ML17286A029
| ML17286A029 | |
| Person / Time | |
|---|---|
| Issue date: | 08/23/2018 |
| From: | Dante Johnson NRC/NSIR/DSO/SOSB |
| To: | |
| D. Johnson 287-3623 | |
| Shared Package | |
| ML17286A026, ML18234A023 | List: |
| References | |
| CN 18-028 | |
| Download: ML17286A029 (18) | |
Text
Issue Date: 08/23/18 1
71130.01 NRC INSPECTION MANUAL NSIR/DSO INSPECTION PROCEDURE 71130.01 ACCESS AUTHORIZATION Effective Date: January 1, 2019 PROGRAM APPLICABILITY:
IMC 2201 A 71130.01-01 INSPECTION OBJECTIVES 01.01 To verify that the licensees implementation of its Access Authorization (AA) program is in accordance with the U.S. Nuclear Regulatory Commission (NRC)-approved security plans.
01.02 To verify that the licensees implementation of its AA program provides assurance that individuals granted unescorted access are trustworthy, reliable, and do not constitute an unreasonable risk to public health and safety or the common defense and security.
01.03 To verify that the licensees implementation of the behavioral observation provisions of the licensees AA program provides assurance of continued reliability and trustworthiness of personnel with unescorted access.
01.04 To verify and assess that the licensees implementation of the provisions of the insider mitigation program are effective in mitigating the active insider and active violent insider.
01.05 To verify that the licensees physical protection program associated with this sample is designed and implemented to meet the general performance objective of Title 10 of the Code of Federal Regulations (CFR) 73.55(b).
71130.01-01-02 INSPECTION REQUIREMENTS General Guidance.
Through verification of the inspection requirements within this inspection procedure (IP), the inspector(s) shall ensure that the licensees physical protection program associated with this sample is designed and implemented to meet the general performance objective of 10 CFR 73.55(b).
In preparing to complete this IP, the inspector(s) should familiarize themselves with relevant documentation which may include, but is not limited to the licensee's security plans, site specific and/or corporate implementing procedures, security post orders, and security program reviews and audits. Specifically, the inspector should apply additional attention to recent security plan changes that could be relevant to the inspection activity.
Issue Date: 08/23/18 2
71130.01 The inspector(s) are responsible for ensuring that the minimum range of inspection requirements identified within the sample are completed and evaluated to a level which provides assurance that licensees are meeting NRC regulatory requirements within the security program area being inspected. The guidance within this procedure is being provided as a tool which:
(1) recommends to the inspector(s) certain methods and techniques for determining licensee security program compliance and effectiveness related to an inspection requirement or; (2) clarifies certain aspects of a regulatory requirement associated with a particular inspection requirement. Where minimum sampling numbers are indicated (i.e., at least (three) intrusion detection system zones shall be tested, or at least 20 percent of the total personnel on a shift will be selected for weapons firing, etc.), the inspector(s) should adhere as closely as possible to the numbers identified in the guidance. The inspectors may expand the minimum number to aid in determining the extent of the condition, should compliance concerns arise. Completion of other recommended actions contained in this guidance should not be viewed as mandatory and is only intended to assist the inspector(s) in determining whether an inspection sample has been adequately addressed. Should questions arise regarding procedural requirements or guidance, the inspector(s) should consult with regional management or the Office of Nuclear Security and Incident Response, the program office, for clarification.
In assessing the licensees AA program, the inspector(s) must determine whether the licensees program obtains sufficient information on which to base an initial determination to grant a person unescorted access. The total accumulation of information about the person is the basis for the unescorted access determination. A sound determination requires the assessment of all data provided by the applicant and developed through the investigation to determine whether the applicant has been truthful in providing the information necessary for the reviewing official to decide that the applicant is trustworthy and reliable and does not constitute a risk to the health and safety of the public, and the common defense and security including the risk of committing radiological sabotage.
In no case should a licensee make access decisions by exception through application of best effort. Best effort is limited to the effort applied to a specific past or present employer of the applicant or academic institution attended by the applicant and cannot be used to satisfy the requirements for meeting the criteria to establish trustworthiness and reliability.
