ML23198A191
ML23198A191 | |
Person / Time | |
---|---|
Issue date: | 10/23/2023 |
From: | Phil Brochman NRC/NSIR/DPCP/MSB |
To: | |
References | |
RG 5.62 Rev 3 DG-5080 | |
Download: ML23198A191 (47) | |
Text
U.S. NUCLEAR REGULATORY COMMISSION DRAFT REGULATORY GUIDE DG-5080 Proposed Revision 3 to Regulatory Guide 5.62 Issue Date: October 2023 Technical Lead: P. Brochman
PHYSICAL SECURITY EVENT NOTIFICATIONS, REPORTS, AND RECORDS
A. INTRODUCTION
Purpose
This regulatory guide (RG) describes methods and procedures tha t the staff of the U.S. Nuclear Regulatory Commission (NRC) consid ers acceptable for use by licensees to comply with NRC regulations for implementing th e provisions of Title 10 of the Code of Federal Regulations (10 CFR)
Part 73, Physical Protection of Plants and Materials (Ref. 1).
Applicability
This RG applies to NRC licensees and Agreement State licensees who are subject to the provisions of 10 CFR 73.1200, Notification of physical securit y events, 10 CFR 73.1205, Written follow-up reports of physical security events, and 10 CFR 73.1 210, Recordkeeping of physical security events. This includes licensees of facilities licensed under both 10 CFR Part 50, Domestic Licensing of Production and Utilization Facilities (Ref. 2), and 10 CFR Par t 52, Licenses, Certifications, and Approvals for Nuclear Power Pla nts (Ref. 3). This RG also appl ies to licensees possessing special nuclear material (SNM) licensed under 10 CFR Part 70, Domestic Licensing of Special Nuclear Material (Ref. 4), and licensees of radioactive waste storage facilities licensed under 10 CFR Part 72, Licensing Requirements for the Independent Storage of Spent Nu clear Fuel and High-Level Radioactive Waste, and Reactor-Related Greater Than Class C Waste (Ref. 5). Moreover, this RG also applies to licensees transporting certain types of special nuclear material and radioactive waste. A detailed discussion of the applicability of the specific provisions of 1 0 CFR 73.1200, 10 CFR 73.1205, and 10 CFR 73.1210 to licensees who are subject to 10 CFR Part 50, Part 52, Part 70, or Part 72 is found in this RGs section B, Discussion, under the subsection Applic ability to Specific Facilities, Materials, and Shipping Activities and the subsection Applicability to Agreement State Facilities, Materials, and Shipping Activities.
This RG is being issued in draft form to involve the public in the development of regulatory guidance in this area. It has not received final staff review or approval and does not represent an NRC final staff position. Public comments are being solicited on this DG and its associated regulatory analysis. Comments should be accompanied by appropriate supporting data. Comments may be submitted through the Federal rulemaking Web site, http://ww w.regulations.gov, by searching for draft regulatory guide DG-5080. Alternatively, comments may be submitted to the Office of Administration, Mailstop: TWFN 7A-06M, U.S. Nuclear Regulatory Commission, Washington, DC 20555-0001, ATTN: Program Management, Announcements and Editing Staff.
Comments must be submitted by the date indicated in the Federal Register notice.
Electronic copies of this DG, previous versions of DGs, and other recently issued guides are available through the NRCs public Web site under the Regulatory Guides document collection of the NRC Library at https://nrc.gov/reading-rm/doc-collections/reg-guides/index.html. The DG is also available through the NRCs Agencywide Documents Access and Management System (ADAMS) at http://www.nrc.gov/reading-rm/adams.html, under Accession No. ML23198A191. The regulatory analysis may be found in ADAMS under Accession No. ML23200A284.
Applicable Regulations
- 10 CFR Part 73 requires licensees to establish and maintain a p hysical protection system which will have capabilities for the prot ection of SNM at fixed sites and in transit and of the plants or facilities in which SNM is used. This includes production and u tilization facilities, including both operating and decommissioning production rectors, power reactor s, non-power reactors, and other non-power production and utilization facilities. It also includ es facilities possessing or transportation activities involving strategic special nuclear m aterial (SSNM), SNM, spent nuclear fuel (SNF), and high-level radioactive waste (HLW).
o 10 CFR 73.15, Authorization for use of enhanced weapons and pr eemption of firearms laws, designates the classes of facilities, radioactive materials undergoing transport, and other property to which either st and-alone preemption authority or combined preemption and enhanced weapons authority,1 and contains the requirements for obtaining, possessing, and terminating either authority. These requirements apply only to licensees who voluntarily apply for such authority under Section 161A of the Atomic Energy Act of 1954 (AEA), as amended (Ref. 6).
o 10 CFR 73.21, Protection of Safeguards Information: Performanc e Requirements, requires licensees to ensure protection against the unauthorized disclos ure of safeguards information (SGI).
o 10 CFR 73.22, Protection of Safeguards Information: Specific R equirements, requires licensees to create, store, handle, and transmit SGI in accordance with specific requirements.
o 10 CFR 73.67, Licensee fixed site and in-transit requirements for the physical protection of special nuclear material of moderate and low strategic significance, requires licensees to establish and maintain a physical protection system to minimize the unauthorized removal of SNM.
o 10 CFR 73.1200 requires licensees to notify the NRC Headquarter s Operations Center (HOC) of involving imminent or actual hostile actions, significant se curity events, security challenges, and security program failures.
o 10 CFR 73.1205 requires licensees who have made a notification to the NRC (for most, but not all, of the security events listed under 10 CFR 73.1200) to also submit a written follow-up report on the event to the NRC within 60 days of the initial no tification.
o 10 CFR 73.1210 requires licensees to document certain less sign ificant security events or conditions adverse to security in a written log or corrective action program within 24 hours2.777778e-4 days <br />0.00667 hours <br />3.968254e-5 weeks <br />9.132e-6 months <br /> of their occurrence.
- 10 CFR Part 95, Facility Security Clearance and Safeguarding o f National Security Information and Restricted Data (Ref. 7), establishes procedures for obtai ning facility security clearances and for safeguarding Secret and Confidential National Security Info rmation (NSI) and Restricted Data
1 The NRC created the terms stand-alone preemption authority and combined preemption authority and enhanced weapons authority in 10 CFR 73.15 to clarify the differences and interrelationship between these two authorities under Section 161A of the AEA. Refer to RG 5.86, Pr eemption Authority, Enhanced Weapons Authority, and Firearms Background Checks, for further information.
DG-5080, Page 2 (RD) received or developed in conjunction with activities licensed, certified, or regulated by the Commission.
o 10 CFR 95.39, External transmiss ion of documents and material, requires licensees to transmit classified information in accordance with specific req uirements.
o 10 CFR 95.57, Reports, requires in part, that licensees repor t any alleged or suspected violation of the RD provisions of the AEA (Ref. 8); the Espiona ge Act (Ref. 9); or other Federal statutes related to protection of classified informatio n (e.g., the loss, theft, or deliberate disclosure of classified NSI or RD to unauthorized p ersons).
- 10 CFR Part 150, Exemptions and Continued Regulatory Authority in Agreement States and In Offshore Waters Under Section 27 4 (Ref. 10), provides certain exemptions to persons in Agreement States from the licensing requirements contained in C hapters 6, 7, and 8 of the AEA and from the regulations of the Commission imposing requirement s upon persons who receive, possess, use or transfer byproduct material, source, or special nuclear material in quantities not sufficient to form a critical mass; and to define activities in Agreement States and in offshore waters over which the regulatory authority of the Commission co ntinues.
o 10 CFR 150.11, Critical mass, specifies the maximum quantity of SSNM or SNM that may be possessed by an Agreement State licensee.
o 10 CFR 150.14, Commission regulatory authority for physical pr otection, specifies that Agreement State licensees possessing a Category III quantity of SSNM remain subject to the NRCs physical security requirements under 10 CFR 73.67, Licen see fixed site and in-transit requirements for the physical protection of special nuclear material of moderate and low strategic significance.
- 32 CFR Part 2001, Classified National Security Information (R ef. 11), provides direction to agencies to implement Executive Order 13526, Classified National Security Information.
o 32 CFR 2001.52, Emergency authority, provides direction regar ding special provisions for the dissemination, transmission, safeguarding, and destruction of classified information during certain emergency situations.
Related Guidance
- NUREG-1304, Physical Security Event Notifications, Reports, and Recordkeeping (Ref. 12),
provides further guidance for licensees in making notifications, reports, and recordkeeping of physical security events required under 10 CFR 73.1200, 73.1205, and 73.1210.2
- Regulatory Guide (RG) 5.69, Guidance for the Application of Ra diological Sabotage Design-Basis Threat in the Design, Development and Implementation of a Physical Security Program that Meets 10 CFR 73.55 Requirements (U) (Ref. 13), provides guidan ce that the NRC staff finds acceptable for use by licensees to comply with the requirements in 10 CFR 73.1(a)(1). ( Not publicly available)
2 The NRC staff has temporarily withdrawn NUREG-1304. The NRC staff intends to hold a question-and-answer workshop with the public, licensees, and other interested stakeholders following implementation of 10 CFR 73.1200, 73.1205, and 73.1210. This workshop and the development of a revised NUREG 1304 will occur subsequent to the 300-day compliance period for licensees to implement these new physical security e vent notification regulations.
DG-5080, Page 3
- RG 5.70, Guidance for the Application of the Theft and Diversi on Design-Basis Threat in the Design, Development, and Implementation of a Physical Security Program that Meets 10 CFR 73.45 and 73.46 Requirements (U) (Ref. 14), provides guidance that the NRC staff finds acceptable for use by licensees to comply with the requirements in 10 CFR 73.1(a)(2). ( Not publicly available)
- RG 5.86, Preemption Authority, Enhanced Weapons Authority, and Firearms Background Checks (Ref. 15), provides guidance and sets forth methods and procedures that the NRC staff finds acceptable for use by licensees to comply with the requirements in 10 CFR 73.15 and 10 CFR 73.17, Firearms background checks for armed security pe rsonnel, implementing the authority provided to the Commission under Section 161A of the AEA.
Purpose of Regulatory Guides
The NRC issues regulatory guides to describe to the public meth ods that the staff considers acceptable for use in implementing specific parts of the agency s regulations, to explain techniques that the staff uses in evaluating specific problems or postulated ev ents, and to provide guidance to applicants.
Regulatory guides are not a substitu te for regulations; and compliance with regulatory guides is not required. Methods and solutions that differ from those set fort h in regulatory guides will be deemed acceptable if they provide a basis for the findings required for the issuance or continuance of a permit or license by the Commission.
Paperwork Reduction Act
This RG provides voluntary guidance for implementing the mandat ory information collections in 10 CFR Part 73 and NRC Form 366 that are subject to the Paperwork Reduction Act of 1995 (44 U.S.C. 3501 et. seq.). These information collections were approved by the Office of Management and Budget (OMB), approval numbers 3150-0002 and 3150-0104, respect ively. Send comments regarding these information collections to the FOIA, Library, and Information Collections Branch (T6-A10M), U.S.
Nuclear Regulatory Commission, Washington, DC 20555-0001, or by email to Infocollects.Resource@nrc.gov, and to the OMB reviewer at: OMB Office of Information and Reg ulatory Affairs (3150-0002 and 3150-0104), Attn: Desk Officer for the N uclear Regulatory Commission, 725 17th Street NW, Washington, DC 20503; e-mail: oira_submission@omb.eop.gov.
Public Protection Notification
The NRC may not conduct or sponsor, and a person is not require d to respond to, a request for information or an information collection requirement unless the requesting document displays a currently valid OMB control number.
DG-5080, Page 4 TABLE OF CONTENTS
Page
A. INTRODUCTION................................................................................................................................... 1 Purpose........................................................................................................................................ 1 Applicability.................................................................................................................................... 1 Applicable Regulations.................................................................................................................... 2 Related Guidance............................................................................................................................. 3 Purpose of Regulatory Guides......................................................................................................... 4 Paperwork Reduction Act................................................................................................................ 4 Public Protection Notification.......................................................................................................... 4 B. DISCUSSION.......................................................................................................................................... 7 Reason for Revision......................................................................................................................... 7 Background...................................................................................................................................... 7 Timeliness Requirements Structure Based upon Security Significa nce.......................................... 7 Applicability to Specific Facilities, Materials, and Activities......................................................... 8 Exceptions and Exemptions to Reporting and Recordkeeping Requir ements............................... 13 NRC Licensees Not Subject to Notification, Reporting, and Recor dkeeping Requirements........ 13 Agreement State Licensees Not Subject to Notification, Reportin g, and Recordkeeping Requirements.................................................................................................................... 14 Establishment of a Communications Channel With the NRC....................................................... 15 Notification of Significant Supplemental Information.................................................................. 15 Retraction of Previous Physical Security Event Notifications....................................................... 15 Reporting of an Emergency Declaration........................................................................................ 1 5 Elimination of Duplication............................................................................................................ 16 Security Events Associated with or Involving Classified Information.......................................... 16 Written Follow-Up Reports........................................................................................................... 16 Recording of Physical Security Events and Conditions Adverse to Security................................ 18 Records Retention and Destruction............................................................................................... 20 Consideration of International Standards....................................................................................... 20 C. STAFF REGULATORY GUIDANCE.................................................................................................. 21
- 1. Time of Discovery............................................................................................................ 2 1
- 2. Malevolent Intent and Credible B omb Threat Considerations......................................... 21 2.1 Malevolent Intent Considerations..................................................................................... 21 2.2 Credible Bomb Threat Considerations.............................................................................. 22
- 3. Exception for Event Notifications Containing Safeguards Informa tion........................... 22
- 4. Consideration of Other Notifications or Recordings........................................................ 22
- 5. Movement Control Center................................................................................................ 22
- 6. Considerations for Contraba nd and Prohibited Items....................................................... 23
- 7. 15-Minute Notifications.................................................................................................... 2 4 7.1 15-Minute Facility Notifications....................................................................................... 24 7.2 15-Minute Shipment Notifications................................................................................... 25 7.3 Precedence of 15-Minute Notifications............................................................................ 26
- 8. 1-Hour Notifications......................................................................................................... 2 7 8.1 1-Hour Facility Notifications............................................................................................ 27 8.2 1-Hour Shipment Notifications......................................................................................... 28
- 9. 4-Hour Notifications......................................................................................................... 2 9 9.1 4-Hour Facility Notifications............................................................................................ 29 9.2 4-Hour Shipment Notifications......................................................................................... 30
DG-5080, Page 5
- 10. 8-Hour Notifications......................................................................................................... 3 1 10.1 8-Hour Facility Notifications............................................................................................ 31 10.2 8-Hour Shipment Notifications......................................................................................... 31
- 11. Notifications for Enhanced Weapons............................................................................... 32 11.1 Immediate Notifications for Enhanced Weapons............................................................. 32 11.2 1-Hour Notifications for Enhanced Weapons................................................................... 32 11.3 24-Hour Notifications for Enhanced Weapons................................................................. 32 11.4 48-Hour Notifications for Enhanced Weapons................................................................. 33
- 12. Required Vehicle Barrier System..................................................................................... 33
- 13. Unauthorized Persons....................................................................................................... 3 3
- 14. Retraction of Event Notifications..................................................................................... 34
- 15. Items Relied Upon for Safety (IROFS)............................................................................ 35
- 16. Security Event Notification Process................................................................................. 35 16.1 Continuous Communications Channel............................................................................. 35 16.2 Information Security Considerations During Event Notifications.................................... 36 16.3 Significant Supplemental Information.............................................................................. 36
- 17. Written Follow-Up Reports.............................................................................................. 36
- 18. Recordable Security Events and Conditions..................................................................... 37 18.1 Facility and Shipment Recordable Events and Conditions............................................... 38 18.2 Recordable Events and Conditions Regarding Decreases in Effectiveness...................... 38 18.3 Information Security Considerations for Recordkeeping................................................. 39
- 19. Events Involving Classified Information.......................................................................... 40
- 20. Superseded Guidance........................................................................................................ 4 0 D. IMPLEMENTATION............................................................................................................................ 41 GLOSSARY............................................................................................................................................... 42 REFERENCES........................................................................................................................................... 45
DG-5080, Page 6 B. DISCUSSION
Reason for Revision
Revision 2 to this regulatory guide was revised because the NRC had promulgated new and updated requirements under 10 CFR 73.1200, 10 CFR 73.1205, and 10 CFR 73.1210 on physical security event notifications, written follo w-up reports, and recordkeeping of less significant security events and conditions adverse to security. These new and updated requirements are part of the NRCs final rule, Enhanced Weapons, Firearms Background Checks, and Security Eve nt Notifications (Ref. 16).
