Text

June 18, 2009 Comment Responses to DG 5021 Safety/Security Interface (RG 5.74)

Comment: (Section A) This section of the draft regulatory guide introduces the concept of coordinating activities. The proposed §73.58 language uses the terms assess and manage. Additional clarification on expectations relative to "coordination" would be beneficial.

Response: The staff agrees in part. The final regulatory guidance is revised to clarify the topic of this comment.

Comment: (Section B) The last sentence in this paragraph asserts that licensees already have management controls and processes in place to address safety/security interface. We agree and therefore question why NRC feels it necessary to promulgate a new regulation. Absent the withdrawal of §73.58, the regulatory guide should cite the controls and processes in place and definitively state they satisfy the requirements of the proposed regulation.

Response: The staff agrees in part. The purpose of addressing safety/security interface in a new regulation is stated in the Federal Register dated March 27, 2009, which addresses the 10 CFR Part 73 Rulemaking. The final regulatory guidance is provided to describe an acceptable method for licensee to use existing programs for meeting the requirements of 10 CFR 73.58.

Comment: (Section B) The relevance of this paragraph is not clear. From our perspective, the implementation of the additional security requirements mandated by the Orders was managed appropriately using existing programs and processes. The paragraph implies there may be lessons learned that lend credence to the need this new regulation. If so the industry would benefit from having the insights from those lessons.

Response: The staff agrees in part. The staff disagrees with the comment that this section implies unstated meanings. The final regulatory guidance is revised to clarify the topic of this comment.

Comment: (Section B) The third sentence discusses later changes in plant safety or operations adversely impacting security programs. Please provide clarification on the phrase "later changes in plant safety." Regarding the examples of adverse impacts on security, would removing equipment from service for scheduled maintenance constitute a change?

Response: The staff agrees in part. The phrase "later changes" simply refers to plant changes that have not yet been made and therefore can not be accounted for with respect to the possible impact the change may have on either safety or security.

Regarding the examples of adverse impacts on security, the removal of equipment from service for scheduled maintenance does constitute a change, the performance of which must be notified to security to determine if the action has adverse impact on the security program effectiveness. The final regulatory guidance is revised to clarify the topic of this comment.

June 18, 2009 Comment: (Section B) The language in this paragraph appears to suggest a new review process that is very comprehensive and one that would place a substantial administrative burden on plant management and plant security management. The intent of what is stated in the proposed language extends well beyond anything the licensees are currently doing in respect to reviewing the impact of security on safety and vice versa safety on security. Is this NRC's intent?

Response: The staff agrees in part. The intent of this section is to ensure that security is included in the existing review processes. Where a licensee does not currently include security in its existing processes, then the licensee must revise the existing processes to include security. The final regulatory guidance is revised to clarify the topic of this comment.

Comment: (Section B) This paragraph states the guidance is intended to "assist and applicant or licensee in developing and implementing..." conflicts with the first paragraph of section be which states, "The management controls or processes necessary for managing the safety/security interface should already be in place, within a licensee's established operating infrastructure for operations, safety, and security, and should not be new to an operating reactor licensee."

Response: The staff disagrees. This paragraph in no way conflicts because where a licensee has not done what "should" already be in place, the NRC's expectation is that the licensee will use this guidance to in developing and implementing procedures to meet the requirements of 10 CFR 73.58. The final regulatory guidance is revised to clarify the topic of this comment.

Comment: (Section C.2.2) A generic comment highlighted by this section is the meaning of the word "change." Our position is that change means to permanently alter, modify, exchange or replace. The guidance seems to imply that any evolution, whether permanent or temporary, is a change and subject to a safety/security interface evaluation. If this is the NRC's intention the net result is a very complex and comprehensive review process that likely does not exist today. Also, the regulatory analysis for the proposed rule must be redone since it assumed the annual cost to each licensee based on the need to "analyze planned maintenance activities on an on-going basis." The language throughout the draft regulatory guide suggests the safety/security assessment is broader than planned maintenance activities. In the March 9, 2007 public meeting on the proposed rulemaking, the NRC staff stated that §73.58 is a performance based rule (see page 217 of transcript). This section of the guidance is very prescriptive and establishes new standards for security. The assessment of activities on security should ensure the site can protect against acts of radiological sabotage. While it is true that protecting target sets may be part of that standard to call it our specifically in the guidance seems unnecessary. The guidance is silent as to what constitutes safe plant operation in the last sentence of this paragraph; we recommend a simpler statement on security impacts.

Response: The staff agrees in part. This regulatory guide focuses on communication processes between safety and security to ensure that each is notified of plant changes that may impact either and each evaluates the identified change to determine if there is an adverse impact. The final regulatory guidance is revised to clarify the topic of this comment.

June 18, 2009 Comment: (Section C.2.4.1) Please provide clarity on the term: "NRC regulated activities." Is the safety/security interface assessment only on changes that are derived from NRC-regulated activities?

Response: Yes. The final regulatory guidance is revised to clarify the topic of this comment.

Comment: (Section C.2.4.2) The general sense of the guidance is that the safety/security interface assessment is on changes resulting from planned or emergent activities. One could interpret the third bulleted example as a worker parking the forklift in front of the rollup door and going inside the building to inform other of a material delivery. This is not a planned or emergent activity. Is the NRC expectation that licensees will continually evaluate day-to-day activities for safety/security impacts?

Response: The staff agrees in part. The staff does not intend the scope of this regulatory guidance to include such an extreme example as is provided by this comment but does expect the licensee to have a process that does ensure that appropriate day-to-day activities are accounted for by the safety/security interface process. The final regulatory guidance is revised to clarify the topic of this comment.

Comment: (Section C.2.5) This section is focused on changes to plant areas.

However, the first sentence discusses plant areas and SSCs. Also, the sentence uses the term administrative changes. The paragraph should be revised to be clear on what is meant by plant areas and administrative changes. The second sentence is confusing.

Recommend rewording to eliminate duplicative language. For example, "...effective, reliable, and available PPS with assurance of reliability and availability..." repeats words unnecessarily.

Response: The staff agrees in part. The final regulatory guidance is revised to clarify the topic of this comment.

Comment: (Section C.2.8) This sentence highlights the complexity of the issue associated with trying to implement a program or process which meets the all encompassing scope of this new rule. It will be extremely difficult for licensees to implement and the NRC to regulate with any consistency.

Response: Statement noted. No response.

Comment: (Section C.2.10) "All operational and physical plant changes" introduces another definition of the scope of changes subject to evaluation for safety/security impacts. The section should be clear on the purpose of screening and what the licensee does with the results of screening. Further, more clarity that the list is merely examples and not all the questions must be posed in a screening process. Absent this clarification the inspection process may result in a different expectation. Regarding the questions specifically, the eleventh question includes as-found conditions. An as-found condition is not necessarily the result of a planned or emergent activity which the guidance says is the scope.

Response: The staff agrees in part. The final regulatory guidance is revised to clarify the topic of this comment.

June 18, 2009 Comment: (Section C.3.1) The bullets seem to imply a 12 month frequency for the reviews while the last statement indicates that a 24 month frequency is allowed. The current practice is 24 month reviews for audits of the security program and the audit for the safety/security interface should be the same.

Response: The staff agrees in part. The staff agrees that the frequency of this review is intended to be consistent with other security program component reviews. The final regulatory guidance is revised to clarify the topic of this comment.

Comment: (Section C.3.2) "Procedures established to control any changes to plant configuration including emergencies" introduces and new scope of the proposed rule.

Response: The staff disagrees. The final regulatory guidance is revised to clarify the topic of this comment.