IR 05000255/1993019
| ML18059A364 | |
| Person / Time | |
|---|---|
| Site: | Palisades  |
| Issue date: | 08/27/1993 |
| From: | Belanger J, Creed J, Ervin N, Madeda T NRC OFFICE OF INSPECTION & ENFORCEMENT (IE REGION III) |
| To: | |
| Shared Package | |
| ML18059A363 | List: |
| References | |
| 50-255-93-19, NUDOCS 9309130074 | |
| Download: ML18059A364 (15) | |
Text
U.S. NUCLEAR REGULATORY COMMISSION
. REGION II r Report No~ 50-255/93019(DRSS)
Docket No. 50-255 Licensee:
Consumers Power Company
.27780 Blue Star Memorial Highway Covert, MI 49043 Facility Name:
Palisades Nuclear Generating Plant Inspect~on Dates: *August 2 - 6, 1993 Type.of Inspection*:,. Announced, Access Authorization
~jl_
.
- . Inspectors:. % ~ ~
...
Terry
.~deda
- .
Ph,'.ical Securit Insp:o~
Inspector
- Ac~~~~~~~!~~ "'(;f ~
- ~
Nancy Ervin
~
Office of Nuclear Reactor Regulation Approved By:
.James R. Creed, Chief Safeguards Section Inspection Summary License No. DPR-20 Program Inspection
. 1/t.1/J1 Date '
Inspection on August 2 - 6, 1993 (Report No. 50-255/93019CDRSS))
Areas Inspected:
Routine, announted Access Authorization Program inspection involving Program Administration and Organization; Background Investigation Elements; Psychologic~l Evaluations; Behavioral Observation; Grandfathering, Reinstatement, Transfer of Access Authorization and Temporary Access Authorization; Denial/Revocation of Unescorted Access; Audits; and Records Retentio *
.
Res~lts: The li~ensee's Access Authoriz~fio~ Proijr~m provfaed assu~anc~that individuals who were authorized unescorted access to the licensee's nuclear plant~ were trustworthy and reliable, and did not constitute an undue risk to th~ health and safety of the public as a result of their unescorted access to 9309130074 930827 PDR ADOCK 05000255
.O PDR
the nuclear facilitie No violations were note The following items were considered program strengths:
Management support for the program at the site and corporate level was excellent (Section 4).
- The scope, depth and documentation of reviewed audits was excellent (Section 11).
The following items were considered program weaknesses:
Access authorization procedures did not fully address program implementation requirements or reflect actual practices and in some cases lacked specifi~ity (Section 4).
- Self-screening contractors were not provided detailed criteria to evaluate and define derogatory information (Section 5).
- Procedural guidance regarding proctoring of psychological evaluation tests was not provided to cogni~ant personnel*
responsible for conducting these activities (Section 6).
.*.
Training related to identifying behavioral traits that may be a potential threat to interrupt the normal operatirin of a nuclea reactor; including radiologi~al sabotage were not emph~sized* in the licensee training program (Section 7).
- Forms, documenting transfer of temporary access, were completed using incorrect dates (Section*S).
An unresolved item was noted pert~ining to the. "functional.indeperidence" of
. liiensee auditors that conducted audits of self~screening contractors (Sectiort 11).
- REPORT DETAILS Key Persons Contacted In addition to the key members of the licensee's staff listed below, the inspectors interviewed other employees, contractor personnel, and members of the security organization. The a~terisk {*) denotes those present at the Exit Interview conducted at the Palisades sfte on August 6, 199 *G. Slade, Plant General Manager
- C. Ritt, Manager, Administrative Services
- J. Griggs, Director, Human Resources
- S. Cote, Property Protection Superintendent
- K. Wallace, Administrator,.Access Authorization
- M. Nock, Auditor, Screening Section
- D. Denoff, Senior Licensing Analyst
- S. Kiss, Auditor, Corporate Quality Assurance
- B. Warsco, President, Confidential Services, In *M. Parker, Senior Resident Inspector, USNRC D. Passehl, Resident Inspector, USNRC 2. *
Entrance and Exit Interviews At the be~inning of the inspection, Mr. S. Cote and 6ther members of his staff were informed of the purpose of the inspection, its scope, and the areas to be examine The inspectors met with the licensee representatives, denoted in Section 1, at. the conclusion of the inspection activities.. A general description of the scope and conduct of th~ inspection was provide Briefly listed below are the findings discussed during the exit intervie The details *of each finding listed below are
. referenced, as noted, in the repor {l)
Personnel present were advised that no violations were identified during the inspectio {2)
~rogram strengths were discussed, ~ncluding management support, and the scope and depth of site and corporate.audit activities. {Refer to Sections 4 and 11)
{3)
Program weaknesses were discussed including procedural deficiencies {Section 4); not providing self-screening contractors with detailed criteria to evaluate derogatory information {Section 5); proctoring of psychological tests
__ {Section 6}; a need to_ expand the scope of the access *
- authorization tra1ning program to identify-adverse behavioral traits relating to potential threats to interrupt the normal operation of a nuclear reactor, including
(4)
radiological sabotage (Section 7) and improperly documented transfer forms (Section 8).
