ML23348A073
| ML23348A073 | |
| Person / Time | |
|---|---|
| Site: | Nuclear Energy Institute |
| Issue date: | 12/11/2023 |
| From: | Shields C Nuclear Energy Institute |
| To: | Office of Administration |
| References | |
| NRC-2023-0171, 88FR73767 00002, DG-5080 | |
| Download: ML23348A073 (1) | |
Text
12/14/23, 7:03 AM blob:https://www.fdms.gov/d856150b-faf2-486d-8c69-a26277f3e3f3 SUNSI Review Complete As of: 12/14/23, 7:03 AM Template=ADM-013 Received: December 11, 2023 PUBLIC SUBMISSION E-RIDS=ADM-03 ADD: Stanley Gardocki,Status: Pending_Post Bridget Curran, Phil Tracking No. lq1-ihyi-v7wq Brochman, Mary Neely Comments Due: December 11, 2023 Comment (2) Submission Type: Web Publication Date:
10/27/2023 Docket: NRC-2023-0171 Citation: 88 FR 73767 Physical Security Event Notifications, Reports, and Records Comment On: NRC-2023-0171-0001 Draft Regulatory Guide: Physical Security Event Notifications, Reports, and Records Document: NRC-2023-0171-DRAFT-0004 Comment on FR Doc # 2023-23794 Submitter Information Email: txc@nei.org Organization: Nuclear Energy Institute General Comment NEI Comments on Draft Regulatory Guide DG-5080, Physical Security Event Notifications, Reports, and Records, (Docket ID: NRC-2023-0171-0001); Draft Regulatory Guide DG-5081, Preemption Authority, Enhanced Weapons Authority, and Firearms Background Checks, (Docket ID: NRC-2023-0172-0001); and Draft Regulatory Guide DG-5082, Suspicious Activity Reports Under 10 CFR Part 73 (Docket ID: NRC-2023-0173-0001)
Attachments 12-11-23_NRC_Industry Comments on DG-5080_DG-5081_DG-5082 blob:https://www.fdms.gov/d856150b-faf2-486d-8c69-a26277f3e3f3 1/1
Charlotte Shields Phone: 202.739.8112 Senior Project Manager, Nuclear Email: CLS@nei.org Security & Incident Preparedness December 11, 2023 Office of Administration Mail Stop: TWFN-7-A60M U.S. Nuclear Regulatory Commission Washington, DC 20555-0001 ATTN: Program Management, Announcements and Editing Staff
Subject:
NEI Comments on Draft Regulatory Guide DG-5080, Physical Security Event Notifications, Reports, and Records, (Docket ID: NRC-2023-0171-0001); Draft Regulatory Guide DG-5081, Preemption Authority, Enhanced Weapons Authority, and Firearms Background Checks, (Docket ID:
NRC-2023-0172-0001); and Draft Regulatory Guide DG-5082, Suspicious Activity Reports Under 10 CFR Part 73 (Docket ID: NRC-2023-0173-0001)
Project Number: 689 Submitted via Regulations.gov
Dear Program Management,
Announcements and Editing Staff:
The Nuclear Energy Institute (NEI), 1 on behalf of our members, hereby submits comments to the U.S.
Nuclear Regulatory Commission (NRC) on Draft Regulatory Guide DG-5080, Physical Security Event Notifications, Reports, and Records, Draft Regulatory Guide DG-5081, Preemption Authority, Enhanced Weapons Authority, and Firearms Background Checks, and Draft Regulatory Guide DG-5082, Suspicious Activity Reports Under 10 CFR Part 73. Some of these comments have been previously discussed with the NRC staff in public meetings conducted on May 10 - 11, 2023; August 23, 2023; and November 28, 2023. The comments reflect input from operators of power reactor, fuel cycle, and research and test reactor facilities.
The most significant comments on each draft regulatory guide (DG) are presented below:
1 The Nuclear Energy Institute (NEI) is responsible for establishing unified policy on behalf of its members relating to matters affecting the nuclear energy industry, including the regulatory aspects of generic operational and technical issues. NEIs members include entities licensed to operate commercial nuclear power plants in the United States, nuclear plant designers, major architect and engineering firms, fuel cycle facilities, nuclear materials licensees, and other organizations involved in the nuclear energy industry.
Program Management, Announcements, and Editing Staff Nuclear Energy Institute December 11, 2023 Page 2 DG-5080, Physical Security Event Notifications, Reports, and Records
- Concerning two new definitions added to 10 CFR 73.2, Definitions, the guidance should clarify:
o Under Section C.1, Time of Discovery, a definition of the term cognizant individual should be provided.
o Additional guidance should be included in the RG to clarify the term disease causing agents.
o The DG should include guidance as to whether an event should be reported under 10 CFR 73.1200 or 10 CFR 95.
- The guidance pertaining to reporting the theft or diversion of a Category I, II, or III quantity of strategic special nuclear material (SSNM), or a Category II or III quantity of special nuclear material (SNM) seems inconsistent with requirements in 10 CFR 73.1200(c)(1)(i)(A).
