Text

_,

~4 4 ::

bl5JW T David W. Cockfield Vice President, Nuclear August 28, 1989 Trojan Nuclear Plant Docket 50-344 License NPF-1 U.S. Nuclear Regulatory Commission

' ATTN: Document Control Desk Washington DC 20555

Dear Sir:

Reply to a Notice of Violation Your letter of July 27, 1989 transmitted a Notice of Violation associated with Nuclear Regulatory Inspection Report No. 50-344/89-02. Our response to the Notice of Violation is attached.

Sincerely,

/

Attachment c:

Mr. John B. Martin Regional Administrator, Region V U.S. Nuclear Regulatory Commission Mr. David Stewart-Smith State of Oregon Department of Energy Mr. R. C. Barr NRC Resident Inspector Trojan Nuclear Plant ff0f 8909050286 890028 PDR ADDCK 05000344 0

PNU l

121 S W Sanon sne Po ad omgan 97204 l

(

Trojan Nuclear Plant Document Control Desk Docket 50-344 August 28, 1989 License NPF-1 Attachment Page 1 of 7 s

REPLY TO A NOTICE OF VIOLATION VIOLATION A Title 10 Code of Federal Regulations, Part 73.21 (10 CFR 73.21),

" Requirements for the protection of safeguards information", states in L

part that each licensee who is authorized to operato a nuclear' power reactor shall ensure that Safeguards Information (SGI) is protected against unauthorized disclosure; that while in use such SGI shall be under the control of an authorized individual, and that while unattended such SGI shall be stored in a locked security storage container; that documents originally containing SGI shall be removed from the SGI cate-gory whenever the information no longer meets the criteria contained in this section.

10 CFR 73.2(mm) defines " Security Storage Container" as any of the following repositories:

(1) for storage in a building located within a protected or controlled access area, a steel filing cabinet equipped with a steel locking bar and a three-position, changeable combination, GSA-approved padlock; (2) a security filing cabinet that bears a Test Certi-fication Label on the side of the locking drawer, or interior plate, and is marked " General Services Administration Approved Security Container" on the exterior of the top drawer or door; (3) a bank safe-deposit box; and (4) other repositories which in the judgment of the NRC provide comparable physical protection.

Contrary to the above:

1.

The licensee failed to properly protect SGI while in use in that (1) on November 1, 1988, post orders marked SGI were left unattended at the radiation control frisker exit point table; (2) on November 11, 1988, safeguards material was left unattended in a desk drawer; (3) on January 25, 1989, a drawing marked SGI was left unattended in the PGE Service Building; (4) on January 27, 1989, safeguards material was left unattended in the Security Dispatch trailer office; (5) on March 13, 1989, a copy of the Security Data Management System Operators Manual was discovered to be missing and, though a search was conducted, the manual was not subsequently found; (6) on March 21, 1989, it was discovered that packets of lesson plans containing SGI had been left unattended for approxi-mately four days in the Security Training trailer; and (7) on March 21, 1989, post orders were left at the post when the security officer to which they had been assigned was relieved from that post.

2.

The licensee failed to properly protect SGI while in storage in that j

(1) on November 23, 1988, a safeguards container in a contract security trailer was left unlocked; (2) on December 12, 1988, an j

j Trojan Nuclear Plant Document Control Desk l

Docket'50-344 August 28, 1989 License NpF-1 Attachment Page 2 of 7 j

j outdated equipment inventory work sheet marked SGI was left in a nonapproved storage container in the Security Dispatch trailer; (3) on February 8, 1989, documents marked SGI were found in a non-approved container in the Plant Modifications Office trailer; and (4) on Merch 9, 1989, four security binders marked SGI were found in an unlocked cabinet located in the office of a former corporate security manager.

3.

On January 12, 1989, the licensee found a document that was marked SGI, even though it no longer contained such information.

1 4.

On April 3, 1989 Portland General Electric (PGE) Cabinet 26838, the

{

security storage container used to store SG1, was not capable of providing physical protection in that the combinctior. for PGE Lock 762610, which was being used to secure the locking bar of the cabinet, was written on the front flyleaf of a bound appointment calendar stored in the upper-right-hand drawer oi? an unlocked desk adjacent to PGE Cabinet 26838.

This is a Severity Level IV violation (Supplement III).

Response

Portland General Electric Company acknowledges the violation.

1.

Reason for the Violation:

This violation was caused by inadequate training and procedures for the handling and storage of SGI. A contributing factor was the l

large number of locations and personnel involved in tha handling and storage of the SGI material. Although retraining of personnel and procedure upgrades had been initiated as a result of previous SGI incidents, the corrective actions had not been conpleted at the time of the incidents referenced in the Notice of Violation (NOV).

1 (2) Corrective Steps Taken and Results Achieved:

As a result of an increase in the number of SGI-related events, which led to a NOV being issued on December 30, 1988 PGE assembled an interdepartmental task force in November 1988 to review the incidents and determine the root causes. The task force identified deficiencies in the areas of training, procedures, and personnel awareness, and prepared and issued a list of recommended corrective actions. An action plan was issued by the Nuclear Security Depart-ment on November 17, 1988 to coordinate and track the completion of the corrective action tasks.

g

-4 X

x.

p Sr,

'a i

.Tro an Nuc ear Plant.

