ML20129A044
| ML20129A044 | |
| Person / Time | |
|---|---|
| Site: | Pilgrim |
| Issue date: | 10/11/1996 |
| From: | NRC OFFICE OF INSPECTION & ENFORCEMENT (IE REGION I) |
| To: | |
| Shared Package | |
| ML20129A027 | List: |
| References | |
| 50-293-96-09, 50-293-96-9, NUDOCS 9610220009 | |
| Download: ML20129A044 (11) | |
See also: IR 05000293/1996009
Text
.
.
U.S. NUCLEAR REGULATORY COMMISSION
REGION 1
,
Docket No:
50-293
]
License No:
Report No:
50-293/96-09
,
Licensee:
Boston Edison Company
Facility:
Pilgrim Nuclear Power Station
.:
)
Location:
Plymouth, Massachusetts
i
,
Dates:
September 16-20,1996
j
inspectors:
Greg C. Smith, Senior Security Specialist
Edward B. King, Physical Security inspector
Approved by:
Richard R. Keimig, Chief
'
Emergency Preparedness and Safeguards Branch
Division of Reactor Safety
5
,
1
!
a
.
4
l
l
I
9610220009 961011
"
"
ADOCK 05000293
G
,
_ . _ _ _ _ _
_ _ _
.
.
EXECUTIVE SUMMARY
<
Pilgrim Nuclear Power Station
NRC Inspection Report No. 50-293/96-09
,
On April 25,1991, the Commission published the Personnel Access Authorization
Requirements for nuclear power plants,10 CFR 73.56 (the rule), requiring power reactor
licensees to implement an Access Authorization Program (AAP) by April 27,1992, and to
+
incorporate the AAP into the licensee's physical security plan. The objective of the rule is
to provide high assurance that individuals granted unescorted access are trustworthy and
reliable, and do not constitute an unreasonable risk to the health and safety of the public,
including a potential to commit radiological sabotage.
The licensee's Access Authorization Program was inspected during the period
September 16-20,1996. It was found to meet the above stated objective. However, two
violations were identified involving the failure to perform audits of the access authorization
program within 12 months of it's effective date of implementation and at least every 24
,
months thereafter and the failure to audit properly the contractor / vendor access
authorization programs accepted by the licensee.
)
l
'
1
l
,
.
l
.
W
4
ii
.
___
_
_ _ _ -
. _ . - _ .
_ _ _ _
_ .
. . _ . _ _ _ _ _
. _ .
_
.
..
Report Details
-P8
. Miscellaneous Security and Safeguards issues
]
P8.1
General
'On April 25,1991, the Commission published the Personnel Access Authorization
Requirements for nuclear power plants,10 CFR 73.56 (the rule), requiring power
reactor licensees to implement an Access Authorization Program (AAP) by
April 27,1992, and to incorporate the AAP into the licensee's physical security
plan. The objective of the rule is to provide high assurance that individuals granted
i
unescorted access are trustworthy and reliable, and do not constitute an
j
unreasonable risk to the health and safety of the public, including a potential to
l
commit radiological sabotage.
A February 27,1992, letter from the licensee to the NRC forwarded Revision 10 to
its physical security plan. Additional clarification of certain commitments was
deemed necessary as a result of NRC review. The licensee was notified of the
i
results of that review during a telephone conversation and agreed to resubmit the
revision with the necessary clarifications. The licensee forwarded Revision 10a to
the NRC by letter, dated April 24,1992, which stated, in part, that all elements of
Regulatory Guide 5.66, " Access Authorization Program for Nuclear Power Plants,"
have been implemented to satisfy the requirements of 10 CFR Part 73.56. By
letter, dated May 19,1992, the NRC informed the licensee that the changes
submitted had been reviewed and were determined to be consistent with the
provisions of 10 CFR 50.54(p) and that the revision would be acceptable for
inclusion in the NRC-approved security plan.
This inspection, conducted in accordance with NRC Inspection Manual, Temporary
instruction 2515/127, " Access Authorization," dated January 17,1995, assessed
i
the implementation of the licensee's AAP to determine if it was commensurate with
regulatory requirements and the licensee's physical security plan.
P8.2 Access Authorization Program and Administration Organization
1
a.
insoection Scope
The inspectors reviewed organizational charts, applicable procedures and conducted
interviews to assess the licensee's access authorization program and administration
Organization.
b.
Observations and Findinos
The Boston Edison Company (BECO) AAP requirements are contained in two
documents. The Pilgrim Nuclear Power Station Procedure No.1.3.60, Revision 9,
titled " Access Authorization Process," dated August 23,1994, defines the overall
requirements for the program. The fitness-for-duty and behavior observation
i
portions of the AAP are contained in the Fitness-For-Duty Medical Department
Procedure, revised September 11,1996.