- The guidance on what facilities are subject to the 15-minute notification requirements under 10 CFR 73.1200(a) seems inconsistent with the staff position discussed in NRC Bulletin 2005-02, Emergency Preparedness and Response Actions for Security-based Events.
- The guidance should permit licensees subject to the reporting requirements of 10 CFR 73.1200(o)(6) or (o)(8) to establish communications from a location deemed appropriate by the licensee, similar to the ability for licensees subject to the reporting requirements of 10 CFR 73.1200(o)(5) or (o)(7). This flexibility is extremely important when considering the safety of licensee personnel during a security-related event.
DG-5081, Preemption Authority, Enhanced Weapons Authority, and Firearms Background Checks
- The guidance appears to allow a licensee to not make an NRC notification if an affected individual reports a disqualifying event or condition to security management within 72 hours8.333333e-4 days <br />0.02 hours <br />1.190476e-4 weeks <br />2.7396e-5 months <br />; this understanding contradicts the notification requirement in 10 CFR 73.17(g)(2).
DG-5082, Suspicious Activity Reports Under 10 CFR Part 73
- The guidance appears inconsistent with the rule language regarding local FAA control tower.
Program Management, Announcements, and Editing Staff Nuclear Energy Institute December 11, 2023 Page 3
- Greater clarity is needed on the examples provided for elicitation of non-public information, aggressive noncompliance, and actual or attempted unauthorized recording or imaging.
The entirety of our comments on the DGs are contained in Attachment 1 (DG-5080), Attachment 2 (DG-5081), and Attachment 3 (DG-5082). We appreciate your consideration of our comments.
Please contact me with any questions or comments at CLS@nei.org.
Sincerely, Charlotte Shields, Senior Project Manager : NEI Comments on Draft Regulatory Guide DG-5080, Physical Security Event Notifications, Reports, and Records : NEI Comments on Draft Regulatory Guide DG-5081, Preemption Authority, Enhanced Weapons Authority, and Firearms Background Checks : NEI Comments on Draft Regulatory Guide DG-5082, Suspicious Activity Reports Under 10 CFR Part 73 c: Mr. Philip Brochman, NSIR/DPCP/MSB, NRC Mr. Stanley Gardocki, RES/DE/RGPMB, NRC Mr. Stewart Schneider, NMSS/REFS/RRPB, NRC Ms. Shana Helton, NMSS/DFM, NRC Mr. Mo Shams, NRR/DANU, NRC
Attachment 1 NEI Comments on Draft Regulatory Guide DG-5080, Physical Security Event Noti"cations, Reports, and Records Proposed Revision to Regulatory Guide 5.62 Item # Comment/Observation Issue Proposed Resolution 1 Footnote 2, bottom of page 3: The 300-day compliance period ends Create an FAQ-type webpage, similar to The NRC staff has temporarily withdrawn January 8, 2024. It is unclear if workshops what the NRC used for Controlled NUREG-1304. The NRC staff intends to hold a will be scheduled after the January 8, 2024, Unclassi"ed Information (CUI) question-and-answer workshop with the public, compliance date, or after the varying implementation, to capture the Q&As for licensees, and other interested stakeholders compliance dates that licensees have subsequent reference. This will allow for following implementation of 10 CFR 73.1200, stated in approved exemption requests. prompt documentation of staff positions 73.1205, and 73.1210. This workshop and the and promote implementation and development of a revised NUREG 1304 will inspection consistency.
How will the NRC capture Questions and occur subsequent to the 300-day compliance Answers identi"ed and addressed for period for licensees to implement these new licensees that did not submit an physical security event noti"cation exemption?
regulations.
2 Page 7, Reason for Revision, last sentence of Revision 1 is incorrect. Should be Revision 3 second paragraph:
Says revisions to this regulatory guide as Revision 1 3 Page 8, "rst bullet, 15-minutes: Security condition is a de"ned term, Replace security condition with an excludes hostile action events, and is not imminent or actual hostile action against a aligned with the wording in 10CFR licensees facility.
Includes in accordance with a licensees 73.1200(a) or (b).
safeguards contingency plan or protective strategy based upon a security condition
Attachment 1 Item # Comment/Observation Issue Proposed Resolution 4 Page 9, last three sub-bullets under 15-minute The 3 sub-bullets contradict the note, and Revise the paragraph describing the noti"cation requirements in 10 CFR 73.1200(a) cause confusion as to which licensees applicability of the 15-minute noti"cation identi"es ISFSIs, MRSs, and GROAs as need not report. Additionally, NRC Bulletin requirement to be clear that licensees licensees this applies to. 2005-02 aligns with the exclusion of currently contained within the note need not Note below GROAs: Power reactor facilities licensees identi"ed in the note on page 8. report events under 73.1200(a).
and production facilities that are in a decommissioning status and have removed all This appears to be a change in staff spent nuclear fuel from the facilitys spent fuel position.
pool (e.g., to an ISFSI, MRS, or a GROA) need not report events under 10 CFR 73.1200(a).
