragraph (b) of this section and(ii) The proposed alternative measure provides protection against radiological sabotage or theft of unirradiated MOX fuel assemblies, equivalent to that which would be provided by the specific requirement for which it would substitute.(2) The licensee shall submit each proposed alternative measure to the Commission for review and approval in accordance with Sec. Sec. 50.4 and 50.90 of this chapter before implementation.(3) The licensee shall submit a technical basis for each proposed alternative measure, to include any analysis or assessment conducted in support of a determination that the proposed alternative measure provides a level of protection that is at least equal to that which would otherwise be provided by the specific requirement of this section.(4) Alternative vehicle barrier systems. In the case of alterative vehicle barrier systems required by Sec. 73.55(e)(8), the licensee shall demonstrate that:(i) The alternative measure provides substantial protection against a vehicle bomb, and(ii) Based on comparison of the costs of the alternative measures to the costs of meeting the Commission's requirements using the essential elements of 10 CFR 50.109, the costs of fully meeting the Commission's requirements are not justified by the protection that would be provided.13. Section 73.56 is revised to read as follows:Sec. 73.56 Personnel access authorization requirements for nuclear power plants.(a) Introduction. (1) By [date--180 days--after the effective date of the final rule published in the Federal Register], each nuclear power reactor licensee, licensed under 10 CFR part 50, shall incorporate the revised requirements of this section through amendments to its Commission-approved access authorization program and shall submit the amended program to the Commission for review and approval.(2) The amended program must be submitted as specified in Sec. 50.4 and must describe how the revised requirements of this section will be implemented by the licensee, to include a proposed implementation schedule.(3) The licensee shall implement the existing approved access authorization program and associated Commission orders until Commission approval of the amended program, unless otherwise authorized by the Commission.(4) The licensee is responsible to the Commission for maintaining the authorization program in accordance with Commission regulations and related Commission-directed orders through the implementation of the approved program and site implementing procedures.(5) Applicants for an operating license under the provisions of part 50 of this chapter, or holders of a combined license under the provisions of part 52 of this chapter, shall satisfy the requirements of this section upon receipt of an operating license or upon notice of the Commission's finding under Sec. 52.103(g) of this chapter.(6) Contractors and vendors (C/Vs) who implement authorization programs or program elements shall develop, implement, and maintain authorization programs or program elements that meet the requirements of this section, to the extent that the licensees and applicants specified in paragraphs (a)(1) and (a)(5) of this section rely upon those C/V authorization programs or program elements to meet the requirements of this section. In any case, only a licensee or applicant shall grant or permit an individual to maintain unescorted access to nuclear power plant protected and vital areas.(b) Individuals who are subject to an authorization program. (1) The following individuals shall be subject to an authorization program:(i) Any individual to whom a licensee or applicant grants unescorted access to nuclear power plant protected and vital areas.(ii) Any individual whose assigned duties and responsibilities permit the individual to take actions by electronic means, either onsite or remotely, that could adversely impact a licensees or applicants operational safety, security, or emergency response capabilities; and(iii) Any individual who has responsibilities for implementing a licensee's or applicant's protective strategy, including, but not limited to, armed security force officers, alarm station operators, and tactical response team leaders; and(iv) The licensee's, applicant's, or C/V's reviewing official.(2) At the licensee's, applicant's, or C/V's discretion, other individuals who are designated in access authorization program procedures may be subject to an authorization program that meets the requirements of this section.(c) General performance objective. Access authorization programs must provide high assurance that the individuals who are specified in paragraph (b)(1) of this section, and, if applicable, (b)(2) of this section are trustworthy and reliable, such that they do not constitute an unreasonable risk to public health and safety or the common defense and security, including the potential to commit radiological sabotage.(d) Background investigation. In order to grant unescorted access authorization to an individual, the licensees, applicants, and C/Vs specified in paragraph (a) of this section shall ensure that the individual has been subject to a background investigation. The background investigation must include, but is not limited to, the following elements:(1) Informed consent. The licensees, applicants, and C/Vs specified in paragraph (a) of this section may not initiate any element of a background investigation without the knowledge and written consent of the subject individual. Licensees, applicants, and C/Vs shall inform the individual of his or her right to review information collected to assure its accuracy and provide the individual with an opportunity to correct any inaccurate or incomplete information that is developed by licensees, applicants, and C/Vs about the individual.(i) The subject individual may withdraw his or her consent at any time. The licensee, applicant, or C/V to whom the individual has applied for unescorted access authorization shall inform the individual that--(A) Withdrawal of his or her consent will withdraw the individual's current application for access authorization under the licensee's, applicant's, or C/V's authorization program; and(B) Other licensees, applicants, and C/Vs will have access to information documenting the withdrawal through the information-sharing mechanism required under paragraph (o)(6) of this section.(ii) If an individual withdraws his or her consent, the licensees, applicants, and C/Vs specified in paragraph (a) of this section may not initiate any elements of the background investigation that were not in progress at the time the individual withdrew his or her consent, but shall complete any background investigation elements that are in progress at the time consent is withdrawn. In the information-sharing mechanism required under paragraph (o)(6) of this section, the licensee, applicant, or C/V shall record the individual's application for unescorted access authorization; his or her withdrawal of consent for the background investigation; the reason given by the individual for the withdrawal, if any; and any pertinent information collected from the[[Page 62861]]background investigation elements that were completed.(iii) The licensees, applicants, and C/Vs specified in paragraph (a) of this section shall inform, in writing, any individual who is applying for unescorted access authorization that the following actions related to providing and sharing the personal information under this section are sufficient cause for denial or unfavorable termination of unescorted access authorization:(A) Refusal to provide written consent for the background investigation;(B) Refusal to provide or the falsification of any personal history information required under this section, including the failure to report any previous denial or unfavorable termination of unescorted access authorization;(C) Refusal to provide written consent for the sharing of personal information with other licensees, applicants, or C/Vs required under paragraph (d)(4)(v) of this section; and(D) Failure to report any arrests or formal actions specified in paragraph (g) of this section.(2) Personal history disclosure. (i) Any individual who is applying for unescorted access authorization shall disclose the personal history information that is required by the licensee's, applicant's, or C/V's authorization program and any information that may be necessary for the reviewing official to make a determination of the individual's trustworthiness and reliability.(ii) Licensees, applicants, and C/Vs may not require an individual to disclose an administrative withdrawal of unescorted access authorization under the requirements of paragraphs (g), (h)(7), or (i)(1)(v) of this section, if the individual's unescorted access authorization was not subsequently denied or terminated unfavorably by a licensee, applicant, or C/V.(3) Verification of true identity. Licensees, applicants, and C/Vs shall verify the true identity of an individual who is applying for unescorted access authorization in order to ensure that the applicant is the person that he or she has claimed to be. At a minimum, licensees, applicants, and C/Vs shall validate the social security number that the individual has provided, and, in the case of foreign nationals, the alien registration number that the individual provides. In addition, licensees, applicants, and C/Vs shall also determine whether the results of the fingerprinting required under Sec. 73.21 confirm the individual's claimed identity, if such results are available.(4) Employment history evaluation. Licensees, applicants, and C/Vs shall ensure that an employment history evaluation has been completed, by questioning the individual's present and former employers, and by determining the activities of individuals while unemployed.(i) For the claimed employment period, the employment history evaluation must ascertain the reason for termination, eligibility for rehire, and other information that could reflect on the individual's trustworthiness and reliability.(ii) If the claimed employment was military service, the licensee, applicant, or C/V who is conducting the employment history evaluation shall request a characterization of service, reason for separation, and any disciplinary actions that could affect a trustworthiness and reliability determination.(iii) Periods of self-employment or unemployment may be verified by any reasonable method. If education is claimed in lieu of employment, the licensee, applicant, or C/V shall request information that could reflect on the individual's trustworthiness and reliability and, at a minimum, verify that the individual was actively participating in the educational process during the claimed period.(iv) If a company, previous employer, or educational institution to whom the licensee, applicant, or C/V has directed a request for information refuses to provide information or indicates an inability or unwillingness to provide information within 3 business days of the request, the licensee, applicant, or C/V shall document this refusal, inability, or unwillingness in the licensee's, applicant's, or C/V's record of the investigation, and obtain a confirmation of employment or educational enrollment and attendance from at least one alternate source, with questions answered to the best of the alternate source's ability. This alternate source may not have been previously used by the licensee, applicant, or C/V to obtain information about the individual's character and reputation. If the licensee, applicant, or C/V uses an alternate source because employment information is not forthcoming within 3 business days of the request, the licensee, applicant, or C/V need not delay granting unescorted access authorization to wait for any employer response, but shall evaluate and document the response if it is received.(v) When any licensee, applicant, or C/V specified in paragraph (a) of this section is legitimately seeking the information required for an unescorted access authorization decision under this section and has obtained a signed release from the subject individual authorizing the disclosure of such information, a licensee, applicant, or C/V who is subject to this section shall disclose whether the subject individual's unescorted access authorization was denied or terminated unfavorably. The licensee, applicant, or C/V who receives the request for information shall make available the information upon which the denial or unfavorable termination of unescorted access authorization was based.(vi) In conducting an employment history evaluation, the licensee, applicant, or C/V may obtain information and documents by electronic means, including, but not limited to, telephone, facsimile, or e-mail. The licensee, applicant, or C/V shall make a record of the contents of the telephone call and shall retain that record, and any documents or files obtained electronically, in accordance with paragraph (o) of this section.(5) Credit history evaluation. The licensees, applicants, and C/Vs specified in paragraph (a) of this section shall ensure that the full credit history of any individual who is applying for unescorted access authorization has been evaluated. A full credit history evaluation must include, but would not be limited to, an inquiry to detect potential fraud or misuse of social security numbers or other financial identifiers, and a review and evaluation of all of the information that is provided by a national credit-reporting agency about the individual's credit history.(6) Character and reputation. The licensees, applicants, and C/Vs specified in paragraph (a) of this section shall ascertain the character and reputation of an individual who has applied for unescorted access authorization by conducting reference checks. Reference checks may not be conducted with any person who is known to be a close member of the individual's family, including but not limited to, the individual's spouse, parents, siblings, or children, or any individual who resides in the individual's permanent household. The reference checks must focus on the individual's reputation for trustworthiness and reliability.(7) Criminal history review. The licensee's, applicant's, or C/V's reviewing official shall evaluate the entire criminal history record of an individual who is applying for unescorted access authorization to assist in determining whether the individual has a record of criminal activity that may adversely impact his or her[[Page 62862]]trustworthiness and reliability. The criminal history record must be obtained in accordance with the requirements of Sec. 73.57.