,
!
i
,
. _ _ .
.
2
The responsibility for implementation of the AAP is vested in the Protective Services
Department Manager, who reports to the Nuclear Services Group Manager. The
access screening and fitness for-duty personnel report to the Security Services
Supervisor who reports to the Protective Services Department Manager. The FFD
functions of the AAP are performed in the Medical Building and the personnel
screening functions are performed in the Support Building.
c.
Conclusions
The inspectors' review of the applicable AAP and Medical Department Manuals
disclosed that both manuals were comprehensive and contained sufUcient detail to
provide adequate guidanco to implement the AAP in accordance with regulatory
requirements.
P8.3 Background investigations (BI) Elements
a.
Inspection Scope
The inspectors reviewed records and conducted interviews to determine the
adequacy of the program to verify the true identity of an applicant and to develop
,
information concerning employment history, educational history, credit history,
criminal history, military service, and character and reputation of the applicant prior
to granting unescorted access to protected and vital areas.
b.
Observations. Findinas and Conclusions
'
The inspectors reviewed the results of 55 background investigations (Bis)
representing a cross-section of licensee and contractor employees. The Bis are
performed by the licensee's Site Access Specialists. The scope and depth of the
Bis reviewed were found to meet the licensee's program commitments and provided
adequate information on which to base a determination for access authorization.
'
The 55 BI reports also contained the information on which temporary access was
i
granted or denied. The records of those abbreviated scope and depth investigations
permitted by the rule contained information on which to base a determination
regarding temporary access pending completion of the full BI, and fulfilled the
program requirements to which the licensee had committe1 The inspectors noted
that any matter of questionable or suspect information was thoroughly evaluated
and documented prior to granting or denying temporary access.
In accordance with 10 CFR 73.57, the licensee is responsible for initiating criminal
history checks on individuals applying for unescorted access authorization, and for
considering allinformation received from the U.S. Attorney General. Among the
records reviewed by the inspectors were those of eight individuals whose fingerprint
records had been returned with derogatory information. The inspectors determined
that the information had been properly evaluated and appropriate action had been
implemented as a result of the derogatory information.
,
1
. -
- -
.
-.
-
.
. . -
--
-
l
'
.
3
l
P8.4 Psychological Evaluations
a.
Insoection Scope
i
The inspectors reviewed the licensee's psychological testing program procedures
and interviewed the individuals who administer and proctor the psychological tests.
b.
Observations, Findinas and Conclusions
The licensee has contracted with a licensed psychologist to provide oversight of the
psychological testing program and to perform the requisite evaluations. All
individuals seeking unescorted access to the site are required to complete the
psychological questionnaire administered by licensee personnel that have been
trained and qualified as examination proctors. The answer sheets for the
psychological questionnaire are forwarded to the psychologist for evaluation and, if
the need for a clinical interview is indicated, the psychologist conducts the
interview and recommends either access or denial to the licensee. In all cases
,
reviewed, the licensee took the psychologist's recommendation.
The inspectors determined that procedures were clear and that the proctors
demonstrated a sound knowledge of their duties.
The inspectors determined that the licensee's psychological evaluation program was
being effectively administered.
P8.5 Behavioral Observation Program (BOP)
a.
inspection Scope
The inspectors reviewed the Behavioral Observation Program (BOP) training
procedures and lesson plans and conducted interviews to determine the
effectiveness of the licensee's program. Additionally, the BOP was reviewed to
j
determine whether the licensee had a training and retraining program to ensure that
j
supervisors have and maintain awareness and sensitivity to detect behavior changes
in employees that could adversely affect their trustworthiness and reliability, and to
report such changes to appropriate management for further evaluation and action, if
deemed necessary.
b.
Observations and Findinos
The program was instituted as part of, and is an element in common with, the
licensee's Fitness-for-Duty (FFD) Program. Interviews conducted throughout the
inspection with various individuals, representative of a cross-section of both
supervisory and non-supervisory employees, ';dicated a knowledge of program
j
requirements. The supervisors interviewed also demonstrated an awareness and
i
)
---
-
- --
-
i
.-
. - .
i
.
.
4
sensitivity to detect and report adverse changes in behavior. The effectiveness of
the BOP training was further evidenced by employees who had been referred to the
employee assistance program and had been FFD for-cause tested as a result of
changes in behavior that were identified through the BOP.
c.
Qonglusion
The inspectors concluded that the training program and lessons plans were
adequate to support the program. The inspectors also concluded that the BOP
training and retraining were effective and that the BOP was being effectively
implemented.
P8.6 Grandfathering, Reinstatement and Transfer of Access Authorization
a.
jnspection Scope
The inspectors reviewed a cross-section of records to evaluate the licensee's
appi; cation of the provisions for Grandfathering, Reinstatement and Transfers of
Access Authorizations.
b.
