|
---|
Category:Letter type:GO
MONTHYEARGO2-24-004, License Amendment Request to Revise Emergency Plan2024-01-30030 January 2024 License Amendment Request to Revise Emergency Plan GO2-24-003, Relief Requests for the Columbia Generating Station Fifth Ten-Year Interval Inservice Testing2024-01-29029 January 2024 Relief Requests for the Columbia Generating Station Fifth Ten-Year Interval Inservice Testing GO2-24-005, Docket No. 50-397 Supplement to Reply to a Notice of Violation; EA-21-1702024-01-0808 January 2024 Docket No. 50-397 Supplement to Reply to a Notice of Violation; EA-21-170 GO2-23-136, Guarantee of Payment of Deferred Premium2023-12-20020 December 2023 Guarantee of Payment of Deferred Premium GO2-23-135, Notice of Readiness for Supplemental Inspection2023-12-14014 December 2023 Notice of Readiness for Supplemental Inspection GO2-23-130, Reply to a Notice of Violation; EA-23-0542023-12-14014 December 2023 Reply to a Notice of Violation; EA-23-054 GO2-23-105, Licensing Basis Document Update and Biennial Commitment Change Report2023-12-12012 December 2023 Licensing Basis Document Update and Biennial Commitment Change Report GO2-23-107, Application to Revise Technical Specifications to Adopt TSTS-584, Eliminate Automatic RWCU System Isolation on SLC Initiation2023-12-0505 December 2023 Application to Revise Technical Specifications to Adopt TSTS-584, Eliminate Automatic RWCU System Isolation on SLC Initiation GO2-23-126, Docket No. 50-397 Voluntary Response to Regulatory Issue Summary 2023-012023-11-28028 November 2023 Docket No. 50-397 Voluntary Response to Regulatory Issue Summary 2023-01 GO2-23-121, Request for Exemption from Enhanced Weapons, Firearms Background Checks, and Security Event Notifications Implementation2023-11-27027 November 2023 Request for Exemption from Enhanced Weapons, Firearms Background Checks, and Security Event Notifications Implementation GO2-23-097, In-Service Inspection Summary Report for the Twenty-Sixth Refueling Outage (R26)2023-09-0606 September 2023 In-Service Inspection Summary Report for the Twenty-Sixth Refueling Outage (R26) GO2-23-100, Technical Specification Section 5.6.4 Post Accident Monitoring Instrumentation 14-Day Report for Inoperable Suppression Pool Level Indication2023-08-31031 August 2023 Technical Specification Section 5.6.4 Post Accident Monitoring Instrumentation 14-Day Report for Inoperable Suppression Pool Level Indication GO2-23-056, Application to Revise Technical Specifications to Adopt TSTF-230, Add New Condition B to LCO 3.6.2.3, RHR Suppression Pool Cooling2023-08-29029 August 2023 Application to Revise Technical Specifications to Adopt TSTF-230, Add New Condition B to LCO 3.6.2.3, RHR Suppression Pool Cooling GO2-23-093, Supplement to Reply to a Notice of Violation: EA-21-1702023-07-27027 July 2023 Supplement to Reply to a Notice of Violation: EA-21-170 GO2-23-068, Notification of Completion of Commitments Required Prior to Entry Into the Period of Extended Operation2023-07-19019 July 2023 Notification of Completion of Commitments Required Prior to Entry Into the Period of Extended Operation GO2-23-090, Reply to a Notice of Violation2023-07-12012 July 2023 Reply to a Notice of Violation GO2-23-073, Notification of NPDES Permit Issuance2023-06-26026 June 2023 Notification of NPDES Permit Issuance GO2-23-072, Cycle 27 Core Operating Limits Report2023-06-0505 June 2023 Cycle 27 Core Operating Limits Report GO2-23-055, Independent Spent Fuel Storage Installation, 2022 Annual Radiological Environmental Operating Report2023-05-15015 May 2023 Independent Spent Fuel Storage Installation, 2022 Annual Radiological Environmental Operating Report GO2-23-006, License Amendment Request to