However, such licensees should instead consider whether the event should be reported under 10 CFR 73.1200(c), (e), or (g).
5 Page 12, 4th darkened bullet for 24-hour There is a typo with n. Replace n with in.
recordkeeping:
The 24-hour recordkeeping requirements n 10 CFR 73.1210 6 Page 15 - Establishment of a Communications To promote the safety of response Add this last sentence to the second Channel With the NRC: personnel and provide "exibility in meeting paragraph under Establishment of a Second paragraph under 10 CFR 73.1200(o)(6) the requirements of 10 CFR 73.1200(o)(6) Communications Channel With the NRC or (o)(8) does not offer the same discretion as or (o)(8), a licensee should be able to staff (for 10 CFR 73.1200(o)(6) or (o)(8)):
the "rst paragraph under 10 CFR 73.1200(o)(5) the channel from a location it deems The licensee may staff the channel from a or (o)(7). appropriate, the same as for the location it deems appropriate.
requirements under 10 CFR 73.1200(o)(5) or (o)(7).
7 Page 15 discussion related to Reporting of an The words should typically in the second Change from:
Emergency Declaration. Last two sentences to last sentence under Reporting of an Under 10 CFR 73.1200(r), a licensee or its provide confusing words with the terms should Emergency Declaration, has caused some movement control center who has declared typically and However. readers to be confused about reporting an emergency related to a facility or a
Attachment 1 Item # Comment/Observation Issue Proposed Resolution priorities, and starting the last sentence shipment of material must make the with however leads some to believe that appropriate noti"cations required by 10 CFR the previous statement is being 50.72, Immediate noti"cation contradicted. requirements for operating nuclear power reactors; 10 CFR 63.73, Reports of de"ciencies; 10 CFR 70.50, Reporting requirements; or 10 CFR 72.75, Reporting requirements for speci"c events and conditions. The NRC staff expects that reporting of an emergency declaration should typically take precedence over any physical security event noti"cations required under 10 CFR 73.1200 (e.g.,
noti"cation of State officials of an emergency declaration). However, under 10 CFR 73.1200(s), a licensee with multiple noti"cation obligations (e.g., an event requiring both an emergency declaration and a physical security event noti"cation) may make such noti"cations in a single communication to the NRC HOC.
Change to:
Under 10 CFR 73.1200(r), a licensee or its movement control center who has declared an emergency related to a facility or a shipment of material must make the appropriate noti"cations required by 10 CFR 50.72, Immediate noti"cation requirements for operating nuclear power reactors; 10 CFR 63.73, Reports of
Attachment 1 Item # Comment/Observation Issue Proposed Resolution de"ciencies; 10 CFR 70.50, Reporting requirements; or 10 CFR 72.75, Reporting requirements for speci"c events and conditions. The NRC staff expects that reporting of an emergency declaration should take precedence over any physical security event noti"cations required under 10 CFR 73.1200 (e.g., noti"cation of State officials of an emergency declaration).
Additionally, under 10 CFR 73.1200(s),
Elimination of duplication, a licensee with multiple noti"cation obligations (e.g., an event requiring both an emergency declaration and a physical security event noti"cation) may make such noti"cations in a single communication to the NRC HOC.
(See Section C. Staff Regulatory Guidance 7 and 7.3).
8 Page 17 - on complying with the requirements of The term procedure important to security Change from: whether this event or 1205(c), 8th sub bullet under third darkened is unde"ned and ambiguous. Additionally, condition is a recurring failure of an SSC or bullet on the page: uses of the term procedure it does not exclude items in implementing procedure important to security.
important to security procedures that are outside of a regulatory requirement (e.g., items that support excellence initiatives) or administrative in Change to:
nature. o whether this event is a recurring failure of an SSC; o Whether this event or condition is a recurring failure of a security plan implementing procedure, and associated with a regulatory function or requirement;
Attachment 1 Item # Comment/Observation Issue Proposed Resolution 9 Page 18 (and throughout) - use of the term Conditions adverse to security is a new Add to the Glossary:
conditions adverse to security and unde"ned term. Conditions adverse to security Is synonymous to security-related conditions adverse to quality.
10 Page 18 and Page 20 Previous 73.71 retention requirements Address the basis for the expanded Retention for records: were for 3 years after the last entry is retention of records in the RG and address made in each log or until termination of the this change through proper rulemaking 3 years from the date of the report or until license. The addition of whichever is channels for "nal clarity and resolution.
termination of the license, whichever is later. later is new, and the retention of hard copy AND safeguards documentation related to security events, for potentially greater than 3 years or until the license is terminated, 40 plus years, does not appear to have a whichever is later.
justi"cation provided for the additional cost, burden and infrastructure potentially needed to support retention for this time frame.
