RIS 2005-31, Official Exhibit - Mandatory Hearing - AES000056-MA-BD01 - NRC Regulatory Issue Summary 2005-31, Control of Security-Related Sensitive Unclassified Non-Safeguards Information Handled by Individuals, Firms & Entities Subject to NRC Regula
In the post-September 11, 2001, environment, NRC, like many other agencies, has found itnecessary to be more judicious in determining what information to voluntarily release, so as not to inadvertently provide assistance to those who might use certain information for malevolent acts. NRC has issued orders and advisories and taken specific actions regarding the security of its licensed facilities and has also assessed and revised its policies and practices for making information available to the public. One of the actions NRC took was to suspend public access to documents in its electronic Agency-wide Documents Access and Management System (ADAMS) on October 25, 2004. Subsequently, NRC screened those documents to determine whether they contained security-related sensitive information. Based on this screening, a large number of documents were returned to public access in ADAMS. This screening process continues as requests for specific documents are received and as new documents are created by NRC and received from licensees and others.To facilitate this screening process, NRC has developed screening criteria for conducting itsreviews. In November 2005, NRC issued guidance (NRC RIS 2005-26) for assessing whether documents associated with reactor licensees should be made publicly available. As part of the continuing efforts in this area, NRC has now developed the attached criteria for screening from public disclosure security-related sensitive information associated with various NRC-regulated activities of persons handling source, byproduct, and special nuclear material. This RIS and its attachments do not apply to classified information or Safeguards Information. Classified information (Confidential, Secret, Top Secret) is withheld from the public by law.
Safeguards Information is withheld because it provides details of security measures at nuclear facilities. Handling requirements for classified information and Safeguards Information are set forth in various NRC orders, regulations, and generic communications (e.g., requirements for the handling and protection of Safeguards Information are discussed in RIS-2003-08, Protection of Safeguards Information from Unauthorized Disclosure, dated April 30, 2003). Sensitive (but unclassified, non-safeguards) information covers a range of information for whichthe loss, misuse, modification, or unauthorized access can reasonably be foreseen to harm the public interest, commercial or financial interests of an entity, the conduct of NRC and Federal Programs, or the personal privacy of individuals. As noted above, this RIS covers security- related information which, if released, could cause harm to the public interest as it could be useful, or could reasonably be expected to be useful, to a terrorist in a potential attack.
Specifically, information that should be protected under this RIS is described in Attachment 2.
In addition, licensees and others should use the procedures set forth below to protect information designated for protection by other federal, State, or local agencies.
SUMMARY OF ISSUE
This RIS: 1)Informs licensees and others of the screening criteria that NRC uses to identify andprotect security-related sensitive information in documents generated by the Agency and in documents received from licensees and others; 2)Encourages licensees and others to identify security-related sensitive informationcontained in documents submitted to NRC, by using the screening criteria in Attachment 2 and marking procedures; and 3)Encourages licensees and others that may possess security-related sensitiveinformation to control the information, to limit the risk that the information might fall into the hands of those who would use it for malevolent acts.Specifically, protection of the information should be implemented in the following manner:
1. Screening of Future Documents Submitted to NRC To assure that future submittals containing security-related sensitive information are notmade publicly available in ADAMS, while still making other appropriate information available to the public, NRC is encouraging licensees and others to screen submittals in accordance with the guidance in Attachment 2. If practical, documents submitted to NRC should avoid including security-related sensitive information to permit releasing the document to the public in its entirety. 2. Marking and Submitting Documents Containing Security-Related Sensitive InformationIf it is necessary to include security-related sensitive information in a submitteddocument, the submittal should be marked to indicate the presence of such information as follows: a)The cover letter should clearly state that the attached documents contain security-related sensitive information. When separated from the attached documents, if the cover letter itself does not contain security-related sensitive information, the cover letter itself is uncontrolled. b)As shown in Attachment 1 (Section A), the top of every page of a letter ordocument that contains security-related sensitive information should include the marking Security-Related Information Withhold Under 10 CFR 2.390 (note that NRCs procedure for these documents is to mark them as Official Use Only
- Security-Related Information). For the pages having security-related sensitive information, an additional marking (e.g., an editorial notebox) should be included adjacent to the material meeting the screening criteria in Attachment 2.Information on suggested handling and methods of submittal of security-relatedsensitive information is also contained in Attachment 1 (Section B). Licensees and others can submit both a public and a non-public version of a document,when security-related documents need to be submitted. The public version could have the security-related sensitive information marked out or removed with a notation that the information was withheld on the basis that it is Security-Related Information. This is similar to what is sometimes done to protect proprietary information under 10 CFR 2.390, except that an affidavit is not needed. Alternatively, security-related sensitive information could be segregated from the main body of the document and included only in attachments to the submittal. Only the attachments containing security-related sensitive information would be marked for withholding from public disclosure. Using this approach, the public version need not be marked as containing security-related sensitive
information. . Protection of Security-Related Sensitive InformationDocuments that contain security-related sensitive information should be protected frompublic disclosure, using methods similar to that for protecting proprietary information.