(e) Psychological assessment. In order to assist in determining an individual's trustworthiness and reliability, the licensees, applicants, and C/Vs specified in paragraph (a) of this section shall ensure that a psychological assessment has been completed of the individual who is applying for unescorted access authorization. The psychological assessment must be designed to evaluate the possible adverse impact of any noted psychological characteristics on the individual's trustworthiness and reliability.(1) A licensed clinical psychologist or psychiatrist shall conduct the psychological assessment.(2) The psychological assessment must be conducted in accordance with the applicable ethical principles for conducting such assessments established by the American Psychological Association or American Psychiatric Association.(3) At a minimum, the psychological assessment must include the administration and interpretation of a standardized, objective, professionally accepted psychological test that provides information to identify indications of disturbances in personality or psychopathology that may have implications for an individual's trustworthiness and reliability. Predetermined thresholds must be applied in interpreting the results of the psychological test, to determine whether an individual shall be interviewed by a psychiatrist or licensed clinical psychologist under paragraph (e)(4)(i) of this section.(4) The psychological assessment must include a clinical interview--(i) If an individual's scores on the psychological test in paragraph (e)(3) of this section identify indications of disturbances in personality or psychopathology that may have implications for an individual's trustworthiness and reliability; or(ii) If the licensee's or applicant's Physical Security Plan requires a clinical interview based on job assignments.(5) If, in the course of conducting the psychological assessment, the licensed clinical psychologist or psychiatrist identifies indications of, or information related to, a medical condition that could adversely impact the individual's fitness for duty or trustworthiness and reliability, the psychologist or psychiatrist shall inform the reviewing official, who shall ensure that an appropriate evaluation of the possible medical condition is conducted under the requirements of part 26 of this chapter.(f) Behavioral observation. Access authorization programs must include a behavioral observation element that is designed to detect behaviors or activities that may constitute an unreasonable risk to the health and safety of the public and common defense and security, including a potential threat to commit radiological sabotage.(1) The licensees, applicants, and C/Vs specified in paragraph (a) of this section shall ensure that the individuals specified in paragraph (b)(1) of this section and, if applicable, (b)(2) of this section are subject to behavioral observation.(2) The individuals specified in paragraph (b)(1) and, if applicable, (b)(2) of this section shall observe the behavior of other individuals. The licensees, applicants, and C/Vs specified in paragraph (a) of this section shall ensure that individuals who are subject to this section also successfully complete behavioral observation training.(i) Behavioral observation training must be completed before the licensee, applicant, or C/V grants an initial unescorted access authorization, as defined in paragraph (h)(5) of this section, and must be current before the licensee, applicant, or C/V grants an unescorted access authorization update, as defined in paragraph (h)(6) of this section, or an unescorted access authorization reinstatement, as defined in paragraph (h)(7) of this section;(ii) Individuals shall complete refresher training on a nominal 12- month frequency, or more frequently where the need is indicated. Individuals may take and pass a comprehensive examination that meets the requirements of paragraph (f)(2)(iii) of this section in lieu of completing annual refresher training;(iii) Individuals shall demonstrate the successful completion of behavioral observation training by passing a comprehensive examination that addresses the knowledge and abilities necessary to detect behavior or activities that have the potential to constitute an unreasonable risk to the health and safety of the public and common defense and security, including a potential threat to commit radiological sabotage. Remedial training and re-testing are required for individuals who fail to satisfactorily complete the examination.(iv) Initial and refresher training may be delivered using a variety of media (including, but not limited to, classroom lectures, required reading, video, or computer-based training systems). The licensee, applicant, or C/V shall monitor the completion of training.(3) Individuals who are subject to an authorization program under this section shall report to the reviewing official any concerns arising from behavioral observation, including, but not limited to, concerns related to any questionable behavior patterns or activities of others.(g) Arrest reporting. Any individual who has applied for or is maintaining unescorted access authorization under this section shall promptly report to the reviewing official any formal action(s) taken by a law enforcement authority or court of law to which the individual has been subject, including an arrest, an indictment, the filing of charges, or a conviction. On the day that the report is received, the reviewing official shall evaluate the circumstances related to the formal action(s) and determine whether to grant, maintain, administratively withdraw, deny, or unfavorably terminate the individual's unescorted access authorization.(h) Granting unescorted access authorization. The licensees, applicants, and C/Vs specified in paragraph (a) of this section shall implement the requirements of this paragraph for granting initial unescorted access authorization, updated unescorted access authorization, and reinstatement of unescorted access authorization.(1) Accepting unescorted access authorization from other authorization programs. Licensees, applicants, and C/Vs who are seeking to grant unescorted access authorization to an individual who is subject to another authorization program that complies with this section may rely on the program elements completed by the transferring authorization program to satisfy the requirements of this section. An individual may maintain his or her unescorted access authorization if he or she continues to be subject to either the receiving licensee's, applicant's, or C/V's authorization program or the transferring licensee's, applicant's, or C/V's authorization program, or a combination of elements from both programs that collectively satisfy the requirements of this section. The receiving authorization program shall ensure that the program elements maintained by the transferring program remain current.(2) Information sharing. To meet the requirements of this section, licensees, applicants, and C/Vs may rely upon the information that other licensees, applicants, and C/Vs who are subject to
[[Continued on page 62863]]
From the Federal Register Online via GPO Access [wais.access.gpo.gov] ]
[[pp. 62863-62874]] Power Reactor Security Requirements[[Continued from page 62862]]
[[Page 62863]]this section have gathered about individuals who have previously applied for unescorted access authorization and developed about individuals during periods in which the individuals maintained unescorted access authorization.(3) Requirements applicable to all unescorted access authorization categories. Before granting unescorted access authorization to individuals in any category, including individuals whose unescorted access authorization has been interrupted for a period of 30 or fewer days, the licensee, applicant, or C/V shall ensure that--(i) The individual's written consent to conduct a background investigation, if necessary, has been obtained and the individual's true identity has been verified, in accordance with paragraphs (d)(2) and (d)(3) of this section, respectively;(ii) A credit history evaluation or re-evaluation has been completed in accordance with the requirements of paragraphs (d)(5) or (i)(1)(v) of this section, as applicable;(iii) The individual's character and reputation have been ascertained, in accordance with paragraph (d)(6) of this section;(iv) The individual's criminal history record has been obtained and reviewed or updated, in accordance with paragraphs (d)(7) and (i)(1)(v) of this section, as applicable;(v) A psychological assessment or reassessment of the individual has been completed in accordance with the requirements of paragraphs (e) or (i)(1)(v) of this section, as applicable;(vi) The individual has successfully completed the initial or refresher, as applicable, behavioral observation training that is required under paragraph (f) of this section; and(vii) The individual has been informed, in writing, of his or her arrest-reporting responsibilities under paragraph (g) of this section.(4) Interruptions in unescorted access authorization. For individuals who have previously held unescorted access authorization under this section but whose unescorted access authorization has since been terminated under favorable conditions, the licensee, applicant, or C/V shall implement the requirements in this paragraph for initial unescorted access authorization in paragraph (h)(5) of this section, updated unescorted access authorization in paragraph (h)(6) of this section, or reinstatement of unescorted access authorization in paragraph (h)(7) of this section, based upon the total number of days that the individual's unescorted access authorization has been interrupted, to include the day after the individual's last period of unescorted access authorization was terminated and the intervening days until the day upon which the licensee, applicant, or C/V grants unescorted access authorization to the individual. If potentially disqualifying information is disclosed or discovered about an individual, licensees, applicants, and C/V's shall take additional actions, as specified in the licensee's or applicant's physical security plan, in order to grant or maintain the individual's unescorted access authorization.(5) Initial unescorted access authorization. Before granting unescorted access authorization to an individual who has never held unescorted access authorization under this section or whose unescorted access authorization has been interrupted for a period of 3 years or more and whose last period of unescorted access authorization was terminated under favorable conditions, the licensee, applicant, or C/V shall ensure that an employment history evaluation has been completed in accordance with paragraph (d)(4) of this section. The period of the employment history that the individual shall disclose, and the licensee, applicant, or C/V shall evaluate, must be the past 3 years or since the individual's eighteenth birthday, whichever is shorter. For the 1-year period immediately preceding the date upon which the individual applies for unescorted access authorization, the licensee, applicant, or C/V shall ensure that the employment history evaluation is conducted with every employer, regardless of the length of employment. For the remaining 2-year period, the licensee, applicant, or C/V shall ensure that the employment history evaluation is conducted with the employer by whom the individual claims to have been employed the longest within each calendar month, if the individual claims employment during the given calendar month.(6) Updated unescorted access authorization. Before granting unescorted access authorization to an individual whose unescorted access authorization has been interrupted for more than 365 days but fewer than 3 years and whose last period of unescorted access authorization was terminated under favorable conditions, the licensee, applicant, or C/V shall ensure that an employment history evaluation has been completed in accordance with paragraph (d)(4) of this section. The period of the employment history that the individual shall disclose, and the licensee, applicant, or C/V shall evaluate, must be the period since unescorted access authorization was last terminated, up to and including the day the applicant applies for updated unescorted access authorization. For the 1-year period immediately preceding the date upon which the individual applies for updated unescorted access authorization, the licensee, applicant, or C/V shall ensure that the employment history evaluation is conducted with every employer, regardless of the length of employment. For the remaining period since unescorted access authorization was last terminated, the licensee, applicant, or C/V shall ensure that the employment history evaluation is conducted with the employer by whom the individual claims to have been employed the longest within each calendar month, if the individual claims employment during the given calendar month.(7) Reinstatement of unescorted access authorization (31 to 365 days). In order to grant authorization to an individual whose unescorted access authorization has been interrupted for a period of more than 30 days but no more than 365 days and whose last period of unescorted access authorization was terminated under favorable conditions, the licensee, applicant, or C/V shall ensure that an employment history evaluation has been completed in accordance with the requirements of paragraph (d)(4) of this section within 5 business days of reinstating unescorted access authorization. The period of the employment history that the individual shall disclose, and the licensee, applicant, or C/V shall evaluate, must be the period since the individual's unescorted access authorization was terminated, up to and including the day the applicant applies for reinstatement of unescorted access authorization. The licensee, applicant, or C/V shall ensure that the employment history evaluation has been conducted with the employer by whom the individual claims to have been employed the longest within the calendar month, if the individual claims employment during a given calendar month. If the employment history evaluation is not completed within 5 business days due to circumstances that are outside of the licensee's, applicant's, or C/V's control and the licensee, applicant, or C/V is not aware of any potentially disqualifying information regarding the individual within the past 5 years, the licensee, applicant, or C/V may maintain the individual's unescorted access authorization for an additional 5 business days. If the employment history evaluation is not[[Page 62864]]completed within 10 business days of reinstating unescorted access authorization, the licensee, applicant, or C/V shall administratively withdraw the individual's unescorted access authorization until the employment history evaluation is completed.