Following the publication of the final rule and this regulatory guide, the NRC staff conducted several pre-implementation work shops with licensees. The NRC st aff also participated in industry-led forums and symposiums in May a nd June 2023. In these meetings industry raised questions about this guidance document and identified potential inconsistencies and areas where additional clarification would be beneficial to licensees to implement the enhanced weapons ru le effectively and efficiently.
Accordingly, the NRC staff is proposing to issue limited-scope revisions to this regulatory guide as Revision 1 to address the inconsistency and clarification issue s raised by industry.
=
Background===
Regulatory Guide 5.62 was initially issued by the NRC in February 1981. The 1981 RG provided acceptable methods and procedures for use by licensees when not ifying the NRC of a physical security event. It also provided guidan ce on the timeliness requirements for such notifications and suggested a format for such notifications and written follow-up reports. Th e 1981 version of the RG addressed only two classes of physical security events (referred to as safeguards events): threat-related events or loss-of-physical-security-effectiveness events. Depending on the event, telephonic notification to the NRC HOC was required within 1-hour or 24-hours of discovery.
Revision 1 of RG 5.62 was issued by the NRC in November 1987 in conjunction with the NRCs issuance of a final rule revising safeguards reporting requirem ents under 10 CFR 73.71 (52 FR 21651; June 9, 1987). These revised requi rements increased the numbers and types of security events that required a 1-hour notification. Additionally, the 24-hour notif ication requirement was converted into a 24-hour recordkeeping requiremen t recorded in a safeguards event log. The licensees safeguards event log can be reviewed periodically by NRC inspectors during on-si te inspections. The regulations for physical security event notifications and the guidance in RG 5. 62 have remained essentially unchanged since 1987.
Following the terrorist attacks of 2001, the NRC issued volunta ry guidance to various licensees to expeditiously notify the NRC HOC within 15 minutes of imminent or actual hostile actions. These voluntary notifications highlighted the need for new regulation s to address the changing threat environment. Additionally, a licensees ability to possess enhanced weapons under Section 161A of the AEA resulted in new reporting and recordkeeping requirements. F or these reasons, the NRC revised RG 5.62 to incorporate the new regulations for physical securit y event notifications, written follow-up reports, and recordkeeping for less significant security events or conditions adverse to security.
Timeliness Requirements Structure Based upon Security Significance
The NRC has organized the timeliness requirements for physical security event notifications under 10 CFR 73.1200 using a risk-informed approach that reflec ts the actual or potential security significance of the event. This structure reduces impacts on li censees (i.e., in most instances licensees are
DG-5080, Page 7 given additional time to complete notifications based on the se curity significance of the event). The NRC has divided these physical security event notifications into tw o overall categories, those impacting facilities and those impacting transportation activities. The N RC has used the following broad characterizations to reflect the security significance of these notification requirements.
- 15-minutes - supports the need for notification to the NRC to f acilitate the NRCs prompt notification to other licensees and DHS National Operations Ce nter of the discovery of an imminent or actual hostile action against a licensees facility or shipment of material, the initiation of a security response in accordance with a licensees safeguards contingency plan or protective strategy based upon a security condition, or that a licensee has been notified of a potential hostile action or act of sabotage against a licensee s facility or shipment of material that is anticipated within the next 12 hours1.388889e-4 days <br />0.00333 hours <br />1.984127e-5 weeks <br />4.566e-6 months <br />;
- 1-hour - supports the need for notification to the NRC that an event in which there is reason to believe that a person has committed or caused, or attempted to commit or cause, or has made a threat to commit or cause a significant security event against a licensees facility or shipment of material, or that the licensee has been notified of a potential hostile action or act of sabotage against a licensees facility or shipment of material, anticipated within greater than the next 12 hours1.388889e-4 days <br />0.00333 hours <br />1.984127e-5 weeks <br />4.566e-6 months <br />;
- 4-hour - supports the need for notification to the NRC that an event has caused a security impact at a licensees facility or involving a licensees shipment of material; and
- 8-hour - supports the need for notification to the NRC of a lic ensees discovery of a facility security program failure or a transportation security program failure.
Additionally, for licensees possessing enhanced weapons under 10 CFR 73.15, the NRC has established separate notification requirements for stolen or lo st enhanced weapons and receipt of adverse inspection findings or enforcement actions from the Bureau of Alcohol, Tobacco, Firearms, and Explosives (ATF). These requirements include the following:
- 4-hour-supports the need for notification to the NRC of stolen or lost enhanced weapons, after the licensees immediate notification to the ATF of such theft or loss;
- 24-hour-supports the need for notification to the NRC of the l icensees receipt of an adverse inspection finding, enforcement finding, or other adverse notic e from the ATF associated with the licensees possession of enhanced weapons; and
- 48-hour-supports the need for no tification to the appropriate LLEA of stolen or lost enhanced weapons.
Licensees making notifications to the NRC must use the notifica tion process specified in 10 CFR 73.1200(o). The telephone numbers for the NRC HOC are sp ecified in Table 1 of Appendix A to 10 CFR Part 73, Appendix A to P art 73U.S. Nuclear Regulatory Commission Offices and Classified Mailing Addresses.
Applicability to Specific Facilities, Materials, and Activities
The regulations in 10 CFR 73.1200, 73.1205, and 73.1210 apply t o a range of NRC-licensed facilities, materials, and shipping activities subject to the v arious physical security program requirements
DG-5080, Page 8 in 10 CFR Part 73. However, not all of the provisions of 10 CFR 73.1200, 73.1205, and 73.1210 apply equally to all of these classes of facilities, materials, and s hipping activities. Accordingly, the following information describes the appli cability of the various provisions of 10 CFR 73.1200, 73.1205, and 73.1210 to the various classes of facilities, materials, and sh ipping activities subject to 10 CFR Part 73:
- The 15-minute notification requirements in 10 CFR 73.1200(a) fo r events at facilities apply to licensees subject to 10 CFR 73.20, General performance objecti ve and requirements; 10 CFR 73.45, Performance capabilities for fixed site physical protection systems; 10 CFR 73.46, Fixed site physical protection systems, subsyste ms, components, and procedures; 10 CFR 73.51, Requirements for the physical protection of stored spent nuclear fuel and high-level radioactive waste, or 10 CFR 73.55, Requi rements for physical protection of licensed activities in nuclear power reactors against radiol ogical sabotage. These licensees include the following:
o production and utilization facilities licensed under 10 CFR 50. 21 and 50.22 (including both operating and decommissioning production reactors and power rea ctors),
o facilities authorized to possess a Category I quantity of SSNM,
o independent spent fuel storage installations (ISFSIs),
o monitored retrievable storag e installations (MRSs), and
o geologic repository operations areas (GROAs).
Note: Power reactor facilities and production facilities that a re in a decommissioning status and have removed all spent nuclear fuel from the facilitys spent fuel pool (e.g., to an ISFSI, MRS, or a GROA) need not report events under 10 CFR 73.1 200(a).
However, such licensees should instead consider whether the eve nt should be reported under 10 CFR 73.1200(c), (e), or (g).
- The 15-minute notification requirements in 10 CFR 73.1200(b) fo r events associated with shipping activities apply to licensees who are subject to the provisions of 10 CFR 73.20; 10 CFR 73.25, Performance capabilities for physical protection of strategic special nuclear material in transit; 10 CFR 73.26, Transportation physical pr otection systems, subsystems, components, and procedures; or 10 CFR 73.37, Requirements for physical protection of irradiated reactor fuel in transit. These include licensees engaged in the following:
o transportation of a Category I quantity of SSNM,
o transportation of SNF, and
o transportation of HLW.
- The 1-hour notification requirements in 10 CFR 73.1200(c) for e vents at facilities apply to licensees who are subject to the provisions of 10 CFR 73.20; 10 CFR 73.45; 10 CFR 73.46; 10 CFR 73.50, Requirements for physical protection of licensed activities; 10 CFR 73.51, Requirements for the physical protection of stored spent nucle ar fuel and high-level radioactive waste; 10 CFR 73.55; 10 CFR 73.60, Additional requirements fo r physical protection at nonpower reactors; or 10 CFR 73. 67, Licensee fixed site and in-transit requirements for the
DG-5080, Page 9 physical protection of special nuclear material of moderate and low strategic significance. These licensees include the following:
o production and utilization facilities licensed under 10 CFR 50. 21 and 50.22 (including both operating and decommissioning production reactors, power reacto rs, and non-power reactors),
o facilities authorized to possess a Category I, Category II, or Category III quantity of SSNM,
o facilities authorized to possess a Category II or Category III quantity of SNM,
o hot cell facilities (for examination of irradiated SNM and SNF and HLW);
o ISFSIs,
o MRSs, and
o GROAs.
- The 1-hour notification requirements in 10 CFR 73.1200(d) for e vents associated with shipping activities apply to licensees who are subject to the provisions of 10 CFR 73.20; 10 CFR 73.25; 10 CFR 73.26; 10 CFR 73.27, Notification requirements; 10 CFR 73.37; or 10 CFR 73.67.
These include licensees engaged in the following:
o transportation of a Category I, Category II, or Category III qu antity of SSNM,
o transportation of a Category II or Category III quantity of SNM,
o transportation of SNF, and
o transportation of HLW.
- The 4-hour notification requirements in 10 CFR 73.1200(e) for e vents at facilities apply to licensees who are subject to the provisions of 10 CFR 73.20, 73.45, 73.46, 73.50, 73.51, 73.55, 73.60, or 73.67. These licensees include the following:
o production and utilization facilities licensed under 10 CFR 50. 21 and 50.22 (including both operating and decommissioning production reactors, power reacto rs, and non-power reactors),
o facilities authorized to possess a Category I, Category II, or Category III quantity of SSNM,
o facilities authorized to possess a Category II or Category III quantity of SNM,
o hot cell facilities (for examination of irradiated SNM and SNF and HLW);
o ISFSIs,
o MRSs, and
o GROAs.
DG-5080, Page 10
- The 4-hour notification requireme nts in 10 CFR 73.1200(f) for e vents associated with shipping activities apply to licensees who are subject to the provisions of 10 CFR 73.20, 73.25, 73.26, 73.27, 73.37, or 73.67. These include licensees engaged in the following:
o transportation of a Category I, Category II, or Category III qu antity of SSNM,
o transportation of a Category II or Category III quantity of SNM,
o transportation of SNF, and
o transportation of HLW.
- The 8-hour notification requirements in 10 CFR 73.1200(g) for e vents at facilities apply to licensees who are subject to the provisions of 10 CFR 73.20, 73.45, 73.46, 73.50, 73.51, 73.55, 73.60, or 73.67. These licensees include the following:
o production and utilization facilities licensed under 10 CFR 50. 21 and 50.22 (including both operating and decommissioning production reactors, power reacto rs, and non-power reactors),
o facilities authorized to possess a Category I, Category II, or Category III quantity of SSNM,
o facilities authorized to possess a Category II or Category III quantity of SNM,
o hot cell facilities (for examination of irradiated SNM and SNF) ;
o ISFSIs,
o MRSs, and
o GROAs.
- The 8-hour notification requirements in 10 CFR 73.1200(h) for e vents associated with shipping activities apply to licensees who are subject to the provisions of 10 CFR 73.20, 73.25, 73.26, 73.27, 73.37, or 73.67. These include licensees engaged in the following:
o transportation of a Category I, Category II, or Category III qu antity of SSNM,
o transportation of a Category II or Category III quantity of SNM,
o transportation of SNF, and
o transportation of HLW.
- The 1-hour notification requirements in 10 CFR 73.1200(m) requi ring notification to the NRC of stolen or lost enhanced weapons applies to those licensees poss essing enhanced weapons under the provisions of 10 CFR 73.15.
DG-5080, Page 11
- The 24-hour notification requirements in 10 CFR 73.1200(n) requ iring notification to the NRC of a licensees receipt of an adverse inspection finding, enforcement finding, or other adverse notice from the ATF applies to those licensees possessing enhanced weapons under the provisions of 10 CFR 73.15.
- The 48-hour notification requirements in 10 CFR 73.1200(m) requ iring notification to the appropriate LLEA of stolen or lost enhanced weapons applies to those licensees possessing enhanced weapons under the provisions of 10 CFR 73.15.
- The 60-day reporting requirement in 10 CFR 73.1205(a) requiring a written follow-up report by licensees who make telephonic notifications under 10 CFR 73.120 0 of security events to the NRC applies to licensees who are subject to the provisions of 10 CF R 73.20, 73.25, 73.26, 73.27, 73.37, 73.45, 73.46, 73.50, 73.51, 73.55, 73.60, or 73.67. Thes e licensees include the following:
o production and utilization facilities licensed under 10 CFR 50. 21 and 50.22 (including both operating and decommissioning production reactors, power reacto rs, and non-power reactors),
o facilities authorized to possess a Category I, Category II, or Category III quantity of SSNM,
o facilities authorized to possess a Category II or Category III quantity of SNM,
o hot cell facilities (for examination of irradiated SNM and SNF and HLW);
o ISFSIs,
o MRSs,
o GROAs.
o transportation of a Category I, Category II, or Category III qu antity of SSNM,
o transportation of a Category II or Category III quantity of SNM,
o transportation of SNF, and
o transportation of HLW.
