IR 05000528/1996008

From kanterella
Jump to navigation Jump to search
Insp Repts 50-528/96-08,50-529/96-08 & 50-530/96-08 on 960513-17.Violation Noted.Major Areas Inspected:Physical Security Program Including Mgt Effectiveness,Security Organization & Followup of Previously Identified Items
ML17300B262
Person / Time
Site: Palo Verde  Arizona Public Service icon.png
Issue date: 06/21/1996
From: Murray B
NRC OFFICE OF INSPECTION & ENFORCEMENT (IE REGION IV)
To:
Shared Package
ML17300B259 List:
References
50-528-96-08, 50-528-96-8, 50-529-96-08, 50-529-96-8, 50-530-96-08, 50-530-96-8, NUDOCS 9606260061
Download: ML17300B262 (16)
v  d  e


Text

ENCLOSURE 2 U.S.

NUCLEAR REGULATORY COMMISSION

REGION IV

Inspection Report:

50-528/96-08 50-529/96-08 50-530/96-08 Licenses:

NPF-41 NPF-51 NPF-74 Licensee:

Arizona Public Service Company P.O.

Box 53999 Phoenix, Arizona Facility Name:

Palo Verde Nuclear Generating Station, Units 1, 2, and 3 Inspection At:

Wintersburg, Arizona Inspection Conducted:

May 13-17

~

1996 Inspectors:

A. B. Earnest.

Physical Security Specialist Plant Support Branch

,)/'

Approved:

aine urray.

ie

,

ant upport rane Division of Reactor Sa ety a e

,~r e

Ins ection Summar Areas Ins ected Units

2 and

Routine.

announced inspection ot the physical security program including management effectiveness'ecurity organization.

and followup of previously identified items.

Results:

Plant Su ort The security program received excellent senior management support (Section 1).

The security staff was professional.

well trained'nd effective.

There were sufficient security officers to meet physical security plan requirements (Section 2).

An inspection followup item, was identified involving personnel access control (Section 3. 1).

960626006i 9'60621 PDR ADOCK 05000528

PDR

-2-

~

A violation was identified in the access authorization area involving

. incorrect granting of back-to-back temporary unescorted access (Section 3.2).

Ins ection Findin s:

Inspection Followup Item 528;529:530/9608-02 was opened Unresolved Item 528:529:530/9524-05 was closed (Section Violation 528;529;530/9608-01 was opened (Section 3.2).

Violation 528:529:530/9511-01 was'losed (Section 3.3).

Inspection Followup Item 528;529:530/9511-03 was closed Inspection Followup Item 528:529:530/9511-04 was closed Violation 528:529:530/9524-01 was closed (Section 3.6).

Violation 528:529:530/9524-02 was closed (Section 3.7).

Violation 528:529;530/9524-03 was closed (Section 3.8).

Inspection Followup Item 528:529:530/9524-04 was closed Attachment:

Persons Contacted and Exit Heeting (Section 3.1).

3.2).

(Section 3.4).

(Section 3.5).

(Section 3.9).

-3-DETAILS

MANAGEMENT EFFECTIVENESS (81020)

The effectiveness and adequacy of the licensee's managements as it related to the administration of the security program.

was evaluated.

The inspector reviewed recent security systems improvements and interviewed security management personnel in order to determine the level of support from licensee senior management.

The inspector determined that senior level management provided excellent support to the security program.

The inspector determined through interviews and observations that security management staff were proactive.

highly professional, and well trained and qualified to manage the security program.

SECURITY ORGANIZATION (81022)

The security organization was inspected to determine compliance with the requirements of 10 CFR 73. 55(a)

. (b) (1). (2),

and (h),

and -the requirements of the physical security plan.

The security force was a proprietary force that consisted of approximately 140 armed and unarmed uniformed officers.

The security force was divided into five shifts.

The inspector interviewed team leaders.

sergeants, and security officers during the inspection.