(8) Determination basis. The licensee's, applicant's, or C/V's reviewing official shall determine whether to grant, deny, unfavorably terminate, or maintain or amend an individual's unescorted access authorization status, based on an evaluation of all pertinent information that has been gathered about the individual as a result of any application for unescorted access authorization or developed during or following in any period during which the individual maintained unescorted access authorization. The licensee's, applicant's, or C/V's reviewing official may not determine whether to grant unescorted access authorization to an individual or maintain an individual's unescorted access authorization until all of the required information has been provided to the reviewing official and he or she determines that the accumulated information supports a positive finding of trustworthiness and reliability.(9) Unescorted access for NRC-certified personnel. The licensees and applicants specified in paragraph (a) of this section shall grant unescorted access to all individuals who have been certified by the NRC as suitable for such access including, but not limited to, contractors to the NRC and NRC employees.(10) Access prohibited. Licensees and applicants may not permit an individual, who is identified as having an access-denied status in the information-sharing mechanism required under paragraph (o)(6) of this section, or has an access authorization status other than favorably terminated, to enter any nuclear power plant protected area or vital area, under escort or otherwise, or take actions by electronic means that could impact the licensee's operational safety, security, or emergency response capabilities, under supervision or otherwise, except if, upon evaluation, the reviewing official determines that such access is warranted. Licensees and applicants shall develop reinstatement review procedures for assessing individuals who have been in an access- denied status.(i) Maintaining access authorization. (1) Individuals may maintain unescorted access authorization under the following conditions:(i) The individual remains subject to a behavioral observation program that complies with the requirements of paragraph (f) of this section;(ii) The individual successfully completes behavioral observation refresher training or testing on the nominal 12-month frequency required in (f)(2)(ii) of this section;(iii) The individual complies with the licensee's, applicant's, or C/V's authorization program policies and procedures to which he or she is subject, including the arrest-reporting responsibility specified in paragraph (g) of this section;(iv) The individual is subject to a supervisory interview at a nominal 12-month frequency, conducted in accordance with the requirements of the licensee's or applicant's Physical Security Plan; and(v) The licensee, applicant, or C/V determines that the individual continues to be trustworthy and reliable. This determination must be made as follows:(A) The licensee, applicant, or C/V shall complete a criminal history update, credit history re-evaluation, and psychological re- assessment of the individual within 5 years of the date on which these elements were last completed, or more frequently, based on job assignment;(B) The reviewing official shall complete an evaluation of the information obtained from the criminal history update, credit history re-evaluation, psychological re-assessment, and the supervisory interview required under paragraph (i)(1)(iv) of this section within 30 calendar days of initiating any one of these elements;(C) The results of the criminal history update, credit history re- evaluation, psychological re-assessment, and the supervisory interview required under paragraph (i)(1)(iv) of this section must support a positive determination of the individual's continued trustworthiness and reliability; and(D) If the criminal history update, credit history re-evaluation, psychological re-assessment, and supervisory review have not been completed and the information evaluated by the reviewing official within 5 years of the initial completion of these elements or the most recent update, re-evaluation, and re-assessment under this paragraph, or within the time period specified in the licensee's or applicant's Physical Security Plans, the licensee, applicant, or C/V shall administratively withdraw the individual's unescorted access authorization until these requirements have been met.(2) If an individual who has unescorted access authorization is not subject to an authorization program that meets the requirements of this part for more than 30 continuous days, then the licensee, applicant, or C/V shall terminate the individual's unescorted access authorization and the individual shall meet the requirements in this section, as applicable, to regain unescorted access authorization.(j) Access to vital areas. Each licensee and applicant who is subject to this section shall establish, implement, and maintain a list of individuals who are authorized to have unescorted access to specific nuclear power plant vital areas to assist in limiting access to those vital areas during non-emergency conditions. The list must include only those individuals who require access to those specific vital areas in order to perform their duties and responsibilities. The list must be approved by a cognizant licensee or applicant manager, or supervisor who is responsible for directing the work activities of the individual who is granted unescorted access to each vital area, and updated and re-approved no less frequently than every 31 days.(k) Trustworthiness and reliability of background screeners and authorization program personnel. Licensees, applicants, and C/Vs shall ensure that any individuals who collect, process, or have access to personal information that is used to make unescorted access authorization determinations under this section have been determined to be trustworthy and reliable.(1) Background screeners. Licensees, applicants, and C/Vs who rely on individuals who are not directly under their control to collect and process information that will be used by a reviewing official to make unescorted access authorization determinations shall ensure that a background check of such individuals has been completed and determines that such individuals are trustworthy and reliable. At a minimum, the following checks are required:(i) Verification of the individual's identity;(ii) A local criminal history review and evaluation from the State of the individual's permanent residence;(iii) A credit history review and evaluation;(iv) An employment history review and evaluation for the past 3 years; and(v) An evaluation of character and reputation.(2) Authorization program personnel. Licensees, applicants, and C/ Vs shall ensure that any individual who evaluates personal information for the[[Page 62865]]purpose of processing applications for unescorted access authorization including, but not limited to a clinical psychologist or psychiatrist who conducts psychological assessments under paragraph (e) of this section; has access to the files, records, and personal information associated with individuals who have applied for unescorted access authorization; or is responsible for managing any databases that contain such files, records, and personal information has been determined to be trustworthy and reliable, as follows:(i) The individual is subject to an authorization program that meets requirements of this section; or(ii) The licensee, applicant, or C/V determines that the individual is trustworthy and reliable based upon an evaluation that meets the requirements of paragraphs (d)(1) through (d)(5) and (e) of this section and a local criminal history review and evaluation from the State of the individual's permanent residence.(l) Review procedures. Each licensee, applicant, and C/V who is implementing an authorization program under this section shall include a procedure for the review, at the request of the affected individual, of a denial or unfavorable termination of unescorted access authorization. The procedure must require that the individual is informed of the grounds for the denial or unfavorable termination and allow the individual an opportunity to provide additional relevant information, and provide an opportunity for an objective review of the information on which the denial or unfavorable termination of unescorted access authorization was based. The procedure may be an impartial and independent internal management review. Licensees and applicants may not grant or permit the individual to maintain unescorted access authorization during the review process.(m) Protection of information. Each licensee, applicant, or C/V who is subject to this section who collects personal information about an individual for the purpose of complying with this section, shall establish and maintain a system of files and procedures to protect the personal information.(1) Licensees, applicants, and C/Vs shall obtain a signed consent from the subject individual that authorizes the disclosure of the personal information collected and maintained under this section before disclosing the personal information, except for disclosures to the following individuals:(i) The subject individual or his or her representative, when the individual has designated the representative in writing for specified unescorted access authorization matters;(ii) NRC representatives;(iii) Appropriate law enforcement officials under court order;(iv) A licensee's, applicant's, or C/V's representatives who have a need to have access to the information in performing assigned duties, including determinations of trustworthiness and reliability, and audits of authorization programs;(v) The presiding officer in a judicial or administrative proceeding that is initiated by the subject individual;(vi) Persons deciding matters under the review procedures in paragraph (k) of this section; and(vii) Other persons pursuant to court order.(2) Personal information that is collected under this section must be disclosed to other licensees, applicants, and C/Vs, or their authorized representatives, who are seeking the information for unescorted access authorization determinations under this section and who have obtained a signed release from the subject individual.(3) Upon receipt of a written request by the subject individual or his or her designated representative, the licensee, applicant, or C/V possessing such records shall promptly provide copies of all records pertaining to a denial or unfavorable termination of the individual's unescorted access authorization.(4) A licensee's, applicant's, or C/V's contracts with any individual or organization who collects and maintains personal information that is relevant to an unescorted access authorization determination must require that such records be held in confidence, except as provided in paragraphs (m)(1) through (m)(3) of this section.(5) Licensees, applicants, and C/Vs who collect and maintain personal information under this section, and any individual or organization who collects and maintains personal information on behalf of a licensee, applicant, or C/V, shall establish, implement, and maintain a system and procedures for the secure storage and handling of the personal information collected.(6) This paragraph does not authorize the licensee, applicant, or C/V to withhold evidence of criminal conduct from law enforcement officials.(n) Audits and corrective action. Each licensee and applicant who is subject to this section shall be responsible for the continuing effectiveness of the authorization program, including authorization program elements that are provided by C/Vs, and the authorization programs of any C/Vs that are accepted by the licensee and applicant. Each licensee, applicant, and C/V who is subject to this section shall ensure that authorization programs and program elements are audited to confirm compliance with the requirements of this section and that comprehensive actions are taken to correct any non-conformance that is identified.(1) Each licensee, applicant, and C/V who is subject to this section shall ensure that their entire authorization program is audited as needed, but no less frequently than nominally every 24 months. Licensees, applicants, and C/Vs are responsible for determining the appropriate frequency, scope, and depth of additional auditing activities within the nominal 24-month period based on the review of program performance indicators, such as the frequency, nature, and severity of discovered problems, personnel or procedural changes, and previous audit findings.(2) Authorization program services that are provided to a licensee, or applicant, by C/V personnel who are off site or are not under the direct daily supervision or observation of the licensee's or applicant's personnel must be audited on a nominal 12-month frequency. In addition, any authorization program services that are provided to C/ Vs by subcontractor personnel who are off site or are not under the direct daily supervision or observation of the C/V's personnel must be audited on a nominal 12-month frequency.(3) Licensees' and applicants' contracts with C/Vs must reserve the right to audit the C/V and the C/V's subcontractors providing authorization program services at any time, including at unannounced times, as well as to review all information and documentation that is reasonably relevant to the performance of the program.