An unrestilved item pertaining to the "functional*
independence" of licensee's auditors was identified (Section 11). Background On April 25, 1991, the Commission published the Personnel Access Authorization Re*qui rements for Nuclear Power Pl ants, 10 CFR 73. 56 (the rule). This rul~ requires each licensee authorized, on that date,*to operate a nuclear reactor pursuant to 10 CFR 50.21 to implement an*
Access Authorization Program by April 27, 1992, and to comply with the requirements of 10 CFR. 73..5 The program is also required to be incorporated into the licensee's Physical Security Pl an.. The rule requires that licensees establish and maintain an Access Authorization Program with the objective of providing high assurance that individuals granted unescorted access are trustworthy and reliable, and do not constitute an unreasonable risk to the health and safety of the publit~
including a potential to commit radiological sabotag This inspectiorr, conducted in accordance with NRC Inspection Manual
. Temporary Instruction 2515/116, "Access Authorization," assessed the
- licensee's Access Authorization Program and its implementation to*
determine if regulatory requirements were b"ei ng me *
Inspected activities*applied to both licensee nuclear.sites, Big Rock Point and Palisades; however, program implementation was inspected only at the Palisades site.. This was the first inspection of the licensees'
Access Authorization Program under the criteria of 10 CFR 73.5 *
Access Authorization Program - Administration and Organization One weakness was note Procedures did not fully address program
- implementation requirements, procedures and/or working ~uidelines did not in all cases reflect practices and at times the procedures lacked
~pecificity. This finding was considered an Inspection Followup Item (50-255/93019-01).
. The inspectors interviewed key Access Authorization {AA) personnel and appropriate management personnel to determine the effectiveness of the AA program administration and organizatio The licensee's program currently has reviewed appr6ximately 900 case files for a~cess authorizatio *
The licensee committed in each of its security plans to implement all elements of Regulatory.Guide 5.66 to satisfy the requirements of 10 CFR
.. _ ]3 *.56._.. Ihe.Acces.s. Authori zat i or:i Sect ton jAAS) of the Pali sades Property Protection Department is responsible for development;.maintenance and implementation of the Consumers Power Company (CPCo) Access Authorization Progra Site (Big Rock Point and Palisades)
re~ponsibility consisted primarily of providing appropriate training to site personnel and issuing security badges based upon receiving *
certification of completion.of access authorization requirements from self-screening contractors for contractor personnel and licensee Human Resource Departments for licensee personne The AA program responsibilities are described in CPCo Corporate Procedure No. 7 (Control No. 7}, dated April 27, 1992 and Palisades Property Protection Department Work Guidelines 01-2 The referred procedures did not fully address program requirements; examples are identified below: Attachment P of Control No. 7 which addressed "Reinstatement of Unescorted Access Authorization" did not provide guidance on the criteria to evaluate an individual's activities, when the individual was away from an approved behavioral observation program for more than 30 day Sections 5.5 and 12.0 of Control No. 7 did not address the use of a transferable temporary acces In practice the licensee does use this type of acces Section 5.3 of Control No. 7 committed that a "Palisades Signatur List" be available but did not commit on how it would be used.*
This list contained the names of individual's authorized tQ request unescorted access.