Document l Control Desk j

l E

Docket 50-344-

. August 28, 198J

- License NPF-1 Attachment Page 3 of 7 t

f As reported in the reply to the December 30, 1988 NOV, the SGI portion of General Employee Training was expanded; Nuclear Division Procedure (NDP) 100-11. " Protection of Safeguards Information", was revised to strengthen the storage and handling procedures and train-

'ing requirements for.SGI; and a program to increase overall employee e

awareness of SGI concerns was initiated. As with any training and procedure improvement program, it takes time for the effects of the program to become apparent. However, since the rats of incident occurrence remained high (14 events during the period November 17, 1988 to May 2, 1989), additional corrective action was implemented.

To reduce the number of locations where SGI was stored and handled, and consequently the number of personnel involved in the handling process, several Safeguards storage containers were combined into.

central SGI repositories. By May 2, 1989, two central repositories had been established, one located at corporate headquarters in the World Trade Center Portland and one at the Trojan Nuclear Plant.

Prior to transferring SGI material from individual containers at

'vaelous locations to storage containers in the repositories, the materials were inventoried. The overall. volume of Safeguards material was reduced by destroying duplicate and no-longer-required documents. A thorough search of all Nuclear Division document storage locations:was conducted to ensure that no SGI material was improperly stored. The completion and results of the search were provided to the Vice President, Nuclear Division, by all department managers.

Procedures were also revised to provide increased control over Safeguards documents. The repository custodian is responsible for verifying that the person requesting SGI is listed on an SGI access authorization list before allowing access to SGI documents.

If there is a need to remove the document from the repository, a docu-ment sign-out form is completed.

If the document is not returned to the repository by approximately 30 minutes prior to the end of the working day, the costodian contacts the document holder and requests its return.

In addition, mailing procedures have been revised to improve control over Safeguards documents. Safeguards documents being mailed are addressed on the outer envelope to the appropriate repository; the inner envelope is addressed to the desired recipient. When the document arriver at the repository, the custodian opens the outer envelope and then notifies the recipient that there is SGI mail for them at the repository. Handling procedures were also revised to restrict the number of copies of Safeguards documents that are made, to provide control over the copies, and to improve the identifica-tion of SGI when it is outside a storage container by placing it inside a green folder or attaching it to a green cover sheet.

1 1

I b

w.

Trojan Nuclear Plant Document Control Desk Docket 50-344 August 28, 1989 License KPF-1 Attachment Page 4 of 7 In the July 27, 1988 NOV, a specific request was made for informa-tion concerning PGE's protection procedures for nontraditional media forms such as computer disks and internal nonvolatile computer memory. Nuclear Division Procedure (NDP) 100-11. " Protection of l

Safeguards Information", allows processing or production of SGI only on automatic data processing (ADP) systems that are self-contained within a PGE facility (or a PGE contractor's facility) and requires the use of an access code. Removable storage media (eg, magnetic tape reels, cartridges, disks) are required to bear external mark-ings and internal notations to assure thet the material is identi-fled as SGI.

(Magnetic storage tapes located in the Computer Room and in approved vital records storage locations must be marked externally only when removed from those areas.) Access to non-removable ADP storage media and Security Data Management System programs is limited by using a special, strictly controlled operator password. Removable storage media for word processing and ADP equipment is stored in an approved security containce when not in use.

PGE considers that the restrictions in the number of locations where SGI is stored, the number of personnel handling SGI, along with the improved procedures, training, and personnel awareness, have resulted in a much more effective program for protection against unauthorized disclosure of SGI.

This is evidenced by the fact that only one minor event involving SGI control has occurred since establishing the central repositories and implementing the revised procedures.

3.

Corrective Steps That Will Be Taken to Avoid Further Violations:

The training and employee awareness programs will be continued to ensure that personnel with access to SGI are aware of the responsi-bility for proper protection of the material. The Manager, Nuclear Security, will continue to monitor the program and assure that proper procedures are being followed. SGI handling events that occur will be thoroughly investigated to determine the root cause and to identify revised controls, if required.

4.

Date When Full Compliance Will Be Achieved:

PCE considers the SGI Protection Program to presently be in full compliance.

)

_A

P l'.

Trojan Nuclear Plant Document Control Desk Docket 50-344 August 28, 1989 L

License NPF-1 Attachment Page 5 of 7 VIOLATION B l

Section 2D of Facility Operating License No. NPF-1 for the Portland General' Electric Company's Trojan Nuclear Plant states, in part,'that the licensee shall fully implement and maintain in effect all provisions of the physical security and guard training and qualification (T&Q) plans previously approved by the Commission and a13 amendments and revisions to such plans made pursuant to 10 CFR 50.54(p).

Section 3 of the Trojan T&Q plan states, in part, that security personnel performing duties in an armed capacity shall be proficient in the use of assigned weapons.