(4) Licensees' and applicants' contracts with C/Vs, and a C/V's contracts with subcontractors, must also require that the licensee or applicant shall be provided with, or permitted access to, copies of any documents and take away any documents that may be needed to assure that the C/V and its subcontractors are performing their functions properly and that staff and procedures meet applicable requirements.(5) Audits must focus on the effectiveness of the authorization program or program element(s), as appropriate. At least one member of the audit team shall be a person who is knowledgeable of and practiced with meeting authorization program[[Page 62866]]performance objectives and requirements. The individuals performing the audit of the authorization program or program element(s) shall be independent from both the subject authorization program's management and from personnel who are directly responsible for implementing the authorization program(s) being audited.(6) The result of the audits, along with any recommendations, must be documented and reported to senior corporate and site management. Each audit report must identify conditions that are adverse to the proper performance of the authorization program, the cause of the condition(s), and, when appropriate, recommended corrective actions, and corrective actions taken. The licensee, applicant, or C/V shall review the audit findings and take any additional corrective actions, to include re-auditing of the deficient areas where indicated, to preclude, within reason, repetition of the condition. The resolution of the audit findings and corrective actions must be documented.(7) Licensees and applicants may jointly conduct audits, or may accept audits of C/Vs that were conducted by other licensees and applicants who are subject to this section, if the audit addresses the services obtained from the C/V by each of the sharing licensees and applicants. C/Vs may jointly conduct audits, or may accept audits of its subcontractors that were conducted by other licensees, applicants, and C/Vs who are subject to this section, if the audit addresses the services obtained from the subcontractor by each of the sharing licensees, applicants, and C/Vs.(i) Licensees, applicants, and C/Vs shall review audit records and reports to identify any areas that were not covered by the shared or accepted audit and ensure that authorization program elements and services upon which the licensee, applicant, or C/V relies are audited, if the program elements and services were not addressed in the shared audit.(ii) Sharing licensees and applicants need not re-audit the same C/ V for the same period of time. Sharing C/Vs need not re-audit the same subcontractor for the same period of time.(iii) Each sharing licensee, applicant, and C/V shall maintain a copy of the shared audit, including findings, recommendations, and corrective actions.(o) Records. Each licensee, applicant, and C/V who is subject to this section shall maintain the records that are required by the regulations in this section for the period specified by the appropriate regulation. If a retention period is not otherwise specified, these records must be retained until the Commission terminates the facility's license, certificate, or other regulatory approval.(1) All records may be stored and archived electronically, provided that the method used to create the electronic records meets the following criteria:(i) Provides an accurate representation of the original records;(ii) Prevents unauthorized access to the records;(iii) Prevents the alteration of any archived information and/or data once it has been committed to storage; and(iv) Permits easy retrieval and re-creation of the original records.(2) Each licensee, applicant, and C/V who is subject to this section shall retain the following records for at least 5 years after the licensee, applicant, or C/V terminates or denies an individual's unescorted access authorization or until the completion of all related legal proceedings, whichever is later:(i) Records of the information that must be collected under paragraphs (d) and (e) of this section that results in the granting of unescorted access authorization;(ii) Records pertaining to denial or unfavorable termination of unescorted access authorization and related management actions; and(iii) Documentation of the granting and termination of unescorted access authorization.(3) Each licensee, applicant, and C/V who is subject to this section shall retain the following records for at least 3 years or until the completion of all related legal proceedings, whichever is later:(i) Records of behavioral observation training conducted under paragraph (f)(2) of this section; and(ii) Records of audits, audit findings, and corrective actions taken under paragraph (n) of this section.(4) Licensees, applicants, and C/Vs shall retain written agreements for the provision of services under this section for the life of the agreement or until completion of all legal proceedings related to a denial or unfavorable termination of unescorted access authorization that involved those services, whichever is later.(5) Licensees, applicants, and C/Vs shall retain records of the background checks, and psychological assessments of authorization program personnel, conducted under paragraphs (d) and (e) of this section, for the length of the individual's employment by or contractual relationship with the licensee, applicant, or C/V, or until the completion of any legal proceedings relating to the actions of such authorization program personnel, whichever is later.(6) Licensees, applicants, and C/Vs shall ensure that the information about individuals who have applied for unescorted access authorization, which is specified in the licensee's or applicant's Physical Security Plan, is recorded and retained in an information- sharing mechanism that is established and administered by the licensees, applicants, and C/Vs who are subject to his section. Licensees, applicants, and C/Vs shall ensure that only correct and complete information is included in the information-sharing mechanism. If, for any reason, the shared information used for determining an individual's trustworthiness and reliability changes or new information is developed about the individual, licensees, applicants, and C/Vs shall correct or augment the shared information contained in the information-sharing mechanism. If the changed or developed information has implications for adversely affecting an individual's trustworthiness and reliability, the licensee, applicant, or C/V who has discovered the incorrect information, or develops new information, shall inform the reviewing official of any authorization program under which the individual is maintaining unescorted access authorization of the updated information on the day of discovery. The reviewing official shall evaluate the information and take appropriate actions, which may include denial or unfavorable termination of the individual's unescorted access authorization. If, for any reason, the information- sharing mechanism is unavailable and a notification of changes or updated information is required, licensees, applicants, and C/Vs shall take manual actions to ensure that the information is shared, and update the records in the information-sharing mechanism as soon as reasonably possible. Records maintained in the database must be available for NRC review.(7) If a licensee, applicant, or C/V administratively withdraws an individual's unescorted access authorization under the requirements of this section, the licensee, applicant, or C/V may not record the administrative action to withdraw the individual's unescorted access authorization as an unfavorable termination and may not disclose it in response to a suitable inquiry conducted under the provisions of part 26 of this chapter, a background investigation conducted under the[[Page 62867]]provisions of this section, or any other inquiry or investigation. Immediately upon favorable completion of the background investigation element that caused the administrative withdrawal, the licensee, applicant, or C/V shall ensure that any matter that could link the individual to the temporary administrative action is eliminated from the subject individual's access authorization or personnel record and other records, except if a review of the information obtained or developed causes the reviewing official to unfavorably terminate the individual's unescorted access.14. Section 73.58 is added to read as follows:Sec. 73.58 Safety/security interface requirements for nuclear power reactors.Each operating nuclear power reactor licensee with a license issued under part 50 or 52 of this chapter shall comply with the requirements of this section.(a)(1) The licensee shall assess and manage the potential for adverse affects on safety and security, including the site emergency plan, before implementing changes to plant configurations, facility conditions, or security.(2) The scope of changes to be assessed and managed must include planned and emergent activities (such as, but not limited to, physical modifications, procedural changes, changes to operator actions or security assignments, maintenance activities, system reconfiguration, access modification or restrictions, and changes to the security plan and its implementation).(b) Where potential adverse interactions are identified, the licensee shall communicate them to appropriate licensee personnel and take compensatory and/or mitigative actions to maintain safety and security under applicable Commission regulations, requirements, and license conditions.15. In Sec. 73.70, paragraph (c) is revised to read as follows:Sec. 73.70 Records.* * * * *(c) A register of visitors, vendors, and other individuals not employed by the licensee under Sec. Sec. 73.46(d)(13), 73.55(g)(7)(ii), or 73.60. The licensee shall retain this register as a record, available for inspection, for three (3) years after the last entry is made in the register. * * * * *16. Section 73.71 is revised to read as follows:Sec. 73.71 Reporting of safeguards events.(a) Each licensee subject to the provisions of Sec. 73.55 shall notify the NRC Operations Center,\3\ as soon as possible but not later than 15 minutes after discovery of an imminent or actual safeguards threat against the facility and other safeguards events described in paragraph I of appendix G to this part.\4\
\3\ Commercial (secure and non-secure) telephone numbers of the NRC Operations Center are specified in appendix A of this part.\4\ Notifications to the NRC for the declaration of an emergency class shall be performed in accordance with Sec. 50.72 of this chapter.
(1) When making a report under paragraph (a) of this section, the licensee shall:(i) Identify the facility name; and(ii) Briefly describe the nature of the threat or event, including:(A) Type of threat or event (e.g., armed assault, vehicle bomb, credible bomb threat, etc.); and(B) Threat or event status (i.e., imminent, in progress, or neutralized).(2) Notifications must be made according to paragraph (e) of this section, as applicable.(b) Each licensee subject to the provisions of Sec. Sec. 73.25, 73.26, 73.27(c), 73.37, 73.67(e), or 73.67(g) shall notify the NRC Operations Center within one hour after discovery of the loss of any shipment of special nuclear material (SNM) or spent nuclear fuel, and within one hour after recovery of or accounting for the lost shipment. Notifications must be made according to paragraph (e) of this section, as applicable.(c) Each licensee subject to the provisions of Sec. Sec. 73.20, 73.37, 73.50, 73.51, 73.55, 73.60, or 73.67 shall notify the NRC Operations Center within one hour after discovery of the safeguards events described in paragraph II of appendix G to this part. Notifications must be made according to paragraph (e) of this section, as applicable.(d) Each licensee subject to the provisions of Sec. 73.55 shall notify the NRC Operations Center, as soon as possible but not later than four (4) hours after discovery of the safeguards events described in paragraph III of appendix G to this part. Notifications must be made according to paragraph (e) of this section, as applicable.(e) The licensee shall make the telephonic notifications required by paragraphs (a), (b), (c) and (d) of this section to the NRC Operations Center via the Emergency Notification System, or other dedicated telephonic system that may be designated by the Commission, if the licensee has access to that system.(1) If the Emergency Notification System or other designated telephonic system is inoperative or unavailable, licensees shall make the required notification via commercial telephonic service or any other methods that will ensure that a report is received by the NRC Operations Center within the timeliness requirements of paragraphs (a), (b), (c), and (d) of this section, as applicable.(2) The exception of Sec. 73.21(g)(3) for emergency or extraordinary conditions applies to all telephonic reports required by this section.(3) For events reported under paragraph (a) of this section, the licensee may be requested by the NRC to maintain an open, continuous communication channel with the NRC Operations Center, once the licensee has completed other required notifications under this section, Sec. 50.72 of this chapter, or appendix E of part 50 of this chapter and any immediate actions to stabilize the plant. When established, the continuous communications channel shall be staffed by a knowledgeable individual in the licensee's security or operations organizations (e.g., a security supervisor, an alarm station operator, operations personnel, etc.) from a location deemed appropriate by the licensee. The continuous communications channel may be established via the Emergency Notification System or dedicated telephonic system that may be designated by the Commission, if the licensee has access to these systems, or a commercial telephonic system.(4) For events reported under paragraphs (b) or (c) of this section, the licensee shall maintain an open, continuous communication channel with the NRC Operations Center upon request from the NRC.(5) For events reported under paragraph (d) of this section, the licensee is not required to maintain an open, continuous communication channel with the NRC Operations Center.(f) Each licensee subject to the provisions of Sec. Sec. 73.20, 73.37, 73.50, 73.51, 73.55, 73.60, or each licensee possessing SSNM and subject to the provisions of Sec. 73.67(d) shall maintain a current safeguards event log.