Section 3.1 of Attachment A to Control No. 7 did not acceptable level of proctoring psychological test guidance should be provide In actual practice the proctoring varied from full to partia address an *
Specific level of. Section 3.1 of Work Guidance 17, "Adjudic.ation of Derogatory Information," required self-screening contractors to notify.the licensee's Access Authorization Administrator (AAA} when significant derogatory information was develope However, neither the Guidelines or Control No. 7 provided detailed criteria to define the scope of significant derogatory informatio However, appropriate oral guidance was provided to contractors by the AA. Neither Control No. 7 or Working Guidelines fully describe the level of protection afforded personal informatio C~rrent level of protection should be described. Acceptable levels of protection should be provided to self-screening contractor.
. Attachment B to Control No. 7, requires that the Property*
Protection Department authorize final access authorization approval and enter this information into the Nuclear Plant
.. Admitt"anEe-Systenf.°{NUCPAS), an orr.:1 ine-data sy'stem designed to process pre-access qualification verification.
n
..
The inspectors observed the data on the NUCPAS screen and noted that the data showed the date of access authorization; however, th~ date shown did not differentiate if the access granted was a *
temporary or ful For example, the NUCPAS data on one individual showed an acce~s authorization date of J~ne 7, 1993 and the
. review/evaluation of finger print cards was made on July 15, 199 Consequently, this access authorization granted was a temporary because the full cannot be granted until all elements, including receipt/review of finger print c*ards is complete The NUCPAS system data should be. revised to show the dates when temporary and *
full access authorizations were grante The inspectors concluded that actual program implementation was being con~ucted in an adequate manne However, the procedural guidance noted above was not consistent with implementing practices.. The Access Authorization Administrator noted the inspectors' comments and stated that they would evaluate our finding Staffing positions included an Access Authorization Administrator, an auditor and clerk. All personnel interviewed were professional and very knowledgeable of their responsibilitie In addition, interviews of selected plant and corporate management personnel showed strong commitment for the progra This support was a program strengt "
The licensee had contracted with a local vendor, tonfidenttal Se~vices Inc., to act as its agent to conduct the background investigation for *
all licensee employees requiring unescorted access at both nuclear sites.* The inspectors reviewed the licensee's written.specification for background investigations and found it to be sufficient. Licensee's
. Human Reso~rce Directors, {approximately 8) or their designated individuals, evaluate any developed adverse informati-0n and adjudicate access authori~ation decision Remaining elements of the screening program, psychological evaluation and continual behavioral program are the responsibility of the licensee's Human Resource Departmertts~
Licensee contractors/vendors are required to develop their own program for implementation access authorization requirements using licensee Corporate Administrative Control for Nuclear Plant Security No. 7
{Control No. 7).
The licensee had 86 qualified contractors. The inspectors verified through random review of eight contractor files, that by letter, they agreed to follow licensee Control No. Inspection activities determined that 43 of the 86 con~ractors utilized the licensee's vendor, Confidential Services, to conduct the background investigation and psychological evaluatio The remaining contractors either conduct these elements themselves or subcontract them ou Contractor responsibilities included the review and adjudicatto~ of derogatory informatio Information of this type was documented and provided to the licensee prior to req~est for unescorted acces Granting of access is the responsib)lity of the licensee.
- *
6..
Conclusion Site and corporate support for the Access Authorization Program was considered to be a program strength. Staffing levels were sufficien Specifications provided to contractors/vendors _were sufficient to meet program requirements. Licensee procedural guidance was weak but in all cases actual practices met regulatory requirement Background Investigations One weakness was noted. Corporate Control No. 7 provided a general description of derogatory information. This definition which is provided to self-screening contractors, did* not identified specific examples.or actions to be taken for derogatory information foun However, th~ inspector's determined through interviews and review of
.records that in actual practice derogatory information was being adequately evaluated. This-was identified as an observation by the licensee's quality assurance staff in Surveillance Report NPAD-93-02 The licensee access authorization staff was developing derogatory information criteria at the tim~ of.this inspection. This issue was considered an lnspection Follow-up Item {50-255/93019-02).