- The 24-hour recordkeeping requirements n 10 CFR 73.1210 requiri ng licensees to record less significant physical security events and conditions adverse to security at facilities or shipments applies to licensees who are subject to the provisions of 10 CF R 73.20, 73.25, 73.26, 73.27, 73.37, 73.45, 73.46, 73.50, 73.51, 73.55, 73.60, or 73.67. Thes e licensees include the following:
o production and utilization facilities licensed under 10 CFR 50. 21 and 50.22 (including both operating and decommissioning production reactors, power reacto rs, and non-power reactors),
o facilities authorized to possess a Category I or Category II qu antity of SSNM,
o hot cell facilities (for examination of irradiated SNM and SNF and HLW),
DG-5080, Page 12 o ISFSIs,
o MRSs,
o GROAs,
o transportation of a Category I or Category II quantity of SSNM,
o transportation of SNF, and
o transportation of HLW.
Exceptions and Exemptions to Reporting and Recordkeeping Requir ements
The regulations in 10 CFR 73.1205(a)(2) provide licensees with exceptions to the requirement to submit certain written follow-up reports to the NRC following a notification made under 10 CFR 73.1200. These exceptions include the following:
- notifications made under 10 CFR 73.1200(e)(2) and (f)(2) regard ing interactions with Federal, State, or local law enforcement agencies,
- notifications made under 10 CFR 73.1200(m) regarding stolen or lost enhanced weapons (for licensees possessing enhanced weapons under 10 CFR 73.15), or
- notifications made under 10 CFR 73.1200(n) regarding adverse fi ndings issued by the ATF (for licensees possessing enhanced weapons under 10 CFR 73.15).
The regulations in 10 CFR 73.1205(a)(3) provide licensees with an exception to the written follow-up report requirement following a notification made unde r 10 CFR 73.1200 when the licensee retracts that notification. This exception only applies if the licensee has not already submitted a written follow-up report.
The regulations in 10 CFR 73.1210(h) provide licensees subject to 10 CFR 73.67, who possess or transport a Category III quantity of SSNM or a Category II or I II quantity of SNM, with an exemption from the recordkeeping requirements of 10 CFR 73.1210.
NRC Licensees Not Subject to Notification, Reporting, and Recor dkeeping Requirements
NRC licensees authorized to ope rate, possess, or conduct the fo llowing facilities, materials, and activities are not subject to the physical security program requirements of 10 CFR Part 73. Therefore, these NRC licensees are also not subject to the physical security event notification, written follow-up reporting, or recordkeeping requirements of 10 CFR 73.1200, 73. 1205, and 73.1210. Consequently, this RG does not apply to the following:
- facilities, materials, and activities licensed by the NRC that involve the production, use, storage, and transportation of byproduct ma terials subject to the requir ements of 10 CFR Part 37, Physical Protection of Category 1 and Category 2 Quantities of Radioactive Material (Ref. 17);
DG-5080, Page 13
- facilities, materials, and activities licensed by the NRC that involve the production, use, storage, conversion, deconversion, and tran sportation of source material s subject to the requirements of 10 CFR Part 40, Domestic Licensing of Source Material (Ref. 1 8); and
- facilities, materials, and activities licensed by the NRC that involve the production, receipt, possession, use, storage, and transportation of less than a Cat egory III quantity of SSNM or SNM.
This means less than 15.0 grams (g) of nuclear material involvi ng: U-235 enriched to 20 percent or more, U-233, or Pu; less than 1,000 g U-235 enriched to 10 p ercent or more but less than 20 percent; or less than 10,000 g U-2 35 enriched to less than 10 percent. Additionally, certain types of nuclear materials listed under the provisions of 10 CFR 73.6 7(b) are exempt from the requirements of 10 CFR 73.67. C onsequently, such NRC licensees, who are not subject to 10 CFR 73.67, are also not subject to the requirements of 10 CF R 73.1200, 73.1205, or 73.1210.
Agreement State Licensees Not Subject to Notification, Reportin g, and Recordkeeping Requirements
Agreement State licensees are not subject to the physical security event notification, written follow-up reporting, or recordkeeping requirements of 10 CFR 73.1200, 73.1205, and 73.1210.
Consequently, this RG does not apply to the following:
- facilities, materials, and activities licensed by an Agreement State that involve the production, use, storage, and transportation of byproduct materials subject to the Agreement States requirements that are compatible with 10 CFR Part 37;
- facilities, materials, and activities licensed by an Agreement State that involve the production, use, storage, conversion, deconve rsion, and transportation of s ource materials subject to the Agreement States requirements that are compatible with 10 CFR Part 40; and
- facilities, materials, and activities licensed by the NRC that involve the production, receipt, possession, use, storage, and transportation of less than a Cat egory III quantity of SSNM that is subject to the Agreement States requirements that are compatib le with 10 CFR Part 70.
Based upon the definitions of Category II and III quantities of SNM involving low-enriched uranium (LEU) found under 10 CFR 73.2 and the critical mass lim it of 10 CFR 150.11(a), an Agreement State licensee cannot be authorized to receive, possess, use, o r transport such quantities of LEU. Instead, an NRC license is required to receive, possess, use, or transport such quantities of LEU and such a licensee would nominally be subject to 10 CFR 73.67; and theref ore, to 10 CFR 73.1200.
However, under 10 CFR 150.14, an Agreement State licensee may be authorized to receive, possess, use, or transport a Category III quantity of SSNM. Such an Agreement State licensee is subject to the security requirements of 10 CFR 73.67 and remains under NRC jurisdiction with respect to security issues. This means a quantity of SSNM that is greater than 15 g of U-235 (contained in uranium enriched to 20 percent or greater in the U-235 isotope), U-233, or Pu; b ut is less than the critical mass limit of 10 CFR 150.11(a). The critical mass limit means a quantity of s pecial nuclear material that is less than 350 g of U-235, less than 200 g of U-233, less than 200 g of Pu, or less than any combination of these three nuclides using the following unity formula.
350+ 200+ 200 1.0
DG-5080, Page 14 Agreement State licensees who are not subject to the requiremen ts of 10 CFR 73.67 are also not subject to the requirements of 10 CFR 73.1200 and 10 CFR 73.120 5. Additionally, under 10 CFR 73.1210(h), Agreement State licensees possessing or transportin g a Category III quantity of SSNM (pursuant to 10 CFR 73.67) are exempt from the recordkeeping requirements in 10 CFR 73.1210.
Establishment of a Communications Channel With the NRC
Under 10 CFR 73.1200(o)(5) or (o)(7), a licensee making a notif ication to the NRC for events affecting a facility may be requested by the NRC HOC to establish and maintain an open and continuous communications channel. If such a communications channel is req uested by the NRC, the licensee must provide an individual who is knowledgeable in the licensees security, operations, or emergency response organizations to monitor and res pond to the channel. The licensee may staff the channel from a location it deems appropriate.
Under 10 CFR 73.1200(o)(6) or (o)(8), a licensee or its movemen t control center making a notification to the NRC for events affecting a shipment of mate rial may be requested by the NRC HOC to establish and maintain an open and continuous communications ch annel. If such a communications channel is requested by the NRC, the licensee must provide an individual who is knowledgeable in the licensees security, operations, or emergency response organiza tions or movement control center monitoring the shipment to monitor and respond to the channel. The individual should be knowledgeable about the shipment and its security measures.
The individual monitoring the co mmunications channel may perform other assigned duties, provided the individual is able to respond to NRC requests for information on the channel.
Notification of Significant Supplemental Information
Under 10 CFR 73.1200(p), a licensee or its movement control center who have notified the NRC of a physical security event under 10 CFR 73.1200(a)-(h) and (m )-(n) must notify the NRC of any subsequently identified significant supplemental information us ing the notification process specified under 10 CFR 73.1200(o).
Retraction of Previous Physical Security Event Notifications
Under 10 CFR 73.1200(q), a licensee or its movement control center may retract a physical security event notification that is subsequently determined to be invalid, not reportable under the provisions of 10 CFR 73.1200, or recharacterized as recordable under the provisions of 10 CFR 73.1210.
The licensee or its movement control center must notify the NRC HOC of the retraction and the basis for the retraction in accordance with the notification procedures i n 10 CFR 73.1200(o).
Reporting of an Emergency Declaration
Under 10 CFR 73.1200(r), a licensee or its movement control cen ter who has declared an emergency related to a facility or a shipment of material must make the appropriate notifications required by 10 CFR 50.72, Immediate notification requirements for opera ting nuclear power reactors; 10 CFR 63.73, Reports of deficiencies; 10 CFR 70.50, Reporti ng requirements; or 10 CFR 72.75, Reporting requirements for specific events and conditions. Th e NRC staff expects that reporting of an emergency declaration should typically take precedence over any physical security event notifications required under 10 CFR 73.1200 (e.g., notification of State officials of an emergency declaration).
However, under 10 CFR 73.1200(s), a licensee with multiple noti fication obligations (e.g., an event
DG-5080, Page 15 requiring both an emergency declaration and a physical security event notification) may make such notifications in a single communication to the NRC HOC.
Elimination of Duplication
A licensee or its movement control center must notify the appro priate State authorities and the NRC HOC when declaring an emergency in accordance with the requirements in 10 CFR 50.72, 63.73, 70.50, or 72.75. A licensee or its movement control center must notify the NRC HOC of nonemergency, safety-based event in accordance with the requirements in 10 CF R 50.72, 63.73, 70.50, or 72.75. Such events may also include a physical security event requiring notification to the NRC in accordance with the requirements in 10 CFR 73.1200. Under 10 CFR 73.1200(s), the li censee or its movement control center may combine these multiple notifications to the NRC HOC into a single communication to eliminate duplication and reduce burden. This flexibility applies only to duplicate notifications to the NRC HOC and does not affect a licensees or its movement control center s responsibility to make required notifications to appropriate State authorities.
Security Events Associated with or Involving Classified Informa tion
The unauthorized disclosure, theft, loss, compromise, or possib le compromise of classified information or RD must be repor ted to the NRC HOC in accordance with 10 CFR 95.57. However, a single event may involve both a notification of unauthorized di sclosure of classified information or RD under 10 CFR 95.57 and also a phy sical security event requiring notification under 10 CFR 73.1200.
Licensees and movement control centers must communicate such classified details regarding physical security event notifications in accordance with 10 CFR 73.1200( o) and Section III of Appendix A to 10 CFR Part 73. Consistent with t he elimination of duplication guidance discussed above, the licensee or its movement control center may communicate both events in a si ngle classified notification to the NRC HOC.
Written Follow-Up Reports
Following a physical security event notification made either by a licensee or its movement control center, a licensee must submit a written follow-up report withi n 60 days in accordance with 10 CFR 73.1205. The classes of licensed facilities, material, and transportation activities subject to this regulation are discussed above.
Licensees must comply with the submission criteria of 10 CFR 73.1205(b) when submitting written follow-up reports. The licensee must submit such report s to the NRC via the processes specified in 10 CFR 73.4, Communications. These submission criteria inc lude the following:
- Licensees subject to 10 CFR 50.73, License event report system, must submit a written follow-up report using NRC Form 366, Licensee Event Report (LER) (Ref. 19).
- Licensees who are not subject to 10 CFR 50.73 must submit a wri tten follow-up report using a letter format.
- The written follow-up report must contain sufficient informatio n to enable the NRC to analyze and evaluate the event to determine if follow-up action is need ed.
- If significant supplemental information becomes available after the licensees submission of an initial written follow-up report, then the licensee must submit a revised report. The revised report
DG-5080, Page 16 must indicate the revisions and replace the initial report in i ts entirety (i.e., the revision must be complete and not limited to only the supplementary or revised i nformation).
- If the licensee identifies errors in a written follow-up report, then the licensee must submit a revised report correcting the errors and indicating the revisio ns.
Licensees must comply with the content requirements of 10 CFR 7 3.1205(c) for written follow-up reports. The report must include, at a minimum, the f ollowing information:
- a brief abstract describing the major occurrences during the event or condition, including all component or system failures that contributed to the event or c ondition, and significant corrective actions taken or planned to prevent recurrence;
- a clear, specific narrative description of what occurred so tha t a knowledgeable reader conversant with security program requirements can understand the event or condition, including, at a minimum, the following information, as applicable:
o the date and time the event o r condition was discovered;
o the date and time the event or condition occurred;
o the affected structures, systems, components (SSCs), equipment, or procedures;
o the environmental conditions at the time of the event or occurrence, if relevant;
o the root cause of the event or condition;
o whether any human performance errors were the cause or were a contributing factor (e.g., personnel errors, inadequate procedures, or inadequate training);
o whether previous events or cond itions are relevant to the current event or condition and whether corrective actions to prevent recurrence were ineffective or insufficient;
o whether this event or condition is a recurring failure of an SS C or procedure important to security;
o what compensatory measures, if any, were implemented in response to the event or condition; and
o when corrective actions to prevent recurrence, if any, were taken or will be completed.
Licensees are required to comply with the transmission criteria requirements of 10 CFR 73.1205(d) for written fo llow-up reports. These include the following:
- The licensee must provide written follow-up reports to: 1) an a ddressee specified in 10 CFR 73.4 and 2) the NRCs Director, Office of Nuclear Security and Incid ent Response.
- The licensee must transmit written follow-up reports containing classified information to the NRCs Headquarters via a transmission system authorized for the use of classified information under 10 CFR Part 95. This involves secure transmission to eith er the NRC Headquarters
DG-5080, Page 17 classified mailing address specified in Table 2 of Appendix A t o 10 CFR Part 73 or to the NRC Headquarters secure email address specified in Table 1 of Appe ndix A to 10 CFR Part 73.
Additionally, reports containing classified information must be created, used, destroyed, stored, marked, labeled, handled, and tr ansmitted in accordance with the requirements of the licensees NRC-approved Standard Practices Procedures Plan under 10 CFR Pa rt 95.
- The licensee must transmit written follow-up reports containing SGI to the NRC Headquarters mailing address specified in 10 CFR 73.4, in accordance with the requirements of 10 CFR 73.21 and 10 CFR 73.22. Reports containing SGI must be created, used, destroyed, stored, marked, labeled, handled, and transmitted in accordance with the requir ements of 10 CFR 73.21 and 10 CFR 73.22 and the licensees NRC-approved physical security plan.
Licensees are required to comply with the records retention req uirements of 10 CFR 73.1205(e).