(1) The licensee shall record the safeguards events described in paragraph IV of appendix G of this part within 24 hours of discovery.(2) The licensee shall retain the log of events recorded under this section as a record for three (3) years after the last entry is made in each log or until termination of the license.(g) Written reports. (1) Each licensee making an initial telephonic notification[[Page 62868]]under paragraphs (a), (b), and (c) of this section shall also submit a written report to the NRC within a 60 day period by an appropriate method listed in Sec. 73.4.(2) Licenses are not required to submit a written report following a telephonic notification made under paragraph (d) of this section.(3) Each licensee shall submit to the Commission written reports that are of a quality that will permit legible reproduction and processing.(4) Licensees subject to Sec. 50.73 of this chapter shall prepare the written report on NRC Form 366.(5) Licensees not subject to Sec. 50.73 of this chapter shall prepare the written report in letter format.(6) In addition to the addressees specified in Sec. 73.4, the licensee shall also provide one copy of the written report addressed to the Director, Office of Nuclear Security and Incident Response.(7) The report must include sufficient information for NRC analysis and evaluation.(8) Significant supplemental information which becomes available after the initial telephonic notification to the NRC Operations Center or after the submission of the written report must be telephonically reported to the NRC Operations Center under paragraph (e) of this section and also submitted in a revised written report (with the revisions indicated) as required under paragraph (g)(6) of this section.(9) Errors discovered in a written report must be corrected in a revised report with revisions indicated.(10) The revised report must replace the previous report; the update must be complete and not be limited to only supplementary or revised information.(11) Each licensee shall maintain a copy of the written report of an event submitted under this section as a record for a period of three (3) years from the date of the report.(h) Duplicate reports are not required for events that are also reportable in accordance with Sec. Sec. 50.72 and 50.73 of this chapter.17. In appendix B to part 73, a new section VI is added to the table of contents, the introduction text is revised by adding a new paragraph between the first and second undesignated paragraphs, and section VI is added to read as follows:Appendix B to Part 73--General Criteria for Security PersonnelTable of Contents* * * * * VI. Nuclear Power Reactor Training and Qualification Plan A. General Requirements and Introduction B. Employment Suitability and Qualification C. Duty Training D. Duty Qualification and Requalification E. Weapons Training F. Weapons Qualification and Requalification Program G. Weapons, Personnel Equipment, and Maintenance H. Records I. Audits and Reviews J. DefinitionsIntroduction* * * * *Applicants and power reactor licensees subject to the requirements of Sec. 73.55 shall comply only with the requirements in section VI of this appendix. All other licensees, applicants, or certificate holders shall comply only with Sections I through V of this appendix . * * * * *VI. Nuclear Power Reactor Training and Qualification PlanA. General Requirements and Introduction1. The licensee shall ensure that all individuals who are assigned duties and responsibilities required to prevent significant core damage and spent fuel sabotage, implement the Commission- approved security plans, licensee response strategy, and implementing procedures, meet minimum training and qualification requirements to ensure each individual possesses the knowledge, skills, and abilities required to effectively perform the assigned duties and responsibilities.2. To ensure that those individuals who are assigned to perform duties and responsibilities required for the implementation of the Commission-approved security plans, licensee response strategy, and implementing procedures are properly suited, trained, equipped, and qualified to perform their assigned duties and responsibilities, the Commission has developed minimum training and qualification requirements that must be implemented through a Commission-approved training and qualification plan.3. The licensee shall establish, maintain, and follow a Commission-approved training and qualification plan, describing how the minimum training and qualification requirements set forth in this appendix will be met, to include the processes by which all members of the security organization, will be selected, trained, equipped, tested, and qualified.4. Each individual assigned to perform security program duties and responsibilities required to effectively implement the Commission-approved security plans, licensee protective strategy, and the licensee implementing procedures, shall demonstrate the knowledge, skills, and abilities required to effectively perform the assigned duties and responsibilities before the individual is assigned the duty or responsibility.5. The licensee shall ensure that the training and qualification program simulates, as closely as practicable, the specific conditions under which the individual shall be required to perform assigned duties and responsibilities.6. The licensee may not allow any individual to perform any security function, assume any security duties or responsibilities, or return to security duty, until that individual satisfies the training and qualification requirements of this appendix and the Commission-approved training and qualification plan, unless specifically authorized by the Commission.7. Annual requirements must be scheduled at a nominal twelve (12) month periodicity. Annual requirements may be completed up to three (3) months before or three (3) months after the scheduled date. However, the next annual training must be scheduled twelve (12) months from the previously scheduled date rather than the date the training was actually completed.B. Employment Suitability and Qualification1. Suitability.a. Before employment, or assignment to the security organization, an individual shall:(1) Possess a high school diploma or pass an equivalent performance examination designed to measure basic mathematical, language, and reasoning skills, abilities, and knowledge required to perform security duties and responsibilities;(2) Have attained the age of 21 for an armed capacity or the age of 18 for an unarmed capacity; and(3) An unarmed individual assigned to the security organization may not have any felony convictions that reflect on the individual's reliability.b. The qualification of each individual to perform assigned duties and responsibilities must be documented by a qualified training instructor and attested to by a security supervisor.2. Physical qualifications.a. General physical qualifications.(1) Individuals whose duties and responsibilities are directly associated with the effective implementation of the Commission- approved security plans, licensee protective strategy, and implementing procedures, may not have any physical conditions that would adversely affect their performance.(2) Armed and unarmed members of the security organization shall be subject to a physical examination designed to measure the individual's physical ability to perform assigned duties and responsibilities as identified in the Commission-approved security plans, licensee protective strategy, and implementing procedures.(3) This physical examination must be administered by a licensed health professional with final determination being made by a licensed physician to verify the individual's physical capability to perform assigned duties and responsibilities.(4) The licensee shall ensure that both armed and unarmed members of the security organization who are assigned security duties and responsibilities identified in the Commission-approved security plans, the licensee protective strategy, and implementing procedures, meet the following minimum physical requirements, as required to effectively perform their assigned duties.[[Page 62869]]
b. Vision.(1) For each individual, distant visual acuity in each eye shall be correctable to 20/30 (Snellen or equivalent) in the better eye and 20/40 in the other eye with eyeglasses or contact lenses.(2) Near visual acuity, corrected or uncorrected, shall be at least 20/40 in the better eye.(3) Field of vision must be at least 70 degrees horizontal meridian in each eye.(4) The ability to distinguish red, green, and yellow colors is required.(5) Loss of vision in one eye is disqualifying.(6) Glaucoma is disqualifying, unless controlled by acceptable medical or surgical means, provided that medications used for controlling glaucoma do not cause undesirable side effects which adversely affect the individual's ability to perform assigned security job duties, and provided the visual acuity and field of vision requirements stated previously are met.(7) On-the-job evaluation must be used for individuals who exhibit a mild color vision defect.(8) If uncorrected distance vision is not at least 20/40 in the better eye, the individual shall carry an extra pair of corrective lenses in the event that the primaries are damaged. Corrective eyeglasses must be of the safety glass type.(9) The use of corrective eyeglasses or contact lenses may not interfere with an individual's ability to effectively perform assigned duties and responsibilities during normal or emergency conditions.c. Hearing.(1) Individuals may not have hearing loss in the better ear greater than 30 decibels average at 500 Hz, 1,000 Hz, and 2,000 Hz with no level greater that 40 decibels at any one frequency.(2) A hearing aid is acceptable provided suitable testing procedures demonstrate auditory acuity equivalent to the hearing requirement.(3) The use of a hearing aid may not decrease the effective performance of the individual's assigned security job duties during normal or emergency operations.d. Existing medical conditions.(1) Individuals may not have an established medical history or medical diagnosis of existing medical conditions which could interfere with or prevent the individual from effectively performing assigned duties and responsibilities.(2) If a medical condition exists, the individual shall provide medical evidence that the condition can be controlled with medical treatment in a manner which does not adversely affect the individual's fitness-for-duty, mental alertness, physical condition, or capability to otherwise effectively perform assigned duties and responsibilities.e. Addiction. Individuals may not have any established medical history or medical diagnosis of habitual alcoholism or drug addiction, or, where this type of condition has existed, the individual shall provide certified documentation of having completed a rehabilitation program which would give a reasonable degree of confidence that the individual would be capable of effectively performing assigned duties and responsibilities.f. Other physical requirements. An individual who has been incapacitated due to a serious illness, injury, disease, or operation, which could interfere with the effective performance of assigned duties and responsibilities shall, before resumption of assigned duties and responsibilities, provide medical evidence of recovery and ability to perform these duties and responsibilities.3. Psychological qualifications.a. Armed and unarmed members of the security organization shall demonstrate the ability to apply good judgment, mental alertness, the capability to implement instructions and assigned tasks, and possess the acuity of senses and ability of expression sufficient to permit accurate communication by written, spoken, audible, visible, or other signals required by assigned duties and responsibilities.b. A licensed clinical psychologist, psychiatrist, or physician trained in part to identify emotional instability shall determine whether armed members of the security organization and alarm station operators in addition to meeting the requirement stated in paragraph a. of this section, have no emotional instability that would interfere with the effective performance of assigned duties and responsibilities.c. A person professionally trained to identify emotional instability shall determine whether unarmed members of the security organization in addition to meeting the requirement stated in paragraph a. of this section, have no emotional instability that would interfere with the effective performance of assigned duties and responsibilities.4. Medical examinations and physical fitness qualifications.a. Armed members of the security organization shall be subject to a medical examination by a licensed physician, to determine the individual's fitness to participate in physical fitness tests. The licensee shall obtain and retain a written certification from the licensed physician that no medical conditions were disclosed by the medical examination that would preclude the individual's ability to participate in the physical fitness tests or meet the physical fitness attributes or objectives associated with assigned duties.b. Before assignment, armed members of the security organization shall demonstrate physical fitness for assigned duties and responsibilities by performing a practical physical fitness test.(1) The physical fitness test must consider physical conditions such as strenuous activity, physical exertion, levels of stress, and exposure to the elements as they pertain to each individual's assigned security job duties for both normal and emergency operations and must simulate site specific conditions under which the individual will be required to perform assigned duties and responsibilities.(2) The licensee shall describe the physical fitness test in the Commission-approved training and qualification plan.(3) The physical fitness test must include physical attributes and performance objectives which demonstrate the strength, endurance, and agility, consistent with assigned duties in the Commission-approved security plans, licensee protective strategy, and implementing procedures during normal and emergency conditions.