The inspectors reviewed the case files of twelve background investigations completed after the licensee's implementation of 10 CFR 73.56, to determine if the elements involv~d in background screening were adequately investigated. The scope and depth of background investigations {Bl) satisfied NRC regulatory requirements and provided
- an adequate level of background information on which to base a
. determination for access authorizatio Reviewed BI files showed a "best effort" to obtain and document required information to address an applicant's employment history, education history, credit history, criminal history, military service, and the applicant's character and reputatio Background investigations covered the specified time period and the number of required contacts for each element; In cases where derogatory information had been developed and provided, the licensee adequately and in a timely manner, reviewed ~nd evaluated the informatio Conclusion The licensee's background investigation program was adequate to meet*
regulatory requirements; however, the licensee should provide specific guidance to contractors to assure that derogatory 1nformation developed during the investigative process is adequately defined and properly evaluate Psychological Evaluations One weakness was noted in.this area. *licensee guidance for
. administering and proctoring psychological assessment tests was not given to other organizations that administered the tests. However, in
ac'tua l practices the inspectors determined that regulatory requirements were being generally me This findi~g was identified as an Inspection FoJlowup Item (IFI 50-255/93019-03).
_The inspectors reviewed the licensee's guidance and practice for
'completing the required psychological evaluation.: The procedure pertaining to psychological evaluation (Section 3.1 of Attachment A, Control No. 7) was reviewed and determined to be adequate, except the procedure did not define an acceptable level of proctorin Interview results with the licensee's Access Authorization Administrator (AAA) showed that the licensee and their contractors used the Minnesota Multiphasic Personality Inventory - II (MMPI-11) for initial*
psychological evaluatio Followup evaluations we.re completed by a clinical psychologist contracted by the licensee.to address negative issues identified in the MMPI-II, test. The inspectors confirmed that all psychologists that evaluated MMPI-II tests and those involved in.
conducting followup evaluations were all currently licensed in their.
respective states (California, Florida and Michigan). An interview with the AAA identified that approximately 44 contract organizations and 8 licensee organizations administered and proctored MMPl-II evaluation MMPI-II test booklets and blank answer sheets observed were kept in '.
secure storage when not in us As a result of interviews with two test administrators and five test participants, the i~spectors d~termi~ed that exami~ations had been :
adequately controlled and protected except in two case In one cas~, a
- licensee test participant was left alone in a unoccupied and unmonitored room while taking the tes In the other case, continuous monitoring *
was not c*anducted when six contractor individuals were taking the test in the same roo Lack of adequate proctoring co~ld have afforded the participant the opportunity to compromise the test result Interviewed individuals involved with administrating the MMPI-II were not aware of licensee procedural guidance addressing the testing methodology (administration, proctoring and processing).
To assur~ and maintain a level of testing consistency and effectiveness, the licensee will -
distribute the referenced procedure to all approved self-assessment contractor organizations and conduct training on the procedure for test administrators in the licensee organizatio Upon completion of testing, all test booklets* and answer* sheets *were sent directly to the clinical psychologist fa~ their personnel evaluatio Followup interviews, if necessary, were conducted in person between the participant and a clinical psychologis Conclusion.
The psychological tests were being ade~uately controlled, administered,
. __
-~.~nd proctored~ _except in the two cases not~d abov The failure to distribute the required guidelines was considered a weaknes However; program implementation was good.
8 *
B~havioral Observation Program One weakness was identified in this are The training program did not provide an adequate level of emphasis in identifying behavioral traits that may be a potential threat to interrupt the normal operation of a nuclear reactor, including radiological sabotage. This finding was identified as an Inspection Followup Item {IFI 50-255/93019-04).