Clean-Up Operating License and Appendix a Technical Specifications2023-05-0101 May 2023 License Amendment Request to Clean-Up Operating License and Appendix a Technical Specifications GO2-23-053, 2022 Annual Environmental Operating Report2023-04-26026 April 2023 2022 Annual Environmental Operating Report GO2-23-057, 2022 Annual Radioactive Effluent Release Report2023-04-25025 April 2023 2022 Annual Radioactive Effluent Release Report GO2-23-012, Application to Revise Technical Specifications to Adopt Tstf-541, Add Exceptions to Surveillance Requirements for Valves and Dampers Locked in the Actuated Position2023-03-27027 March 2023 Application to Revise Technical Specifications to Adopt Tstf-541, Add Exceptions to Surveillance Requirements for Valves and Dampers Locked in the Actuated Position GO2-23-041, Generation Station - Level of Financial Protection - Annual Reporting Requirement2023-03-15015 March 2023 Generation Station - Level of Financial Protection - Annual Reporting Requirement GO2-23-038, Plant Decommissioning Fund Status Report2023-03-15015 March 2023 Plant Decommissioning Fund Status Report GO2-23-034, Report of Changes or Errors in Emergency Core Cooling System Loss of Coolant Accident Analysis Models Pursuant to 10 CFR 50.462023-03-13013 March 2023 Report of Changes or Errors in Emergency Core Cooling System Loss of Coolant Accident Analysis Models Pursuant to 10 CFR 50.46 GO2-23-035, Supplement to License Amendment Request to Adopt TSTF-580, Provide Exception from Entering Mode 4 with No Operable RHR Shutdown Cooling2023-03-0909 March 2023 Supplement to License Amendment Request to Adopt TSTF-580, Provide Exception from Entering Mode 4 with No Operable RHR Shutdown Cooling GO2-23-019, Emergency Plan - Summary of Changes and Analysis for Revision 68 of the EP-012023-02-0808 February 2023 Emergency Plan - Summary of Changes and Analysis for Revision 68 of the EP-01 GO2-22-131, Guarantee of Payment of Deferred Premium2022-12-19019 December 2022 Guarantee of Payment of Deferred Premium GO2-22-122, Response to Request for Additional Information Related to License Amendment Request to Adopt TSTF-505, Revision 2, Provide Risk-Informed Extended Completion Times - RITSTF Initiative 4b2022-11-28028 November 2022 Response to Request for Additional Information Related to License Amendment Request to Adopt TSTF-505, Revision 2, Provide Risk-Informed Extended Completion Times - RITSTF Initiative 4b GO2-22-076, Status of License Renewal Commitments2022-10-31031 October 2022 Status of License Renewal Commitments GO2-22-110, Supplement to License Amendment Request to Adopt 10 CFR 50.69, Risk-Informed Categorization and Treatment of Structures, Systems and Components for Nuclear Power Reactor2022-10-17017 October 2022 Supplement to License Amendment Request to Adopt 10 CFR 50.69, Risk-Informed Categorization and Treatment of Structures, Systems and Components for Nuclear Power Reactor GO2-22-096, Supplement to License Amendment Request to Adopt TSTF-505, Revision 2, Provide Risk-Informed Extended Completion Times - RITSTF Initiative 4b2022-10-0404 October 2022 Supplement to License Amendment Request to Adopt TSTF-505, Revision 2, Provide Risk-Informed Extended Completion Times - RITSTF Initiative 4b GO2-22-085, Docket No. 50-397, Evacuation Time Estimate Analysis2022-08-30030 August 2022 Docket No. 50-397, Evacuation Time Estimate Analysis GO2-22-075, Response to Request for Additional Information Related to Revised Pressure-Temperature Limit Curves2022-07-11011 July 2022 Response to Request for Additional Information Related to Revised Pressure-Temperature Limit Curves GO2-22-072, Summary of Changes and Analysis for Revision 57 of PPM 13.14.4 - Emergency