To the extent practicable, any existing documents containing security-related sensitive information that licensees or others have previously made available to the public should be withdrawn from public access. As with proprietary information, licensees and others should have sufficient internal controls to prevent release of information. Possible methods to prevent the inadvertent release of security-related sensitive information include marking documents Security-Related Information - Withhold Under 10 CFR 2.390, restricting access to electronic recordkeeping systems that contain such information, and controlling the reproduction, distribution, and destruction of potentially sensitive records. Licensees and others should ensure that similar controls are in place when security-related sensitive information is provided to outside parties such as contractors or other Government agencies, and that the information is made available only to such parties who have a need to know the information to perform their jobs and who are made aware of the security-related nature of the information. This RIS, the attached screening criteria, and additional explanatory material, as appropriate,are also posted on the NRC Web site at http://www.nrc.gov/reading-rm/sensitive-info.html
)(note that the criteria for fuel cycle facilities in this website and in this RIS supercedes information at http://www.nrc.gov/materials/fuel-cycle-fac/review-criteria-fuel-cycle.html
).The NRC staff will interact with licensees and others on a case-by-case basis to resolvequestions regarding the application of the procedures and screening criteria set forth in this RIS
and its attachments.NRC will continue to make available to the public as much information as possible. Much ofNRCs information is readily available to the public via the NRC Web site (www.nrc.gov) andNRCs ADAMS system (www.nrc.gov/reading-rm/adams.html). In addition, other informationmay be released to the public in response to formal and/or informal requests. Although the security-related sensitive information screening criteria were developed with the principles of the Freedom of Information Act (FOIA) in mind, a review for security-related sensitive information does not substitute for a FOIA review. FOIA requests will continue to be reviewedand processed independently from the security-related sensitive information review process.
BACKFIT DISCUSSION
This RIS requires no action nor written response and is, therefore, not a backfit under 10 CFR 70.76, 72.62, or 76.76. Consequently, the NRC staff did not perform a backfit analysis.
FEDERAL REGISTER NOTIFICATION
A notice of opportunity for public comment on this RIS was not published in the Federal Register because it is informational and does not represent a departure from current regulatoryrequirements and practice. SMALL BUSINESS REGULATORY ENFORCEMENT FAIRNESS ACT OF 1996NRC has determined that this action is not subject to the Small Business RegulatoryEnforcement Fairness Act of 1996.
PAPERWORK REDUCTION ACT STATEMENT
This RIS does not contain information collections and, therefore, is not subject to therequirements of the Paperwork Reduction Act of 1995 (44 U.S.C. 3501, et seq.).Please direct any questions about this matter to the technical contacts listed below.