The licensee's behavioral observation program {BOP) was inspected to determine whether the licensee had a training and retraining program to ensure that supervisors have the awareness and sensitivity to detect changes in behavior which could adversely affect trustworthiness and reliability and to report such to appropriate licensee management for evaluation and actio The program was instituted as part of, and is an element in common with, the licensee's fitness-for-duty progra In addition, personnel interviews were conducted to determine if individuals with unescorted access authorization had been notified of their responsibility to self-report arrests that impacted on the individual's trustworthines The inspectors reviewed licensee lesson plans and ~rocedures and interviewed six supervisory/management personnel *(four licensees and two contractors) granted unescorted access at' the Palisades facility. All had been trained in behavioral observatio The inspectors determined from interviews with licensee personnel and review of lesson plans, that the program addressed drug and alcohol related behavioral problems and other behavioral changes involving trustworthiries However, behavior *
traits that may be {or indicate) a potential threat to interrupting norma 1 p 1 ant operations, int 1 ud i ng radio.log i ca 1 sabotage were not emphasize This issue appeared to be a generic issue to the nuclear power plant industr The AAA was aware*of this issue and.was conducting research to improve their training program in ~his area. All personnel interviewed were knowledgeable of their responsibility to refer behavioral issues to utility management_for appropriate evaluatioh and actio *Interviews with a ~ix of twelve randomly selected Palisades contractor *
and licensee site personnel, both supervisory {s'ix) and non-supervisory
{six), showed that they were aware of their responsibility to report any arrest that might impact on their trustworthines In. practice, the licensee's access authorizatio~ program addressed measures to be taken for individuals granted unescorted access who ar absent from an approved behavioral observation program 31 days or mor Section 8.3 of Regulatory Guide 5.66 notes that the licensee will ascertain activities the employee engaged in, during absence from a approved behavioral observation program, that would not have the potential to affect the employees's trustworthiness and reliabilit The licensee stated that the requirement to "ascertain" the indi~idual's activities is conducted; however; the-inspectors determihed--that the*., *
specific* actions taken were not procedurally describe The requirement
.*'
a~plies to all individuals currently badged for unescorted access,
. approved contractor programs and transfers or reinstatement Conclusion The licensee's behavioral observation program was adequately organized and ensured that all applicable supervisors and mana~ers had. been trained and retrained as appropriat The inspectors noted that the training did not fully address aberrant behavior relating to traits that may be a potential threat to interrupt the normal riperation of a nuclear reactor, including radiological sabotag The inspectors also
determined that the licensee's policy on self-reporting of arrests was being adequately implemente * Unescorted Access Authorization - "Grandfathering." Reinstatemen Transfer. and TemQorary One weakness was ~oted in this area involving transferring of acces The licensee had nqt properly comp.l eted the* outgoing access authorization transfer forms in accordance with establi~hed instructions contained in NUMARC 93-01. This finding was identified as an Inspection Followup Item (IFI 50-255/93019-05)
Personnel case files were reviewed to determine if they were properly and ccirrectly "grandfathering", reinstating, transferring, and granting temporary access authori zat i o *
The license~ has procedures in their access ~ontrol program to use the four categories referenced abov Review of case files and interviews with cognizant licensee access control personnel *con cl uqed that these procedures were being appropriately implemented, except as noted in this report section. The inspectors reviewed the case files of five individual~ from each of the categories noted abov Licensee's records were reviewed to determine that personnel who did not
- meet the criteria for grandfathering, i.e., those who did not have uninterrupted, unescorted access authorization for at least 180 days on April 25; 1991, had not been granted unescorted acc~ss authorization *
without h~ving satisfied the elements of the progra The licensee me regulatory requirements as applied to grandfatherin The licensee'~ program for reinstatement of access authbrization was reviewe The program provided for reinstatement of unescorted access if the individual's unescorted access had not been interrupted for a continoous period of more than 365 days and~ if the previous atcess was terminated under favorable conditions, identity was verified, negative drug test was obtained, and background investigation information was update If access had been interrupted more than 30 but less than 365 d~ys, a suitable inqlii.ry was.~omplete_d prior to reinstatement of access..