11 Page 21 - the Time of Discovery discussion in Time of discovery de"nition in 10 CFR 73.2 To promote consistent understanding the RG restates the de"nition in 10 CFR 73.2 is restated in the RG; however, there is no among NRC and licensee personnel, we with no further clari"cation. guidance on who is considered to be a recommend that guidance be added on who cognizant individual. That guidance is is considered to be a cognizant individual, provided in other NRC documents (e.g., RG ideally to Section C and the Glossary. For 5.76 and NUREG 2203, and in NRC example, a Glossary de"nition could be:
Response in SECY-18-0058) as well as Cognizant individual means a supervisor or NRC-endorsed documents (NEI 03-12). manager quali"ed to make a determination that a veri"ed degradation of a security NUREG-2203 Glossary of Security Terms safeguards measure or a contingency for Nuclear Power Reactors identi"es situation exists.
discovery (time of): a speci"c time at which a supervisor or manager makes a
Attachment 1 Item # Comment/Observation Issue Proposed Resolution determination that a veri"ed degradation of a security safeguards measure or a contingency situation exists.
Regulatory Guide 5.76, Physical Protection Programs at Nuclear Power Reactors and NEI 03-12, Template for the Security Plan, Training and Quali"cation Plan, Safeguards Contingency Plan, [and Independent Spent Fuel Storage Installation Security Program], Revision 7, (NRC-endorsed), identify time of discovery as: A speci"c time at which a supervisor or manager makes a determination that a veri"ed degradation of a security safeguards measure or a contingency situation exists.
NRC Response to Public Comments (SECY-18-0058), Comment K-8: Industry recognizes for many events and most conditions, the time of discovery begins when a cognizant individual such as a manager, [or] supervisor for the security function has been noti"ed and NRC Response:
The NRC agrees with the comment.
NRCs slide 27 from public meeting on 11/28/23, provides an example that is also aligned with previous de"nitions.
Attachment 1 Item # Comment/Observation Issue Proposed Resolution 12 Page 21 - Section 2.1 - Malevolent Intent This leads those licensees to infer that they Change from: Licensees may use Considerations: the (e.g.) examples are of must establish one of these formal applicable existing processes (e.g.,
existing formal processes that not all licensees processes to be able to determine behavioral observation, psychological have in place. malevolent intent. assessment, human reliability) to evaluate whether malevolent intent is present in assessing whether an event is reportable under 10 CFR 73.1200.
Change to: Licensees may use applicable existing processes, procedures and/or practices to evaluate whether malevolent intent is present in assessing whether an event is reportable under 10 CFR 73.1200.
13 Page 21 2.1 Malevolent Intent The discussion on page 22, from Section Change from: Licensees may use any Considerations 2.1 does not align with the Staff Regulatory applicable existing processes (e.g.,
Last bullet on bottom of page 21 Under 10 CFR Guidance position 18.2, example (9) that it behavioral observation, psychological 73.1200(c)(1)(i)(C) and (D), 10 CFR refers readers to. assessment, human reliability) to evaluate 73.1200(e)(1)(vi), or 10 CFR 73.1200(g)(1)(ii) and Section 2.1, Malevolent Intent whether malevolent intent is present in (iii), whether the potential unauthorized Considerations has 2 bulleted items: assessing whether an event is reportable operation, manipulation, or tampering events under 10 CFR 73.1200. However, licensees First is the actual or attempted must still meet reporting timeliness involved an error due to human performance or introduction of contraband was malevolent intent. requirements. Examples of when a licensee unintentional or involved malevolent may need to determine malevolent intent Section 2.1, "rst paragraph at top of page 22: intent. include, but are not limited to, the following:
If a licensee concludes that malevolent intent Second is whether the potential was not present for such an event, then the unauthorized operation, manipulation, or event should not be reported under 10 CFR tampering events involved an error due to
- Under 10 CFR 73.1200(e)(1)(iii) or (iv),
73.1200, but instead recorded as a decrease in human performance or malevolent intent. whether the actual or attempted effectiveness under 10 CFR 73.1210(f) (see Staff introduction of contraband was The Staff Regulatory Guidance position unintentional or involved malevolent intent.
Regulatory Guidance position 18.2, example 18.2, example (9), that readers are referred (9)). If a licensee cannot reach a conclusion to only pertains to contraband events.
- Under 10 CFR 73.1200(c)(1)(i)(C) and (D),
before the timeliness requirement for the event 10 CFR 73.1200(e)(1)(vi), or 10 CFR
Attachment 1 Item # Comment/Observation Issue Proposed Resolution is exceeded, then the licensee should notify the Staff Regulatory Guidance position 18.2 73.1200(g)(1)(ii) and (iii), whether the NRC pursuant to 10 CFR 73.1200. does not provides examples that discuss potential unauthorized operation, an unauthorized operation, manipulation manipulation, or tampering events involved or tampering event. an error due to human performance or Staff Regulatory Guidance position 18.2, malevolent intent.
example (9), page 39: If the affected equipment had no bearing on the security program, the event would (9) An event involving the actual or attempted not meet the 73.1205(f) recording introduction of contraband at or inside a PA, VA, If a licensee concludes that malevolent requirements as it would not represent a intent was not present for such an event, or MAA, where the licensee has assessed that decrease in the physical security program malevolent intent was not present. then the event should not be reported under effectiveness. 10 CFR 73.1200, but instead recorded as a Not all events would be a decrease in decrease in effectiveness under 10 CFR effectiveness to meet the 24-hour 73.1210(f) (see Staff Regulatory Guidance recording requirements of 10 CFR position 18.2, example (9)). If a licensee 73.1210(f). cannot reach a conclusion before the timeliness requirement for the event is exceeded, then the licensee should notify the NRC pursuant to 10 CFR 73.1200.
