1CAN022502, Response to Apparent Violation in NRC Investigation Report (4-2024-009); EA-24-107
| ML25044A412 | |
| Person / Time | |
|---|---|
| Site: | Arkansas Nuclear  |
| Issue date: | 02/13/2025 |
| From: | Pehrson D Entergy Operations |
| To: | Office of Nuclear Reactor Regulation, NRC Region 4, Document Control Desk |
| References | |
| 1CAN022502, EA-24-107 | |
| Download: ML25044A412 (1) | |
Text
Entergy Operations, Inc. 1448 S.R 333 Russellville, AR 72802 1CAN022502 10 CFR 2.201 February 13, 2025 ATTN: Director, Division of Operating Reactor Safety U. S. Nuclear Regulatory Commission, Region IV 1600 E Lamar Blvd.
Arlington, TX 76011-4511
Subject:
Response to Apparent Violation in NRC Investigation Report (4-2024-009); EA-24-107 Arkansas Nuclear One, Unit 1 NRC Docket No. 50-313 Renewed Facility Operating License No. DPR-51
Reference:
NRC letter to Entergy, "Arkansas Nuclear One, Unit 1 - NRC Inspection Report 05000313/2024090 and Investigation Report 4-24-009, (1CNA012501) (ML24346A037), dated January 14, 2025 In the letter referenced above, the NRC issued Entergy Operations, Inc. (Entergy) an apparent violation (AV) for Arkansas Nuclear One, Unit 1 (ANO-1) regarding a licensed reactor operator that deliberately accessed internet sites without authorization and for non-work-related activities while standing watch as the assigned operator At-the-Controls in the control room.
The AV requires a written response within 30 days addressing the following: reason for the violation, corrective steps that have been taken and results achieved, corrective steps that will be taken, and the date when full compliance will be achieved. Enclosure 1 provides Entergys response to the AV.
There are no new commitments contained in this submittal.
Douglas E. Pehrson Site Vice President Arkansas Nuclear One Tel 479-858-3110
1CAN022502 Page 2 of 2 Should you have any questions, or require additional information, please contact Mr. Riley Keele at 479-858-7826.
Respectively, DEP/dkb
Enclosure:
Response to Apparent Violation in NRC Investigation Report (4-2024-009);
EA-24-107 NRC Region IV Regional Administrator NRC Senior Resident Inspector - Arkansas Nuclear One NRC Project Manager - Arkansas Nuclear One R4Enforcement@nrc.gov cc:
Enclosure 1CAN022502 Response to Apparent Violation in NRC Investigation Report (4-2024-009); EA-24-107
1CAN022502 Enclosure Page 1 of 2 Response to Apparent Violation in NRC Investigation Report (4-2024-009); EA-24-107 Description of the Violation:
Based on the results of a NRC investigation, the NRC issued Entergy Operations, Inc. (Entergy) an Apparent Violation (AV) of Technical Specification 5.4.1(a) that written procedures shall be established, implemented, and maintained covering the applicable procedures recommended in Regulatory Guide 1.33, Quality Assurance Program Requirements (Operations), Revision 2, Appendix A, February 1978.
Regulatory Guide 1.33, Appendix A, Typical Procedures for Pressurized Water Reactors and Boiling Water Reactors, Section 1.b, includes administrative procedures for safety-related activities in relation to authorities and responsibilities for safe operation and shutdown.
Entergy Fleet Nuclear Management Manual EN-OP-115-02, Control Room Conduct and Access Control, Revision 6, Section 5.1, Control Room Conduct, Step 5.1.7 states, in part, do not use the internet in the At-the-Controls area of the Control Room, except as specifically authorized by the Operations Manager.
Contrary to the above, Entergy self-identified that a Unit 1 (ANO-1) licensed operator used the internet in the At-the-Controls (ATC) area of the Control Room without specific authorization by the Operations Manager between October 2023 and January 2024. Specifically, the operator deliberately accessed internet sites repeatedly without authorization and for non-work-related activities while standing watch as the assigned operator At-the-Controls in the Control Room.
Reason for the apparent violation:
On January 3, 2024, Entergys Consolidated Security Operations Center (CSOC) Team conducted a network-based threat investigation to discover whether individuals were violating company security policy, Communications Systems. (Although the Entergy internal investigation report references January 6, 2024, it has been confirmed this investigation began on January 3, 2024.) During the review, it was identified that an ANO-1 Control Room licensed operator in the ATC area of the Control Room had used an allowed site to bypass Entergys proxy/firewall controls to access non-business-related content. Further investigation, by Entergys CSOC Team, determined the ANO-1 Control Room licensed operator used the internet for personal use while on duty numerous times.
Entergy initiated an internal investigation. When interviewed, the individual explained this was his strategy for staying alert during monotonous watch periods. In addition, the individual stated he was aware and received training on Entergys policy regarding accessing the internet for personal use. The individual stated he felt justified in using the internet while on duty to help stay alert and he knew it was against the rules. Therefore, since the individual was aware of the standards and chose to disregard them, this was determined to be an intentional action.
Entergys subsequent causal analysis determined that in addition to the individuals misconduct, the Entergy Information Technology (IT) continuous Web filtering strategy had been insufficiently applied in the Control Room to prevent similar events from occurring.
1CAN022502 Enclosure Page 2 of 2 Corrective steps that have been taken and results achieved:
In accordance with Entergy Discipline Policy, performance management was applied to the individual. The individual is no longer employed at Entergy. This was completed January 31, 2024.
Based on a review of the access times and operator logs, Entergy determined the operator did maintain attentiveness at all times and no equipment issues, alarms or indicators went unchecked during the times in question. It was also determined these events did not pose a cyber security threat or a violation of critical digital asset (CDA) controls.
A review of other Control Room computers and operators was conducted to determine the extent of the violation. The search confirmed that no other ANO operators were viewing content prohibited by Entergy policy. This was completed January 5, 2024.
Operations issued a standing order prohibiting the use of cell phones and computer internet usage for other than business purposes, while standing watch. This was completed January 19, 2024.
Fleet Operations performed a fleet stand-down to re-communicate the standards and expectations relating to the standing order. In addition, an extent of condition was conducted within other fleet operations departments. No other issues were identified. This was completed February 8, 2024.
To address the internet security vulnerability used to access the inappropriate content, Entergy IT blocked the relevant access point on January 26, 2024. To provide additional barriers for inappropriate internet access, internet filters have been put in place so that all access is restricted with exceptions selected by Operations Management. This was completed April 23, 2024.
To ensure procedural guidance provides clear direction, procedure EN-OP-115-02, Control Room Conduct and Access Control, has been revised to include instructions to maintain internet usage to business related only while in the Control Room. This procedure revision was effective June 5, 2024.
Corrective steps that will be taken:
Based on the actions described above, no additional corrective actions are planned.
Date when full compliance will be achieved:
Based on the actions described above, full compliance has been achieved as of June 5, 2024.