Morale appeared to be improving and was higher than in previous inspections.

The inspector observed security officers during the performance of numerous security functions.

The officers were efficient, neat.

and capable of performing assigned tasks.

The licensee had sufficient security force personnel to meet physical security plan requirements.

FOLLOWUP (92904)

3. 1 0 en Ins ection Followu Item 528 529 530/9608-02:

Access Control-Personnel The inspector reviewed two condition report/disposition reports (CRDR) that referenced problems with the access control system.

The CRDR 960154 referenced problems with badge/keycards being misread at vital area access points.

The CRDR 960530 indicated that on May 7

~

1996, an Arizona Public Service employee.

with unescorted access, entered the protected area at the personnel access point at 6:30 a.m.

The employees at PVNGS are permitted to carry their badge/keycard (ACAD) outside of the protected area since the installation of a hand geometry access system.

The employee had an ACAD that had been slightly damaged.

Security.

upon making the new badge.

had inactivated the old badge in the access computer.

This effectively prevented the old badge from being used and should have caused the individual to contact security when the old badge would not allow access.

The new Badge 9383, was

-4-issued to the individual.

When the individual tried the badge at the first card reader/hand geometry reader, he was denied entry.

According -to the employee.

the security officer on duty, near the turnstiles in the personnel access point directed him to another card reader.

When he tried the ACAD at this'eader. it read his ACAD as 8383.

(The actual number of his ACAD was 9383.)

After misreading his ACAD as a legitimate ACAD (the employee whose ACAD was 8383 was not onsite on Nay 7). the hand reader also recognized his hand geometry as the individual who had 8383.

Thus, card reader incorrectly read the ACAD and the hand geometry reader also incorrectly read his hand geometry.

The employee entered the plant and, at 11: 14 a.m.,

attempted to enter a vital area through a card reader door and was denied entry.

This generated an alarm at the security alarm system.

security responded, and the incident was discovered.

The licensee was actively attempting to determine the root cause of both system problems.

This is an Inspection Followup Item (528;529;530/9608-02).

3.2 Closed Unresolved Item 528 529 530/9524-05:

Access Authorization This unresolved item involved the issuance of back-to-back temporary unescorted access.

During NRC.Inspection Report 50-528/95-24; 50-529/95-24:

50-530/95-24 in December 1995, the inspector reviewed safeguards event logs.

The inspector discovered a licensee-identified incident that described a back-to-back granting of temporary unescorted access.

Regulatory Guide 5.66.

under Clarification to the Guidelines, paragr aph 2. states that, while it is permissible to grant temporary unescorted access for 180 days, a licensee cannot grant back-to-back temporary unescorted access.

Paragraph 3. 11. 1 of Procedure 20AC-OSK07 states

"A temporary authorization for unescorted access to the Protected/Vital areas of PVNGS may be granted for a single 180-day period pending completion or collection of information required for permanent authorization."

The first temporary une'scorted access was granted from July 14, 1994. to August 9, 1994.

Because of problems with the employee's criminal history and credit history, the licensee did not complete the full background history in order to grant permanent unescorted access.

On October 18, 1995, the employee (contractor)

was erroneously granted temporary unescorted access again.

The employee's file had been flagged to prevent a reinstatement of access because-of derogatory information that had not been resolved.

The employee should not have been granted any kind of access until the criminal history derogatory information was adjudicated.

The failure was identified on October 25, 1995, and the employee's unescorted access was removed.

The licensee's procedure required that the licensee complete all background.investigations even though the employee may have already left the plant.

When the contractor requested the second access'icensee access authorization personnel could not find the

h I

t

-5-first file generated on the employee during her first work period at the plant.

The access authorization person handling the application made the statement that previous incidents had resulted in the granting of unescorted access under the assumption that the full background had been completed, even though the file could not be located for review.