Licensees must maintain a copy of a written follow-up report as a record for a period of 3 years from the date of the report or until termination of the license, whichev er is later. (See also the Records Destruction Considerations below.)
Recording of Physical Security Events and Conditions Adverse to Security
Licensees are required to record physical security events and conditions adverse to security in accordance with the recordkeeping requirements of 10 CFR 73.121 0. Such events and conditions do not require a notification to the NRC. However, the licensee must r ecord such events and conditions with sufficient information to facilitate licensee monitoring of the effectiveness of their quality assurance programs. Such records are also intended to facilitate the lice nsees effective tracking, trending, and performance monitoring of physical security events, conditions adverse to security, and implementation of corrective actions to prevent recurrence.
Under 10 CFR 73.1210(a)(1), licensees must record the physical security events and conditions adverse to security specified in 10 CFR 73.1210(c) - (f). Under 10 CFR 73.1210(a)(3), these physical security events and conditions adverse to security include, but are not limited to, the following broad categories:
- human performance errors,
- licensee or contractor personnel failing to comply with securit y procedures,
- insufficient or inadequate security procedures,
- security equipment failures and malfunctions,
- design deficiencies in security SSCs,
- inadequate or insufficient security SSCs, and
- events or conditions in which th e licensee has implemented compensatory security measures within the required timeframe specified in its physical security plan.
For events or conditions for which a licensee has not implemented compensatory security measures within the required timeframe specified in its physical security plan, they require a notification
DG-5080, Page 18 under 10 CFR 73.1200. Accordingly, the licensee should refer to the applicable provisions for physical security event notifications under 10 CFR 73.1200(g) and (h).
Licensees are required to comply with the general requirements of 10 CFR 73.1210(b) when recording physical security events and conditions adverse to security. These requirements include the following:
- Under 10 CFR 73.1210(b)(1), li censees must record these events or conditions within 24 hours2.777778e-4 days <br />0.00667 hours <br />3.968254e-5 weeks <br />9.132e-6 months <br /> of the time of discovery.
- Under 10 CFR 73.1210(b)(3), li censees must record such events and conditions in either a standalone safeguards event log, in a corrective action program which is part of the licensees overall quality assurance program, or both. Licensees must ensu re that any SGI or classified information contained in such reports is created, stored, and h andled in accordance with the requirements of 10 CFR 73.21 and 10 CFR 73.22 or 10 CFR Part 95, as applicable.
- Under 10 CFR 73.1210(b)(4), these records must include, but are not limited to, the following data elements, as applicable.
o The date and time the event or condition was discovered;
o The date and time the event or condition occurred;
o The affected structures, systems, components, equipment, or pro cedures;
o A description of the event or condition;
o Any relevant environmental cond itions at the time of the event or occurrence;
o The root cause of the event or condition;
o Whether any human performance errors were the cause or were a c ontributing factor of the event or condition, including pe rsonnel errors, inadequate procedures, or inadequate training;
o Whether previous events or cond itions are relevant to the current event or condition and whether corrective actions were ineffective or insufficient;
o Whether this event or condition is a recurring failure of a str ucture, system, component, or procedure;
o What compensatory measures, if any, were implemented in response to the event or condition;
o What corrective actions, if any, were taken in response to the event or condition; and
o When corrective actions, if any, were taken or will be complete d.
- Under 10 CFR 73.1210(b)(5) and 10 CFR 73.1210(b)(7), licensees are not required to record physical security events and conditions adverse to security for which a physical security event notification was made under 10 CFR 73.1200.
DG-5080, Page 19
- Under 10 CFR 73.1210(b)(6) licen sees are not required to record physical security events and conditions adverse to security for which a suspicious activity report was made under 10 CFR 73.1215, Suspicious Activity Re ports Under 10 CFR Part 73.
Records Retention and Destruction
Under 10 CFR 73.1205(e), licensees must retain a copy of a writ ten follow-up report submitted to the NRC for 3 years or until the license is terminated, whichever is later.
Under 10 CFR 73.1210(b)(2), licensees must retain records of ph ysical security events and conditions adverse to security that were recorded in a safeguards event log or in a corrective action program log for 3 years or until the license is terminated, whi chever is later.
Licensees destroying reports or records that are no longer required to be retained and that contain SGI or classified information must destroy such reports or reco rds in accordance with the appropriate destruction procedures for the applicable class of information, as specified in 10 CFR 73.21 and 10 CFR 73.22 or 10 CFR Part 95, respectively.
Consideration of International Standards
The International Atomic Energy Agency (IAEA) works with member states and other partners to promote the safe, secure, and peaceful use of nuclear technologies. The IAEA develops Safety Requirements and Safety Guides for protecting people and the en vironment from harmful effects of ionizing radiation. This system of safety fundamentals, safety requirements, safety guides, and other relevant reports, reflects an international perspective on what constitutes a high level of safety. To inform its development of this RG, the NRC considered IAEA Safety Requ irements and Safety Guides pursuant to the Commissions International Policy Statement (Ref. 20), a nd Management Directive and Handbook 6.6, Regulatory Guides (Ref. 21). The NRC staff did not identify any IAEA Safety Requirements or Guides with information related to the topic of this RG.
DG-5080, Page 20 C. STAFF REGULATORY GUIDANCE
This section provides detailed descriptions and examples of the methods and procedures that the NRC staff considers acceptable for use by a licensee or its designated movement control center in meeting the physical security event notification, written follow-up reporting, and recordkeeping requirements in 10 CFR 73.1200, 73.1205, and 73.1210.
In 10 CFR 73.2, the NRC has defined the term time of discovery as follows:
Time of discovery means the time at which a cognizant individual observes, ident ifies, or is notified of a security-significant event or condition. A cog nizant individual is considered anyone who, by position, experience, and/or training, is expect ed to understand that a particular condition or event adversely impacts security.
The time of discovery serves as the starting point for licensee compliance in meeting the timeliness requirements for physical security event notifications under 10 CFR 73.1200 and recordkeeping under 10 CFR 73.1210.
Licensees should use sufficient time and their best judgment to promptly assess whether a physical security event requires a notification to the NRC unde r 10 CFR 73.1200. For some events an analysis and evaluation may be necessary for a licensee to determine that an event is reportable. The NRC does not expect licensees to spend an excessive amount of time conducting an exhaustive and definitive analysis to determine if a physical security event is reportabl e.
Any licensee analysis and evaluation should promptly reach a co nclusion in a time frame commensurate with the security significance of the event or condition. If uncertain whether an event requires a notification, licensees should default to notifying the NRC within the appropriate timeliness requirements. If the results of a subsequent evaluation indicat e that the event did not need to be reported to the NRC, then the licensee may retract the notification or r eclassify the event as recordable under 10 CFR 73.1210. The NRC prioriti zes the prompt reporting of such notifications; therefore, licensees will face no penalty for subsequently withdrawing an invalid notification.
- 2. Malevolent Intent and Credible Bomb Threat Considerations
2.1 Malevolent Intent Considerations
Licensees may use any applicable existing processes (e.g., behavioral observation, psychological assessment, human reliability) to evaluate whether malevolent intent is present in assessing whether an event is reportable under 10 CFR 73.1200. However, licensees mu st still meet reporting timeliness requirements. Examples of when a licensee may need to determine malevolent intent include, but are not limited to, the following:
- Under 10 CFR 73.1200(e)(1)(iii) or (iv), whether the actual or attempted introduction of contraband was unintentional or i nvolved malevolent intent.
- Under 10 CFR 73.1200(c)(1)(i)(C) and (D), 10 CFR 73.1200(e)(1)( vi), or 10 CFR 73.1200(g)(1)(ii) and (iii), whether the potential unauthorized operation, manipulation, or tampering events involved an error due to human performance or malevolent intent.
DG-5080, Page 21 If a licensee concludes that malevolent intent was not present for such an event, then the event should not be reported under 10 CFR 73.1200, but instead record ed as a decrease in effectiveness under 10 CFR 73.1210(f) (see Staff Regulatory Guidance position 18.2, example (9)). If a licensee cannot reach a conclusion before the timelines s requirement for the event is exceeded, then the licensee should notify the NRC pursuant to 10 CFR 73.1200.
2.2 Credible Bomb Threat Considerations
The NRC staffs view is that a licensee may not possess the resources necessary to assess whether a bomb threat is credible within the 15-minute or 1-hour timeli ness requirements applicable to a bomb threat. Consequently, a licensee should notify the NRC of the b omb threat pursuant to 10 CFR 73.1200, without attempting to assess whether the bomb threat is credibl e. Under 10 CFR 73.1200(q), a licensee may retract a previous bomb threat event notification if the li censee subsequently receives information from law enforcement or the int elligence community that the threat is not credible. The results of a bomb threat search are considered significant supplemental information (see Staff Regulatory Guidance position 16.3).
- 3. Exception for Event Notifications Containing Safeguards Informa tion
Under 10 CFR 73.1200(o)(3), notif ications that contain SGI may be made to the NRC HOC without using secure communications systems under the exception in 10 CFR 73.22(f)(3), as such communications are considered communications of extraordinary c onditions. If a licensee has ready access to secure telecommunications equipment, the NRC recommends using that equipment to communicate the notification containing SGI to the NRC. Secure communications equipment that is appropriate for transmitting classified information is also con sidered appropriate for transmitting SGI.
However, consistent with 10 CFR 73.22(f)(3), the licensee shoul d not exceed the timeliness requirement for the event notification in an effort to obtain access to secure telecommunications equipment to communicate the notification. The licensee should follow the pr ocedure in Section III of Appendix A to 10 CFR Part 73 to make a notification using secure telecommunic ations equipment.
This exception applies only to n otifications associated with actual events. Consequently, this exception does not apply to simulat ed event notifications associated with security drills, emergency response exercises, or security evaluations. These types of notifications are not considered emergency or extraordinary conditions. Therefo re, any notification containing SGI related to a security drill, response exercise, or security evaluation must be made via secure telecommunications equipment.
- 4. Consideration of Other Notifications or Recordings
Licensees should evaluate an event using all of the applicable notification requirements under 10 CFR 73.1200 and the regulatory positions in this guide. A li censees evaluation should proceed from the applicable guidance in order of prioritythat is, from the most urgent notification (quickest timeliness requirement) to the least urgent notification (longe st timeliness requirement). If an event is reportable under multiple notification requirements with varyin g time limits, the licensee should make the notification using the quickest applicable timeliness requireme nt. Finally, if a licensee concludes that a security event does not require a notification to the NRC under 10 CFR 73.1200, the licensee should also evaluate whether the event is instead recordable under 10 CFR 7 3.1210. Staff Regulatory Guidance position 18.2 provides guidance on recordable events.
- 5. Movement Control Center
DG-5080, Page 22 For transportation-related activities discussed in this guide, a licensee may use a designated movement control center to meet the requirements of 10 CFR 73.1 200 and 73.1205. Accordingly, a movement control center, acting on behalf of the licensee, may monitor a shipments position and status, request assistance from LLEA, receive threat information from g overnment agencies, make any required notifications to the NRC, and st aff a continuous communications channel (if the channel is requested by the NRC under 10 CFR 73.1200(o)). A movement control center, ac ting on behalf of the licensee, may prepare the written follow-up repor ts required under 10 CFR 73.1205 following a notification made under 10 CFR 73.1200. The NRC recommends that the licensee review and approve these written follow-up reports and any corrective actions before the reports submission to the NRC.
- 6. Considerations for Contraband and Prohibited Items
In 10 CFR 73.2 the term contraband is defined to mean unautho rized firearms, explosives, incendiaries, or other dangerous materials (e.g., disease-causing agents) that can cause acts of sabotage against a licensees facility. NRC regulations prohibit the introduction of contraband items into a licensees PA, VA, or MAA.
The definition of contraband in 10 CFR 73.2 is broader for licensees who possess or conduct activities involving classified information or RD. For those li censees, contraband also includes unauthorized electronic devices or unauthorized electronic medi a that can be used in acts of espionage involving NSI or the unauthorized communication, transmission, receipt, tampering or disclosure of RD.
The NRC does not consider the fo llowing items to be contraband, if the items are authorized by facility management and if they are possessed by authorized per sonnel for legitimate purposes or are stored in secure locations: explosives, explosive devices, incendiary devices, and weapons. Examples include, but are not limited to, the following: weapons possessed by the facilitys security personnel as part of their official duties; weapons possessed by local, State, or Federal law enforcement personnel visiting the facility for official purposes; explosive squib va lves used in certain types of reactors; and explosive or incendiary devices intended for authorized and leg itimate purposes at the facility. The NRC staff recommends as a good practice that any such authorization s by facility management be documented in writing.
Items possessed by authorized persons for authorized purposes associated with a transportation activity outside the facility shoul d not be considered contraband. For example, licensees should not consider as contraband: weapons possessed by local, state, or F ederal law enforcement personnel performing escort duties; explosives possessed by law enforceme nt personnel performing escort duties; weapons possessed by authorized licensee escort personnel, or weapons possessed by vehicle operators under applicable state law (e.g., the vehicle operator has a co ncealed carry permit).
Under 10 CFR 73.67, licensees possessing Category II and III qu antities of SSNM, or Category II and III quantities of SNM, are not required to conduct searches of personnel, packages, or vehicles prior to their entry into the CAA. However, the NRC staff recommends as a good practice that licensees voluntarily notify the NRC of the discovery of items inside the CAA that would normally be considered contraband. These voluntary notif ications should be made consistent with the timeliness requirements of the applicable contraband event notification provisions specifi ed in 10 CFR 73.1200(e).
The term prohibited items is not defined in NRC regulations. Consequently, licensees can determine what they consider to be prohibited items. Licensees can also determine where on their site these items are prohibited. The NRC staff recommends as a good practice that licensees clearly specify what are prohibited items and wh ere on the licensees site these items are prohibited. These
DG-5080, Page 23 determinations should be clearly communicated to licensee personnel and contactor personnel as well as visitors.
- 7. 15-Minute Notifications
The NRC recognizes that the 15-minute notification requirement imposes a burden upon a licensee or a movement control center. Accordingly, the NRC has adopted a graded approach that limits the requirements in 10 CFR 73.1200(a) and (b) to a defined grou p of licensees and only for events involving imminent or actual hostile actions or potential hosti le actions or acts of sabotage against the licensees facility, material, or shipment activities.
Such actions or acts of sabotag e against an individual licensee may be a precursor to a more general (widespread) attack upon the Nations other critical in frastructure sectors. A licensees prompt notification of such actions or acts permits the NRCs HOC to p romptly communicate such hostile actions to the U.S. Department of Homela nd Securitys (DHS) National O perations Center, other appropriate Federal agencies, and other poten tially affected NRC licensees. Such communications are a vital component of the U.S. Governments overall efforts to respond t o threats against the Nations critical infrastructure. The NRCs rapid dissemination of these notifica tions permits other NRC licensees, Federal facilities, military installations, and critical infrastructure facilities to immediately increase their defensive posture in advance of potential coordinated multiple-target, or multiple-sector, terrorist attacks.