Equipment Maintenance and Testing2022-07-11011 July 2022 Summary of Changes and Analysis for Revision 57 of PPM 13.14.4 - Emergency Equipment Maintenance and Testing GO2-22-042, Application to Revise Technical Specifications to Adopt TSTF-580, Provide Exception from Entering Mode 4 with No Operable RHR Shutdown Colling Using the Consolidated Line Item Improvement Process2022-05-25025 May 2022 Application to Revise Technical Specifications to Adopt TSTF-580, Provide Exception from Entering Mode 4 with No Operable RHR Shutdown Colling Using the Consolidated Line Item Improvement Process GO2-22-062, Registration of Spent Fuel Cask Use2022-05-19019 May 2022 Registration of Spent Fuel Cask Use GO2-22-049, Supplement to Licensing Amendment Request to Adopt 10CFR50.69, Risk-Informed Categorization and Treatment of Structures, Systems and Components for Nuclear Power Rectors2022-05-10010 May 2022 Supplement to Licensing Amendment Request to Adopt 10CFR50.69, Risk-Informed Categorization and Treatment of Structures, Systems and Components for Nuclear Power Rectors GO2-22-054, Independent Spent Fuel Storage Installation, 2021 Annual Radiological Environmental Operating Report2022-05-0909 May 2022 Independent Spent Fuel Storage Installation, 2021 Annual Radiological Environmental Operating Report GO2-22-056, Registration of Spent Fuel Cask Use2022-04-21021 April 2022 Registration of Spent Fuel Cask Use GO2-22-055, 2021 Annual Environmental Operating Report2022-04-20020 April 2022 2021 Annual Environmental Operating Report GO2-22-048, 2021 Annual Radioactive Effluent Release Report2022-04-15015 April 2022 2021 Annual Radioactive Effluent Release Report GO2-22-045, Registration of Spent Fuel Cask Use2022-04-0606 April 2022 Registration of Spent Fuel Cask Use GO2-22-044, Level of Financial Protection - Annual Reporting Requirement2022-03-21021 March 2022 Level of Financial Protection - Annual Reporting Requirement GO2-22-038, Docket No. 50-397, Report of Changes or Errors in Emergency Core Cooling System Loss of Coolant Accident Analysis Models Pursuant to 10 CFR 50.462022-03-0909 March 2022 Docket No. 50-397, Report of Changes or Errors in Emergency Core Cooling System Loss of Coolant Accident Analysis Models Pursuant to 10 CFR 50.46 GO2-22-031, Response to Audit Plan and Online Reference Portal Request2022-02-15015 February 2022 Response to Audit Plan and Online Reference Portal Request GO2-22-011, Docket No. 72-35; Independent Spent Fuel Storage Installation, 2021 Annual Effluent Release Report2022-02-0808 February 2022 Docket No. 72-35; Independent Spent Fuel Storage Installation, 2021 Annual Effluent Release Report GO2-22-001, License Amendment Request to Adopt TSTF-505, Revision 2, Provide Risk-Informed Extended Completion Times - RITSTF Initiative 4b2022-02-0303 February 2022 License Amendment Request to Adopt TSTF-505, Revision 2, Provide Risk-Informed Extended Completion Times - RITSTF Initiative 4b GO2-22-012, Independent Spent Fuel Storage Installation - Biennial 50.59/72.48 Report2022-01-24024 January 2022 Independent Spent Fuel Storage Installation - Biennial 50.59/72.48 Report 2024-01-08
[Table view] Category:Status Report