/RA/Charles L. Miller, DirectorDivision of Industrial and Medical Nuclear Safety Office of Nuclear Material Safety and SafeguardsTechnical Contacts: Spent Fuel Storage and Materials IMNS/Regional Transportation Fuel Cycle Paul Goldberg, NMSS/IMNS Joe Sebrosky, NMSS/SFPOPatricia Silva, NMSS/FCSS
301-415-7842 301-415-1132301-415-8029 E-mail: pfg@nrc.gov E-mail: jms3@nrc.govE-mail: pas6@nrc.govDecommissioning HLWRSImport/ExportTed Carter, NMSS/DWMEP Alexander SapountzisStephen Dembek301-415-6668 301-415-7822301-415-2342 E-mail: thc1@nrc.gov E-mail: aps@nrc.govE-mail: sxd@nrc.gov Attachments:1. Suggested Markings; Withhold From Public Disclosure in Accordance With 10 CFR 2.390
2. NMSS Guidance on Screening Criteria for Security-Related Sensitive Unclassified Non-
Safeguards Information
3. List of Recently Issued NMSS Generic Communications Attachment 1 RIS-2005-31 Security-Related InformationWithhold Under 10 CFR 2.390
Subject XXXXXXXXXX
XXXXXXXXXX
XXXXXXXXXX
XXXXXXXXXXSUGGESTED MARKINGS AND HANDLINGThis attachment provides information on suggested markings for pages of a document thatcontains security-related sensitive information (Section A) and suggested handling of such documents (Section B).A. Page MarkingsOverall page marking on the top of all pagesof a document that contains security-related sensitive information
Note that a cover letter should clearly statethat attached documents contain security- related sensitive information - - However, this marking is also needed on the cover letter only if it itself contains security-related sensitive information. Ensure Subject Line is non-sensitive Attachment 1 RIS-2005-31 B. Appropriate Controls for Handling DocumentsAccess:Need-to-know in order to perform official licensee, applicant orentity functions.Storage:Openly within licensee, applicant, or other entity facilities withelectronic or other access controls, for example, key cards, guards, alarms.Mail:U.S. Postal Service first class mail, registered mail, express mail,or certified mail in single opaque envelope with no external markings to indicate 10 CFR 2.390 contents.Electronic Transmission:Over phone if the recipient is confirmed as beingauthorized to access the information; over facsimile if it is confirmed that a recipient who is authorized to access the information will be present to receive the transmission;
over encrypted computer e-mail (using computer software such as SecureZip). Note that NRC is using SecureZip when transmitting security-related sensitive information by e-mail to licensees and others to encrypt electronic information. Users will be prompted for a password to access a free download of the reader.
Attachment 2 -1-NMSS GUIDANCESCREENING CRITERIA FOR SECURITY-RELATED SENSITIVE UNCLASSIFIED NON-SAFEGUARDS INFORMATIONDECEMBER 2005 Attachment 2 SCREENING CRITERIA FOR SECURITY-RELATED SENSITIVE UNCLASSIFIED NON-SAFEGUARDS INFORMATIONDECEMBER 2005 INTRODUCTION:This guidance provides the criteria which will be used to determine the types of security-relatedsensitive information, other than classified or safeguards information, associated with materials licensees, applicants, certificate holders, and other entities that will not be voluntarily disclosed
to the public so as not to inadvertently provide assistance to those who might wish to use this information for malevolent acts.
BACKGROUND
- Historically, the Nuclear Regulatory Commission (NRC) has made routinely available to thepublic large amounts of information, more than required by law. In the post-September 11,
2001 environment, however, like many other agencies, the NRC has found it necessary to be more judicious in what it voluntarily releases, so as not to inadvertently provide assistance to those who might use this information for malevolent acts. The NRC developed guidance several months ago for conducting a broad security/sensitivityreview to assess whether documents associated with reactor licensees should be made publicly available in the first instance as a matter of administrative discretion (SECY-04-0191). In November 2005, the NRC issued guidance (NRC RIS 2005-26) in this area. As part of the continuing efforts in this area, the NRC has now developed this guidance which addresses the criteria for screening from public disclosure certain types of information associated with various classes of materials licensees, applicants, certificate holders and other entities.Consistent with the Task Force Report on Public Disclosure of Security-Related Information,(SECY 05-0091) and the Commission guidance on that Task Force Report, the screening criteria in these guidelines ...should follow the principles for withholding security-related information under FOIA. Although the security-related sensitive screening criteria were developed with the principles of the Freedom of Information Act (FOIA) in mind, a review for security-related sensitive information does not substitute for a FOIA review. FOIA requests will continue to be reviewed and processed independently from the security-related sensitiveinformation review process.
ORGANIZATION OF THIS GUIDANCE:This guidance is organized as follows (see Table 1 for an outline on navigating the guidance): -Section 1 indicates the thresholds under which documents may be released to the publicwithout any further screening. However, Section 1 also notes specific requirements for withholding documents in certain cases even if the documents fall under the threshold. -Section 2 contains general criteria for screening documents above the threshold.