7.1 15-Minute Facility Notifications
The 15-minute notification requirement applies to imminent or a ctual hostile actions or attempted acts of sabotage against an applicable licensees facility or m aterial. Under 10 CFR 73.1200(a)(3), a licensee must provide certain specified information when making a 15-minute notification. Given the urgency associated with 15-minute notifications, the informatio n in these notifications is an abbreviated set of the information required under 10 CFR 73.1200(o).
Examples of imminent or actual hostile actions or attempted act s of sabotage against a licensees facility or material that warrant notification under 10 CFR 73. 1200(a) include, but are not limited to, the following:
(1) The licensee initiates a security response in accordance with its safeguards contingency plan or protective strategy based on an imminent or actual hostile a ction, act of sabotage, or security condition against the licensees facility or material.
(2) The licensee receives a notification from law enforcement, the intelligence community, or other government agency officials of a credible threat of a pot ential hostile action or an act of sabotage against the licensees facility and the threat is expected to occur within the next 12 hours1.388889e-4 days <br />0.00333 hours <br />1.984127e-5 weeks <br />4.566e-6 months <br />. If the timing of the threat is indeterminate, then the l icensee should notify the NRC under the 1-hour notification pr ovisions (see Staff Regulatory Guidance position 8.1).
Notification is not required if the NRC is the government agenc y that informs the licensee of the threat of a potential hostile action or act of sabotage.
(3) The detonation of bulk explosives or of an explosive device at the licensees facility or within close proximity to the facility. This includes the use of explo sives by ground assault force personnel, unmanned aerial systems, or the use of a vehicle-bor ne improvised explosive device (VBIED), including either land-based or waterborne VBIEDs. The detonation of bulk explosives or an explosive device authorized by the licensee for legitimate purposes is not an imminent or actual hostile action that warrants notification un der 10 CFR 73.1200(a).
DG-5080, Page 24 (4) The discovery of unauthorized explosive or incendiary materials within, or in direct contact with, a building or structure located within the licensees PA containing safety-related, important to safety, or security-related equipment; hazardous m aterials; or spent nuclear fuel.
(5) Unauthorized weapons are fired within the licensees PA, VA, MA A, or CAA.
(6) Unauthorized weapons are fired from outside of the licensees facility and the projectiles hit the facility, causing an immediate threat to the facility, to s ecurity personnel, or to other personnel.
(7) Unauthorized personnel or vehicles succeed in violently or forc ibly penetrating a PA, VA, MAA, or CAA.
(8) Hostages are taken inside the licensees facility.
(9) Offsite hostage-taking is reasonably determined to be related t o facility operations or security functions (e.g., the kidnapping of facility personnels family members to coerce employees into violating laws, NRC regulations, or the facilitys license).
(10) Explosives, explosive devices, or incendiary devices are used t o cause, or attempt to cause, radiological sabotage or the theft or diversion of SSNM, SNM, S NF, or HLW.
(11) A vehicle is used to cause an actual or attempted breach or dis ablement of the licensees required vehicle barrier system (VBS), for example by attemptin g to circumvent the VBS or by striking it violently at a high rate of speed. See also Staf f Regulatory Guidance position 12.
7.2 15-Minute Shipment Notifications
The 15-minute notification requirement applies to imminent or a ctual hostile actions or attempted acts of sabotage against an applicable licensees shipment activities. Under 10 CFR 73.1200(b)(3), the licensee or the movement control center must provide certain sp ecified information when making a 15-minute notification. Given the urgency associated with 15-mi nute notifications, the information in these notifications is an abbreviated set of the information required under 10 CFR 73.1200(o).
Examples of imminent or actual hostile actions or attempted act s of sabotage against a licensees shipment activities that warrant notification under 10 CFR 73.1 200(b) include, but are not limited to, the following:
(1) The licensee initiates a security response in accordance with its safeguards contingency plan or protective strategy based on an imminent or actual hostile a ction or act of sabotage against a shipment conducted by the licensee.
(2) The licensee receives a notification from law enforcement, the intelligence community, or other government agency officials of a credible threat of a pot ential hostile action or an act of sabotage against a shipment conduc ted by the licensee and the threat is expected to occur within the next 12-hours. If the timing of the threat is indete rminate, then the licensee should notify the NRC under the 1-hour notification provisions (see St aff Regulatory Guidance position 8.2). Notification is not required if the NRC is the government agency that informs the licensee of the threat of a potential hostile action or act of sabotage.
DG-5080, Page 25 (3) The detonation of bulk explosives or an explosive device at or near a transport vehicle. This includes the use of explosives by ground assault force personnel or the use of a VBIED.
(4) The ignition of an incendiary device against the transport vehicle or the transport package.
(5) There is actual or believed theft or sabotage of a shipment.
(6) Adversaries fire weapons at the transport vehicle(s), and proje ctiles hit the transport vehicle(s), which causes an immediate threat to the shipment.
(7) Adversaries fire weapons at the transport vehicle(s), and proje ctiles hit the transport vehicle(s) or escort vehicles, which causes an immediate threat or injury to the shipments security escorts or the vehicle operators.
(8) Unauthorized personnel succeed in forcibly penetrating a transport vehicle.
(9) Unauthorized personnel succeed in forcibly penetrating a transport package.
(10) Hostages are taken on site (e.g., at the shipping facility, rec eiving facility, or movement control center) or off site, and the hostage-taking is related to the shipments operations or security.
(11) Offsite hostage-taking is reasonably determined to be related t o shipment operations or security functions (e.g., the kidnapping of family members to coerce employees into violating laws, NRC regulations, U.S. Department of Transportation regulations, or the shipping or receiving facilitys license or certificate of comp liance).
7.3 Precedence of 15-Minute Notifications
Under 10 CFR 73.1200(a) and (b), a licensee or its designated movement control center must complete a 15-minute notification to the NRC as soon as possibl e, but within 15 minutes of the time of discovery of an event triggering these notification requirement s. In making a 15-minute notification, a licensees or movement control centers request for immediate LLEA assistance, initiation of a contingency response, or notification of State officials requir ed under the licensees Emergency Response Plan should take precedence over its physical security event no tification to the NRC. Under 10 CFR 73.1200(a)(6) or (b)(6), this notification to the NRC HO C must occur as soon as possible after the LLEA and State notifications are completed, and the conting ency response is initiated, even if this exceeds the 15-minute timeliness requirement.
Under 10 CFR 73.1200(o)(5), the NRC has clarified the requireme nt for a licensee to staff a continuous communications channel following an initial 15-minut e notification for facilities and materials. If requested to do so by the NRC HOC, a licensee should establish a continuous communications channel as soon as possible after the NRCs requ est. The continuous communications channel must be staffed by a knowledgeable individual in the li censee's security, operations, or emergency response organizations.
Under 10 CFR 73.1200(o)(6), the NRC has clarified the requireme nt for a licensee or its designated movement control center to staff a continuous communications channel following an initial 15-minute notification for shipping activities. If requested to do so by the NRC HOC, a licensee or a movement control center should establish a continuous communica tions channel as soon as possible after the NRCs request. The continuous communications channel must be staffed by a knowledgeable individual in the licensee's security, operations, or emergency response organizations or by a
DG-5080, Page 26 knowledgeable individual in the movement control center that is monitoring a licensees shipment.
Licensees should also refer to Staff Regulatory Guidance positi on 16 for further guidance on communicating event notifications to the NRC HOC.
- 8. 1-Hour Notifications
Under 10 CFR 73.1200(c) and (d), a licensee or its designated movement control center must notify the NRC HOC as soon as possible but not later than 1 hou r after the time of discovery of certain significant physical security events affecting licensee facilities and shipping activities. The 1-hour notification requirement is applicable to those events that pos e the greatest risk to the physical security of the facility or shipping activity. The NRC has taken risk into account when determining what constitutes a significant physical security event. This approach reduces the number of notifications that must be made to the NRC within 1 hour1.157407e-5 days <br />2.777778e-4 hours <br />1.653439e-6 weeks <br />3.805e-7 months <br />. Many of the notifications that were previously required to be reported within 1 hour1.157407e-5 days <br />2.777778e-4 hours <br />1.653439e-6 weeks <br />3.805e-7 months <br /> must now be reported within 4 or 8 hours9.259259e-5 days <br />0.00222 hours <br />1.322751e-5 weeks <br />3.044e-6 months <br />, as applicable.
8.1 1-Hour Facility Notifications
The significant physical security events affecting facilities t hat must be reported within 1 hour1.157407e-5 days <br />2.777778e-4 hours <br />1.653439e-6 weeks <br />3.805e-7 months <br /> are set forth in 10 CFR 73.1200(c)(1)(i)-(iii). Examples and clarif ications of significant physical security events include, but are not limited to, the following:
(1) Under 10 CFR 73.1200(c)(1)(iii) licensees are required to notify the NRC HOC when informed by law enforcement, the intelligence community, or other govern ment officials of a potential hostile action or act of sabotage, and the threat or action is not expected to occur within the next 12-hours or the time of occurrence is indeterminate. A licensee is not required to notify the NRC HOC if the NRC was the government agency that informed the lice nsee of a potential hostile action or act of sabotage.
(2) The licensee directly receives an unsubstantiated bomb threat o r threat of sabotage.
(3) Implementation of the licensees contingency response plan following receipt of a potential hostile action or act of sabotage, and the threat or action is not expected to occur within the next 12-hours or the time of occurrence is indeterminate. A licensee is not required to notify the NRC HOC if the NRC was the government agency that informed the lice nsee of a potential hostile action or act of sabotage that led to the contingency response plans implementation.
(4) Licensees who are subject to 10 CFR 73.50, 73.60, and 73.67 mus t meet the 1-hour notification requirement in 10 CFR 73.1200(c) but are not subject to the 15-minute notification requirement in 10 CFR 73.1200(a). Accordingly, these licensees must notify the NRC HOC within 1 hour1.157407e-5 days <br />2.777778e-4 hours <br />1.653439e-6 weeks <br />3.805e-7 months <br /> of the discovery of unauthorized expl osive materials, incendiary materials, or an improvised explosive device within the licensees site boundary.
(5) A vehicle strikes a component of a required VBS in a manner tha t is more than a minor accident (i.e., the impact degrades the ability of the VBS to perform it s intended functions). See also Staff Regulatory Guidance position 12.
(6) The loss of all offsite communications capabilities if these ca pabilities are necessary to meet regulatory requirements (e.g., they are specified in the licens ees physical security plan).
(7) The loss of all normal and alternate security radio-communicati ons frequencies necessary to implement the facilitys protective strategy.
DG-5080, Page 27 (8) The loss of all alternating current and direct current power to security systems (e.g., powering detection and assessment systems, alarm sensors, electronic locks and keypads, or security communications) that affects the licensees ability to successfully implement its protective strategy.
For notifications required under 10 CFR 73.1200(c)(1)(i)(A), li censees should report the theft or diversion of any quantity of SSNM or SNM.
For notifications required under 10 CFR 73.1200(c)(1)(i)(C) or (D), licensees should report unauthorized operation, manipulation, or tampering events invol ving safety-related SSCs at reactors or events involving items relied upon for safety at Category I SSN M facilities, respectively. A licensee is not required to report such events if the licensee assess they are due to human performance errors and no malevolent intent was present. Any such assessment must be accomplished within the 1-hour timeliness requirement even if the licensee is unable to complete a malevo lent intent determination. However, a licensee may retract such a notification under 10 CFR 73.1200(q ) if it subsequently determines that there was no malevolent intent.
Note: A licensee concluding that the event was due to human per formance errors; and therefore, was not reportable under 10 CFR 73.1200(c)(1)(i)(C) or (D), sho uld still evaluate whether the event is reportable under 10 CFR 50.72, 10 CFR 70.52, or 10 CFR 72.74.
For notifications required under 10 CFR 73.1200(c)(1)(ii), lice nsees should refer to RG 5.69 or RG 5.70, as applicable, for applicable guidance on the quantity of unauthorized explosives that meets or exceeds the relevant facilitys adversary characteristics limits.
The NRC staff recommends as a good practice that a licensee for a production facility should report events involving unauthorized operation, manipulation, o r tampering activities that interrupt the normal operations of the facility. Such events may include, but are not limited to, the interruption of the production of SSNM, electricity, and/or process steam.
The NRC staff should be aware that an event reported under 10 C FR 73.1200(c)(1)(i)(C) or (D) involving an unauthorized operation, manipulation, or tampering activity that results in interruption of normal operations at a production or utilization facility or re sults in an accidental criticality at a facility possessing a Category I quantity of SSNM could potentially constitute an allegation, including an allegation of criminal activity, r equiring the convening of an Allegation Review Board.
8.2 1-Hour Shipment Notifications
The significant physical security events affecting shipment activities that must be reported within 1 hour1.157407e-5 days <br />2.777778e-4 hours <br />1.653439e-6 weeks <br />3.805e-7 months <br /> are set forth in 10 CFR 73.1200(d)(1)(i)-(iv). Examples and clarifications of significant physical security events include, but are not limited to, the following:
(1) The licensee receives a notification from law enforcement, the intelligence community, or other government officials of a credible threat of a potential hostil e action or act of sabotage (including bomb threats) where the threat is not expected to occur within the next 12-hours, or the time of occurrence is indeterminate. A licensee is not required to noti fy the NRC HOC if the NRC was the government agency that informed the licensee of the threat of a potential hostile action or act of sabotage.
DG-5080, Page 28 (2) Implementation of the licensees contingency response plan following receipt of a potential hostile action or act of sabotage, and the threat or action is not expected to occur within the next 12-hours or the time of occurrence is indeterminate. A licensee is not required to notify the NRC HOC if the NRC was the government agency that informed the lice nsee of a potential hostile action or act of sabotage that led to the contingency response plans implementation.
(3) Licensees who are subject to 10 CFR 73.67 must meet the 1-hour notification requirement in 10 CFR 73.1200(d), but are not subject to the 15-minute notific ation requirement in 10 CFR 73.1200(b). Accordingly, these licensees must notify the NRC HOC within 1 hour1.157407e-5 days <br />2.777778e-4 hours <br />1.653439e-6 weeks <br />3.805e-7 months <br /> of the discovery of an actual or suspected explosive or incendiary dev ice or the detonation or ignition of such a device relating to a shipment activity.