Change to:
Licensees may use any applicable existing processes, procedures and/or practices to evaluate whether malevolent intent is present in assessing whether an event is reportable under 10 CFR 73.1200. However, licensees must still meet reporting timeliness requirements. Examples of when a licensee may need to determine malevolent intent include, but are not limited to, the following:
Attachment 1 Item # Comment/Observation Issue Proposed Resolution
- Under 10 CFR 73.1200(e)(1)(iii) or (iv),
whether the actual or attempted introduction of contraband was unintentional or involved malevolent intent.
(See Staff Regulatory Guidance position 18.2, example (9)).
- Under 10 CFR 73.1200(c)(1)(i)(C) and (D),
10 CFR 73.1200(e)(1)(vi), or 10 CFR 73.1200(g)(1)(ii) and (iii), whether the potential unauthorized operation, manipulation, or tampering events involved an error due to human performance or malevolent intent. (see Staff Regulatory Guidance position 18.2, example (XX)).
If a licensee concludes that malevolent intent was not present for such an event, then the event should not be reported under 10 CFR 73.1200, but instead evaluated to determine if the event meets the threshold for recording the event within 24 hours2.777778e-4 days <br />0.00667 hours <br />3.968254e-5 weeks <br />9.132e-6 months <br /> in accordance with in 10 CFR 73.1210(f).
If a licensee cannot reach a conclusion before the timeliness requirement for the event is exceeded, then the licensee should notify the NRC pursuant to 10 CFR 73.1200.
Add:
Attachment 1 Item # Comment/Observation Issue Proposed Resolution An additional example in Staff Regulatory Guidance position 18.2, to address the second bullet in Section 2.1, of potential unauthorized operation, manipulation, or tampering events involved an error due to human performance which result in a decrease in effectiveness such as:
An event involving unauthorized manipulation of security equipment, where the licensee has assessed that malevolent intent was not present.
14 Page 23, position 6 - Considerations for The inclusion of or weapons possessed by Provide clari"cation on declared versus Contraband and Prohibited Items, 4th paragraph: vehicle operators under applicable state undeclared; considered contraband or not; Items possessed by authorized persons for law (e.g., the vehicle operator has a and applicability to reporting.
authorized purposes associated with a concealed carry permit) makes it unclear transportation activity outside the facility should if the weapon is contraband or not, is not be considered contraband. For example, dependent on if they declare it or not, licensees should not consider as contraband: and/or if it only applies to the reporting weapons possessed by local, state, or Federal aspect of the weapon.
law enforcement personnel performing escort duties; explosives possessed by law enforcement personnel performing escort duties; weapons possessed by authorized licensee escort personnel, or weapons possessed by vehicle operators under applicable state law (e.g., the vehicle operator has a concealed carry permit).
15 Page 28, Staff Regulatory Guidance position DG-5080 language is not aligned with the We propose that the NRC eliminate the 18.1, 1st paragraph after example (8): requirements in 10 CFR 73.1200(c)(1)(i)(A). wording in question on Page 28 of DG-5080, It appears the draft RG is changing a as it is incongruent with the requirements in 10 CFR 73.1200(c)(1)(i)(A). The draft RG is
Attachment 1 Item # Comment/Observation Issue Proposed Resolution DG-5080 states: For notifications required regulatory requirement without going not the appropriate place to change the under 10 CFR 73.1200(c)(1)(i)(A), licensees through rulemaking. intent of code language.
should report the theft or diversion of any quantity of SSNM or SNM (emphasis added).
The industry also has concerns with The NRC should consider a reporting blanket terms such as any, as this lacks threshold that is quantified and 10 CFR 73.1200(c)(1)(i)(A): The theft or a formal regulatory basis. Further, this kind measurable.
diversion of a Category I, II, or III quantity of of wording is not aligned with the NRCs SSNM or a Category II or III quantity of special stated goals of setting requirements at a nuclear material (SNM) reasonable assurance of adequate protection level and making risk-informed decisions.
16 Page 29, bottom of page has: Reference to 73.1200(f) is incorrect. Update to re"ect correct reference.
Notes: An authorized weapon that is recovered Reference should be 73.1210(f).
within the 4-hour timeliness requirement for this event noti"cation should be recorded as an uncontrolled weapon in the decrease in effectiveness events under 10 CFR 73.1200(f)
(see Staff Regulatory Guidance position 18.2, example (8)).
