Text

. -. - -.

-.-.-.- ~~

-- - - - ~ - - - ---- - - -

- - - - - - - - ~ - - ~ ~ - ~ ^ -

fl

$R SCt0%

e s

f k

3 UNITED STATES g

g.

NUCLEAR REGULATORY COMMISSION t

WASHINGTON, D.C. 20666-0001

.....,o Decader 24, 1996 Stephen D. Floyd, Director Licensing and Performance.

Based Regulation Nuclear Energy Institute l

1776 l Street, NW.

~ Suite 400 Washington, DC 20006-3708 1

SUBJECT:

' SELECTING AND SCHEDULING INTERNAL AUDITS (REFERENCE NEl j

LETTER, DATED JANUARY 30,1996) i

Dear Mr. Floyd:

In your January 30,1996, letter to the NRC, you proposed attematives to NRC licensee quality assurance (QA) program descriptions regarding the processes for qualifying lead auditors and conducting annual evaluations of suppliers. You also addressed the selection and scheduling of intemal audits based on performance and stated that this topic was still being discussed by the industry, specific utilities, and the NRC. In our letter of October 24, 1996, we commented specifically on the altematives you proposed to existing NRC regulatory guide positions and NRC-endorsed American National Standards Institute (ANSI) provisions for lead auditor qualification and annual supplier evaluations. We also stated that we were presently evaluating several altematives for the' scheduling of intemal audits and would send you the results of our evaluations when they were completed.

In 1996, the NRC staff interfaced with three licensees regarding the use of altematives for the audit frequency for the scheduling of intomal audits. The staff concluded that the attematives proposed by those licensees did constitute a reduction in commitment in part, because the previous commitment to conduct audits of safety-related activities every 2 years had been amended. Therefore, those licensees were required to process the proposed j

attematives in accordance with the requirements of Section 50.54(a) of Title 10 of the fddit of Federal Reaulations (10 CFR). On the basis of the NRC staff's discussion with the three licensees, evaluation of the changes, and consideration of the lessons leamed from w6rking j

with these licensees, the staff has concluded that certain attematives to the typical licensee commitment to conduct intemal audits of safety-related activities at a frequency of 2 years would be acceptable. The enclosure to this letter discusses acceptable altematives to i

existing NRC regulatory guides and ANSI standard provisions for the scheduling of intemal audits. We would caution any licensee that chooses to adopt these provisions, that the associated changes to their QA program commitments would be required to be procosed as changes that do reduce commitments, in accordance with 50.54(a).

0 <" j

\\

060028

%C5 LDM 943 k

9701060136 961224 PDR PROJ pg 699

. -. ~.-

D i

S.D. Floyd Should you have any comments or questions regarding this letter or its enclosure, please contact Mr. Robert Gramm at (301) 415-1010 or Mr. Larry Campbell at (301) 415-2976.

Sincerely, A>

4 /

Suzanne C. Black, Chief Quality Assurance and Maintenance Branch Division of Reactor Controls 1

and Human Factors

)

Office of Nuclear Reactor Regulation PROJECT NO. 689 b

l

Enclosure:

As stated 1

1 4

i i

i 1

e e

. ~. ~ -

1 j

l ALTERNATIVES TO NRC REGULATORY GUIDE POSITIONS AND ANSI PROVISIONS FOR THE SELECTION AND SCHEDULING OF INTERNAL AUDITS j

Criterion XVill, " Audits," of Appendix B to 10 CFR Part 50 requires, in part, that a j

comprehensive system of planned and periodic audits shall be carried out to verify compliance with all aspects of the quality assurance (QA) program and to determine the effectiveness of the program. 650.34(b)(6)(ii) requires, in part, that the licensee's Final Safety Analysis Report (FSAR) include a discussion of how the applicable requirements of Appendix B will be satisfied. Most licensees' FSAR QA Program descriptions state how the

]

requirements of Criterion XVill of Appendix B will be satisfied by reference to regulatory j

guides (RGs) and ANSI standards (e.g., ANSI N18.7-1976, " Administrative Controls and l