Observations and Findinas
e
"Grandfatherina"
l
included in the records selected at random by the inspectors were records of
personnel who did not meet the criteria for "grandfathering," i.e., those who
]
did not have uninterrupted, unescorted access authorization for at least 180
j
days on April 25,1991, the date of publication of the NRC's access
i
authorization rule.
e
Reinstatement
The licensee's criteria for reinstatement of access authorization was
reviewed. The criteria provided for reinstatement of unescorted access
authorization if one had been previously granted, that authorization was
terminated under favorable conditions no more than 365 days prior to the
reinstatement request, and FFD program requirements were met,
e
' Transfer of Access Authorization
The licensee incorporated the provision for the transfer of access
authorization, both receipts in and transfers out, into its program. The
records selected at random for review by the inspectors included several
examples of each.
- .
. .
. .
-- .
.
-
-
- .
i*
. .
5
c.
Conclusions
The inspectors determined that the requirements for grandf athering, reinstatement
and transfers of access authorizations were being met and that these portions of
the AAP were being implemented satisfactorily. No discreaancies were noted.
l
P8.7 Temporary Access Authorization
a.
Insoection Scoce
s
4
The inspectors reviewed records that included the results of abbreviated scope
investigations, which are used as the basis for granting temporary unescorted
access authorization, as permitted by the rule.
1
b.
Observations. Findinas and Conclusions
The records of the abbreviated scope investigations were determined to contain
i
adequate information (character and reputation from a developed reference, past
year's employment history, and a credit check) on which to base temporary access
authorization. The inspectors noted that, in these records of abbreviated scope
investigation, there were no instances in which rescission of access authorization
was necessitt .*d following receipt of the full 5-year investigation.
P8.8 Denial / Revocation of Unescorted Access
a.
Insoection Scoce
The inspectors reviewed the licensee's provisions for the review of appeals of denial
or termination of access authorization.
b.
Observations and Findinas
The inspectors determined that an individual is informed of the basis for denial or
revocation of access authorization, is provided the opportunity to provide additional
information for consideration and can have the decision, and any additional
information, reviewed by the Appeal Committee, which consists of representatives
from the Employee Relations and Legal Departments. After that review, the
decision on the appeal is final,
c.
Conclusion
The inspectors concluded that this aspect of the program was in accordance with
the rule and was being adequately implemented.
1
s
.-
. .
.
..
.
6
,
P8.9 Audits
-
a.
Inspection Scoce
The inspectors reviewed the most recent quality assurance audit of the security and
access authorization programs (Audit No. 93-11 conducted October 11-
November 19,1993),
2
b.
Observations and Findinas
The inspectors' review of the audit report disclosed that the audit identified no
findings and one observation concerning the independence of the evaluations of
accepted self-screening contractor and vendor programs.
The Pilgrim Nuclear Power Station Physical Security Plan issue 2, Revision 11,
dated December 22,1993, Section 5.1.1, states, in part, that the requirements for
,
unescorted access shallinclude conformance to all elements of Regulatory Guide 5.66 to satisfy the requirements of 10 CFR 73.56. NRC Regulatory Guide 5.66,
<
states, in Section 13.0, paragraph 13.1, that an independent evaluation of the
unescorted access authorization program and its conformance must be made within
12 months of the effective date of implementation of the access authorization
'
program. Thereafter, an independent evaluation must be conducted at least once
every 24 months. The utility shall retain all reports of evaluation for a period of
three years. The Code of Federal Regulation,10 CFR 73.56(g)(1), states, in part,
that licensee's shall audit its Access Authorization Program within 12 months of its
i
effective date of implementation of this program and at least every 24 months
thereafter to ensure that the requirements of this section are satisfied.
)
The inspectors determined during a review of the documentation associated with
the licensee's audit program and discussions with security management, that the
licensee failed to audit its access authorization program within 12 months of the
access authorization program's implementation (April 27,1992). The first audit of
the program was conducted between October 11 - November 19,1993,19 months
af ter the program was implemented. At the time of this inspection, the licensee had
'
not performed another audit of the access authorization program but has performed
limited surveillances of the program's elements as a substitute for conducting an
audit. Therefore, the requirement to perform an audit of the program at least 24
months thereafter to ensure that the requirements of the program were being
j
satisfied was also not met. This is a violation of NRC requirements. (VIO
50-293/96-09-01)
The inspectors' review also found that the audit conducted was very limited in
scope and depth. The sample size consisted of the records of only two individuals
as a basis for evaluating program effectiveness.
. -
.
. - -
.
-
.
__ . _ - .
_
..
_ _ . _ . .___
._ _
_ _ __ _..
- _ _ _ _ - - _ _
l
.-
s
1
'
7
..