- 9. 4-Hour Notifications
Under 10 CFR 73.1200(e) and (f), a pplicable licensees must noti fy the NRC HOC within 4 hours4.62963e-5 days <br />0.00111 hours <br />6.613757e-6 weeks <br />1.522e-6 months <br /> after the time of discovery of certain physical security events affecting licensee facilities and shipping activities. These 4-hour notifications are for those events tha t are less significant than the events subject to the 1-hour notification require ment. The NRCs development of a 4-hour notification requirement reflects the adoption of a risk-informed graded approach to reporting fa cility or shipping activity physical security events that reduces unnecessary burden.
9.1 4-Hour Facility Notifications
The physical security events affecting facilities that must be reported within 4 hours4.62963e-5 days <br />0.00111 hours <br />6.613757e-6 weeks <br />1.522e-6 months <br /> are set forth in 10 CFR 73.1200(e)(1)-(4). Examples and clarifications of suc h physical security events include, but are not limited to, the following:
(1) The discovery of falsified iden tification badges, key cards, or other access-control devices that could allow unauthorized personnel entry into a PA, VA, MAA, or CAA.
(2) The security force stages a strike or work slowdown.
(3) Providing information to law enforcement that a licensee employ ee or contractor may be potentially involved in terrorist activities, in criminal activ ities, or is affiliated with a terrorist organization, even if the information is unsubstantiated.
The NRC staff should be aware that an event reported under 10 C FR 73.1200(e)(1)(iii) involving the willful, actual introduction of contraband into a PA that i nvolves unauthorized firearms, explosives, incendiaries, or other dangerous materials could potentially constitute an allegation, including an allegation of criminal activity under 42 U.S.C. 2278a, requirin g the convening of an Allegation Review Board.
For notifications under 10 CFR 73.1200(e)(1)(v), authorized wea pons are those that are specified in the licensees physical security plan. Consistent with Staff Regulatory Guidance position 1, the time of discovery (T0) starts when a cognizant individual observes, identifies, or i s notified that an authorized weapon is not in the possession of authorized personnel or in a n authorized weapons storage location.
Notes: An authorized weapon that is recovered within the 4-hour timeli ness requirement for this event notification should be recorded as an uncontrolled weapon in the decrease in effectiveness events under 10 CFR 73.1200(f) (see Staff Regulatory Guidance position 18.2, example (8)).
DG-5080, Page 29 Weapons in the possession of on-dut y law enforcement personnel during the course of their presence at the licensees facility are not considered to be uncontrolled authorized weapons.
For notifications required under 10 CFR 73.1200(e)(1)(vi), lice nsees should report unauthorized operation, manipulation, or tampering events involving security -related SSCs at reactors or security-related systems at Category I SSNM facilities that could preven t the licensees implementation of its protective strategy for protecting any target set.
For notifications required under 10 CFR 73.1200(e)(3)(i), licen sees need not report law enforcement responses to the licensees facility for minor inci dents, such as traffic accidents, or notifications that would have o therwise been reported under 10 CFR 73.1200(a) - (h) or in other NRC regulations such as 10 CFR 50.72(b)(2)(xi) or 10 CFR 72.75(b)(2 ).
NRC staff does not view the presence of law enforcement personn el at the licensees facility for the purposes of training, security exercises, site familiarization, or coordination activities to be the type of response that requires an event notification under 10 CFR 73.12 00(e)(3).
NRC staff does not view a licensees reporting of suspicious activities to local, State, or Federal law enforcement agencies in accordance with 10 CFR 73.1215 as requiring an event notification under the requirement in paragraph (e)(2).
9.2 4-Hour Shipment Notifications
The physical security events affecting shipments that must be r eported within 4 hours4.62963e-5 days <br />0.00111 hours <br />6.613757e-6 weeks <br />1.522e-6 months <br /> are set forth in 10 CFR 73.1200(f)(1)-(2). Clarifications of such physical security events include, but are not limited to, the following:
(1) Providing information to law enforcement that a licensee employ ee or contractor may be potentially involved in terrorist activities, in criminal activ ities, or is affiliated with a terrorist organization, even if the information is unsubstantiated.
Under 10 CFR 73.1200(f)(2), licen sees must notify the NRC of an event involving implementation of their security program for which a notificat ion was made to local, State, or Federal law enforcement officials. NRC staff does not view routine shipment-related notifications made to local, State, or Tribal officials in accordance with the requirements of 10 CFR Part 73 or NRC Orders as requiring an event notification under the requirement in paragr aph (f)(2). Examples of such communications may include, but are not limited to, coordinatio n of escort coverage, advance notification of shipments, shipment delay no tifications, shipment departure notifications, and shipment arrival notifications.
NRC staff also does not view a licensees reporting of suspicio us activities to local, State, or Federal law enforcement agencies in accordance with 10 CFR 73.1 215 as requiring an event notification under the requirement in paragraph (f)(2).
DG-5080, Page 30
- 10. 8-Hour Notifications
Under 10 CFR 73.1200(g) and (h), applicable licensees must noti fy the NRC HOC within 8 hours9.259259e-5 days <br />0.00222 hours <br />1.322751e-5 weeks <br />3.044e-6 months <br /> after the time of discovery of certain security program failure events at facilities and shipment activities, respectively. The NRC staff has determined that these security events are not likely to have a significant effect or potential effect on the physical security of a facility or shipment activity.
10.1 8-Hour Facility Notifications
The physical security events affecting facilities that must be reported within 8 hours9.259259e-5 days <br />0.00222 hours <br />1.322751e-5 weeks <br />3.044e-6 months <br /> are set forth in 10 CFR 73.1200(g)(1)(i)-(iii). Examples and clarifications o f such physical security events include, but are not limited to:
(1) A previously undiscovered design flaw in such systems, for exam ple the failure of a required VBS to reposition to its secure configuration on a loss of powe r.
(2) The loss of an alarm capability or locking mechanism at a SNM a ccess control point or transfer portal that is not compensated for in accordance with the facilitys NRC-approved security plan.
(3) An uncompensated event involving the failure of all PA lighting in combination with an outage of a PA perimeter intrusion detection, assessment, or delay system.
(4) A strike or work stoppage by the security force that is imminent within the next 48 hours5.555556e-4 days <br />0.0133 hours <br />7.936508e-5 weeks <br />1.8264e-5 months <br />.
(5) Discovery of improper or inadequate supervision over access-control equipment (e.g., badge fabrication, access-control computers, keys, key cards, passwor ds, or cipher codes), but the event did not result in actual or attempted use of the equipmen t or media by an unauthorized individual to gain access into a PA, VA, MAA, or CAA.
For notifications required under 10 CFR 73.1200(g)(1)(ii) or (i ii), licensees should report unauthorized operation, manipulation, or tampering events invol ving safety related SSCs that do not interrupt the normal operations o f a power reactor or events involving items relied upon for safety at Category I SSNM facilities that do not result in the interrupti on of normal operation of the facility or an accidental criticality, respectively.
The NRC staff recommends as a good practice that licensees shou ld report under 10 CFR 73.1200(g)(1)(ii) unauthorized operation, manipulation, or tamp ering events that do not interrupt the normal operations of a production reactor facility (i.e., event s that affects the normal production of SSNM, electricity, or process steam).
Licensees should not report events under 10 CFR 73.1200(g)(1)(i i) or (iii) where an otherwise trained and qualified individua l conducts authorized operations or maintenance activities and the licensee subsequently determines that the individuals qualifications pe rmitting the activity had lapsed prior to his or her conducting the activity.
10.2 8-Hour Shipment Notifications
The physical security events affecting shipments that must be r eported within 8 hours9.259259e-5 days <br />0.00222 hours <br />1.322751e-5 weeks <br />3.044e-6 months <br /> are set forth in 10 CFR 73.1200(h)(1)(i)-(ii).
DG-5080, Page 31
- 11. Notifications for Enhanced Weapons
Under 10 CFR 73.1200(m), applicable licensees who have obtained enhanced weapons under 10 CFR 73.15 must notify the ATF, the NRC HOC, and the applicab le LLEA in the event that any of these enhanced weapons are stolen or lost.
Under 10 CFR 73.1200(n), applicable licensees who have obtained enhanced weapons under 10 CFR 73.15 must notify the NRC HOC as soon as possible, but w ithin 24 hours2.777778e-4 days <br />0.00667 hours <br />3.968254e-5 weeks <br />9.132e-6 months <br /> of receipt of an adverse action by the ATF regarding the licensees possession, receipt, transfer, transportation, or storage of enhanced weapons.
11.1 Immediate Notifications for Enhanced Weapons
Under 10 CFR 73.1200(m)(1)(i), licensees possessing enhanced we apons under 10 CFR 73.15 must immediately notify the ATF of any stolen or lost enhanced weapons. At the time of this RGs issuance, the ATF requirement for immediate notification was lo cated in ATFs regulations under 27 CFR 479.141, Stolen or Lost Firearms. It is a licensees r esponsibility to understand and comply with all applicable ATF regulations associated with their possession of enhanced weapons. Consequently, NRC licensees are encouraged to discuss any questions on these notification requirements with ATFs NFA Division staff in Martinsburg, West Virginia. Contact infor mation for the NFA Division may be found on the ATF web site: https://www.atf.gov/contact/licensing-and-other-services.
11.2 1-Hour Notifications for Enhanced Weapons
Under 10 CFR 73.1200(m)(1)(ii), licensees possessing enhanced w eapons under 10 CFR 73.15 must notify the NRC HOC as soon as possible, but not later than 1 hour1.157407e-5 days <br />2.777778e-4 hours <br />1.653439e-6 weeks <br />3.805e-7 months <br />, after a notification to the ATF of the discovery of any stolen or lost enhanced weapons possessed by the licensee.
11.3 24-Hour Notifications for Enhanced Weapons
Under 10 CFR 73.1200(n)(1), licensees possessing enhanced weapons under 10 CFR 73.15 must notify the NRC HOC, as soon as possible, but not later than 24 hours2.777778e-4 days <br />0.00667 hours <br />3.968254e-5 weeks <br />9.132e-6 months <br /> of the receipt of an adverse action by the ATF regarding the licensees possession, receipt, transfer, transportation, or storage of enhanced weapons.
Licensees should report adverse ATF actions that include, but a re not limited to, the following:
(1) Adverse inspection findings (e.g., notices of violation, noncon formance, or deficiency);
(2) Enforcement actions (e.g., escalated enforcement, civil penalti es, or orders); or
(3) Other adverse notices (specific to the licensee) that would imp act the licensees ability to possess or receive enhanced weapons.
Licensees who have voluntarily obtained a federal firearms lice nse (FFL) from the ATF (in conjunction with obtaining enha nced weapons under Section 161A of the AEA) must also notify the NRC HOC as soon as possible, but within 24 hours2.777778e-4 days <br />0.00667 hours <br />3.968254e-5 weeks <br />9.132e-6 months <br />, of the receipt of an adverse ATF action regarding the licensees FFL.
DG-5080, Page 32 11.4 48-Hour Notifications for Enhanced Weapons
Under 10 CFR 73.1200(m)(1)(iii), licensees possessing enhanced weapons under 10 CFR 73.15 must notify the applicable LLEA as soon as possible, but not la ter than 48 hours5.555556e-4 days <br />0.0133 hours <br />7.936508e-5 weeks <br />1.8264e-5 months <br /> of the time of discovery that any enhanced weapons have b een stolen or lost. Licensees must notify LLEA officials via telephone or in person. This approach will permit LLEA officials to ask f ollow-up questions to assist in mitigating the public safety implications from the stolen or lost enhanced weapons.
When deciding which LLEA should receive this notification, the licensee should consider where the weapons were stolen or lost. The following two examples pro vide clarification on which LLEA to notify.
(1) If the enhanced weapons are stolen or lost from a training rang es storage facility located away from the facility, then the licensee should notify the LLE A with jurisdiction over the training facility.
(2) If the enhanced weapons are stolen or lost during the escorting of a shipment a significant distance from the facility (e.g., 1,600 kilometers (994 miles) away) or during the security teams return to its home base via commercial aircraft, then th e licensee should notify the LLEA with jurisdiction over the location where the theft or los s occurred, or is believed to have occurred.
- 12. Required Vehicle Barrier System
The notifications requirements in 10 CFR 73.1200(c)(1)(ii) and (e)(1)(viii) refer to a required vehicle barrier system (VBS). A V BS is considered required if its use at the licensees facility is necessary to implement the licensees protective strategy in accordance with the regulatory requirements in 10 CFR Part 73 or NRC orders. Some licensees may establish a VBS in the owner controlled area as part of an early warning system (OCA-EWS). If the licensee reli es on and takes credit for this VBS in its physical security plan to implement its protective strategy, then such an OCA-EWS VBS is also considered a required VBS.
- 13. Unauthorized Persons
Under 10 CFR 73.1200(e)(1)(i)-(ii), a licensee must notify the NRC HOC of an actual or attempted access to a facility s PA, VA, MAA, or CAA by unauthorized persons. Licensees should also notify the NRC of actual entries of unauthorized persons that a re the result of the failure of the facilitys security barrier or control systems to prevent an unauthorized person from accessing the licensees PA, VA, MAA, or CAA. A licensee does not need to submit a notification in those cases where an individual was improperly granted unescorted access to a facilitys PA, VA, MAA, or CAA, based upon the individual providing inaccurate o r false background information or by omitting derogatory information.
An individual who has been improperly approved for unescorted a ccess is not considered an unauthorized person. Instead, the NRC staff recommends that the licensee should record the event under 10 CFR 73.1210(f) as a decrease in effectiveness of the security access control program (see Staff Regulatory Guidance position 18.2, example (1)). The NRC staff also recommends that events involving an authorized person tailgating into a facilitys PA, VA, MAA, or CAA (in noncompliance with a licensees access control procedures) be recorded under 10 CFR 73.1210(f) as a decrease in effectiveness of the security access control program.
DG-5080, Page 33 Under 10 CFR 73.1200(e), a licensee is not required to notify the NRC of actual or attempted entry of unauthorized persons into the licensees OCA. However, if a licensee determines that the unauthorized persons actual or attempted entry into the OCA co nstitutes a suspicious activity then under 10 CFR 73.1215 the licensee must report this suspicious activit y. Under 10 CFR 73.1215(c), licensees reporting a suspicious activity must notify the applicable LLEA, the FBI, and the NRC HOC of such activities. Separately, under 10 CFR 73.1200(e)(2), licensees must notify the NRC of events involving the implementation of their security program for which a notificat ion was made to local, State, or Federal law enforcement officials. Since suspicious activity reports under 10 CFR 73.1215(c) already include a notification to the NRC HOC, the NRC staff views a separate not ification to the NRC under 10 CFR 73.1200(e)(2) (regarding a notification to law enforceme nt officials) as duplicative; and therefore, unnecessary.