17 Page 44 has notes for the glossary section. Note The very RG that points to de"nitions in Provide in Revision 3 to RG 5.62 clari"cation (1) (1) For additional security terms, users may 73.2, also points to another applicable for time of discovery in the following areas:
consult NUREG-2203, Glossary of Security NRC document, NUREG-2203, which
- Section C. Staff Regulatory Guidance, 1.
Terms for Nuclear Power Reactors (Ref. 27). contains de"nitions that the industry and Time of Discovery discussion the NRC are and have been aligned to throughout the entire history of this
- Glossary rulemaking effort. The industry is unclear As follows:
on what impediment prevents the NRC Time of discovery Has the same meaning from incorporating clari"cation, that exists as the term is de"ned in 10 CFR 73.2.
in multiple other NRC related documents, Additionally, further clari"cation on
Attachment 1 Item # Comment/Observation Issue Proposed Resolution into revision 3 of RG 5.62. (see public considerations for a cognizant individual comment #15 for related NRC documents.) has the same meaning as found in RG 5.76, NUREG 2203 and NEI 03-12 revision 7.
OR ADD to the glossary, the term:
cognizant individual has the same meaning as de"ned in RG 5.76, NUREG 2203 and NEI 03-12 Revision 7, a speci"c time at which a supervisor or manager makes a determination that a veri"ed degradation of a security safeguards measure or a contingency situation exists.
18 Contraband, Section C. Staff Regulatory This term contraband was not de"ned in Provide a staff position on what constitutes Guidance, position 6. Considerations for the prior versions of 10 CFR 73.2, nor was a other dangerous materials (e.g., disease-Contraband and Prohibited Items: de"nition provided in any of the four causing agents) and the expectation to The RG restates the new de"nition of proposed and supplemental proposed search for it as required by10 CFR 73.55(g),
contraband - In 10 CFR 73.2 the term rules published for public comment and/or to simply report it if discovered. This contraband is de"ned to mean unauthorized between 2006 and 2015 leading up to position needs to be consistent with the "rearms, explosives, incendiaries, or other promulgation of the "nal rule on March 14, description of the Design Basis Threat (DBT) dangerous materials (e.g., disease-causing 2023. 1 in 10 CFR 73.1.
agents) that can cause acts of sabotage against Additionally, the proposed revision 3 of RG Additionally, the NRC needs to address the a licensees facility. NRC regulations prohibit the 5.62 does not include a discussion or de"nition of contraband through proper clari"cation on what constitutes other 1 Power Reactor Security Requirements; Proposed Rule, 71 Fed. Reg. 62664 (Oct. 26, 2006); Enhanced Weapons, Firearms Background Checks, and Security Event Notifications; Proposed Rule, 76 Fed. Reg. 6200 (Feb. 3, 2011); Enhanced Weapons, Firearms Background Checks, and Security Event notifications; Supplemental Proposed Rule, 78 Fed. Reg. 2214 (Jan. 10, 2013); Enhanced Weapons, Firearms Background Checks, and Security Event Notifications; Supplemental Proposed Rule, 80 Fed. Reg. 57106 (Sept. 22, 2015).
Attachment 1 Item # Comment/Observation Issue Proposed Resolution introduction of contraband items into a dangerous materials or disease causing rulemaking channels for "nal clarity and licensees PA, VA, or MAA. agents. resolution.
This portion of the contraband de"nition -
other dangerous materials (e.g. disease causing agents) - is a new requirement for power reactors.
19 Contraband, Section C. Staff Regulatory The term contraband was not de"ned in Provide a staff position that: Licensees that Guidance, position 6. Considerations for the prior versions of 10 CFR 73.2, nor was a possess or conduct activities involving Contraband and Prohibited Items: de"nition provided in any of the four classi"ed national security information or proposed and supplemental proposed classi"ed Restricted Data (RD) complying rules published for public comment with the requirements of 10 CFR 95, need between 2006 and 2015 leading up to not report contraband events under 10 CFR promulgation of the "nal rule on March 14, 73.1200 requirements.
2023. 2 The discussion of public comments Additionally, the NRC needs to address the addresses the overlap in the new de"nition of contraband through proper requirements of the "nal rule and 10 CFR rulemaking channels for "nal clarity and Part 95: resolution.
NRC Response to Public Comments (SECY-18-0058),
Comment K-5:
the proposed Appendix G,Section I(j) on the loss or theft of classi"ed information is inconsistent with the NRCs current equivalent requirements in 10 CFR 95.57(a) and (b) 2 Power Reactor Security Requirements; Proposed Rule, 71 Fed. Reg. 62664 (Oct. 26, 2006); Enhanced Weapons, Firearms Background Checks, and Security Event Notifications; Proposed Rule, 76 Fed. Reg. 6200 (Feb. 3, 2011); Enhanced Weapons, Firearms Background Checks, and Security Event notifications; Supplemental Proposed Rule, 78 Fed. Reg. 2214 (Jan. 10, 2013); Enhanced Weapons, Firearms Background Checks, and Security Event Notifications; Supplemental Proposed Rule, 80 Fed. Reg. 57106 (Sept. 22, 2015).