Attachment 2 1 With regards to High-Level Waste, requirements for making information publiclyavailable via the Licensing Support Network (LSN) is contained in 1O CFR Part 2 Subpart J for an applicant of the proposed geological repository at Yucca Mountain in Nevada. Furthermore, the "Joint DOE and NRC Sensitive Unclassified Information and Classification Guide for the Office of Civilian Radioactive Waste Management Program" (CG-OCRWM-1) provides guidance for determining sensitive information. -Appendices 1 - 5 contain guidance, in addition to that in Section 2, for screeningdocuments specific to fuel cycle facilities; decommissioning and low-level waste sites;
medical, industrial, and academic uses of nuclear materials; spent fuel/transportation;
and export/import, respectively. Table 1 Stakeholders Using This Guidance and Applicable Sections of the Guidance
1StakeholderApplicable guidanceFuel cycle facilities including milling,conversion, enrichment and fuel fabrication
facilitiesSections 1 and 2 for general information andAppendix 1.Decommissioning and low-level waste sitesSections 1 and 2 for general information andAppendix 2.Medical, Industrial, and Academic Uses of Nuclear MaterialsSections 1 and 2 for general information andAppendix 3.10 CFR Part 71: certificate holders, andregistered usersSections 1 and 2 for general information andAppendix 4, parts A, B, and E. Special attention should be given to the guidance relative to detailed design drawings, and control of registered users list for transportation packages. 10 CFR Part 71: Quality Assurance ProgramholdersSections 1 and 2 for general information andAppendix 4, parts A, B, and E. Based on NRC staff experience, most QA program holder submittals do not contain sensitive information as defined in this RIS. However, attention should be given to the guidance relative to detailed design drawings, and control of registered users list for transportation packages. 10 CFR Part 72: certificate holders, generallicensees, and site specific licenseesSections 1 and 2 for general information and Appendix 4, parts A, B, C, D and E.Export and ImportSections 1 and 2 for general information andAppendix 5.
Attachment 2 1. NMSS THRESHOLD CRITERIA:Documents containing information falling under these thresholds may be released without anyfurther screening, except as specifically noted.A. Low Hazard: The following types of licensee files need NOT be screened due to the lowhazard of the radioactive material at the sites: - Licensees authorized to possess quantities of radionuclides in any single location that are below the International Atomic Energy Agencys (IAEA) Category 3 quantities (aslisted in Table 1 of these guidelines). However, documents which give the exact location of the material should be withheld, even if they refer to material levels belowthe Category 3 threshold. Thus, a document may be released if it indicates a generallocation (i.e., in a certain building), but documents giving the exact location should be withheld unless the location is intuitively obvious. -Licensees (other than fuel cycle) authorized to possess radionuclides which are notlisted in Table 1. However, information on the exact location of this radioactive material should be withheld.- Uranium recovery (yellow cake and tailings only)
-Current information on decommissioning materials sites with diffuse contamination only. (Check for other active licenses or radioactive material at the site; e. g., high activity reactor components, and high activity waste. Screen any such documents separately.)
-Terminated licenses where all radioactivity except diffuse contamination has beenremoved. (Screen old files for operational information which may contain sensitive information.)B. Information Readily Available to the Public Elsewhere:Based on Reactor Criteria Approved by Commission (see SECY-04-0191):-If the information is available from open source literature such as text books, Web sites,or other sources, an NRC decision to withhold the information may decrease the openness of our regulatory programs without obstructing an adversary.- Information clearly visible from locations accessible to the public is generally released. This includes general (low resolution) drawings of the site and adjacent areas.
Attachment 2 2. GENERAL CRITERIA FOR SCREENING DOCUMENTS ABOVE THE THRESHOLDA. Descriptions of Facilities Where Licensed Material May Be Located Criteria:
(1) Locations and quantities of radioactive material (above the thresholds listed in Table 1)-Withhold information identifying the exact locations of radioactive material
-Withhold information on possession limits or actual inventories of radionuclides.
-Withhold manufacturers and model numbers of sealed sources and devices.
-For fuel cycle facilities, withhold information on possession limits and inventories of enriched uranium above 6% U-235, and mixed oxide materials.-Withhold lists of licensees registered to use NRC-approved 10 CFR Part 71transportation packages.-Release identification of radionuclides and form.