After the initial decision to grant unescorted access, the licensee must ensure that each person granted unescorted access is a part of an effective behavioral observation program designed to recognize behaviors that, if left unaddressed, could have an adverse effect on the public health and safety or the common defense and security. The program may include insider mitigation attributes.
The Fitness-for-Duty (FFD) program is critically intertwined in the AA program. Therefore, the inspector(s) should include the related portions of the FFD inspection procedure to ensure that all pre-access activities are incorporated in the overall program, and prevent the licensee from granting unescorted access prematurely.
The inspector(s) should review the remaining elements of the program to ensure that records are appropriately maintained and protected and that access reviews are sufficiently independent to ensure a person who has been denied unescorted access has an opportunity to present any additional information on the access decision.
Issue Date: 08/23/18 3
71130.01 The inspector(s) should review the documentation from a representative sample of AA decisions to identify: (1) cases in which unescorted access was not terminated due to failure to report arrests; (2) cases in which persons testing positive for alcohol or other prohibited substances continued to be authorized unescorted access or were returned to unescorted access status after an initial removal; and (3) the rate of for-cause referrals for other than suspected alcohol abuse.
TIER I 02.01 Implementing Procedures.
- a.
Verify that the licensee implements procedures to ensure that personnel denied unescorted access after January 1, 1997, are included in a common industry database.
(10 CFR 73.56(o)(6)(i), 10 CFR 73.56(o)(6)(ii)).
Specific Guidance.
When inspecting this requirement, the inspector(s) should review the licensees procedures to verify that the licensee has established a method to share AA information with other licensees. Specifically, the inspector(s) should verify that the licensee has procedures that outline the implementation of an information sharing mechanism to share information with other licensees pertaining to individuals who have been denied unescorted access as a result of not meeting or maintaining the trustworthiness and reliability criteria for unescorted access in accordance with 10 CFR 73.56.
- b.
Verify that the licensee implements procedures to ensure that individuals performing background investigations have met criteria that are consistent with the requirements for persons undergoing background investigations. (10 CFR 73.56(k)(1),
Specific Guidance.
To inspect this requirement, the inspector(s) should review the licensees procedures to verify that the licensee implements measures to determine the trustworthiness and reliability of personnel (background screeners and access authorization personnel) who collect and process information that will be used by a reviewing official to make unescorted access or unescorted AA determinations. At a minimum the licensees procedures should address the following: (1) verification of the individuals true identity; (2) performance of a local criminal history through a State or local court; (3) the conduct of a local credit history evaluation; (4) the conduct of an employment history evaluation covering the last 3 years; and (5) the conduct of a character and reputation evaluation.
Issue Date: 08/23/18 4
- c.
Verify that the licensee implements procedures to ensure that persons granted unescorted access are aware and remain aware of their responsibility to report arrests and are notified in writing of their responsibilities. (10 CFR 73.56(g))
Specific Guidance.
To inspect this requirement, the inspector(s) should review the licensees procedures to verify that the licensee has an established legal action reporting program that includes, at a minimum, the following: (1) requirements for individuals with or who have applied for unescorted access or unescorted AA to promptly report any legal actions such as arrests, criminal charges, convictions, or proceedings; (2) a method for notifying an individual in writing of his or her obligation to report legal action; and (3) actions that recipients of a legal action report are required to take upon receipt of a report. The legal action reporting program excludes minor civil actions or misdemeanors such as parking violations or speeding tickets.
02.02 Granting Unescorted Access and Reinvestigations.
- a.
Verify that the licensee implements adequate provisions to obtain sufficient information to determine the true identity of applicants for unescorted access. (10 CFR 73.56(d)(3))
Specific Guidance.
The inspector(s) should review licensees procedures, records, and practices to verify that the licensee demonstrates measures to validate an individuals true identity. Those measures should include the following minimum requirements: (1) a process to validate that the social security number that the individual has provided is his or hers and, in the case of foreign nationals, validate the claimed non-immigration status that the individual has provided is correct; and (2) a method to determine whether the results of the fingerprinting confirm the individuals claimed identity, if such results are available.
- b.
Verify that the licensee conducts employment and education verifications and suitable inquiries within the required time constraints. (10 CFR 73.56(h)(4))
Specific Guidance.