MONTHYEARGO2-23-038, Plant Decommissioning Fund Status Report2023-03-15015 March 2023 Plant Decommissioning Fund Status Report GO2-20-054, Decommissioning Funds Status Report2020-03-18018 March 2020 Decommissioning Funds Status Report GO2-19-082, Energy Northwest'S Final Six-Month Status Update Report for the Implementation of Nuclear Regulatory Commission (NRC) Order EA-13-109, Phase 2 Only2019-06-24024 June 2019 Energy Northwest'S Final Six-Month Status Update Report for the Implementation of Nuclear Regulatory Commission (NRC) Order EA-13-109, Phase 2 Only GO2-19-052, Plant Decommissioning Fund Status Report2019-03-19019 March 2019 Plant Decommissioning Fund Status Report GO2-18-145, Energy Northwest'S December 2018 Six-Month Status Update Report for the Implementation of Nuclear Regulatory Commission (NRC) Order EA-13-109, Phase 2 Only2018-12-13013 December 2018 Energy Northwest'S December 2018 Six-Month Status Update Report for the Implementation of Nuclear Regulatory Commission (NRC) Order EA-13-109, Phase 2 Only GO2-18-050, Plant Decommissioning Fund Status Report2018-03-22022 March 2018 Plant Decommissioning Fund Status Report GO2-17-201, Energy Northwest'S Six-Month Status Update Report for the Implementation of Nuclear Regulatory Commission (NRC) Order EA-13-109, Phase 2 Only2017-12-28028 December 2017 Energy Northwest'S Six-Month Status Update Report for the Implementation of Nuclear Regulatory Commission (NRC) Order EA-13-109, Phase 2 Only GO2-17-210, Anchor Darling Double Disc Gate Valve Information and Status2017-12-21021 December 2017 Anchor Darling Double Disc Gate Valve Information and Status GO2-17-118, Second Combined Six-Month Status Update Report for the Implementation of NRC Orders EA-12-049 and EA-13-1092017-06-27027 June 2017 Second Combined Six-Month Status Update Report for the Implementation of NRC Orders EA-12-049 and EA-13-109 GO2-17-058, Confirmatory Order EA-14-240, Element V.J.1 - Sixth Status Update2017-03-14014 March 2017 Confirmatory Order EA-14-240, Element V.J.1 - Sixth Status Update GO2-16-171, Combined Six-Month Status Update Report for the Implementation of Nuclear Regulatory Commission (NRC) Orders EA-12-049 and EA-13-1092016-12-29029 December 2016 Combined Six-Month Status Update Report for the Implementation of Nuclear Regulatory Commission (NRC) Orders EA-12-049 and EA-13-109 GO2-16-170, Confirmatory Order EA-14-420, Element V.J.1-Fifth Status Update2016-12-21021 December 2016 Confirmatory Order EA-14-420, Element V.J.1-Fifth Status Update GO2-16-125, Seventh Six-Month Status Update Report for the Implementation of NRC Order EA-12-049, Mitigation Strategies for Beyond Design Basis External Events2016-08-30030 August 2016 Seventh Six-Month Status Update Report for the Implementation of NRC Order EA-12-049, Mitigation Strategies for Beyond Design Basis External Events GO2-16-098, Fourth Six-Month Status Update Report for the Implementation of NRC Order EA-13-109, Order to Modify Licenses with Regard to Reliable Hardened Containment Vents Capable of Operation Under Severe Accident Conditions2016-06-30030 June 2016 Fourth Six-Month Status Update Report for the Implementation of NRC Order EA-13-109, Order to Modify Licenses with Regard to Reliable Hardened Containment Vents Capable of Operation Under Severe Accident Conditions GO2-16-052, Confirmatory Order EA-14-240, Element V.J.1 - Second Status Update2016-03-24024 March 2016 Confirmatory Order EA-14-240, Element V.J.1 - Second Status Update GO2-16-037, Sixth Six-Month Status Update Report for the Implementation of NRC Order EA-12-049, Mitigation Strategies for Beyond-Design-Basis External Events2016-02-24024 February 2016 Sixth Six-Month Status Update Report for the Implementation of NRC Order EA-12-049, Mitigation Strategies for Beyond-Design-Basis External Events GO2-15-124, Fifth Six-Month Status Update Report for the Implementation of Nuclear Regulatory Commission Order EA-12-049 Mitigation Strategies for Beyond Design Basis External Events2015-08-25025 August 2015 Fifth Six-Month Status Update Report for the Implementation of Nuclear Regulatory Commission Order EA-12-049 Mitigation Strategies for Beyond Design Basis External Events GO2-15-093, Second Six-Month Status