(4) The physical fitness qualification of each armed member of the security organization must be documented by a qualified training instructor and attested to by a security supervisor.5. Physical requalification.a. At least annually, armed and unarmed members of the security organization shall be required to demonstrate the capability to meet the physical requirements of this appendix and the licensee training and qualification plan.b. The physical requalification of each armed and unarmed member of the security organization must be documented by a qualified training instructor and attested to by a security supervisor.C. Duty Training1. Duty training and qualification requirements. All personnel who are assigned to perform any security-related duty or responsibility, shall be trained and qualified to perform assigned duties and responsibilities to ensure that each individual possesses the minimum knowledge, skills, and abilities required to effectively carry out those assigned duties and responsibilities.a. The areas of knowledge, skills, and abilities that are required to perform assigned duties and responsibilities must be identified in the licensee's Commission-approved training and qualification plan.b. Each individual who is assigned duties and responsibilities identified in the Commission-approved security plans, licensee protective strategy, and implementing procedures shall, before assignment:(1) Be trained to perform assigned duties and responsibilities in accordance with the requirements of this appendix and the Commission-approved training and qualification plan.(2) meet the minimum qualification requirements of this appendix and the Commission-approved training and qualification plan.(3) be trained and qualified in the use of all equipment or devices required to effectively perform all assigned duties and responsibilities.2. On-the-job training.a. The licensee training and qualification program must include on-the-job training performance standards and criteria to ensure that each individual demonstrates the requisite knowledge, skills, and abilities needed to effectively carry-out assigned duties and responsibilities in accordance with the Commission-approved security plans, licensee protective strategy, and implementing procedures, before the individual is assigned the duty or responsibility.b. In addition to meeting the requirement stated in paragraph C.2.a., before assignment, individuals assigned duties and responsibilities to implement the Safeguards[[Page 62870]]Contingency Plan shall complete a minimum of 40 hours of on-the-job training to demonstrate their ability to effectively apply the knowledge, skills, and abilities required to effectively perform assigned duties and responsibilities in accordance with the approved security plans, licensee protective strategy, and implementing procedures. On-the-job training must be documented by a qualified training instructor and attested to by a security supervisor.c. On-the-job training for contingency activities and drills must include, but is not limited to, hands-on application of knowledge, skills, and abilities related to:(1) Response team duties.(2) Use of force.(3) Tactical movement.(4) Cover and concealment.(5) Defensive-positions.(6) Fields-of-fire.(7) Re-deployment.(8) Communications (primary and alternate).(9) Use of assigned equipment.(10) Target sets.(11) Table top drills.(12) Command and control duties.3. Tactical response team drills and exercises.a. Licensees shall demonstrate response capabilities through a performance evaluation program as described in appendix C to this part.b. The licensee shall conduct drills and exercises in accordance with Commission-approved security plans, licensee protective strategy, and implementing procedures.(1) Drills and exercises must be designed to challenge participants in a manner which requires each participant to demonstrate requisite knowledge, skills, and abilities.(2) Tabletop exercises may be used to supplement drills and exercises to accomplish desired training goals and objectives.D. Duty Qualification and Requalification1. Qualification demonstration.a. Armed and unarmed members of the security organization shall demonstrate the required knowledge, skills, and abilities to carry out assigned duties and responsibilities as stated in the Commission-approved security plans, licensee protective strategy, and implementing procedures.b. This demonstration must include an annual written exam and hands-on performance demonstration.(1) Written Exam. The written exams must include those elements listed in the Commission-approved training and qualification plan and shall require a minimum score of 80 percent to demonstrate an acceptable understanding of assigned duties and responsibilities, to include the recognition of potential tampering involving both safety and security equipment and systems.(2) Hands-on Performance Demonstration. Armed and unarmed members of the security organization shall demonstrate hands-on performance for assigned duties and responsibilities by performing a practical hands-on demonstration for required tasks. The hands-on demonstration must ensure that theory and associated learning objectives for each required task are considered and each individual demonstrates the knowledge, skills, and abilities required to effectively perform the task.c. Upon request by an authorized representative of the Commission, any individual assigned to perform any security-related duty or responsibility shall demonstrate the required knowledge, skills, and abilities for each assigned duty and responsibility, as stated in the Commission-approved security plans, licensee protective strategy, or implementing procedures.2. Requalification.a. Armed and unarmed members of the security organization shall be requalified at least annually in accordance with the requirements of this appendix and the Commission-approved training and qualification plan.b. The results of requalification must be documented by a qualified training instructor and attested by a security supervisor.E. Weapons Training1. General firearms training.a. Armed members of the security organization shall be trained and qualified in accordance with the requirements of this appendix and the Commission-approved training and qualification plan.b. Firearms instructors.(1) Each armed member of the security organization shall be trained and qualified by a certified firearms instructor for the use and maintenance of each assigned weapon to include but not limited to, qualification scores, assembly, disassembly, cleaning, storage, handling, clearing, loading, unloading, and reloading, for each assigned weapon.(2) Firearms instructors shall be certified from a nationally or State recognized entity.(3) Certification must specify the weapon or weapon type(s) for which the instructor is qualified to teach.(4) Firearms instructors shall be recertified in accordance with the standards recognized by the certifying national or State entity, but in no case shall re-certification exceed three (3) years.c. Annual firearms familiarization. The licensee shall conduct annual firearms familiarization training in accordance with the Commission-approved training and qualification plan.d. The Commission-approved training and qualification plan shall include, but is not limited to, the following areas:(1) Mechanical assembly, disassembly, range penetration capability of weapon, and bull's-eye firing.(2) Weapons cleaning and storage.(3) Combat firing, day and night.(4) Safe weapons handling.(5) Clearing, loading, unloading, and reloading.(6) When to draw and point a weapon.(7) Rapid fire techniques.(8) Closed quarter firing.(9) Stress firing.(10) Zeroing assigned weapon(s) (sight and sight/scope adjustments).(11) Target engagement.(12) Weapon malfunctions.(13) Cover and concealment.(14) Weapon transition between strong (primary) and weak (support) hands.(15) Weapon familiarization.e. The licensee shall ensure that each armed member of the security organization is instructed on the use of deadly force as authorized by applicable State law.f. Armed members of the security organization shall participate in weapons range activities on a nominal four (4) month periodicity. Performance may be conducted up to five (5) weeks before to five (5) weeks after the scheduled date. The next scheduled date must be four (4) months from the originally scheduled date.F. Weapons Qualification and Requalification Program1. General weapons qualification requirements.a. Qualification firing must be accomplished in accordance with Commission requirements and the Commission-approved training and qualification plan for assigned weapons.b. The results of weapons qualification and requalification must be documented and retained as a record.c. Each individual shall be re-qualified at least annually.2. Alternate weapons qualification. Upon written request by the licensee, the Commission may authorize an applicant or licensee to provide firearms qualification programs other than those listed in this appendix if the applicant or licensee demonstrates that the alternative firearm qualification program satisfies Commission requirements. Written requests must provide regarding the proposed firearms qualification programs and describe how the proposed alternative satisfies Commission requirements.3. Tactical weapons qualification. The licensee Training and Qualification Plan must describe the firearms used, the firearms qualification program, and other tactical training required to implement the Commission-approved security plans, licensee protective strategy, and implementing procedures. Licensee developed qualification and re-qualification courses for each firearm must describe the performance criteria needed, to include the site specific conditions (such as lighting, elevation, fields-of-fire) under which assigned personnel shall be required to carry-out their assigned duties.4. Firearms qualification courses. The licensee shall conduct the following qualification courses for weapons used:a. Annual daylight qualification course. Qualifying score must be an accumulated total of 70 percent with handgun and shotgun, and 80 percent with semi-automatic rifle and/or enhanced weapons, of the maximum obtainable target score.b. Annual night fire qualification course. Qualifying score must be an accumulated total of 70 percent with handgun and shotgun, and 80 percent with semi-automatic rifle and/or enhanced weapons of the maximum obtainable target score.c. Annual tactical qualification course. Qualifying score must be an accumulated[[Page 62871]]total of 80 percent of the maximum obtainable score.5. Courses of fire.a. Handgun.(1) Armed members of the security organization, assigned duties and responsibilities involving the use of a revolver or semiautomatic pistol shall qualify in accordance with standards and scores established by a law enforcement course, or an equivalent nationally recognized course.(2) Qualifying scores must be an accumulated total of 70 percent of the maximum obtainable target score.b. Semiautomatic rifle.(1) Armed members of the security organization, assigned duties and responsibilities involving the use of a semiautomatic rifle shall qualify in accordance with the standards and scores established by a law enforcement course, or an equivalent nationally recognized course.(2) Qualifying scores must be an accumulated total of 80 percent of the maximum obtainable score.c. Shotgun.(1) Armed members of the security organization, assigned duties and responsibilities involving the use of a shotgun shall qualify in accordance with standards and scores established by a law enforcement course, or an equivalent nationally recognized course.(2) Qualifying scores must be an accumulated total of 70 percent of the maximum obtainable target score.d. Enhanced weapons.(1) Armed members of the security organization, assigned duties and responsibilities involving the use of any weapon or weapons not described above, shall qualify in accordance with applicable standards and scores established by a law enforcement course or an equivalent nationally recognized course for these weapons.(2) Qualifying scores must be an accumulated total of 80 percent of the maximum obtainable score.6. Requalification.a. Armed members of the security organization shall be re- qualified for each assigned weapon at least annually in accordance with Commission requirements and the Commission-approved training and qualification plan.b. Firearms requalification must be conducted using the courses of fire outlined in Paragraph 5 of this section.G. Weapons, Personal Equipment, and Maintenance1. Weapons.a. The licensee shall provide armed personnel with weapons that are capable of performing the function stated in the Commission- approved security plans, licensee protective strategy, and implementing procedures.2. Personal equipment.a. The licensee shall ensure that each individual is equipped or has ready access to all personal equipment or devices required for the effective implementation of the Commission-approved security plans, licensee protective strategy, and implementing procedures.b. The licensee shall provide armed security personnel, at a minimum, but is not limited to, the following.(1) Gas mask, full face.(2) Body armor (bullet-resistant vest).(3) Ammunition/equipment belt.(4) Duress alarms.(5) Two-way portable radios (handi-talkie) 2 channels minimum, 1 operating and 1 emergency.c. Based upon the licensee protective strategy and the specific duties and responsibilities assigned to each individual, the licensee should provide, but is not limited to, the following.(1) Flashlights and batteries.(2) Baton or other non-lethal weapons.(3) Handcuffs.(4) Binoculars.(5) Night vision aids (e.g., goggles, weapons sights).(6) Hand-fired illumination flares or equivalent.(7) Tear gas or other non-lethal gas.3. Maintenance.a. Firearms maintenance program. Each licensee shall implement a firearms maintenance and accountability program in accordance with the Commission regulations and the Commission-approved training and qualification plan. The program must include:(1) Semiannual test firing for accuracy and functionality.(2) Firearms maintenance procedures that include cleaning schedules and cleaning requirements.(3) Program activity documentation.(4) Control and Accountability (Weapons and ammunition).(5) Firearm storage requirements.