The inspector asked the licensee if'he unresolved issues relating to the contractor's reliability and trustworthiness had been satisfactorily completed.

Paragraph 3.7.4 of Procedure 20AC-OSK07 states

"In determining whether an individual is trustworthy and reliable, specific consideration must be given to any of the following which is revealed in the security screening process:

.

.

.

.

Willful omission or falsification =of material information submitted in support of employment or request for unescorted access authorization."

The licensee stated that some issues relating to the criminal history had not been resolved despite licensee efforts.

The employee had not listed all derogatory information on the employee security questionnaire.

Without determining the exact nature of the criminal history. the licensee can not make a determination whether the employee willfullyomitted or falsified the employee security questionnai re.

In addition, the licensee did not have enough information to make a determination whether the criminal history alone would have prevented the employee from being granted unescorted access.

The inspector attempted to obtain information on the criminal history reported during the background screening.

Both police agencies were unable to find records that would confirm conviction on either of the two arrests, During this inspection, the inspector again reviewed the safeguards event logs and determined that two additional access authorization failures had been identified since December 1995.

A safeguards event report dated March 14, 1996, indicated that an employee had been granted unescorted access and issued a badge prior to the badging office obtaining an authorized signature on the access authorization documents.

Paragraph 3. 1 of the Licensee Procedure 20DP-OSK18 requires that the request for unescorted access be signed by only certain responsible individuals prior to issuing a badge/keycard.

Violations applicable to the licensee's access authorization program were identified in NRC Inspection Report 50-528;529:530/95-16.

While these circumstances are not identical, the corrective actions to the problems previously identified should have established programmatic controls to have precluded this occurrence.

Therefore. this non-compliance is being cited in accordance with the guidance of paragraph VII.B1(b) of the NRC Enforcement Policy (NUREG-1600).

During a review of access authorization records.

the licensee discovered and reported an incident where an employee was granted unescorted access and his background screening records did not indicate a developed reference.

Paragraph 3.2. 1.8 of the Licensee Procedure 20AC-OSK07 states

"The individuals reputation for emotional stability, reliability, and trustworthiness shall be examined through contacts with at least two references supplied by the individual requesting access and at least two additional references developed during the background investigation."

Discussions with the access screening

-6-personnel indicated that they remembered developing a reference on the employee but there was no documentation to indicate it was ever completed.

A developed reference was contacted and the employee was again allowed unescorted access.

Granting back-to-back temporary unescorted access.

issuing a badge/keycard without the requi red approval signature.

and fai ling to include developed references is a violation (528;529;530/9608-01).

3.3 Closed Violation 528 529 530/9511-01:

Inade uate Access Authorization Six access authorization failures were identified by the licensee.

Four of the six instances identified referenced granting unescorted access prior to verification of periods of unemployment in excess of 30 days.

Another instance involved the fai lure to proctor the personality tests.

The sixth instance involved the failure to recognize that the access authorization form was not signed prior to issuing a badge/keycard.

The inspector confirmed that there have been no further instances of fai ling to check unemployment over 30 days.

Procedural changes have insured that all personality tests should be proctored.

However, another instance was identified and reported involving the fai lure to ensure that access had been authorized by the correct signature prior to issuing a badge/keycard.

The last item will be depositioned as part of the violation described in the above paragraph.

3.4 Closed Ins ection Followu Item 528 529 530/9511-03:

Assessment Aids In NRC Ins ection Re ort 50-528/95-24 50-529/95-24 50-530/95-24 the re ort erroneousl closed 528 529 530/9511-03 instead of 528 529 530/9511-02 due to a t o ra hical error.

During a previous inspection, the inspector determined that one of the camera lenses was so dirty as to render it ineffective.

The alarm station operators did not discover the degradation or report it to maintenance for correction.

The inspector observed the cameras and determined that the corrective action appeared to be effective.