Update Report for the Implementation of NRC Order EA-13-109 - Overall Integrated Plan for Reliable Hardened Containment Vents Under Severe Accident Conditions2015-06-30030 June 2015 Second Six-Month Status Update Report for the Implementation of NRC Order EA-13-109 - Overall Integrated Plan for Reliable Hardened Containment Vents Under Severe Accident Conditions GO2-15-034, Northwest'S Fourth Six-Month Status Update Report for the Implementation of NRC Order EA-12-049 Mitigation Strategies for Beyond Design Basis External Events2015-03-0202 March 2015 Northwest'S Fourth Six-Month Status Update Report for the Implementation of NRC Order EA-12-049 Mitigation Strategies for Beyond Design Basis External Events GO2-15-032, Fourth Six-Month Status Update Report for the Implementation of NRC Order EA-12-051 Reliable Spent Fuel Pool Instrumentation2015-02-27027 February 2015 Fourth Six-Month Status Update Report for the Implementation of NRC Order EA-12-051 Reliable Spent Fuel Pool Instrumentation GO2-14-175, First Six-Month Status Update Report for Implementation of NRC Order EA-13-109 - Overall Integrated Plan for Reliable Hardened Containment Events Under Severe Accident Conditions2014-12-17017 December 2014 First Six-Month Status Update Report for Implementation of NRC Order EA-13-109 - Overall Integrated Plan for Reliable Hardened Containment Events Under Severe Accident Conditions GO2-14-105, Cyber Security Plan - Milestone 1-7 Completion Status2014-06-19019 June 2014 Cyber Security Plan - Milestone 1-7 Completion Status GO2-14-030, Northwest'S Second Six-Month Status Update Report for the Implementation of NRC Order EA-12-051 Reliable Spent Fuel Pool Instrumentation2014-02-27027 February 2014 Northwest'S Second Six-Month Status Update Report for the Implementation of NRC Order EA-12-051 Reliable Spent Fuel Pool Instrumentation GO2-13-121, First Six Month Status Update Report for the Implementation of NRC Order EA-12-051 Reliable Spent Fuel Pool Instrumentation2013-08-23023 August 2013 First Six Month Status Update Report for the Implementation of NRC Order EA-12-051 Reliable Spent Fuel Pool Instrumentation GO2-13-051, Decommissioning Fund Status Report2013-03-28028 March 2013 Decommissioning Fund Status Report GO2-12-151, Energy Northwest'S Initial Status Report in Response to March 12, 2012 Commission Order Modifying Licenses with Regard to Reliable Spent Fuel Pool Instrumentation2012-10-25025 October 2012 Energy Northwest'S Initial Status Report in Response to March 12, 2012 Commission Order Modifying Licenses with Regard to Reliable Spent Fuel Pool Instrumentation GO2-07-057, Decommissioning Fund Status Report2007-03-27027 March 2007 Decommissioning Fund Status Report GO2-05-062, Decommissioning Fund Status Report2005-03-30030 March 2005 Decommissioning Fund Status Report ML0419402742003-06-16016 June 2003 Event Notification 39945 for Columbia Unit 2 ML0418904332003-06-0909 June 2003 Event # 39910, Columbia Generating Station Re Temporary Loss of Residual Heat Removal Pump Used for Shutdown Cooling 2023-03-15
[Table view] |
Text
Donald W.Gregoire Richland, Box 9K8 PE2O P.O.
~ENERGY
'NORTHWEST ~ NORTHW EST609-377-88161 F.
WA 99352-O988 509-377-4317 G02-14-105 June 19, 2014 10 CFR 73.54 U.S. Nuclear Regulatory Commission ATTN: Document Control Desk Washington, D.C. 20555-0001
Subject:
COLUMBIA GENERATING STATION, DOCKET NO. 50-397 CYBER SECURITY PLAN - MILESTONES 1-7 COMPLETION STATUS
Reference:
Letter G12-13-140 dated August 12, 2013, NRC to ME Reddemann (Energy Northwest), "Columbia Generating Station, NRC Temporary Instruction 2201/004, 'Inspection of Implementation of Interim Cyber Security Milestones 1 - 7,' Inspection Report 05000397/2013406."