The inspector(s) should review the licensees procedures, records, and practices to confirm that the licensee demonstrates methods to verify employment and education, and perform suitable inquiries of applicants requesting initial unescorted access or unescorted AA in accordance with 10 CFR 73.56(h)(4). Additionally, the inspector(s) should examine the licensees processes to confirm that the licensee demonstrates methods to verify employment and education, and perform suitable inquiries of individuals who have previously been granted unescorted AA, but whose access had been terminated or interrupted for a for a period of time.
- c.
Verify that the licensee requires applicants to undergo professionally accepted and standardized psychological evaluations as required. (10 CFR 73.56(e))
Issue Date: 08/23/18 5
71130.01 Specific Guidance.
When inspecting this requirement, the inspector(s) should review the licensees procedures, records, and practices to confirm that the licensee has methods in place to ensure that a psychological assessment is completed before an individual is granted unescorted access or certified unescorted AA. The inspector(s) should also review the psychological assessment(s) that the licensee uses and determine if the assessment(s) is designed to evaluate the possible adverse impact of any noted psychological characteristics on an individuals trustworthiness and reliability. While reviewing the psychological assessment(s), the inspector(s) should confirm that the licensees psychological assessment(s) include, at a minimum: (1) a standardized, objective, professionally accepted psychological test that provides information to identify indications of disturbances in personality or psychopathology that may have adverse implications for an individuals trustworthiness and reliability; (2) a licensed psychiatrist or psychologist established the predetermined thresholds of the test that will be applied in interpreting the results of the psychological test to determine whether an individual must be interviewed by a licensed psychiatrist or psychologist; and (3) the assessment(s) are conducted in accordance with the applicable ethical principles for conducting such assessments established by the American Psychological Association or American Psychiatric Association.
- d.
Verify that a clinical interview by a licensed psychiatrist or psychologist is conducted for individuals who provide indication of disturbances in personality or psychopathology during the psychological assessment that may have implications on trustworthiness and reliability. (10 CFR 73.56(e)(4))
Specific Guidance.
For the inspection of this requirement, the inspector(s) should review the licensees procedures, records, and practices to confirm that clinical interviews are performed by a licensed psychiatrist or psychologist for individuals whose scores on the psychological assessments are outside of the predetermined thresholds that are indicative of disturbances in personality or psychopathology that may have implications for an individuals trustworthiness and reliability.
- e.
Verify that the licensees reviewing official reviews and evaluates all of the background information required by 10 CFR 73.56 in making AA decisions for the trustworthiness and reliability of individuals applying for unescorted access or unescorted AA.
Specific Guidance.
The inspector(s) should review a sample of AA records, in particular those that have been adjudicated, to ensure that each specific program element, both individually and collectively, meet the assurance standard described in the rule.
- f.
Verify that the licensee reviews credit history summaries for the entire period identified on personal history questionnaires that are provided. (10 CFR 73.56(d)(5))
Issue Date: 08/23/18 6
71130.01 Specific Guidance.
When inspecting this requirement, the inspector(s) should review licensees procedures, records, and practices to confirm that the licensee conducts full credit history evaluations of individuals applying for unescorted AA. The licensees procedures, records, and practices should identify that a full credit evaluation includes, but is not limited to, an inquiry to detect the potential fraud or misuse of social security numbers or other financial identifiers, and review an evaluation of all of the information that is provided by a national credit-reporting agency about an individuals credit history.
Additional provisions should be included in the licensees AA program that stipulate methods to perform a credit history review of foreign nationals and U.S. citizens who have resided outside of the U.S. and do not have established credit history that covers at least the most recent 7 years in the U.S. The licensees credit history evaluation should also include a comparison between the data produced from an individuals credit report to the information the individual submitted on his or her personal history questionnaire.
- g.
Verify that the licensee appropriately implements the standard of best effort while conducting employment history evaluations. (10 CFR 73.56(d)(4))
Specific Guidance.
The inspector(s) should review the licensees procedures, records, and practices to confirm that the licensee has methods in place to implement the standard of best effort.
Specifically, the licensees procedures, records, and practices should identify that employment history evaluations are completed on a best effort basis, by questioning an individuals present and former employers, and by determining the individuals activities while unemployed. In no case should a licensee make access decisions by exception.