-Release 10 CFR Part 71 certificates and 10 CFR Part 72 information related toradionuclide form, content, quantities, model numbers, and locations of independent spent fuel storage installations, regardless of the quantities.-Release event reports involving lost/stolen/abandoned/found radioactive material.(2) Design of structures/equipment (site specific)-Withhold information related to security requirements, information from analyses which could reveal vulnerabilities, reports of specific or predicted failures, and any other information which could reasonably be expected to be useful to potential adversaries.-Release information regarding the design of structures provided to the NRC whichtypically consists of analyses to show that the design feature will withstand the combinations of forces associated with design basis events and natural hazards. The analyses do not typically provide realistic information on the failure of structural features, and, except for fuel cycle facilities, are not considered sensitive. However, withhold information related to predicted structural failures that could be useful to terrorists. (See Appendix 1 for specific guidance on fuel cycle facilities.)(3) Nearby Facilities-Withhold information related to nearby facilities if the information might reasonably be helpful to those planning an attack.B. Design Information (non-site-specific): Spent Fuel Casks, Transportation Packages,Sealed Source and Device Catalog and Files, etc.-Withhold drawings showing detailed design information. -Withhold design/performance information which indicates vulnerabilities that couldreasonably be expected to be useful to potential adversaries.-Release text information containing descriptions of how packages/devices/sources are constructed.
Attachment 2 C. Emergency Planning/Fire Protection Information-Withhold information related to emergency planning, emergency response, and fireprotection. Review any considerations and/or requests for release on a case-by-case basis. As part of the review, check to see whether the State or local governments are withholding related information as sensitive.-Withhold information describing licensee or government responses to malevolent attacks.-Withhold information and drawings identifying locations of radioactive material, andonsite routes and pathways to or from the locations of radioactive material.-Withhold information which State or local government agencies have designated as sensitive.D. Security Program Information-Much information related to security programs at fuel cycle facilities and other materialsfacilities with high risk sources has already been designated to be withheld as Classified, Safeguards, or Proprietary Information.-In addition to withholding Classified, Safeguards, or Proprietary Information, withholdany security information which could reasonably be expected to be useful to potential adversaries.E. Vulnerability/Security Assessments/Accident Analyses/Safety Analyses/Risk Assessments-Release typical accident analyses which involve conservative models to demonstrate afacilitys ability to respond to design basis events (i.e., non-security related events),
unless the analysis could reasonably be expected to be useful to an adversary.-Withhold assessments which use a malevolent event as an initial condition(e.g.,vulnerability/security analysis). -Withhold descriptions of structural features related to potential malevolent attacks.
-Withhold detailed information and drawings describing the specific locations ofequipment relied upon for safety or security. -Withhold discussions of safety features or mitigation strategies withinvulnerability/security assessments.-Withhold any analysis that identifies which events have significant consequences andwhich events don't. -Withhold information related to security events and any information which could beuseful to an adversary due to identification of vulnerabilities.
Attachment 2 APPENDICES 1-5: ADDITIONAL GUIDANCE FOR SECURITY-RELATED SENSITIVE
INFORMATION SCREENING REVIEWS These appendices contain additional guidance for screening documents for security-relatedsensitive information specific to fuel cycle facilities; decommissioning and low-level waste sites;
medical, industrial, and academic uses of nuclear materials; spent fuel/transportation; and export/import licensing. These appendices are organized as follows:1.Fuel cycle facilities including milling, conversion, enrichment and fuel fabrication facilities;2. Decommissioning and low-level waste sites;
3. Medical, industrial, and academic uses of nuclear materials;
4.Spent Fuel/Transportation (10 CFR Part 71: certificate holders, and registered users; 10 CFR Part 71: Quality Assurance Program holders; 10 CFR Part 72: certificate holders, general licensees, and site specific licensees);5. Export/Import licensing.
Attachment 2 APPENDIX 1 - - FUEL CYCLE FACILITY REVIEWS (NRC
CONTACT
- DIVISION OF FUELCYCLE SAFETY AND SAFEGUARDS (FCSS), NMSS)A. Descriptions of Facilities Where Licensed Material May Be Located-Withhold information on possession limits or actual inventories of radionuclides, andquantities, including such information on the license itself, for mixed oxide material and uranium enriched to greater than 6 % U-235. (Release identification of radionuclides and their forms.)-Withhold information related to military contract operations, even if it is publicly availableelsewhere.-Withhold information identifying the exact locations (e.g., detailed floor plans) ofradioactive and hazardous material whose release or theft could allow adversaries to create a diversion for theft of material or result in a significant consequence.