Contrary to the above, security personnel performing duties in an armed capacity were not proficient in the use of assigned weapons in that When tested by an NRC inspector, five of the nine officers failed to achieve the minimum qualifying score.

This is a Severity Level IV violation (Supplement III),

Response

PGE does not acknowledge the violation.

Although we agree that the weapons proficiency of Trojan security officers was found to be in general need of improvement, the proficiency requirements of-the NRC-approved Trojan Security Force Training and Qualification Plan were being met.

In its entirety Section 3.0 of the plan states:

Security personnel performing duties in an armed capacity shall be trained and proficient in the care and use of assigned weapons and shall meet the standards outlined in this section prior to shift assignment.

Each security officer considered to be qualified _ to serve in an armed capacity ha3 met these requirements prior to being assigned to armed security officer dnties.

Further, the weapons proficiency program met the requirements for annual requalification stated in 10 CFR 73, Appendix B. " General Criteria for Security personnel".

While PGE believes that no violation of existing weapons proficiency requirements had occurred, improvements to the weapons proficiency program were obviously required. Program improvements that have been implemented are described below:

.g Trojan Nuclear plant Document Control Desk Docket 50-344 August 28, 1989 License NPF.1 Attachment Page 6 of 7 1.

Reason for the Alleged Violation:

The alleged violation was caused by the inadequate frequency of weapons training and proficiency testing.

Security officers were required to demonstrate their weapons proficiency (based on regulatory requirements) on an annual basis. Interim weapons practice and remedial training were encouraged, but not required.

2.

Corrective Steps Tcken and Results Achieved:

The weapons training program has been upgraded to provide additional training and proficiency testing opportunities. The following changes have been instituted:

a.

Firearms qualification criteria have been revised to require semiannual (versus the previous annual) requalification.

This change is intended to provide increased opportunities for evaluating security officers' weapons proficiency and for initiating corrective Tetion on a more frequent basis.

b.

The Nuclear Security Training Department now requires that armed security personnel must be able to demonstrate qualifying scores on two consecutive attempts. This requirement ensures that the officers can consistently perform at the required Icvel.

c.

The Remedial Firearms Proficiency program has been implemented. A designated proficiency score (higher than the minimum score required for qualification) has been established as a threshold for mandatory participation in the program. When an officer scores higher than the minimum qualification score but less than the designated proficiency score, the officer is immediately enrolled in the Remedial Firearms Proficiency program. This program provides one-on-one student /instrnetor time and involves shooting techniques, basic firearms functions, and safety procedures, as well as additional shooting practice.

Security personnel enrolled in this program are required to attend monthly training sessions, and they remain in the program until they demonstrate their ability to obtain the higher proficiency score.

d.

"Open range" days are conducted at least monthly to provide security personnel with opportunities for shooting practice.

The "open range" policy encourages personnel to maintain their proficiency in the use and handling of firearms by providing facilities, instructors, and ammunition, as well es a practice environment where security personnel can attempt various shooting techniques to improve their ability.

c.

d.

Trojan Nuclear Plant Document Control Desk Docket 50-344 August 28, 1989 License NPF-1 Attachment Page 7 of 7 As evidenced by the results of recent QA and Security Inspector surveillance, the additional shooting time provided (open range days) and the Remedial Firearms Proficiency Program have resulted in an overall improvement in security officer firearms proficiency. The NRC inspection of March 31 and April 1 tested nine officers in handgun proficiency, with five of the officers failing to demonstrate the required qualification score (55 percent). The average score for the nine officers was 196. On May 26, 1989, a QA surveillance tested five officers, with one failure (20 percent). The average score achieved was 241. Another QA surveillance conducted on June 2 tested seven officers, with one failure (14 percent) and an overall average score of 223. A surveillance conducted on June 27 and 28 by the Security Inspector and the Manager, Nuclear Security tested 12 officers, with two failing to qualify (17 percent). As part of the annual QA mudit of the Nuclear Security Department, 24 officers were tested on August 9 and 10.

Only one officer scored below the minimum qualification criteria (4 percent), with an average score of 245.

In all cases, personnel who failed to demonstrate the minimum qualification score or the (higher) minimum proficiency score were oprolled into the Remedial Firearms Proficiency Program.

In addition, personnel who failed to demonstrate the minimum qualification score were removed from armed responder duties.

3.

Corrective Steps That Will Be Ta*4cn to Avoid Future Violations:

The Remedial Firearms Proficiency Testing Program and the other corrective actions outlined above will be continued.

The revised program is being incorporated into a revision to the Trojan Nuclear Plant Security Force Training and Qualification Plan (PCE 1024), which will be submitted to the NRC once it has been issued. The Manager, Nuclear Security, will continue to monitor the program to ensure that training effectiveness is being maintained.

4.

Date When Full Compliance Will Be Achieved:

PGE considers the current proficiency of the Trojan Security Force in the use of assigned weapons to be in full conpliance with regulatory requirements.

l PGN/bsh 3502W.0889 l

l l

4