Best effort is limited to the specific effort applied to a specific past or present employer of the applicant and cannot be used for the cumulative satisfaction of the requirements for meeting a test to establish trustworthiness and reliability.
- h.
Verify that the licensee appropriately implements the requirements for submitting fingerprints, including the restrictions on requesting name searches.
(10 CFR 73.56(d)(3), 10 CFR 73.57(b))
Specific Guidance.
When inspecting this requirement, the inspector(s) should review the licensees procedures, records, and practices to confirm that the licensee is submitting fingerprints in accordance with requirements and exceptions set forth in both 10 CFR 73.56(d)(3) and 10 CFR 73.57(b).
Issue Date: 08/23/18 7
- i.
Verify that individuals who are members of the population that perform one or more job functions that are critical to the safe and secure operation of the licensees facility, as defined in 10 CFR 73.56(i)(1)(v)(B), are subject to a clinical interview by a licensed psychiatrist or psychologist as part of the psychological assessment.
Specific Guidance.
When inspecting this requirement, the inspector(s) should review the licensees procedures, records, and practices to confirm that the licensee requires the following individuals to undergo a clinical interview as part of the psychological assessment:
- 1.
Individuals who have extensive knowledge of defensive strategies and design and/or implementation of the plants defensive strategies, including:
(a)
Site security supervisors (b)
Site security managers (c)
Security training instructors (d)
Corporate security managers
- 2.
Individuals in a position to grant an applicant unescorted access or unescorted AA, including site AA managers.
- 3.
Individuals assigned a duty to search for contraband or other items that could be used to commit radiological sabotage.
- 4.
Individuals who have access, extensive knowledge, or administrative control over plant digital computer and communication systems and networks as identified in 10 CFR 73.54, including:
(a)
Plant network systems administrators (b)
Information technology personnel who are responsible for securing plant network
- j.
Verify that the licensee reinvestigates all personnel having unescorted access to NRC-licensed facilities. (10 CFR 73.56(h)(6)(i))
Specific Guidance.
No inspection guidance.
- k.
Verify that the licensee reviews and evaluates Federal Bureau of Investigation (FBI) criminal history records before authorizing unescorted access. (10 CFR 73.57(b),
Issue Date: 08/23/18 8
71130.01 Specific Guidance.
The inspector(s) should review the licensees procedures, records, and practices to confirm that the licensee reviews and evaluates an individuals FBI criminal history records prior to authorizing unescorted access and considers the information contained in the records in determining the individuals suitability for unescorted access in accordance with 10 CFR 73.57(b).
02.03 Behavioral Observation Program and Insider Threat Mitigation.
- a.
Verify that the licensee reassesses and re-approves personnel access lists for vital areas (VAs) at the prescribed frequency to confirm that personnel on the VAs access list have a continued need to access VAs. (10 CFR 73.56(j))
Specific Guidance.
The inspector(s) should review the licensees procedures, records, and practices to confirm that the licensee reassess and reapproves personnel access lists for VAs at the prescribed frequency to confirm that personnel on the VA access list have a continued need to access VAs. Specifically, the licensees access list for VAs must include:
(1) only individuals who have a continued need for access to those specific VAs in order to perform their duties and responsibilities; (2) must be approved by a cognizant licensee or applicant manager or supervisor who is responsible for directing the work activities of the individual who is granted unescorted access to each VA; and (3) the list is updated and re-approved no less than every 31 days.
- b.
Verify that the licensee screens individuals on personnel access list to ensure that they have a continued need for access to VAs, not just a possibility of needing unescorted access at some undefined time in the future. (10 CFR 73.55(g)(1)(i)(D) and 10 CFR 73.56(j))
Specific Guidance.
No inspection guidance.
- c.
Verify that the licensee implements provisions for conducting psychological reassessments for individuals who perform one or more job functions that are critical to the safe and secure operation of the licensees facility as identified in 10 CFR 73.56(i)(1)(v)(B) at intervals not to exceed 5 years. (10 CFR 73.56(i)(1)(v)(B) )
Issue Date: 08/23/18 9
71130.01 Specific Guidance.
When inspecting this requirement, the inspector(s) should review the licensees procedures, records, and practices to confirm that the licensee implements provisions for conducting psychological reassessments within 5 years of the day on which the individual was last psychologically assessed. These individuals include:
- 1.