If an individual was away from an approved observation program *ror more *
than 30 days, the licensee ascertained the activities the individual was engaged in~ Review of five randomly selected case files that involved
e~ployee reinstatement showed that ~he requirements noted above were being met and no problems were identifie The li.censee also established and implemented access control measures to atcept transfer of access authorizations from other licensees. The program required that the receiving licensee confirm that the transferee
- currently holds a valid unescorted access authorization and that cross-checks on information relating to the person's identity (i.e., name, social security number, and date of birth) be verified before granting unescorted acces The licensee utilized the transfer form in Appendix B to NUMARC 91-0 Review of five randomly selected case files of outgoing transfer files identified that the licensee is not filling out the forms correctl Item "2.a" of the transfer form requests the date when the initial access authorization was granted~ The instructions for the form direct the licensee to note the word "temporary" along sid that date if the authorization was based on completion of temporary *
authorization requirements verses full access req~irements. Our review showed that temporary access authorization dates were shown in line but were not identified as "temporary." The problem appearedto be a generic *issue to the nuclear power plant industry, as a review of the incoming transfers from other licensees also showed instances *of temporary access authorization dates not being i denti fi ed as such. A *
representative *of NUMARC was advised by the inspectors by phone on August S, 1993 of this issue. The representative acknowledged the inspector's findjng and said action will be taken to address this issu The licensee agreed to correct the approximately 20 outgoing transfers and to notify the receiving licensees of these changes to previously transmitted transfer form Additionally, the inspectors noted that the license~ was not providing the date on the transfer form when the individual's background investigation and psychological evaluation were complete In the case of contractors, the licensee was providi~g the dates when access authorization was requested rather than the dates when the backgroun inv~stigations and psychol~g~cal tests were evaluated. Also, relative to the transfer form, the licensee w~s noting the date when the
- .
fingerprints were received from the FBI, rather than the date when they
.completed their evaluatio The licensee stated they will take action to correct these issue The inspectors reviewed the temporary access authorization program and determined through a review of records and interviews that licensee ca~e files reflected Access Authorization Program requirements having been satisfied prior to the licensee's granting of temporary acces The licensee's temporary Access Authorization Program allows the licensee to grant temporary access for a period not to exceed.ISO continuous days pending completion of a full background investigation and access
. ~-*,,'.autho.rJzation..w..i.th ~the.. exceptJo.n..J>.f..p.ending...EBJ..crJmjna]... histor.y:.. che and military service. Temporary access was granted based on the satisfactory completion of the requirements noted in Regulatory
_,
Guide 5.6 The licensee had a formal system to track personnel granted temporary access to ensure that the 180 day time limit was not exceede Conclusion We concluded that the licensee had established~ good program, except for the completion of transfer forms in accordance with written instructions contained in NUMARC 91-03 as noted abov.
benial/Revocation of Unescorted Access The inspectors reviewed approximately 20 case files involving denial or revocation of unescorted acces Seven of the files involved access.
- authorization denial~. *Six were denied access {revocation) beGause of criminal history, fingerprint check, and one was denied because of a
- repo~ted arrest. Three of the individuals denied access had initiated the appeal request by filing a letter of intent. However, none followed through in presenting their cas The appeal case files were adequately documented and detailed the reason access authorization was denie The licensee appeal board, if needed, would consist of three licensee perso~nel, two managers {Human Resource Director, Property.Protection Supt.) and the access authorization administrato Conclusion Licensee actions toncerning the proc~ssing of appeals and of its decision to deny access authorizati~n were good, and met licensee*
program requirements and NRC regulatory requirement Licensee documentation of case files was adequat.
Protection of Persona 1 Informat*i on The inspectors reviewed the licensee's procedures and practices for the protection of personal information collected and ~ssembled for access authorization purpose.
.
.
.
Prop~rty Protection Department Working Guideline No. 20 contained the'
licensee's procedure for the protection of personal information. The procedure required the protection of access authotization informati~n by securing these documents in locked containers in the Human Resources Director's bffice and in the office of the Access Authorization staf Access to the information was handled.ori a need-to~know basi Physical protection practices were reviewe During normal working hours, file containers were left unlocked i~ the Human Resources office area and access control was the responsibility of cognizant personnel in this office. Containers in the Access Authorization staff trailer were routinely locked and opened as needed.* During nonworking hours, all
. -~.e.cur::Uy.,..c.as,e.. JjJ.es_~were Jo.eked_ ~nd 1 ocated in _locked offices..
Inspector observation verified program adequacy.
Irispector observation and interviews conducted during the visit to the licensee's background investigation contractor disclosed that security case files were *maintained in a stand alone computer which uses a password required computer program; hard copies of completed background investigations were secured in a combination locked vaul Confidentiality appeared to be an essential aspect of the contractor's operations based on the inspectors' observation Conclusion The licensee had implemented a system to provide for the protection of personal informatio The licensee's program for protection of personal information was goo.
Audits-An unresolved item ~ertaining tb the question of-"functional independence" of the site access authorization staff member responsible for conducting audits of some of the "self-screening" coritractors was identified (URI 50-255/93019-06).