1
Additionally, the inspectors reviewed the audit program requirements for
contractor / vendor approved access authorization programs accepted by the
licensee. At the time of this inspection, the licensee had accepted nine
.
i
contractor / vendor programs.
1
NRC Regulatory Guide 5.66, states, in Section 13.0, paragraph 13.2, that the utility
,
j
or its designated representative shall conduct annual audits of contractor or vendor
j
access authorization programs to ensure compliance with these guidelines. Other
.
i
utilities may accept the originating utility's audit and need not reaudit the same-
j
contractor or vendor for the same period of time providing the scope of the audit
]
meets the minimum auditing criteria contained in Attachment A. A copy of the
j
3
audit report to include findings, recommendations, and corrective action must be
provided to the sharing utility.
The Code of Federal Regulation,10 CFR 73.56(g)(2), states, in part, that each
licensee who accepts the access authorization program of a contractor or vender
)
a
i
shall have access to records and shall audit contractor / vendor programs every 12
,
months to ensure that the requirements are satisfied. Licensees may accept audits
!
of contractor / vendor program conducted by other licensees. Each sharing utility
i
i
i
shall maintain a copy of the audit report, to include findings, recommendations and
j
corrective actions.
j
j
The inspectors determined during a review of the documentation associated with
i
the licensee's audit program and discussions with security management, that the
j
licensee failed to conduct audits of accepted contractors and vendor access
authorization programs every 12 months and could not produce a copy of another
utility's audit of the same contractor or vendor. This is a violation of NRC
i
requirements. (VIO 50-293/96-09-02)
[
Apparently, nu one in the licensee's organization had tracked the audit requirements
associated with the AAP. The licensee agreed to perform an audit of its AAP prior
i
to its scheduled outage in February 1997, and to correct the audit weaknesses
i
associated with the accepted contractor / vendor programs.
'
l
c.
Conclusion
j
Two violations of NRC requirements were identified. Both were related to the
!
licensee's auditing of the access authorization program as required by NRC
regulations. The one audit of the program that had been conducted was very
'
shallow in depth and limited in scope.
~l'
P8.10 Record Retention
!
a.
Insoection Scooe
The inspectors reviewed the onsite record retention program for the AAP records.
l
.
t
,
as-->
,-
ea.
--
-
, - -
-
- _ _
-
_
.
-
-.
-
.=.
..
.
+
.
8
b.
Observations and Findinas
Records are stored in locked file cabinets, accessible only to authorized personnel.
The inspectors noted that the secords were very well organized and complete.
.
c.
Conclusions
The inspectors determined that the storage facilities provided adequate security,
and that access to those records was adequately controlled to protect personal
information from unauthorized personnel.
1
X1
Exit interview
The inspectors presented the inspection results to members of licensee management at the
j
conclusion of the inspection on September 20,1996. At that time, the purpose and scope
of the inspection were reviewed and the prelirrhary findings were presented. The licensee
i
acknowledged the preliminary inspection findings.
X2
Updated Final Safety Analysis Report (UFSAR) Review
j
i
A recent discovery of a licensee operating its facility in a manner contrary to the UFSAR
description highlighted the need for a special focused review that compares plant practices,
procedures, and parameters to the UFSAR description. Since the UFSAR does not
,
'
specifically include security program requirements, tne inspector compared licensee
activities to the NRC-approved physical security plan, which is the applicable document.
While performing the inspecticn discussed in this report, the inspectors reviewed Section
5.3.4 of the Plan, issue 2, Revision 11, dated December 22,1993, titled, " Package and
Vehicle Access," and observed package and vehicle searches. The review disclosed that
package and vehicle searches were being performed in accordance with the Plan and
security p.sgram procedures.
4
h
.
J
t
i
-
.
--
o
e
'
.
9
PARTIAL LIST OF PERSONS CONTACTED
Boston Edison Comoany
J. Alexander, Acting Station Director to Manager
R. Haladyna, Sr. Regulatory Affairs Engineer
W. Grieves, Sr. Quality Assurance (QA) Engineer
J. Quinn, Sr. QA Engineer
T. Venkataraman, Quality Assurance Department Manager
M. McAlister, Security Operations Supervisor
T. Campbell, Protective Security Department Manager
E. Neary, Protective Services
J. Keene, Regulatory Affairs Department Manager
R. Wheat, Protection Technology incorporated (PTI), Operations Manager
N. Metcalf, PTl Project Manager
'
W. Stone, independent Oversight Team Manager
T. Beneduci, Nuclear Computer Application Department (NCAD) Manager
B. Barry, NCAD
,
H. Oheim, General Manager, Technical Section
]
Nuclear Reaulatory Commission
R. Laura, Senior Resident inspector
B. Korona, Residant inspector
,
d