Individuals who have extensive knowledge of defensive strategies and design and/or implementation of the plants defensive strategies, including:
(a)
Site security supervisors (b)
Site security managers (c)
Security training instructors (d)
Corporate security managers
- 2.
Individuals in a position to grant an applicant unescorted access or unescorted AA, including site AA managers.
- 3.
Individuals assigned a duty to search for contraband or other items that could be used to commit radiological sabotage.
- 4.
Individuals who have access, extensive knowledge, or administrative control over plant digital computer and communication systems and networks as identified in 10 CFR 73.54, including:
(a)
Plant network systems administrators (b)
Information technology personnel who are responsible for securing plant networks
- 5.
Individuals qualified for and assigned duties as: armed security officers, armed responders, alarm station operators, response team leaders, and armorers as defined in the licensees or applicants security plans; and reactor operators, senior reactor operators, and non-licensed operators.
- d.
Verify that the licensee implements provisions for conducting and reviewing annual supervisory reviews. (10 CFR 73.56(i)(1)(iv))
Specific Guidance.
No inspection guidance.
Issue Date: 08/23/18 10 71130.01 02.04 Information Sharing.
- a.
Verify that the licensee implements measures to ensure that shared information which may have an adverse effect on an individuals trustworthiness and reliability, is updated or provided to other licensees or industry entities in a timely fashion so informed AA decisions can be made. (10 CFR 73.56(o)(6)(i))
Specific Guidance.
When inspecting this requirement, the inspector(s) should review the licensees procedures, records, and practices to confirm that the licensee implements measures to ensure that shared information which may have an adverse effect on an individuals trustworthiness and reliability is updated or provided to other licensees or industry entities in a timely fashion. Specifically, the inspector(s) should review the licensees AA program to confirm that the licensee has methods in place to ensure if/when shared information is developed about an individual, the licensee that acquired the information shall correct or augment the data and ensure it is shared with other licensees. If the information has implications for adversely affecting an individuals trustworthiness and reliability, the licensee who discovered or obtained the information informs the reviewing official of any licensee AA program under which the individual is maintaining his or her unescorted AA or unescorted access status of the updated information on the day of the discovery.
- b.
Verify that the licensee or entity ensures that violations, within its respective FFD program, for any 10 CFR Part 26 program elements are identified to any licensee having taken credit for the activities of the licensee in violation and to any licensee who may attempt to take credit for the activities of the licensee in violation.
Specific Guidance.
When inspecting this requirement the inspector should review the licensees processes for the sharing of FFD information related to AA to ensure that a process exists to inform other licensees or entities (whom may have taken credit for/used this licensees/entitys FFD program information) of violations within their respective FFD program.
Issue Date: 08/23/18 11 71130.01 TIER II 02.05 Implementing Procedures.
- a.
Verify that the licensee implements procedures and processes that address obtaining and explaining informed consent, to include the withdrawal of consent, for individuals subject to background investigations required for unescorted access and unescorted AA. (10 CFR 73.56(d)(1))
Specific Guidance.
When inspecting this requirement, the inspector(s) should review the licensees implementing procedures and/or AA records to verify that the licensee has established a method to obtain informed consent to conduct background investigations on individuals applying for unescorted access or unescorted AA. The inspector(s) should also verify that these measures include explaining informed consent and the withdrawal of consent to individuals applying for unescorted access or unescorted AA.
- b.
Verify that the licensees procedures describe how it protects personal information maintained in the licensees personnel information management system.
Specific Guidance.
When inspecting this requirement, the inspector(s) should review the licensees procedures to verify that licensees procedures address the protection of personal information used by the licensee to process the applications of individuals seeking unescorted access or unescorted AA. The licensee procedures should address the specific measures for the protection of this information during the time the information is being used for the determination process as well as once unescorted access has been granted and the personal information is then being maintained in accordance with 10 CFR 73.56(o)(2)(i). Licensees or their contractors and vendors who implement the unescorted AA programs in accordance with these criteria should retain the records on which the AA is based or denied for the duration of the unescorted access and for 5 years following access denial or access termination from the authorizing licensees program.
02.06 Granting Unescorted Access, Reinvestigations, and Maintaining Authorization.
- a.