A procedure change required the alarm station operators to complete a camera resolution check every 8 hours9.259259e-5 days <br />0.00222 hours <br />1.322751e-5 weeks <br />3.044e-6 months <br /> and identify camera degradations on a

new camera problem report form.

The licensee produced documents that indicated that the alarm station operators had all been trained on the new procedural requirement.

3.5 Closed Ins ection Followu Item'28 529 530/9511-04:

Com ensator Heasures Procedure The compensatory measures procedure was confusing and lacking in detail as to what compensatory measures to utilize in the event of a multiplexor failure.

The inspector interviewed personnel and reviewed changes to Security Procedure ZOSP-OSK08.

The inspector determined that the procedure changes were effective in addressing the weakness in the compensatory procedur l

e-7-3.6 Closed Violation 528 529 530/9524-01:

Inade uate Protected Area Detection Aids During a previous inspection.

NRC contractor personnel tested the plant perimeter detection aids and determined that three of the zones were inadequate.

The inspector reviewed corrective action documentation and walked down the three zones.

Based on the inspectors evaluation of the detection zones.

the licensee's corrective action appeared to be effective.

3.7 Closed Violation 528 529 530/9524-02:

Inade uate Com ensator Measures During a previous inspection, the licensee removed a compensatory post prior to the completion of corrective measures.

Based on interviews, a review of licensee records'nd a walkdown of the zone in question.

the licensee's corrective action appeared to be adequate.

3.8 Closed Violation 528 529 530/9524-03:

Inade uate Access Control-Personnel The metal detectors utilized by the licensee were inadequate to detect the test weapon and a real weapon during tests conducted by NRC inspectors and contractor personnel.

The inspector confirmed that the licensee had purchased and installed new metal detectors at the personnel access point.

The metal detectors passed stringent tests that indicated that the test weapon would be detected every time if an attempt was made to defeat the metal detectors.

3.9 Closed Ins ection Followu Item 528 529 530/9524-04:

Lock and Ke Control During a walkdown of the unit control rooms. the inspector identified several concerns about the manner in which vital area keys were being secured.

The inspector confirmed that the licensee had implemented corrective measures that insured the vital area keys would be under constant surveillance and positive control of the vital area keys would be maintaine PERSONS CONTACTED 1. 1 Licensee Personnel ATTACHMENT

  • J. Levine. Vice Presidents Nuclear Production
  • G. Overbeck.

Vice President.

Nuclear Support

  • C. Collins. Maintenance Team Leader
  • R. Fullmer. Nuclear Assurance Team Leader
  • H. Gahagen.

Engineering

  • F. Gowers. Site Representative
  • B. Grabo.

Section Leader

  • R. Henry. Site Representative
  • L. Houghtby, Department Leader, Site Security
  • D. Huttie. Security Operations Section Leader

"A. Krainik, Licensing Department Leader

  • D. Larkin, Compliance Engineer
  • L. Leavitt. Section Leader

~ Security Administration

  • E. Lumley, Security Access Control Section Leader
  • W. Montefour. Palo Verde Strategic Committee
  • T. Ramey, Security Personnel Assessment
  • J. Reynolds'lant Investigator
  • M. Sontag.

Security Section Leader 1.2 NRC Personnel

  • J. Kramer

~ Resident Inspector

  • Denotes personnel that attended the exit meeting.

In addition to the personnel listed. the inspector contacted other-personnel during the inspection.

EXIT MEETING An exit meeting was conducted on May 17.

1996.

During this meeting, the inspector reviewed the scope and findings of the report.

The licensee did not express a position on the inspection findings documented in this report.

The licensee did not identify as proprietary any information provided to. or reviewed by, the inspector(s).

Subsequently, the licensee expressed in telephone conversations to Region IV management their view that the violation of NRC requi rements met the criteria to not be cited's delineated in the NRC Enforcement Polic I l

Retrieved from "https://kanterella.com/w/index.php?title=IR_05000528/1996008&oldid=5085666"