The corporate quality assurance audits of the access authorization program were identified as a program strengt Annual audits of the Access Authorization Program were p_erformed by the Nuclear Performance Assessment Department (NPAD).
The individual responsible for those audits, an NPAD staff member, was knowledgeable of access authorization regulatory requirements and was qualified as a lead auditor;
The inspectors reviewed the most recent Access Authorization program-audits and surveillances conducted by the NPAD and found that these-audi ts were effective in identifying deficiencies in the progra Deficiencies were promptly addressed by the Access Authorization Staff (AAS).
The NPAD audit program was considered a program strength. The auditor was very knowledgeable in the AA area and the reports showed a
_thorough, in depth review of the-access authorization progra This inspection resulted in the identification of an unresolved item -
pertaining to the issue 6f "functional indeperidence" of members of the_
AAS staff responsible for conducting a limited number of audits of contractors with approved access authoti~ation program This issue does not apply to those contractors audited by the Shared Nuclear Access Authorization Group (SNAAG) or to those audits of contractors where NPAD is part of the audit team such as the annual audit of Confidential Services, In *
Two staff members of the licensee's AAS have conducted independent
_
evaluations of some contractors' access authorization program The
--, - "~--NRC-'-s-po-sU:i-o-n -:J-s.. -roe.flected --i-n--the, -Sta-temer:it.of-Cons-i.de.r-.atl.ons _f.or.....t.he..
Access Authorization Rule in the Federal Register on page 56 FR 19004, under Section 111.6, Audits, states:
"The Commission believes that an independent __ evaluation is a reasonable requirement which could be met by
. -* -* *.
,)
- ,
1 *
a ~tility's quality ~ssurance program if persons ~onducting the evaluation are qualified and functionally independent of those responsible for implementing the Access Authorization Program."
It appears that these two individuals may not be considered. functionally independent because they are part of the l i cens.ee' s access authorization program staff. *
The licensee's position.was that these indi~iduals are independen The licensee's position was that the AAS is responsible for the development, maintenance and implementation of the Consumers Power Company Access Authorization Program and that contractors/vendors do not participate in
. the licensee's program, but are required to develop their own programs for implementation of the Rule using the licensee's torporate Administrative Control for Nuclear Plant Security No. 7, which meets the intent of the Rul The licensee maintains that the AAS does not review, approve, or oversee the contractors/vendors access authorization programs..The latter is performed by the i ndi vi dual contracto The licensee maintained that the only involvement th~ Access Authorization Staff has with the contractor/vendors' program is.that they audit the programs to ensure they comply with the rul Ho~ever, interview. results of the licensee's AAS showed that they have frequent contact with self-screening contractor The AAS responds to questions addressing the contractors' approach to implementing the licen~ee's access authorization progra * *
- .All AAS auditors are trained and knowledgeable in the Access Authorization Program and are Certified Lead Auditors per ANSI N45.2.2 The licensee also noted th.a_t the NPAD*audits of the AA program included a revie~ of several of the audits of the contractor/vendors performed by the AAS and that this examin(ltion was performed to assure that accurate and objective audits were being performed by the AA In summary, the licensee's position w'as that the auditors do perform an independent evaluatio This matter will be forwarded to the Office of Nuclear Reactor Regulation for review an.devaluatio Pending the results -0f this evaluation, this matter will be considered an Unresolved Issu Conclusion The licensee's quality assurance audits of the Access Authorization Program were effective and was determined to be a program strength. The question of functional independence of the Access Authorization Staff in performing audits of self-screening contractors is unresolve Record Retention
- * --lhe..:.i-n*spec-tor-s---r.ev-1-ewed-.the.1A-e-ensee '.s--..r..ecor..d.-retention...a.ctjyjties.to ensure that required records were being retained for the appropriate timefram Section 18 of Control No. 7 adequately addressed record retention periods for access authorization related record Background
~
\\
i *
investigation documentation retained by the licensee's vendor will be provided to th~ licensee if the agreement is terminated for any reaso Self-screening contractors are required by the.licensee, per specification, to retain records for the ~uration of access and a five year period following termination of access authorizatio Conclusion The access.authorization records were being retained as required by the Rule, the correct retention period had been properly identified.
15