Verify that the licensee implements AA categories and processes for determinations regarding initial unescorted access, updated unescorted access, and reinstatement of unescorted access. (10 CFR 73.56(h))
Specific Guidance.
When inspecting this requirement, the inspector(s) should review the licensees procedures to verify that the licensee has established methods for granting unescorted access and certifying unescorted AA for individuals applying for initial unescorted access. Additionally, the inspector(s) should review the licensees procedures to verify that the licensee has established methods to grant or deny unescorted access or
Issue Date: 08/23/18 12 71130.01 unescorted AA to individuals who have previously been granted unescorted AA, but whose access had been terminated or interrupted for a for a period of time.
- b.
Verify that the licensee has provisions in place to reassess and reevaluate information received by, or provided to the licensee on the day of discovery, that may have an effect on the trustworthiness or reliability of a person with unescorted AA.
Specific Guidance.
No inspection guidance.
- c.
Verify that the licensee establishes criteria in accordance with the regulations for verifying the trustworthiness and reliability of individuals who collect process or have access to background information. (10 CFR 73.56(k))
Specific Guidance.
No inspection guidance.
02.07 Behavioral Observation Program.
- a.
Verify that the licensees behavioral observation program ensures the ability to recognize behaviors or activities adverse to the safe operation and security of the facility. (10 CFR 73.56(f)(1))
Specific Guidance.
The inspector(s) should review the licensees related behavioral observation program procedures, records, and lesson plans to confirm that the licensee ensures that its program ensures the ability to recognize behaviors or activities adverse to the safe operation and security of the facility.
- b.
Verify that the licensees procedures include a method to validate the implementation of the licensees behavior observation program for off-site employees who maintain unescorted access. (10 CFR 73.56(f)(1))
Specific Guidance.
No inspection guidance.
02.08 Information Sharing.
- a.
Verify that the licensee implements a method to share information pertaining to individuals who have unescorted access or unescorted AA with other licensees or entities that are required to maintain AA programs in accordance with 10 CFR 73.56.
Issue Date: 08/23/18 13 71130.01 Specific Guidance.
The inspector(s) should review the licensees procedures, records, and practices to confirm that the licensee has methods in place to share information pertaining to individuals who have unescorted access or unescorted AA with other licensees and entities that are required to maintain AA programs. Specifically, the inspector(s) should review the licensees AA program to confirm that the licensee has methods in place to ensure the following:
- 1.
Licensees who are authorized to add or manipulate data, within an information-sharing mechanism that is shared with other licensees, ensures that the data linked information about individuals who have applied for unescorted AA, as specified in licensee AA program documents, is retained.
- 2.
If the shared information used for determining an individuals trustworthiness and reliability changes or new or additional information is developed about the individual, the licensee that is acquiring this information shall correct or augment the data contained within the information-sharing mechanism. If changed, additional, or developed information that has implications for adversely affecting an individuals trustworthiness and reliability, the licensee who discovered or obtained the information informs the reviewing official of any licensee AA program under which the individual is maintaining his or her unescorted AA or unescorted access status of the updated information on the day of the discovery.
- 3.
The receiving licensees reviewing official evaluates the information and takes appropriate actions, which may include denial or unfavorable termination of unescorted AA or unescorted access.
- 4.
If the information-sharing mechanism is unavailable and notification of change or updated information is required, the licensee takes manual actions to ensure that the information is shared, and the data is updated in the information-sharing mechanism as soon as reasonably possible.
- 5.
Records that are maintained in the database are available for NRC review.
- b.
Verify that the licensee denies access to the PA for personnel who have been denied access based on NRC requirements. (10 CFR 73.56(h)(3))
Specific Guidance.
No inspection guidance.
- c.
Verify that the licensee ensures that personnel with unescorted access or unescorted AA, who are in a licensee, contractor, or vendor FFD follow-up program, are identified to any subsequent licensee or entity to enable continuation of the follow-up activities by the receiving licensee or entity. (10 CFR 26.69(e)(1))
Specific Guidance.