Attachment 1 Item # Comment/Observation Issue Proposed Resolution reconsider these noti"cation requirements...
NRC Response: The NRC agrees that the classi"ed information reporting events described in the proposed rule in Appendix G to 10 CFR Part 73, Section I.(j), are duplicative of the NRCs current reporting requirements in 10 CFR Part 95; Moreover, 10 CFR 95.5, De"nitions, de"nes the term Restricted Data (RD);
Accordingly, the NRC has revised the "nal rule language in 10 CFR 73.1200 to remove the provisions on reporting the loss or theft of classi"ed information that were in the proposed rule Appendix G to 10 CFR Part 73, Section I.(j)...;
Finally, the NRC has revised the "nal rule language in 10 CFR 73.2 by adding a cross-reference to the de"nition of Restricted Data under 10 CFR 95.5.
The NRC did include a cross reference to RD in 10 CFR 73.2; however, through the inappropriate inclusion of an expanded de"nition of contraband, additional requirements were imposed on licensees subject to Part 95 requirements.
20 Throughout the entire document - use of terms With respect to 73.1200, 73.1205 and Where elaborating on the requirements in report and noti"cation(s). 73.1210, the use of the terms report and 73.1200, 73.1205 and 73.1210, update the noti"cation(s) in the DG is not consistent DG to use the term - either report or noti"cation(s) - appearing in the
Attachment 1 Item # Comment/Observation Issue Proposed Resolution with the associated wording in 73.1200, associated portion of the new rule (i.e.,
73.1205 and 73.1210. make them consistent).
21 Pages 16 - 18, 10 CFR 73.1205 Written Follow- The discussion regarding Written Follow-Up Provide clari"cation within DG-5080 on Up Reports discussion. Reports in DG-5080, does not provide duplicate reporting requirements, and clari"cation on whether duplicate reports address this change through proper 10 CFR 73.71(e) Duplicate reports are not are required if an event is reportable under rulemaking channels for final clarity and required for events that are also reportable in 50.72 and 73.1200. resolution.
accordance with §§ 50.72 and 50.73 of this chapter. Previously, 73.71(e) provided an exception for the duplicate reports.
Attachment 2 NEI Comments on Draft Regulatory Guide (DG), DG-5081, Preemption Authority, Enhanced Weapons Authority, and Firearms Background Checks Proposed Revision to Regulatory Guide RG 5.86 Item # Comment/Observation Issue Proposed Resolution 1 Page 18 - second to last paragraph, last However, under the exception in 10 CFR Remove this exception from the RG so it sentence starting with However 73.17(g)(2), licensees are not required to aligns with 10 CFR 73.17.
notify the NRC if the affected individual (i.e., security personnel) noti"es the licensees security management within 72 hours8.333333e-4 days <br />0.02 hours <br />1.190476e-4 weeks <br />2.7396e-5 months <br /> of the identi"cation or occurrence of any Federal or State disqualifying status condition or disqualifying event that would prohibit the individual from possessing, receiving, or using "rearms or ammunition.
The exception provided in the RG does not exist in 10 CFR 73.17(g)(2).
2 Page 40 - section 6.8, Training Security The discussion in DG-5081 is not clear on Recommended change:
Personnel on Disqualifying Events and which requirements under 10 CFR 73.17(j) The NRC regulations in 10 CFR 73.17(j) set Appealing Adverse Firearms Background require training on an annual frequency. forth the requirements for licensees to Checks captures training required to be include, within their NRC-approved included within their NRC-approved training training and qualification plans, and quali"cation plans per 10 CFR 73.17(j). information on the identification or occurrence of any Federal or State disqualifying status conditions or disqualifying events that would prohibit personnel from possessing, receiving, or using firearms or ammunition. This training must be provided to affected security personnel on an annual basis.
This training requirement is intended to assist security personnel in understanding their continuing obligation to promptly report disqualifying conditions or events and thus to encourage self-identification as required by 10 CFR 73.17(h). The obligation to report disqualifying status conditions and disqualifying events remains as long as the security personnels official duties require access to covered weapons.
Licensees must also provide security personnel with information on how to appeal a denied NICS response to the FBI or to provide the FBI with additional information to resolve a delayed NICS response. (See Staff Regulatory Guidance position 6.13 for additional information).
The training requirements established under 10 CFR 73.17(j) must be provided to affected security personnel on an annual basis. (Reference 10 CFR 73, Appendix B.