(6) Armorer certification.H. Records1. The licensee shall retain all reports, records, or other documentation required by this appendix in accordance with the requirements of Sec. 73.55(r).2. The licensee shall retain each individual's initial qualification record for three (3) years after termination of the individual's employment and shall retain each re-qualification record for three (3) years after it is superceded.3. The licensee shall document data and test results from each individual's suitability, physical, and psychological qualification and shall retain this documentation as a record for three years from the date of obtaining and recording these results.I. Audits and ReviewsThe licensee shall review the Commission-approved training and qualification plan in accordance with the requirements of Sec. 73.55(n).J. DefinitionsTerms defined in parts 50, 70, and 73 of this chapter have the same meaning when used in this appendix.18. In appendix C to part 73, a heading for Section I and a new introductory paragraph are added after the ``Introduction'' section and before the heading ``Contents of the Plan,'' and a new Section II is added at the end of the appendix to read as follows:Appendix C to Part 73--Licensee Safeguards Contingency PlansSection I: Safeguards contingency plans.Introduction.Licensee, applicants, and certificate holders, with the exception of those who are subject to the requirements of Sec. 73.55 shall comply with the requirements of this section of this appendix.Section II: Nuclear power plant safeguards contingency plans.(a) Introduction.The safeguards contingency plan must describe how the criteria set forth in this appendix will be satisfied through implementation and must provide specific goals, objectives and general guidance to licensee personnel to facilitate the initiation and completion of predetermined and exercised responses to threats, up to and including the design basis threat described in Sec. 73.1(a)(1).Contents of the plan.(b) Each safeguards contingency plan must include the following twelve (12) categories of information:(1) Background.(2) Generic Planning Base.(3) Licensee Planning Base.(4) Responsibility Matrix.(5) Primary Security Functions.(6) Response Capabilities.(7) Protective Strategy.(8) Integrated Response Plan.(9) Threat Warning System.(10) Performance Evaluation Program.(11) Audits and Reviews.(12) Implementing Procedures.(c) Background.(1) Consistent with the design basis threat specified in Sec. 73.1(a)(1), licensees shall identify and describe the perceived dangers, threats, and incidents against which the safeguards contingency plan is designed to protect.(2) Licensees shall describe the general goals and operational concepts underlying implementation of the approved safeguards contingency plan, to include, but not limited to the following:(i) The types of incidents covered.(ii) The specific goals and objectives to be accomplished.(iii) The different elements of the onsite physical protection program that are used to provide at all times the capability to detect, assess, intercept, challenge, delay, and neutralize threats up to and including the design basis threat relative to the perceived dangers and incidents described in the Commission-approved safeguards contingency plan.(iv) How the onsite response effort is organized and coordinated to ensure that licensees capability to prevent significant core damage and spent fuel sabotage is maintained throughout each type of incident covered.(v) How the onsite response effort is integrated to include specific procedures, guidance, and strategies to maintain or restore core cooling, containment, and spent fuel pool cooling capabilities using existing[[Page 62872]]or readily available resources (equipment and personnel) that can be effectively implemented under the circumstances associated with loss of large areas of the plant due to explosions or fires.(vi) A list of terms and their definitions used in describing operational and technical aspects of the approved safeguards contingency plan.(d) Generic planning base.(1) Licensees shall define the criteria for initiation and termination of responses to threats to include the specific decisions, actions, and supporting information needed to respond to each type of incident covered by the approved safeguards contingency plan.(2) Licensees shall ensure early detection of unauthorized activities and shall respond to all alarms or other indications of a threat condition such as, tampering, bomb threats, unauthorized barrier penetration (vehicle or personnel), missing or unaccounted for nuclear material, escalating civil disturbances, imminent threat notification, or other threat warnings.(3) The safeguards contingency plan must:(i) Identify the types of events that signal the beginning or initiation of a safeguards contingency event.(ii) Provide predetermined and structured responses to each type of postulated event.(iii) Define specific goals and objectives for response to each postulated event.(iv) Identify the predetermined decisions and actions which are required to satisfy the written goals and objectives for each postulated event.(v) Identify the data, criteria, procedures, mechanisms and logistical support necessary to implement the predetermined decisions and actions.(vi) Identify the individuals, groups, or organizational entities responsible for each predetermined decision and action.(vii) Define the command-and-control structure required to coordinate each individual, group, or organizational entity carrying out predetermined actions.(viii) Describe how effectiveness will be measured and demonstrated to include the effectiveness of the capability to detect, assess, intercept, challenge, delay, and neutralize threats up to and including the design basis threat.(e) Licensee planning base.Licensees shall describe the site-specific factors affecting contingency planning and shall develop plans for actions to be taken in response to postulated threats. The following topics must be addressed:(1) Organizational Structure. The safeguards contingency plan must describe the organization's chain of command and delegation of authority during safeguards contingencies, to include a description of how command-and-control functions will be coordinated and maintained.(2) Physical layout.(i) The safeguards contingency plan must include a site description, to include maps and drawings, of the physical structures and their locations.(A) Site Description. The site description must address the site location in relation to nearby towns, transportation routes (e.g., rail, water, air, roads), pipelines, hazardous material facilities, onsite independent spent fuel storage installations, and pertinent environmental features that may have an effect upon coordination of response operations.(B) Approaches. Particular emphasis must be placed on main and alternate entry routes for law-enforcement or other offsite support agencies and the location of control points for marshaling and coordinating response activities.(ii) Licensees with co-located Independent Spent Fuel Storage Installations shall describe response procedures for both the operating reactor and the Independent Spent Fuel Storage Installation to include how onsite and offsite responders will be coordinated and used for incidents occurring outside the protected area.(3) Safeguards Systems Hardware. The safeguards contingency plan must contain a description of the physical security and material accounting system hardware that influence how the licensee will respond to an event.(4) Law enforcement assistance.(i) The safeguards contingency plan must contain a listing of available local, State, and Federal law enforcement agencies and a general description of response capabilities, to include number of personnel, types of weapons, and estimated response time lines.(ii) The safeguards contingency plan must contain a discussion of working agreements with offsite law enforcement agencies to include criteria for response, command and control protocols, and communication procedures.(5) Policy constraints and assumptions. The safeguards contingency plan must contain a discussion of State laws, local ordinances, and company policies and practices that govern licensee response to incidents and must include, but is not limited to, the following.(i) Use of deadly force.(ii) Recall of off-duty employees.(iii) Site jurisdictional boundaries.(iv) Use of enhanced weapons, if applicable.(6) Administrative and logistical considerations. The safeguards contingency plan must contain a description of licensee practices which influence how the licensee responds to a threat to include, but not limited to, a description of the procedures that will be used for ensuring that all equipment needed to effect a successful response will be readily accessible, in good working order, and in sufficient supply to provide redundancy in case of equipment failure.(f) Responsibility matrix.(1) The safeguards contingency plan must describe the organizational entities that are responsible for each decision and action associated with responses to threats.(i) For each identified initiating event, a tabulation must be made for each response depicting the assignment of responsibilities for all decisions and actions to be taken.(ii) The tabulations described in the responsibility matrix must provide an overall description of response actions and interrelationships.(2) Licensees shall ensure that duties and responsibilities required by the approved safeguards contingency plan do not conflict with or prevent the execution of other site emergency plans.(3) Licensees shall identify and discuss potential areas of conflict between site plans in the integrated response plan required by Section II(b)(8) of this appendix.(4) Licensees shall address safety/security interface issues in accordance with the requirements of Sec. 73.58 to ensure activities by the security organization, maintenance, operations, and other onsite entities are coordinated in a manner that precludes conflict during both normal and emergency conditions.(g) Primary security functions.(1) Licensees shall establish and maintain at all times, the capability to detect, assess, and respond to all threats to the facility up to and including the design basis threat.(2) To facilitate initial response to a threat, licensees shall ensure the capability to observe all areas of the facility in a manner that ensures early detection of unauthorized activities and limits exposure of responding personnel to possible attack.(3) Licensees shall generally describe how the primary security functions are integrated to provide defense-in-depth and are maintained despite the loss of any single element of the onsite physical protection program.(4) Licensees description must begin with physical protection measures implemented in the outermost facility perimeter, and must move inward through those measures implemented to protect vital and target set equipment.(h) Response capabilities.(1) Licensees shall establish and maintain at all times the capability to intercept, challenge, delay, and neutralize threats up to and including the design basis threat.(2) Licensees shall identify the personnel, equipment, and resources necessary to perform the actions required to prevent significant core damage and spent fuel sabotage in response to postulated events.(3) Licensees shall ensure that predetermined actions can be completed under the postulated conditions.(4) Licensees shall provide at all times an armed response team comprised of trained and qualified personnel who possess the knowledge, skills, abilities, and equipment required to implement the Commission-approved safeguards contingency plan and site protective strategy. The plan must include a description of the armed response team including the following:(i) The authorized minimum number of armed responders, available at all times inside the protected area.(ii) The authorized minimum number of armed security officers, available onsite at all times.(5) The total number of armed responders and armed security officers must be documented in the approved security plans and documented as a component of the protective strategy.(6) Licensees shall ensure that individuals assigned duties and responsibilities to implement the Safeguards Contingency Plan[[Page 62873]]are trained and qualified in accordance with appendix B of this part and the Commission-approved security plans.(i) Protective strategy.(1) Licensees shall develop, maintain, and implement a written protective strategy that describes the deployment of the armed response team relative to the general goals, operational concepts, performance objectives, and specific actions to be accomplished by each individual in response to postulated events.(2) The protective strategy must:(i) Be designed to prevent significant core damage and spent fuel sabotage through the coordinated implementation of specific actions and strategies required to intercept, challenge, delay, and neutralize threats up to and including the design basis threat of radiological sabotage.(ii) Describe and consider site specific conditions, to include but not limited to, facility layout, the location of target set equipment and elements, target set equipment that is in maintenance or out of service, and the potential effects that unauthorized electronic access to safety and security systems may have on the protective strategy capability to prevent significant core damage and spent fuel sabotage.(iii) Identify predetermined actions and time lines for the deployment of armed personnel.(iv) Provide bullet resisting protected positions with appropriate fields of fire.(v) Limit exposure of security personnel to possible attack.(3) Licensees shall provide a command and control structure, to include response by off-site law enforcement agencies, which ensures that decisions and actions are coordinated and communicated in a timely manner and that facilitates response in accordance with the integrated response plan.(j) Integrated Response Plan.(1) Licensees shall document, maintain, and implement an Integrated Response Plan which must identify, describe, and coordinate actions to be taken by licensee personnel and offsite agencies during a contingency event or other emergency situation.(2) The Integrated Response Plan must:(i) Be designed to integrate and coordinate all actions to be taken in response to an emergency event in a manner that will ensure that each site plan and procedure can be successfully implemented without conflict from other plans and procedures.