Quality Assurance for the Operational Phase of Nuclear Power Plants," as endorsed by RG 1.33, " Quality Assurance Program Requirements (Operation)," Revision 2, dated February 1978, and ANSI N45.2.12-1977," Requirements for Auditing Quality Assurance Programs at Nuclear Power Plants," as endorsed by RG 1.144, " Auditing of Quality Assurance Programs for Nuclear Power Plants," Revision 1, dated September 1980). ANSI N18.7 contains provisions for conducting audits of safety-related activities every two years. On the basis of the requirements of Criterion XVill and commitments to RGs and industry standards, j

licensees have historically specified a periodic audit frequency in their QA program description.

i j

On the basis of the staff's review of several licensee QA description enanges for audit i

frequencies in 1996, taking into consideration licensees supplementing audits with periodic f

assessments, and accounting for lessons leamed from the discussions with licensees and implementation of attematives to the traditional 2-year audit frequency, the NRC considers

)

the following to be an acceptable altemative to the existing ANSI N18.7-1976 2-year intemal audit frequency. However, this altemative may not be used to change audit frequencies j

specifically required by regulation (e.g., emergency preparedness and security), by site-specific technical specifications, or by other unique commitments (e.g., performance of l

biennial reviews of procedures). Further, licensees desiring to use the following attemative need to evaluate any unique licensee commitments conceming audit frequency and process 1

i changes or exceptions to those commitments, in accordance with applicable regulatory requirements:

i 1

Altemative intemal Audit Freauency for Mature Activities 4

]

The licens.#s QA program description commits to conform to the intent of RG 1.33 and j

ANC! T 3.71976, which contain specific guidance on audit frequency. The licensee's QA

]

program description states that audits of safety-related activities will typically be completed j

within'a period of 2 years. However, the licensee's QA program description could also then take the following exception to the existing ANSI N18.7-1976 audit frequency requirements:

a.

Audits of mature operational activities shall be performed with a frequency i

commensurate with their safety significance and in such a manner as to ensure that i

an audit of all safety-related functions is typically completed within a period of 2 years.

j-The decision to extend audit frequencies beyond 2 years shall be based on the results of an annuallicensee management assessment of the functional area and on 1

i

-1 Enclosure i.

3 n.

n_.

objectiva svid:nce th t th3 function:I arsa activiti3s ars being satisfactorily accomplished. Th3 annual ess:ssm2nt is to be a documsnted entlysis of ths stitus and safety importance of the functional area (s) and shall includs a discussion of such -

considerations as:

nonconformances and corrective actions related to the functional area activities the extent of corrective action taken at the time the nonconformance is

=

identified functional area trends (both negative and positive) observed effectiveness of program implementation INPO/NRC evaluations other self-assessment findings and performance indicators a

level of previous and future functional area activities

=

significant changes in functional area management significant changes / decreases in functional area resources significant changes / increases in functional area responsibility

=

b.

The annual assessment analysis shall also consider activities within the functional area that may not be easily assessed without performing an audit (e.g., maintaining the design basis when modifying the plant). For such functional area activities, the licensee would have to continue to perform an audit of that functional area activity unless it has suitable performance indicators available to perform an accurate assessment.

c.

The annual assessment analysis will be documented, considered a quality record, and available for NRC review.

d.

When warranted by the findings of the functional area assessment, functional area audits can be extended beyond 2 years, but should not exceed a maximum of 4 years. The documented justification for such extensions shall be considered a quality record and shall be available for NRC review. Also, when warranted by adverse findings, and other circumstances such as significant changes in functional area responsibilities (e.g., reorganization), in resources, in procedures, and in equipment, the affected functional areas shall be audited as soon as practicable following the discovery of the adverse finding or significant change. Further, full or limited functional audits need to be considered when verifying the implementation'of required corrective action to significant conditions adverse to quality, e.

If it is determined or suspected that the quality of (1) functional area assessments or (2) the performance indicators supporting the assessment conclusions is inadequate, an audit of the nctional area shall be scheduled as soon as practicable to determine if the QA controls for that functional area are being effectively implemented, f.

However, audits of immature activities shall be initiated as early in the life of the activity as practicable, consistent with the schedule for accomplishing the activity, to assure timely and effective implementation of QA requirements.

As required by $50.34(b)(6)(ii), the licensee's QA program description shall discuss the attemative approach, as noted above, to schedule audits with respect to (1) what is considered and documented in the assessment analysis and (2) the organizations and management responsible for the preparation, review, and approval of the analysis. -

=

..