Information for planning a sabotage activity (e.g., bombing a building) would likely require less detailed information than theft where exact locations would likely be
needed.-Withhold information about the design of structures that consists of analyses to showthat design features will withstand the forces associated with both security-related scenarios and non-security-related scenarios, such as tornadoes, high winds, snow loads, etc. Analyses indicating forces associated with non-security regulatory requirements could be useful in planning terrorist activities. For instance, information related to seismic loadings could be used to determine blast loads for bombs. -Withhold detailed design information, including diagrams showing dimensions, materialproperties, and descriptions of how the facilities/equipment is constructed. Additionally, withhold process information that could potentially allow an adversary to access radioactive or hazardous materials or gain knowledge of detailed information or potential weaknesses of systems designed to ensure safe operations (necessary to prevent or mitigate accidents) at fuel cycle facilities. B. Design Information (non-site specific) No additional fuel cycle facility guidance for this category.C. Emergency Planning/Fire Protection Information-Withhold information contained in Emergency Planning and Fire Protection Plans thatcould potentially allow an adversary to gain knowledge of detailed information or potential weaknesses of systems designed to ensure safe operations (necessary to prevent or mitigate accidents) at fuel cycle facilities.
Attachment 2 -Withhold information and drawings identifying routes to or from the locations ofradioactive and hazardous material whose release or theft could allow adversaries to achieve their goals. -Withhold information that State or local government agencies have designated assensitive.-Withhold any detailed accident analysis that identifies which accidents have significantconsequences and which accidents don't. Accident analysis information can appear in many documents (i.e., emergency plan, fire protection plan, Integrated Safety Analysis Summary, environmental assessment, etc.). General information may be releasable, but details should be withheld.D. Security Program Information-Much information related to security programs at fuel cycle facilities and other materialsfacilities with high risk sources has already been designated to be withheld as Proprietary, Classified or Safeguards Information.-Withhold information about security equipment and programs, descriptions of equipmentand radioactive or hazardous materials, and accident studies that bear a close resemblance to programs, equipment, radioactive or hazardous materials, and studies at other active licensee sites if that information would reveal vulnerabilities or be expected to be useful to adversaries at active licensee sites.E. Vulnerability/Security Assessments/Accident Analyses-Withhold detailed information and drawings describing the exact locations of radioactiveor hazardous materials or gain knowledge of detailed information or potential weaknesses of system designed to ensure safe operations (necessary to prevent or mitigate accidents) at fuel cycle facilities. -Withhold any detailed accident analysis which contains accident sequences, identifiesaccident consequences, identifies systems and components relied upon for safety, or identifies which accidents have significant consequences and which accidents don't.
Accident analysis information can appear in many documents (i.e., emergency plan, fire protection plan, Integrated Safety Analysis Summary, environmental assessment, etc.).
General information may be acceptable, but details should be withheld.-Withhold information identifying the exact locations (e.g., detailed floor plans) ofradioactive and hazardous material whose release or theft could allow adversaries create a diversion for theft of material or result in a significant consequence.
Information for planning a sabotage activity (e.g., bombing a building) would likely require less detailed information than theft where exact locations would likely be
needed.
Attachment 2 APPENDIX 2 - - DECOMMISSIONING AND LOW-LEVEL WASTE SITE REVIEWS (NRC
CONTACT
- DIVISION OF DECOMMISSIONING, WASTE MANAGEMENT, AND
ENVIRONMENTAL PROTECTION (DWMEP), NMSS
)DECOMMISSIONING AND LOW-LEVEL WASTE SITE THRESHOLD CRITERIA1. Diffuse contamination consists of soil, groundwater, surface contamination on and inbuildings, including that which is on equipment, floors, walls, etc. It also could include volumetrically contaminated materials whose concentrations are sufficiently low.For determining whether only diffuse contamination is present at a decommissioningsite, apply the following information derived from the IAEA Code of Conduct on the Safety and Security of Radioactive Sources (see Table 1). Category 3 sources in the Code of Conduct, for which NRC is developing a rulemaking to control their import and export, are typically about 1 curie. At a concentration of 2000 pCi/gram, which is well above the concentrations of plutonium typically found in soil at sites undergoing decommissioning, this equates to approximately 15,000 cubic feet of material, well in excess of what a terrorist could reasonably use for malevolent purposes. For materials at the 10 CFR Part 61 Class A limit for plutonium (10 nCi/gram), the volume of waste that would contain the Category 3 activity limit for plutonium would be 3000 cubic feet, also in excess of what could reasonably be used by a terrorist. However, for Co-60, the amount of loose material or rubble at the Class A limit (700 Ci/cubic meter) containingthe Category 3 quantity (about 1 curie) would be less than 0.1 cubic foot, an amount that could easily be used for malevolent purposes because of its small volume.