VI. A. 7.)
Attachment 3 NEI Comments on Draft Regulatory Guide DG-5082, Suspicious Activity Reports Under 10 CFR Part 73 Proposed Revision to Regulatory Guide 5.87 Item # Comment/Observation Issue Proposed Resolution 1 Page 3 footnote The 300-day compliance period ends Create an FAQ-type webpage, similar to what The NRC staff has temporarily withdrawn January 8, 2024. It is unclear if workshops the NRC used for Controlled Unclassi"ed NUREG-1304. The NRC staff intends to hold a will be scheduled after the January 8, Information (CUI) implementation, to capture question-and-answer workshop with the 2024, compliance date, or after the the Q&As for subsequent reference. This will public, licensees, and other interested varying compliance dates that licensees allow for prompt documentation of staff stakeholders following implementation of 10 have stated in approved exemption positions and promote implementation and CFR 73.1200, 73.1205, and 73.1210. This requests. inspection consistency.
workshop and the development of a revised NUREG 1304 will occur subsequent to the How will the NRC capture Questions and 300-day compliance period for licensees to Answers identi"ed and addressed for implement these new physical security event licensees that did not submit an noti"cation regulations. exemption?
2 Page 8 & 9 - FAA discussion and the reference The DG-5082 language is not aligned with The NRC staff should remove the text to Appendix A-2.1. requirements in 10 CFR 73.1215(c)(3)(iv), regarding contacts to the FAA from DG-5082.
10 CFR 73.1215(c)(3)(iv); 73.1215(c)(5)(ii); 10 CFR 73.1215(c)(5)(ii), and 10 CFR 73.1215(c)(8)(ii) all refer to local FAA control 73.1215(c)(8)(ii).
tower.
Appendix A: A-2.1 provides recommendations on different FAA contacts, which are not the local FAA control tower.
3 Page 16 - Elicitation of Sensitive Non-public There are instances where a vendor Modify the last sentence of example (8) from:
Information: Elicitation refers to a process requests information about a speci"c used by individuals with malevolent intent to piece of equipment or equipment
Attachment 3 Item # Comment/Observation Issue Proposed Resolution gather classi"ed or sensitive non-public parameters, and they do not know that the A licensee may wish to consider the information through their interactions with information is classi"ed. legitimate role played by members of the people. Such information can be extracted press and other media in gathering knowingly or unknowingly (e.g., through information for the public when determining casual conversations). if such questioning is a potentially suspicious activity.
Example (8): In considering whether these requests are suspicious, a licensee may take To:
into account the nature of the relationship A licensee may wish to consider the with the questioner, the degree of speci"city legitimate role played by members of the or probing in the questions, and whether press and other media in gathering repeated attempts are made to obtain the information for the public when determining information. A licensee may consider if such questioning is a potentially suspicious repeated attempts by the same individual to activity. Similarly, the circumstances obtain sensitive non-public information, after surrounding an information request from a such requests have been denied by the vendor (supplier) should also be considered licensee, as potentially suspicious activity. A when determining if the inquiry is licensee may wish to consider the legitimate suspicious.
role played by members of the press and other media in gathering information for the public when determining if such questioning is a potentially suspicious activity.
4 Page 20, 5.7: Aggressive Actions to Gather (1)(a): DG-5082 provides no clari"cation Provide clari"cation on what constitutes Information - Enrichment Facilities on the meaning of departure - e.g., line- departure from a tour group.
of-sight is not maintained or length of time separated from a tour group.
Examples: The new "nal de"nition of contraband in 10 (1)(a) Willful unauthorized departure from a CFR 73.2 was not made available for public tour group, or (3) The new de"nition of contraband in review and comment. The NRC should 10 CFR 73.2, which includes electronic revise the de"nition of contraband through a devices or unauthorized electronic formal rulemaking and align it with the
Attachment 3 Item # Comment/Observation Issue Proposed Resolution (3)(a) through (d) media, leads to inconsistent event requirements in 10 CFR 95.57. In the Licensees should report suspicious activities reporting determinations vis--vis the meantime, affected licensees should be involving the attempted unauthorized requirements in 10 CFR 95.57. The note(s) allowed to continue to meet the introduction of the following electronic under (3)(d) identify certain items to be requirements of 10 CFR Part 95 using current devices or recording media inside a 10 CFR considered as contraband and reported as procedures and practices.
Part 95 security area containing RD suspicious activity under 10 CFR technology, information, or materials: 73.1215(f) AND to record it under 10 CFR 95.57; the two requirements are not the (4) We propose that the NRC remove the same. language in example 4 and simply state that (4) Consistent with 10 CFR 73.1215(f)(1)(ii), events reported under the requirements of 10 licensees should report activities involving the CFR 95.57(a), need not be duplicated in actual or attempted unauthorized recording or Example (4) appears to imply that if a cell 73.1215(f).
imaging of RD sensitive technology, phone crosses the threshold of a 10 CFR equipment, or material inside a 10 CFR Part 95 Part 95 security area, it is reportable under security area under the requirements of 10 the requirements of 10 CFR 95.57(a). This CFR 95.57(a). new requirement is not aligned with current agreements put in place between licensees, the NRC and applicable the CSAs. Additionally, this RG, associated with the requirements of 10 CFR 73.1215, appears to provide clari"cation for 10 CFR 95, which is not the proper venue for clari"cation.