Under 10 CFR 73.1200(f)(1)(i)-(iv), a licensee must notify the NRC HOC of unauthorized persons actually or attempting to gain access to a transport ve hicle or to the material being transported. A licensee does not need to submit a notification in those cases where an individual was improperly granted unescorted access to a transport vehicle or to the material bei ng transported, based upon the individual providing inaccurate or false background information or by omit ting derogatory information. An individual who has been improperly approved for unescorted access is not considered an unauthorized person. Instead, the NRC staff recommends that the licensee should record such instances of improper granting of access under 10 CFR 73.1210(f) as a decrease in effectiveness of the security access control program (see Staff Regulatory Guidance position 18.2, example ( 1)).
- 14. Retraction of Event Notifications
Under 10 CFR 73.1200(q), a licensee may retract a physical security event notification made under 10 CFR 73.1200(a)-(h), (m), or (n) that it has determined to be invalid. A licensee may discuss the applicability of a particular notification or recording require ment in 10 CFR 73.1200 or 10 CFR 73.1210 to a specific security event with NRC staff, if time permits, b efore making the respective notification or record. Contacting the applicable NRC regional office is prefer red.
Under 10 CFR 73.1200(q), a movement control center that is moni toring a shipment for a licensee may retract a physical security event notification it has made under 10 CFR 73.1200(b), (d), (f),
or (h) that it has determined to be invalid.
A licensee or its movement control center may base such a determination upon new information or relevant information received from an external entity subsequent to its initial notification. Examples of such a determination include, but are not limited to:
(1) An event where the initial information is subsequently determin ed to be incorrect.
(2) An event where the NRCs Office of Investigations, a law enforcement agency, or the intelligence community determines that the event is innocent or innocuous (i.e., no malevolent intent was present). A licensee may rely on conclusions from such government or law enforcement agencies that malevolent intent was not present to serve as the basis for concluding an event notification is invalid.
(3) Subsequent to a licensees reporting an event based upon an ini tial determination of malevolent intent, further investigation reveals that there was no malevolent intent.
DG-5080, Page 34
- 15. Items Relied Upon for Safety (IROFS)
Several of the notification requirements in 10 CFR 73.1200 refe r to events involving unauthorized operation, manipula tion, or tampering with any structures, systems, or components (SSCs).
These events apply to facilities licensed under 10 CFR Part 70 that use the term items relied upon for safety (IROFS). Notification requirements referring to any SS C would include IROFS, but these notifications are not limited to IROFS.
The staffs intent was not to give the term SSC any new meaning in the final rule. The intent was to require notification of unaut horized operation, manipulation, or tampering of any SSCs, not just safety-related SSCs as that term is defined in 10 CFR Part 50 or items relied on for safety as that term is defined in 10 CFR 70.4.
- 16. Security Event Notification Process
Under 10 CFR 73.1200(o), licensees must make the notifications required under 10 CFR 73.1200(a)-(h), (m), and (n ) by telephone, within the specified timeliness limits. The timeliness requirement begins at the time of discovery of the event, as th is term is defined in 10 CFR 73.2, Definitions. See Staff Regulatory Guidance position 1 for add itional guidance regarding the term time of discovery.
Under 10 CFR 73.1200(o)(1) and (2 ), licensees may use any available communication system to telephonically contact the NRC HOC to make the notifications re quired under 10 CFR 73.1200 within the applicable timeliness requirement. Additionally, under 10 CFR 7 3.1200(p) and (q), licensees must notify the NRC of significant supplemental information and retraction of previous notifications using any available communication system.
16.1 Continuous Communications Channel
In response to a licensees event notification under 10 CFR 73. 1200(a)-(h) and (m), the NRC may request that the licensee or its movement control center (MCC) establish a continuous communications channel. The NRCs objective is to rapidly obtain accurate and current information on the security status of an event, especially in the cases of deteriorating facility or security conditions, high-significance events, or high-consequence events. A licensee or its movement control center may establish a requested communications channel via any available communications system. A licensee may locate the individual staffing the communications channel at a location it deems appropriate (e.g., an alarm station, technical support center, or emergency operations facility) and may relocate the individual to another appropriate location, if necessary.
Under 10 CFR 73.1200(o), a licensee must staff the communications channel with an individual from the licensees operations, security, or emergency response organizations. The individual should be knowledgeable of the facility or of the shipment and the licensees facility or transportation security procedures, as applicable. An MCC must staff the communications channel with an individual from the MCC. The individual should be knowledgeable of the shipment and the transportation security procedures.
The individual monitoring the co mmunications channel may perform other assigned duties, provided they are able to respond to NRC requests for informati on on the channel.
DG-5080, Page 35 16.2 Information Security Considerations During Event Notificat ions
Consistent with 10 CFR 73.22(f)(3), licensees making notificati ons of actual events under 10 CFR 73.1200 that contain SGI are exempted from the requireme nt to use secure communications technology. However, if a secure communications technology is r eadily available to the licensee, then the licensee should consider using this secure capability when noti fying the NRC on a not to delay basis. For further guidance see Section B a bove, under Event Notification Process, and also Staff Regulatory Guidance position 3.
Separately, as also discussed under Event Notification Process in Section B above, licensees making notifications under 10 CFR 73.1200 that contain classifi ed information must communicate such events to the NRC HOC using secure telecommunications equipment appropriate to the classification level of the notification. This includes both classified national security information (NSI) and classified Restricted Data (RD). Such secure communications equipment must meet the requirements of 10 CFR 95.39. The regulations in 10 CFR Part 95 do not contain provisions for emergency or exigent circumstance exceptions similar to those in 10 CFR 73.22(f)(3). Therefore, licensees must use secure telecommunications equipment to notify the NRC of a physical se curity event when the event notification contains classified information.
However, under 10 CFR 73.1200(o)(4)(ii) and (iii), if the licen sees secure communications equipment is unavailable or inoperable (e.g., because of the na ture of the security event), then the licensee must provide as much information as possible about the security event to the NRC HOC without disclosing classified information, so as to meet the licensees timely notification responsibilities under 10 CFR 73.1200. In addition, the licensee must indicate to the NRC that its secure communications capability is not available or operational. In such circumstances, a licensee using a non-secure communications capability may be directed by the NRC emergency response management, in accordance with 32 CFR 2001.52(a), to provide classified NSI to the NRC ov er a non-secure system, due to the significance of the ongoing security event. Under 10 CFR 73.1200(o)(4)(iii), a licensee submitting a written follow-up report for such a n event must document this NRC direction and any classified NSI that was communicated non-securely. Under 10 CFR 73.1205(d)(2)-(3), a licensee must prepare and submit such a report as a classified document. However, licensees must only communicate classified RD using a secure communications capability (i.e., no exceptions exist).
16.3 Significant Supplemental Information
Under 10 CFR 73.1200(p), a licensee or a movement control center must notify the NRC of significant supplemental information. The length of time requir ed to identify any supplemental information, assess its significance, and conclude that it is s ignificant enough to warrant notification may vary greatly from event to event. Consequently, the NRC staff recommends as a good practice that once a licensee or a movement control center has determined that suppl emental information is significant, then they should notify the NRC HOC of such information within a tim eframe consistent with the timeliness requirement of the original notification.
(1) A licensee should notify the NRC of the results of any bomb sea rches conducted either by the licensee or LLEA search teams as significant supplemental information.
- 17. Written Follow-Up Reports
Under 10 CFR 73.1205(a)(1), licensees must submit written follow-up reports within 60 calendar days after the licensee has made an event notification under 10 CFR 73.1200(a)-(h). However, the regulations in 10 CFR 73.1205(a)(2) identify several exceptions to this requirement. See discussion topic
DG-5080, Page 36 Exceptions and Exemptions to Reporting and Recordkeeping Requi rements in Section B of this guide for details of these exceptions.
Additionally, 10 CFR 73.1205(a)(3) requires that a licensee need not submit a written follow-up report when the licensee has made a notification under 10 CFR 7 3.1200 and subsequently retracts the notification in accordance with 10 CFR 73.1200(q). However, if a licensee has already submitted a written follow-up report prior to retraction of the notificatio n, then the licensee is required to submit a revised written follow-up report documenting the retraction and the basis for the retraction. Licensees should refer to Staff Regulatory Guidance position 14 for further direction. This revised report is necessary to ensure the completeness of the agencys docketed history of the licensees communications with the NRC.
The following two examples further clarify for licensees and the NRC staff the timing considerations associated with this distinction:
(1) On day 0, Licensee A makes an event notification to the NRC und er 10 CFR 73.1200(c). On day 35 the licensee notifies the NRC under 10 CFR 73.1200(q) th at it is retracting the event notification. Therefore, under 10 CFR 73.1205(a)(3)(i), License e A is not required to submit a written follow-up report for this event.
(2) On day 0, Licensee B makes the same event notification to the NRC under 10 CFR 73.1200(c) and on day 59 submits a written follow-up report to the NRC. On day 85, the licensee notifies the NRC under 10 CFR 73.1200(q) that it i s retracting this event notification. Consequently, under 10 CFR 73.1205(a)(3)(ii), Lic ensee B is required to submit a supplemental written follow-up report to the NRC to indicate that the original event notification was retracted and to document the basis for the retraction.
Under 10 CFR 73.1205(b)(2), li censees subject to 10 CFR 50.73 must submit written follow-up reports using NRC Form 366. Licensees not subject to 10 CFR 50. 73 (e.g., those specific licensees subject to 10 CFR Parts 70 or 72) must submit written follow-up reports using a letter format instead of NRC Form 366.
A security event requiring a notification under 10 CFR 73.1200 may affect both a reactor facility and a co-located ISFSI facility. Rather than submitting a separ ate written follow-up report for both types of facilities, the licensees may submit a single written follow -up report using NRC Form 366. In such circumstances, the licensee shoul d include all applicable docket numbers for the affected facilities.
- 18. Recordable Security Events and Conditions
Under 10 CFR 73.1210, an applicab le licensee must record physical security events or conditions adverse to security within 24 hour2.777778e-4 days <br />0.00667 hours <br />3.968254e-5 weeks <br />9.132e-6 months <br /> s of the time of discovery of such events and conditions. Licensees should refer to Staff Regulatory Guidance position 1 for further guidance regarding the time of discovery.
The specific classes of licensees subject to this recordkeeping requirement are set forth in 10 CFR 73.1210(a)(1). However, certain licensees subject to 10 CFR 73.67 are exempted under 10 CFR 73.1210(h) from the recordkeeping requirements of 10 CFR 73.121 0. Additionally, 10 CFR 73.1210(b)(5)-(7) also provides several exceptions to the recordkeeping requirements of 10 CFR 73.1210.
Accordingly, certain licensees within the specific classes of licensees subject to 10 CFR 73.1210(a)(1) are exempt from this recordkeeping requirement.
DG-5080, Page 37 18.1 Facility and Shipment Recordable Events and Conditions
Under 10 CFR 73.1210(c)(1)-(3) and (d)(1)-(2), a licensee must record within 24 hours2.777778e-4 days <br />0.00667 hours <br />3.968254e-5 weeks <br />9.132e-6 months <br /> certain identified physical security events or conditions adverse to se curity at facilities. Under 10 CFR 73.1210(c)(4)-(7), a licensee mu st record within 24 hours2.777778e-4 days <br />0.00667 hours <br />3.968254e-5 weeks <br />9.132e-6 months <br /> certain identified physical security events or conditions during shipment activities.
(1) For authorized live ammunition events under 10 CFR 73.1210(d)(1 ), the NRC staff recommends as a good practice that licensees should consider a small quantity of ammunition to be 5 rounds or less.
(2) For unauthorized live ammunition events under 10 CFR 73.1210(d) (2)(i), the regulations in 10 CFR 73.1210(d)(2)(ii)-(iv) provide direction on what is mean t by the terms a small quantity of live ammunition (i.e., 5 rounds or less), uncontrolled authorized ammunition, and unauthorized ammunition.
Additionally, 10 CFR 73.1210(d)(3)(i) and (ii) provide exemptio ns to the ammunition recordkeeping requirements in 10 CFR 73.1210(d) for ammunition that is in the authorized possession of law enforcement personnel performing official duties or for bla nk ammunition used by the licensee for training or security exercise or drill purposes.
18.2 Recordable Events and Conditions Regarding Decreases in Effectiveness
Under 10 CFR 73.1210(f), a licensee must record within 24 hours2.777778e-4 days <br />0.00667 hours <br />3.968254e-5 weeks <br />9.132e-6 months <br /> physical security events or conditions at facilities and during shipment activities regarding decreases in effectiveness of the physical security program below that described in the licensees NRC-approved physical security plans. Examples and clarifications of such physical security events and conditions include, but are not limited to:
(1) An event in which an individual was improperly granted unescorted access based upon the individual providing inaccurate o r false background information or by omitting derogatory information. An individual who h as been improperly approved for unescorted access is not considered an unauthorized person. This event applies when an individual gains entry into a PA, VA, MAA, or CAA; gains access to a vehicle transporting a C ategory I or Category II quantity of SSNM, a Category II quantity of SNM, SNF, or HLW; g ains access to SSNM or SNM; or gains access to SGI. If indications of tampering, attem pted sabotage, or theft or diversion are evident, the licensee should evaluate reportabili ty under the 1-hr or 4-hr event notifications (see examples in Staff Regulatory Guidance positi ons 8 and 9).
Note: For this example, consistent with the guidance in RG 5.66, Access Authorization Program for Nuclear Power Plants, the time of discovery begins when the licensee completes an assessment of the intent of the inaccurate or false background information; rather than the time of discovery guidance contain ed in RG 5.62, Staff Regulatory Guidance position 1.
(2) An event in which an individual approved for unescorted access tailgates through a security barrier for a PA, VA, MAA, or C AA in noncompliance with a licen sees access control procedures.
(3) A programmatic breakdown of the licensees processes or procedures for reviewing criminal history records checks and background information, involving mu ltiple failures to seek or
DG-5080, Page 38 review relevant information that would have yielded an adverse decision on access to a facility, access to a transport vehicle, access to SSNM or SNM, or access to SGI.
(4) An event involving unplanned missed security patrols or checks which resulted in a failure to meet the licensees NRC-approved physical security plans. This includes patrols or checks that were not accomplished within the require timeframes specified in these physical security plans.
(5) An event involving the loss of control or protection over Safeg uards Information where there does not appear to be evidence of theft or compromise.
(6) An event involving the failure o r degradation of PA, VA, MAA, o r CAA lighting or illumination below security-plan requirements.
(7) An event involving the full lo ss of one alarm stations capabilities (for a facility with two alarm stations).
(8) An event involving an uncontrolle d authorized security weapon within a PA, VA, MAA, or CAA.
(9) An event involving the actual or attempted introduction of cont raband at or inside a PA, VA, or MAA, where the licensee has assessed that malevolent intent was not present.
(10) Any other threatened, attempted, or committed act, not otherwis e defined in 10 CFR 73.1210, that has resulted in or has the potential for d ecreasing the effectiveness of the facilitys or transport systems physical security program below the level committed to in the licensees NRC-approved physical security plans.