The inspector(s) should review the licensees procedures, records, and practices to confirm that the licensee has methods in place to ensure that personnel with
Issue Date: 08/23/18 14 71130.01 unescorted access or unescorted AA, who are in a licensees, contractors, or vendors FFD follow-up program, are identified to any subsequent licensee or entity to enable continuation of the follow-up activities by the receiving licensee or entity. Specifically, the inspector(s) should review the licensees AA program to confirm that when the licensee imposes FFD treatment and/or a follow-up testing plan that the licensee ensures that information documenting the treatment and/or follow-up testing plan is identified to any subsequent licensee or entity who seeks to grant authorization to the individual.
TIER III 02.09 Reviews.
Events and Logs. Review licensee event reports, safeguards log entries, and corrective action program entries for the previous 12 months (or since the last inspection) that concern the AA program, and follow up, if appropriate.
Security Program Reviews. Verify that the licensee is conducting security program reviews in accordance with 10 CFR 73.55(m) and that the licensees AA program was included in a review as required by the regulation. (10 CFR 73.55(m) and Security Plans)
Problem Identification and Resolution. Verify that the licensee identifies problems with the AA program and its integration with the FFD program at an appropriate threshold and enters the problems in the corrective action program. Verify that the licensee has appropriately resolved the regulatory requirement issue for a selected sample of problems with AA. If applicable, see IP 71152, Identification and Resolution of Problems, for additional guidance. (10 CFR 73.55(b)(10))
Specific Guidance.
The inspector(s) should review safeguards log entries, licensee condition reports, licensee corrective action program entries, etc., for the previous 12 months to determine whether the licensee has experienced issues with the implementation of its AA program. The inspector(s) should follow-up on issues identified to ensure the licensee has taken appropriate corrective actions to prevent a re-occurrence of the issues identified. For the inspection of this requirement the inspector(s) should review the documented results of the security program reviews or audits performed by the licensee to ensure the continued effectiveness of its AA program. The inspector(s) should ensure that the reviews have been conducted in accordance with the requirements of 10 CFR 73.55(m). The inspector(s) should also request that the licensee provide a copy of the report that was developed and provided to licensee management for review. The inspector(s) should review the report to identify any findings that were identified via the review or audit to ensure the findings were entered in the licensees corrective action program.
02.10 Personnel Information Management.
- a.
Verify that the licensee implements a personnel information management system to protect personal and confidential information. (10 CFR 73.56(m), 10 CFR 73.56(m)(1),
and 10 CFR 73.56(m)(3)).
Issue Date: 08/23/18 15 71130.01 Specific Guidance.
When inspecting this requirement, the inspector(s) should review the licensees procedures, records, and practices to confirm that the licensee implements and maintains a personnel information management system to protect personal and confidential information. Additionally, and where applicable, this includes the licensee obtaining a release (consent) form from non-citizens prior to querying the Department of Homeland Security Systematic Alien Verification for Entitlement (DHS-SAVE) database.
This is applicable to unescorted and escorted access if the licensee is or has used the DHS-SAVE database.
Inspectors should also note that the DHS-SAVE database is administered by the United States Citizenship and Immigration Services (USCIS) of the DHS. The NRC has entered into a memorandum of understanding with USCIS for the use of the DHS-SAVE database by its licensees. The SAVE database enables NRC licensees, opting to use SAVE, to verify the legal status of non-citizens seeking access to NRC-licensed facilities. The NRC security Order, AA, enclosures 3 & 4, January 7, 2003, recommended the use of a Federal database to verify the immigration status of non-citizens accessing the PA of nuclear power plants. The DHS-SAVE database fulfills this recommendation.
- b.
Verify that the licensees information management system protects information stored or transmitted in electronic format. (10 CFR 73.56(m))
Specific Guidance.
No inspection guidance.
- c.
Verify that the licensees information management system prohibits unauthorized access to the information and prohibits modification of the data without proper authorization. (10 CFR 73.56(m))
Specific Guidance.
No inspection guidance.
02.11 Information Sharing.
- a.
Verify that the licensee implements a method to share information pertaining to the access denial of individuals with other licensees and entities that are required to maintain AA programs in accordance with 10 CFR 73.56. (10 CFR 73.56(o)(6))
Specific Guidance.
No Inspection guidance.
- b.
Verify that the licensee implements backup manual procedures and processes for sharing information. (10 CFR 73.56(o)(6)(ii))
Issue Date: 08/23/18 16 71130.01 Specific Guidance.