Dear Sir or Madam:
In accordance with a request in the Reference letter to provide written notification to the NRC's Regional Office when the corrective actions for the issues identified during the inspection have been completed, Energy Northwest (EN) is herewith submitting a status report on completion of those actions. The corrective actions directly resulting from the inspection and related to Milestones 1 through 7 completions as documented in multiple Condition Reports (CRs) identified in the inspection report (Reference) have been completed as documented in the attachment. Two other activities related to overall implementation of the Cyber Security Program and involving changes in the Control Room Network and assessment of the Digital Electro-Hydraulic (DEH) System are still in progress and have tentative scheduled completion dates for 2015 and 2017, respectively.
There are no new commitments being made to the NRC by this letter. Should you have any questions, please call JR Trautvetter at (509) 377-4337.
Respectfully,
£o- DW Gregoire Manager, Regulatory Programs Attachment - Columbia Generating Station Cyber Security Inspection 05000397/2013406 - Findings and Resolutions cc: NRC Region IVAdministrator MA Jones - BPA/1 399 NRC NRR Project Manager DE Sandlin - BPA/1 399 A NRC Sr. Resident Inspector - 988C WA Horin - Winston & Strawn 5001
CYBER SECURITY PLAN - MILESTONES 1-7 COMPLETION STATUS Attachment Page 1 of 5 Columbia Generating Station Cyber Security Inspection 05000397/2013406 - Findings and Resolutions Finding/.eficiency. Resolution Trc.ing Completion Status r I CR Number Milestone 1: Estabshment of a Cyber Security Assessment Team None I N/A " N/A NWA Milestone 2: Identification and Documentation of Critical Systems (CSs) and Critical Digtal Assets (CDAs)
A licensee identified violation of 10 Resolution of this finding to bring the program into compliance CFR 73.54 was identified for the failure included the following activities:
to adequately identify CDAs consistent @ Revised procedure SWP-CSW-18 to conform to the CSP 00281324a Complete with the requirements of Milestone 2 a Initial subset of DAs was screened by CSAT 00281250a Complete of the licensee's Cyber Security Plan
- EP Field Team Kits included several DAs. Added as CDAs 00280653a Complete (CSP).
- Procedure changes and walkdowns were used to correct 00282450a Complete the CDA identification process and 00282941a Complete
- Revised procedure ISDI-CYBER-08 to incorporate new 002822358 Complete process for screening DAs iestone 3: Installation of a Protective Device between Lower and IgMer Security LeWs None Enhancements related to this milestone included: "
- Network connectivity to Engineering Test Lab was removed 00279442a Complete
- Modified network access outside the PA 00282451a Complete
CYBER SECURITY PLAN - MILESTONES 1-7 COMPLETION STATUS Attachment Page 2 of 5 Finding/Defidency I Resolution 1"Tracking
_C Number Completion Status MIlestone 4: Ipe of Access Control for Portabe and Mobile Devices Deficiencies in controlling access to a Resolution of this finding to bring the program into compliance digital scanning device with external included the following activities:
devices.
- Isolated scanning stations based on Industry OE 002802688 Complete
" Published location of scanning stations and added signage 002815578 Complete
" Added additional log reviews to department instruction 002829428 Complete OE on multiple scanning engines - no action necessary O 0 0 2 8 2 94 3a Complete
- Procedure revised and cabinets changed out 002831178 Complete
- Configuration of scanning stations was locked down and 002831188 Complete details included in SWP-CSW-15
- Department instruction was developed for scanning station 002831788 Complete management
- Passwords were placed in a locked container 00283179a Complete
- Additional language was added to SWP-CSW-15 to 00283264a Complete document laptop controls
- Created report on Security Control Analysis 00283265a Complete and 00283118a Complete
- Assignments for CSP Milestone 4 issued 002832958 Complete
- Actions for Computer Engineering and I&C to generate 002831008, Complete tracking methodology 0 0 3 0 6 4 1 1 b, Ongoing!
and 0 0 30 6 8 76 b Ongoinge
CYBER SECURITY PLAN - MILESTONES 1-7 COMPLETION STATUS Attachment Page 3 of 5 in /deficiency Resolution Tracking Completion Status
_I [CR Number Miestone 5: Observation and Identification of Obvious Cyber Related Tampering Non-cited violation associated with 10 Resolution of this finding to bring the program into compliance CFR 73.54 for failure to fully included the following activities:
implement required security controls.