(11) An event involving unauthorized or undetected access to the lic ensees owner controlled area surrounding the facility (e.g., a hunter during hunting s eason) is not required to be recorded under 10 CFR 73.1210. However, licensees should assess under RG 5.87 whether this access is a suspicious activity that is required to be reported under 10 CFR 73.1215.
18.3 Information Security Considerations for Recordkeeping
Under 10 CFR 73.1210(b)(3), a licensee may record physical security events or conditions adverse to security in either a s tandalone safeguards event log or in the licensees corrective action program. Some of these recorded events or conditions may contai n SGI or classified information.
Consequently, under 10 CFR 73. 1210(b)(3)(ii), a licensee choosing to maintain records of physical security events and conditions adverse to security in an uncontrolled corrective action program database must ensure that the records contain sufficient detail and info rmation to permit the licensee to effectively track, trend, and monitor these ev ents or conditions and implem ent corrective actions to prevent recurrence without revealing SGI or classified information.
Under 10 CFR 73.1210(b)(3(iii)-(iv), a licensee may choose to d ivide such records between an uncontrolled corrective action program database and a (controll ed) safeguards event log to maximize tracking, trending, and performance monitoring capabilities associated with their corrective action program without revealing SGI or classified information. Additi onally, a licensee must ensure that any SGI or classified information cont ained in such records is created, stored, and handled in accordance with the requirements of 10 CFR 73.21 and 10 CFR 73.22 or 10 CFR Par t 95, as applicable. Furthermore, a
DG-5080, Page 39 licensee must ensure that only personnel with a valid need to k now are permitted access to any SGI or classified information contained in such records.
- 19. Events Involving Classified Information
Under 10 CFR 73.1200(t), a licensee must notify the NRC HOC of events associated with the deliberate disclosure, theft, loss, compromise, or possible com promise of classified documents, information, or material in accordance with 10 CFR 95.57, Reports. However, a single event may require both a physical security event notification and a classified information event notification. For example, the loss or theft of SSNM that has physical characteri stics which are considered to be classified information. The loss or theft of this SSNM is a physical secur ity event requiring notification under 10 CFR 73.1200. However, since the physical characteristics of the SSNM are also classified, the loss or theft of this material is also a loss of classified information requiring reporting under 10 CFR 95.57. If the report of such an event contains classified information, then the licensee should report the event to the NRC HOC in accordance with the communication procedure specifie d in Section III of Appendix A to 10 CFR Part 73.
As a good practice under the elimination of duplication provisi on in 10 CFR 73.1200(s), a licensee may make a single communication to the NRC HOC of an event that requires notifications under both 10 CFR 73.1200 and 10 CFR 95.57. When communicating with t he NRC HOC, a licensee must identify each regulation under which the licensee is making the notification.
- 20. Superseded Guidance
The guidance contained in this RG supersedes the following prev ious NRC guidance documents regarding physical security event notifications. In particular, with respect to emergency response notifications for security-based events and hostile actions.
(1)Bulletin 2005-02, Emergency Prep aredness and Response Actions for Security-Based Events (Ref. 22).
(2) Regulatory Issue Summary 2006-12, Endorsement of Nuclear Energ y Institute Guidance Enhancements to Emergency Prep aredness Program for Hostile Action (Ref. 23).
(3) Generic Letter 1991-03, Reporting of Safeguards Events (Ref. 24).
DG-5080, Page 40 D. IMPLEMENTATION
The NRC staff may use this regulatory guide as a reference in its regulatory processes, such as licensing, inspection, or enforcement. The NRC staff does not expect or plan to require the use of this regulatory guide. However, should the NRC dete rmine to require the use of this regulatory guide, such an imposition would not constitute backfitting, as that term is defined in 10 CFR 50.109, Backfitting, 10 CFR 70.76, Backfitting, or 10 CFR 72.62, Backfitting; affect the issue finality of an approval issued under 10 CFR Part 52, Licenses, Certifications, and Approvals for Nu clear Power Plants; or constitute forward fitting, as that term is defined in NRC Management Dire ctive 8.4, Management of Backfitting, Forward Fitting, Issue Finality, and Information Requests (Ref. 25), because reporting requirements are not included within the scope of the NRCs backfitting or issue finality rules or forward fitting policy.
DG-5080, Page 41 GLOSSARY
authorized Weapons specified under the licensees physical security plan in the possession of weapon licensee security personnel or stored in armories or ready-service lockers.
A service weapon in the possession of federal, state, or local law enforcement personnel.
contraband Unauthorized firearms, explosives, incendiaries, or other dange rous materials (e.g., disease-causing agents), which are capable of causing acts of sabotage against a licensed facility or licensed radioactive material, as specified under 42 U.S.C. 2284.
Contraband items are banned from a licensees protected area, v ital area, or materials access area.
For licensees that possess or conduct activities involving clas sified national security information or classified Restricted Data (RD), as defined in 1 0 CFR 95.5, contraband also means unauthorized electronic devices or unauth orized electronic media that are capable of facilitating acts of espionage; unaut horized communication, transmission, disclosure, or receipt of RD; or tampering with R D, pursuant to 18 U.S.C. 793 or 42 U.S.C. 2274-2276, respectively.
classified national Has the same meaning as the term is defined in 10 CFR 95.5.
security information (NSI) classified Has the same meaning as the term is defined in 10 CFR 95.5.
Restricted Data (RD) enhanced weapon Any short-barreled shotgun, short-barreled rifle, or machine gu n authorized under 10 CFR 73.15. Enhanced weapons do not include destructive devic es as defined in 18 U.S.C. 921(a) (Ref. 26).
greater than Has the same meaning as the term is defined in 10 CFR 72.3.
Class C waste (GTCC) high-level Has the same meaning as the term is defined in 10 CFR 72.3.
radioactive waste (HLW) hostile action An act directed at a licensees facility, shipment, or its pers onnel that includes the use of force to damage or destroy the facility or shipment, divert or steal special nuclear or radioactive material, take hostages, and/or intimidate the l icensee to violate its NRC license or NRC regulations. This includes attacks using guns, explosives.
projectiles, vehicles, or other devices used to deliver destructive force.
A hostile action should not be construed to include protests or other acts of civil disobedience.
hostile force One or more individuals who are engaged in an assault directed at a licensees facility, shipment, or its personnel.
DG-5080, Page 42 imminent An event or condition should be considered imminent if it is li kely to occur within the time periods specified in 10 CFR 73.1200(a), (b), (c), and (d).
independent spent Has the same meaning as the term is defined in 10 CFR 72.3.
fuel storage installation (ISFSI) movement control Has the same meaning as the term is defined in 10 CFR 73.2.
center (MCC) production facility Has the same meaning as the term is defined in 10 CFR 50.2.
prohibited items Devices, items, and materials that the licensee has determined are not permitted in a licensees PA, VA, or MAA. Prohibited items do not include cont raband. The licensee may specify any prohibited items in its physical security plan.
security condition Any Security Event listed in the approved security contingency plan that constitutes a threat or compromise to facility security or transportation security, a threat to facility personnel or transportation personnel, or a potential degradation to the level of safety of the facility or transportation system.
security event Any occurrence which represents an attempted, threatened, or actual breach of the security system; or a reduction in the physical protection program for the facility or transportation system. Security Events may be Security Incidents, Security Conditions or Hostile Actions.
security incident Any Security Event listed in the approved security contingency plan that may result in communication with an LLEA or draw media attention.
spent nuclear fuel Has the same meaning as the term is defined in 10 CFR 73.2.
(SNF) or spent fuel time of discovery Has the same meaning as the term is defined in 10 CFR 73.2.
vehicle barrier A continuous barrier, which may include buildings, natural barr iers, commercially system available barriers, and any combination of these items, utilized to stop a land vehicle (VBS) used as transportation to gain proximity to vital areas or used to transport a bomb (i.e., a vehicle borne improvised explosive device - VBIED).
uncompensated Compensatory measures specified in applicable security plans or procedures have not been implemented, were implemented incorrectly, or were ineffective.
uncontrolled An authorized weapon per the licensees security plan that is n ot in the possession of authorized authorized personnel or is not in an authorized weapons storage location.
weapon unsubstantiated A threat for which no specific organization or individual claim s responsibility and is threat not supported by any evidence other than the threat message its elf.
DG-5080, Page 43 Notes:
(1) For additional security terms, users may consult NUREG-2203, G lossary of Security Terms for Nuclear Power Reactors (Ref. 27).
(2) The terms ammunition, handgun, rifle, machine gun, lar ge-capacity ammunition feeding device, se miautomatic assault weapon, short-barreled shotgun, short-barreled rifle, and shotgun have the same meaning as provided in the ATFs regulations under 27 CFR 478.11, Meaning of terms (Ref. 28).
DG-5080, Page 44 REFERENCES3
- 1. U.S. Code of Federal Regulations (CFR), Physical Protection of Plants and Materials, Part 73, Chapter I, Title 10, Energy.
- 2. CFR, Domestic Licensing of Production and Utilization Faciliti es, Part 50, Chapter I, Title 10, Energy.
- 3. CFR, Licenses, Certifications, and Approvals for Nuclear Power Plants, Part 52, Chapter I, Title 10, Energy.
- 4. CFR, Domestic Licensing of Special Nuclear Material, Part 70, Chapter I, Title 10, Energy.
- 5. CFR, Licensing Requirements for the Independent Storage of Spe nt Nuclear Fuel, High-Level Radioactive Waste, and Reactor-Related Greater Than Class C Waste, Part 72, Chapter I, Title 10, Energy.
- 6. Atomic Energy Act of 1954 (AEA), as amended, Section 161A, Use of firearms by security personnel, Title 42, United States Code (42 U.S.C.), Chapter 23, Division A, Subchapter XIII, 2201a.
- 7. CFR, Facility Security Clearance and Safeguarding of National Security Information and Restricted Data, Part 95, Chapter I, Title 10, Energy.
- 8. AEA, Section 224, Communication of Restricted Data; Section 2 25, Receipt of Restricted Data; and Section 226, Tampering with Restricted Data; 42 U. S.C., Chapter 23, Division A, Subchapter XVII, Enforcement of Chapter; 2274-2276.
- 9. 18 U.S.C. Section 793, Gatheri ng, transmitting or losing defen se information; Part I, Chapter 37; Espionage and Censorship.
- 10. CFR, Exemptions and Continued Regulatory Authority In Agreemen t States and In Offshore Waters Under Section 274, Part 150, Chapter I, Title 10, Ener gy.
- 11. CFR, Classified National Security Information, Part 2001, Cha pter XX, Subtitle B, Title 32, National Defense.
- 12. U.S. Nuclear Regulatory Commission (NRC), NUREG-1304, Physical Security Event Notifications, Reports, and Recordkeeping, Washington, DC. 4 (ML16012A188)
3 Publicly available NRC published documents are available electronically through the NRC Library on the NRCs public website at http://www.nrc.gov/reading-rm/doc-collections/ and through the NRCs Agencywide Documents Access and Management System (ADAMS) at http://www.nrc.gov/reading-rm/adams.html. For problems with ADAMS, contact the Public Document Room staff at 301-415-4737 or (800) 397-4209, or email pdr.resource@nrc.gov. The NRC Public Document Room (PDR), where you may also examine and order copies of publicly available documents, is open by appointment. To make an appointment to visit the PDR, please send an email to PDR.Resource@nrc.gov or call 1-800-397-4209 or 301-415-4737, between 8 a.m. and 4 p.m. eastern time (ET), Monday through Friday, except Federal holidays.
4 The NRC withdrew NUREG-1304, Revision 0, issued February 1988 (ML16012A188) upon the publication of the agencys final rule on Enhanced Weapons, Firearms Background Checks, and Security Event Notifications. Revision 1 of NUREG-1304 will be issued following a public Q&A workshop, which will be held after the extended compliance (implementation) period for the final rule.
DG-5080, Page 45
- 13. NRC, Regulatory Guide (RG) 5.69, Guidance for the Application of Radiological Sabotage Design-Basis Threat in the Design, Development and Implementati on of a Physical Security Program that Meets 10 CFR 73.55 Requirements (U), Washington, DC. (Not publicly available)5
- 14. NRC, RG 5.70, Guidance for the Application of the Theft and Di version Design-Basis Threat in the Design, Development, and Implementation of a Physical Secur ity Program that Meets 10 CFR 73.45 and 73.46 Requirements (U), Washington, DC. (Not publicly available)5
- 15. NRC, RG 5.86, Preemption Authority, Enhanced Weapons Authority, and Firearms Background Checks, Washington, DC.
- 16. NRC, Enhanced Weapons, Firearms Background Checks, and Securit y Event Notifications Rule, [Final Rule] Federal Register, Vol. 88, No. 49: pp. 15864-15899 (88 FR 15864),
Washington, DC, March 14, 2023.
- 17. CFR, Physical Protection of Category 1 and Category 2 Quantiti es of Radioactive Material, Part 37, Chapter I, Title 10, Energy.
- 18. CFR, Domestic Licensing of Source Material, Part 40, Chapter I, Title 10, Energy.
- 19. NRC, Form 366, Licensee Event Reports (LER), Washington, DC.
- 20. NRC, Nuclear Regulatory Commiss ion International Policy Statement, Federal Register, Vol. 79, No. 132: pp. 39415-39418 (79 FR 39415), Washington, DC, July 10, 2014.
- 21. NRC, Management Directive (MD) 6.6, Regulatory Guides, Washington, DC, May 2, 2016.
- 22. NRC,Bulletin 2005-02, Emergency Preparedness and Response Actions for Security-Based Events, Washington, DC, July 18, 2005. (ML051740058)
- 23. NRC, Regulatory Issue Summary 2006-12, Endorsement of Nuclear Energy Institute Guidance Enhancements to Emergency Prep aredness Program for Hostile Action, Washington, DC, July 19, 2006. (ML061530290)
- 24. NRC, Generic Letter 1991-03, Reporting of Safeguards Events, Washington, DC, March 6, 1991. (ML031140131)
- 25. NRC, MD 8.4, Management of Backfitting, Forward Fitting, Issue Finality and Information Requests, Washington, DC, September 20, 2019. (ML18093B087)
- 26. 18 U.S.C. Section 921, Definitions, Part I, Chapter 44, Fire arms.
- 27. NRC, NUREG-2203, Glossary of Security Terms for Nuclear Power Reactors, Washington, DC, February 2017. (ML17047A669)
5 Licensees with a need to know may request non-publicly available documents listed herein via their cognizant NRC licensing project manager.
DG-5080, Page 46
- 28. CFR, Commerce in Firearms and Ammunition, Part 478, Chapter I I, Title 27, Alcohol, Tobacco Products and Firearms.
DG-5080, Page 47