When inspecting this requirement, the inspector(s) should review licensees procedures, records, and practices to confirm that the licensee maintains backup manual procedures and processes for sharing information. Specifically, the inspector(s) should review the licensees AA program to confirm that, in the event of a failure of the primary information sharing method occurs, the licensee maintains a backup process of manual information exchange is available for short-term use.
71130.01-01-03 PROCEDURE COMPLETION The inspection of the minimum number of inspection requirements will constitute completion of this procedure. The total number of Tier I inspection requirements (21) constitutes the minimum number of inspection requirements for completion of this procedure. The inspection requirement range for completion is as follows: minimum range 21 inspection requirements, and nominal range 31 inspection requirements. The inspection of the nominal range of inspection requirements within this procedure is the target range for this sample and should be completed to the extent practicable.
The nominal range of inspection requirements for this inspection activity is defined as 21 Tier I inspection requirements, 6 Tier II inspection requirements, and 4 Tier III inspection requirements (total 31 inspection requirements).
The frequency at which this inspection activity is to be conducted is triennially (once every 3 years).
71130.01-01-04 RESOURCE ESTIMATE The resource estimate for the completion of this procedure consists of approximately 19 hours2.199074e-4 days <br />0.00528 hours <br />3.141534e-5 weeks <br />7.2295e-6 months <br /> for the inspection of the minimum range of inspection requirements, and approximately 25 hours2.893519e-4 days <br />0.00694 hours <br />4.133598e-5 weeks <br />9.5125e-6 months <br /> for the inspection of the nominal range of inspection requirements. The sample size for this procedure is one.
END
- Revision History for IP 71130.01-01
Issue Date: 08/23/18 Att1-1 71130.01 - Revision History for IP 71130.01 Commitment Tracking Number Accession Number Issue Date Change Notice Description of Change Description of Training Required and Completion Date Comment Resolution and Closed Feedback Accession Number (Pre-Decisional, Non-Public Information) 04/03/00 CN 00-003 Initial issuance.
09/12/00 CN 00-018 Periodic revision ML021140718 04/05/02 CN 02-015 Periodic revision ML040680559 02/19/04 CN 04-007 Periodic revision N/A 12/10/2008 CN 08-035 This document has been revised to standardize the sample size; include updates resulting from inspection feedback and oversight; correct editorial errors; and convert the document to MS Word.
N/A ML073550648 N/A ML093420709 01/12/10 CN10-002 This document has been revised to address the changes to 10 CFR part 73 that resulted from a rulemaking; and in accordance with the ROP realignment process.
N/A ML093420712 N/A 02/24/10 CN 10-007 Effective date changed to 04/01/10.
N/A N/A N/A ML13238A209 12/12/13 CN 13-028 Inspection Procedure re-written to comply with IMC 0040 format and establish inspection requirement range for procedure completion.
N/A ML13298A546 N/A ML14296A199 04/20/15 CN 15-006 This document has been revised to address the program applicability and minor administrative changes.
N/A ML15041A357
Issue Date: 08/23/18 Att1-2 71130.01 Commitment Tracking Number Accession Number Issue Date Change Notice Description of Change Description of Training Required and Completion Date Comment Resolution and Closed Feedback Accession Number (Pre-Decisional, Non-Public Information)
N/A ML16175A032 09/30/16 CN 16-024 This document has been revised to adjust the resource estimate to reflect the nominal number of inspection requirements as the target range for completion of this procedure as well as make minor administrative changes.
N/A ML1688A389 N/A ML17286A029 08/23/18 CN 18-028 SOSB revised the 71130 series Inspection Procedures (IP) and associated Inspection Manual Chapters (IMC) in response to Staff Requirements - SECY 16-0073 (Options and Recommendations for the Force-On-Force Inspection Program) and the March 2017 Assessment Team (Regions and HQ) review for redundancys and efficiencies of the 71130 series IPs for power reactors. Upon completion of a SUNSI review, the staff concluded that this document should be de-controlled. Consistent with the staffs SUNSI determination, an administrative revision of this document was conducted to remove SUNSI markings.
Removed all references to NEI documents due to Entergy and NextEra corporations departure from NEI.
N/A ML17286A027