- Issued procedures ISDI-CYBER-17 and ISDI-CYBER-18 00283250a Complete and 00283251" Complete
- Updated tamper training module to incorporate additional 00283294? Complete details within the training I I M~ilestone 6:1Implementa~tio of Cyber Secunty Controls for CDAs that Could Adversely impact the Design Function of Target Set Equipment Licensee identified violation of 10 CFR Resolution of this finding to bring the program into compliance 73.54 for the failure to adequately included the following activities:
identify CDAs that could adversely
- Revised procedure ISDI-CYBER-08 to incorporate new 002822352, Complete impact the design function of physical process for screening 00280268a, Complete security target set equipment. and 002824500 Complete Milestone 7: Implermention and Commencement of Ongoing Monitoring od Assessment Activities Non-cited violation of 10 CFR 73.54 for Resolution of this finding to bring the program into compliance the failure to fully implement ongoing included the following activities:
monitoring and assessment activities 0 Closed additional actions related to Milestones 5 and 7 002831804 Complete of the CSP implementation schedule. and
- Published procedures ISDI-CYBER-17 and ISDI-CYBER-18 00283251' Complete
CYBER SECURITY PLAN - MILESTONES 1-7 COMPLETION STATUS Attachment Page 4 of 5 Findin/defiencV Resolution Trackdng Completion Status F CR Number Other Activities Resulting From The Inspection N/A
- Apparent Cause on malicious software detected 00275206a Complete
- Follow up activities after publication of NRC Cyber Security 00282450a Complete guidance
" Enabled IPS on external firewall 00241815a Complete
- Resolved issues with Cyber CBT and corrective action 00192378a Complete
" Assessment of project impacts due to Cyber Security 00218174a Complete concerns
- Resolved issue with worm possibly affecting DEH System 001957628 Complete
- SCC computers were removed from an OU that required 00203869 Complete screen savers
- Computers scanned, cleaned, and hardened after discovery 002805138 Complete of malware on MOV computers
- Resolved Supervisor access issues for researching Cyber 0028081Sa Complete Security solutions
- In progress modification to Control Room network 00249961a Ongoing (Scheduled and for completion in 2015) 0032205b Ongoingc
- DMA System assessment approved by CSAT 0 0 24 4 2 17 b Complete
- The assessment of the DEH Digital Electro-Hydraulic ON 00244331b Ongoing (Scheduled for
_System is inprogress. completion in 2 0 1 7 )d NOTES:
a Condition Reports listed in NRC Inspection Report 05000397/2013406 (Reference);
b Condition Reports not referenced in NRC Inspection Report 05000397/2013406 (Reference);
No CYBER SECURITY PLAN - MILESTONES 1-7 COMPLETION STATUS Attachment Page 5 of 5 cARs 00249961 and 00232205 are AR-EVAL (Evaluation) type Action Requests and are scheduled for completion in 2015. These are not Condition Reports and have no corrective actions. AR 00249961 tracks a cyber security modification that was generated as a part of Milestone 8 completion and not Milestones 1-7. The inspector requested to review this documentation during the inspection and it is listed in the inspection report. However, it is not in CAP; d AR 244331 is an AR-ITSR (Information Technology Service Request) type Action Request. It is not a Condition Report and has no corrective actions. This AR conducts a cyber security assessment of the DEH (Digital Electro-Hydraulic) System; eARs 00306411 and 00306876 are yearly re-occurring Model ARs that will get a new number every year. These ARs are SELF (self-managed) type assignments for internal tracking of Quarterly Walk downs and password changes and will be on an "ongoing" basis during the year and will be dosed at the end of each year.
f Condition Report 00282480 is cited in NRC Inspection Report 05000397/2013406, page 17 (Reference) but is not included in table because it is not related to the Columbia Cyber Security Inspection (suspected typographical error).