(ii) Include specific procedures, guidance, and strategies to maintain or restore core cooling, containment, and spent fuel pool cooling capabilities using existing or readily available resources (equipment and personnel) that can be effectively implemented under the circumstances associated with loss of large areas of the plant due to explosions or fires.(iii) Ensure that onsite staffing levels, facilities, and equipment required for response to any identified event, are readily available and capable of fulfilling their intended purpose.(iv) Provide emergency action levels to ensure that threats result in at least a notification of unusual event and implement procedures for the assignment of a predetermined classification to specific events.(v) Include specific procedures, guidance, and strategies describing cyber incident response and recovery.(3) Licensees shall:(i) Reconfirm on a annual basis, liaison with local, State, and Federal law enforcement agencies, established in accordance with Sec. 73.55(k)(8), to include communication protocols, command and control structure, marshaling locations, estimated response times, and anticipated response capabilities and specialized equipment.(ii) Provide required training to include simulator training for the operations response to security events (e.g., loss of ultimate heat sink) for nuclear power reactor personnel in accordance with site procedures to ensure the operational readiness of personnel commensurate with assigned duties and responsibilities.(iii) Periodically train personnel in accordance with site procedures to respond to a hostage or duress situation.(iv) Determine the possible effects that nearby hazardous material facilities may have upon site response plans and modify response plans, procedures, and equipment as necessary.(v) Ensure that identified actions are achievable under postulated conditions.(k) Threat warning system.(1) Licensees shall implement a ``Threat warning system'' which identifies specific graduated protective measures and actions to be taken to increase licensee preparedness against a heightened or imminent threat of attack.(2) Licensees shall ensure that the specific protective measures and actions identified for each threat level are consistent with the Commission-approved safeguards contingency plan, and other site security, and emergency plans and procedures.(3) Upon notification by an authorized representative of the Commission, licensees shall implement the specific protective measures assigned to the threat level indicated by the Commission representative.(l) Performance Evaluation Program.(1) Licensees shall document and maintain a Performance Evaluation Program that describes how the licensee will demonstrate and assess the effectiveness of the onsite physical protection program to prevent significant core damage and spent fuel sabotage, and to include the capability of armed personnel to carry out their assigned duties and responsibilities.(2) The Performance Evaluation Program must include procedures for the conduct of quarterly drills and annual force-on-force exercises that are designed to demonstrate the effectiveness of the licensee's capability to detect, assess, intercept, challenge, delay, and neutralize a simulated threat.(i) The scope of drills conducted for training purposes must be determined by the licensee as needed, and can be limited to specific portions of the site protective strategy.(ii) Drills, exercises, and other training must be conducted under conditions that simulate as closely as practical the site specific conditions under which each member will, or may be, required to perform assigned duties and responsibilities.(iii) Licensees shall document each performance evaluation to include, but not limited to, scenarios, participants, and critiques.(iv) Each drill and exercise must include a documented post exercise critique in which participants identify failures, deficiencies, or other findings in performance, plans, equipment, or strategies.(v) Licensees shall enter all findings, deficiencies, and failures identified by each performance evaluation into the corrective action program to ensure that timely corrections are made to the onsite physical protection program and necessary changes are made to the approved security plans, licensee protective strategy, and implementing procedures.(vi) Licensees shall protect all findings, deficiencies, and failures relative to the effectiveness of the onsite physical protection program in accordance with the requirements of Sec. 73.21.(3) For the purpose of drills and exercises, licensees shall:(i) Use no more than the number of armed personnel specified in the approved security plans to demonstrate effectiveness.(ii) Minimize the number and effects of artificialities associated with drills and exercises.(iii) Implement the use of systems or methodologies that simulate the realities of armed engagement through visual and audible means, and reflects the capabilities of armed personnel to neutralize a target through the use of firearms during drills and exercises.(iv) Ensure that each scenario used is capable of challenging the ability of armed personnel to perform assigned duties and implement required elements of the protective strategy.(4) The Performance Evaluation Program must be designed to ensure that:(i) Each member of each shift who is assigned duties and responsibilities required to implement the approved safeguards contingency plan and licensee protective strategy participates in at least one (1) drill on a quarterly basis and one (1) force on force exercise on an annual basis.(ii) The mock adversary force replicates, as closely as possible, adversary characteristics and capabilities in the design basis threat described in Sec. 73.1(a)(1), and is capable of exploiting and challenging the licensee protective strategy, personnel, command and control, and implementing procedures.(iii) Protective strategies are evaluated and challenged through tabletop demonstrations.(iv) Drill and exercise controllers are trained and qualified to ensure each controller has the requisite knowledge and experience to control and evaluate exercises.(v) Drills and exercises are conducted safely in accordance with site safety plans.(5) Members of the mock adversary force used for NRC observed exercises shall be independent of both the security program management and personnel who have direct responsibility for implementation of the[[Page 62874]]security program, including contractors, to avoid the possibility for a conflict-of-interest.(6) Scenarios.(i) Licensees shall develop and document multiple scenarios for use in conducting quarterly drills and annual force-on-force exercises.(ii) Licensee scenarios must be designed to test and challenge any component or combination of components, of the onsite physical protection program and protective strategy.(iii) Each scenario must use a unique target set or target sets, and varying combinations of adversary equipment, strategies, and tactics, to ensure that the combination of all scenarios challenges every component of the onsite physical protection program and protective strategy to include, but not limited to, equipment, implementing procedures, and personnel.(iv) Licensees shall ensure that scenarios used for required drills and exercises are not repeated within any twelve (12) month period for drills and three (3) years for exercises.(m) Records, audits, and reviews.(1) Licensees shall review and audit the Commission-approved safeguards contingency plan in accordance with the requirements Sec. 73.55(n) of this part.(2) The licensee shall make necessary adjustments to the Commission-approved safeguards contingency plan to ensure successful implementation of Commission regulations and the site protective strategy.(3) The safeguards contingency plan review must include an audit of implementing procedures and practices, the site protective strategy, and response agreements made by local, State, and Federal law enforcement authorities.(4) Licensees shall retain all reports, records, or other documentation required by this appendix in accordance with the requirements of Sec. 73.55(r).(n) Implementing procedures.(1) Licensees shall establish and maintain written implementing procedures that provide specific guidance and operating details that identify the actions to be taken and decisions to be made by each member of the security organization who is assigned duties and responsibilities required for the effective implementation of the Commission-approved security plans and the site protective strategy.(2) Licensees shall ensure that implementing procedures accurately reflect the information contained in the Responsibility Matrix required by this appendix, the Commission-approved security plans, the Integrated Response Plan, and other site plans.(3) Implementing procedures need not be submitted to the Commission for approval, but are subject to inspection.19. 10 CFR part 73, appendix G, is revised to read as follows:Appendix G to Part 73--Reportable Safeguards EventsUnder the provisions of Sec. 73.71(a), (d), and (f) of this part, licensees subject to the provisions of Sec. 73.55 of this part shall report or record, as appropriate, the following safeguards events under paragraphs I, II, III, and IV of this appendix. Under the provisions of Sec. 73.71(b), (c), and (f) of this part, licensees subject to the provisions of Sec. Sec. 73.20, 73.37, 73.50, 73.60, and 73.67 of this part shall report or record, as appropriate, the following safeguards events under paragraphs II and IV of this appendix. Licensees shall make such reports to the Commission under the provisions of Sec. 73.71 of this part.I. Events to be reported as soon as possible, but no later than 15 minutes after discovery, followed by a written report within sixty (60) days.(a) The initiation of a security response consistent with a licensee's physical security plan, safeguards contingency plan, or defensive strategy based on actual or imminent threat against a nuclear power plant.(b) The licensee is not required to report security responses initiated as a result of information communicated to the licensee by the Commission, such as the threat warning system addressed in appendix C to this part.II. Events to be reported within one (1) hour of discovery, followed by a written report within sixty (60) days.(a) Any event in which there is reason to believe that a person has committed or caused, or attempted to commit or cause, or has made a threat to commit or cause:(1) A theft or unlawful diversion of special nuclear material; or(2) Significant physical damage to any NRC-licensed power reactor or facility possessing strategic special nuclear material or to carrier equipment transporting nuclear fuel or spent nuclear fuel, or to the nuclear fuel or spent nuclear fuel facility which is possessed by a carrier; or(3) Interruption of normal operation of any NRC licensed nuclear power reactor through the unauthorized use of or tampering with its components, or controls including the security system.(b) An actual or attempted entry of an unauthorized person into any area or transport for which the licensee is required by Commission regulations to control access.(c) Any failure, degradation, or the discovered vulnerability in a safeguard system that could allow unauthorized or undetected access to any area or transport for which the licensee is required by Commission regulations to control access and for which compensatory measures have not been employed.(d) The actual or attempted introduction of contraband into any area or transport for which the licensee is required by Commission regulations to control access.III. Events to be reported within four (4) hours of discovery. No written followup report is required.(a) Any other information received by the licensee of suspicious surveillance activities or attempts at access, including:(1) Any security-related incident involving suspicious activity that may be indicative of potential pre-operational surveillance, reconnaissance, or intelligence-gathering activities directed against the facility. Such activity may include, but is not limited to, attempted surveillance or reconnaissance activity, elicitation of information from security or other site personnel relating to the security or safe operation of the plant, or challenges to security systems (e.g., failure to stop for security checkpoints, possible tests of security response and security screening equipment, or suspicious entry of watercraft into posted off-limits areas).(2) Any security-related incident involving suspicious aircraft overflight activity. Commercial or military aircraft activity considered routine by the licensee is not required to be reported.(3) Incidents resulting in the notification of local, State or national law enforcement, or law enforcement response to the site not included in paragraphs I or II of this appendix;(b) The unauthorized use of or tampering with the components or controls, including the security system, of nuclear power reactors.(c) Follow-up communications regarding events reported under paragraph III of this appendix will be completed through the NRC threat assessment process via the NRC Operations Center.\1\
\1\ Commercial (secure and non-secure) telephone numbers of the NRC Operations Center are specified in appendix A of this part.
IV. Events to be recorded within 24 hours of discovery in the safeguards event log.(a) Any failure, degradation, or discovered vulnerability in a safeguards system that could have allowed unauthorized or undetected access to any area or transport in which the licensee is required by Commission regulations to control access had compensatory measures not been established.(b) Any other threatened, attempted, or committed act not previously defined in this appendix with the potential for reducing the effectiveness of the physical protection program below that described in a licensee physical security or safeguards contingency plan, or the actual condition of such reduction in effectiveness. Dated at Rockville, Maryland, this 10th day of October 2006.For the Nuclear Regulatory Commission.Annette L. Vietti-Cook, Secretary of the Commission.[FR Doc. 06-8678 Filed 10-25-06; 8:45 am]BILLING CODE 7590-01-P
