Text

NRC Risk-Informing Security Integrated Action Plan Last Update: July 16, 2019 FY2019 FY2020 FY2021 FY2022 Comments Risk-Informing Security Activities Assigned Organization Target Completion Date Q1 Q2 Q3 Q4 Q1 Q2 Q3 Q4 Q1 Q2 Q3 Q4 Q1 Q2 Q3 Q4 Threat assessment information and analysis of adversary tactics has Force on Force Realism and Tactic Binning DSO/SPEB Completed been added to the scenario development and evaluation process DSO/SOSB Regional security inspectors and resident inspectors have been Risk-Informed Compensatory Measures Completed trainined on the risk-informed compensatory measure process Inspection Procedures have been updated with risk-informing in mind.

Baseline Physical Security Program Update DSO/SOSB Completed Samples and Tiers are based on risk-significance.

Submit COMSECY-19-0006, Revised Security Submitted in response to SRM-SECY-17-0100. Provides a revised DSO/SOSB Completed Inspection Program Framework (Option 3) security inspection program framework.

Submitted in response to SRM-SECY-17-0100. Provides new Submit SECY-19-0055, Crediting Options for DSO/SOSB Completed approaches to crediting operator actions, the use of FLEX equipment, Operator Actions and Law Enforcement and law enforcement responseas.

Ongoing work to resolve potential backfit issues related to three DBT 3 DBT Items DPCP/RSB 2019 Q4 issues Staff planning to send a paper to the Commission in September 2019 Drones Paper DPCP/MSB 2020 Q1 with the results of the vulnerability study and seeking direction on whether to proceed to ACSP Step 5, "Stakeholder Engagement."

50.54(p) Reviews DPCP/RSB 2020 Q1 Staff evaluating what is needed for reasonable assurance decisions.

DPCP/MSB Update RG 5.81 2020 Q2 Updating with a focus on Criterion 3 DSO/SOSB Stakeholder Comment Period Developing SECY paper to evaluate feasibility of implementing NEI SBT DPCP 2020 Q2 white paper Due to the reduced risk at a decomissioned site, full suite of regs is not needed. The rulemaking will focus on risk-significant elements.

Updating Decommissioning Rule DPCP/MSB 2020 Q3 The proposed rule is currently with the Commission and there is no expectation on how / when they will vote; therefore, the target completion date is tentative.

Joint Committee on Nuclear Risk Management Working Group is JCNRM Guidance Document DSO/SOSB 2020 Q3 drafting a guidance document for use of safety info in security risk eval.

Unattended Openings New activity to evaulate potential revision to the unattended opening DSO/SOSB 2020 Q4 NEI 09-05 issue Closed Stakeholder Mtg 07/18/2019

NRC Risk-Informing Security Integrated Action Plan Last Update: July 16, 2019 FY2019 FY2020 FY2021 FY2022 Comments Risk-Informing Security Activities Assigned Organization Target Completion Date Q1 Q2 Q3 Q4 Q1 Q2 Q3 Q4 Q1 Q2 Q3 Q4 Q1 Q2 Q3 Q4 Vulnerability Assessments with Modeling and Ongoing work in industry on role in licensing space. Staff needs to DSO/SOSB 2020 Q4 Simulation evaluate role in regulatory framework.

Cyber Security Activities DPCP/CSB 2020 Q4 CSD meeting with industry to discuss best path forward Consequence-Based Security for Advanced "Part 53" rulemaking will address this issue. Reg. Basis 11/2019 -

DPCP/RSB 2022 Q3 Reactors Final Rule 8/2022 Reg. Basis Comment Period Proposed Rule Comment Period Future Activity - Dates Staff will work with stakeholders to identify opportunities for additional Identification of Future Research Opportunities NSIR/RES TBD research on risk-informing security Key Completed Stakeholder Involvement In Progress 07/18/2019