Reviewers should apply values taking into consideration the examples given above inmaking a determination on whether a decommissioning site is within the threshold limits.2.DWMEP has little licensing work in low-level waste. However, that which is performedmay not be below the threshold. For example, import and export licensing could involve quantities of materials that would be useful to terrorists. GENERAL GUIDANCE FOR DECOMMISSIONING AND LOW-LEVEL WASTE SITESMost sites undergoing decommissioning are expected to be below the threshold, so thatmost licensing documents can be released. Sensitivity reviews must be conducted on documents related to LLW storage, safety, and security systems and procedures. Reviews should focus on determining if the information contained in these documents could be useful to an adversary in planning a terrorist act. Examples include the location and security arrangements for high-activity waste, the location of highly activated components, or the transportation security arrangements for high-activity waste or activated components.
Attachment 2 For fuel cycle, materials, and spent fuel pool and independent spent fuel storageinstallation (ISFSI) licensees that are undergoing decommissioning, issues that are not unique to decommissioning (such as descriptions of plant processes, vulnerability/security assessments, etc.) should be reviewed with regard to Appendices 1, 3, and 4, respectively.A. Descriptions of Facilities Where Licensed Material May Be Located-Withhold information identifying the exact locations of radioactive material. Forexample, detail drawings or maps of facilities, room numbers and locations, and specific locations of waste storage/processing operations.-Withhold design information that could reasonably be expected to be useful to potentialadversaries. Examples include detailed drawings or maps showing the locations of security measures/operations and infrastructure, locations of critical site infrastructure (electrical or power systems), and the design of facilities that could be useful in developing approaches to breech the facility.-For transportation package information provided in connection with decommissioning orLLW disposal licensing, consider Appendix 4 for sensitivity of the information. No additional guidance for decommissioning and low-level waste sites for other categories.
Attachment 2 APPENDIX 3 - - REVIEWS OF MEDICAL, INDUSTRIAL, AND ACADEMIC USERS OFNUCLEAR MATERIALS
(NRC
CONTACT
- DIVISION OF INDUSTRIAL AND MEDICALNUCLEAR SAFETY (IMNS), NMSS)A. Descriptions of Facilities Where Licensed Material May Be Located (above the thresholds in Table 1)(1) Copies of Licenses and Mailing Lists-Copies of licenses: Release authorized radionuclides and form. Withhold authorizedquantities. Withhold manufacturers and model numbers of sealed sources and devices.
Withhold information which identifies buildings or rooms where radioactive material is located (this may be in the license condition specifying authorized location).- Withhold mailings lists which are compiled for security purposes or identify high riskfacilities or vulnerable facilities.- Release individual mailing addresses, and street address where material is located(normally included on licenses).(2) Locations of radioactive material-Withhold lists of authorized or actual inventories of radionuclides.- Withhold building numbers and room numbers (other than mailing addresses) or similarinformation which identify locations of material.- Withhold site drawings which identify individual buildings on the licensee site.
- Withhold building drawings which identify the location of radioactive material, or onsitepathways or routes to and from locations of radioactive material.-Release individual mailing addresses and street addresses.(3) Design/description of structures/equipment/operating procedures (site specific)- Most descriptions of structures/equipment/procedures may be released if they are notsecurity-related.- Withhold drawings of buildings/rooms/devices where radioactive material is located.
- Withhold manufacturers and model numbers of sealed sources and devices.
- Withhold information on security programs, guards, access controls, key cards, alarms,barriers, chains, locks, etc.B. Design Information (non-site specific) - Sealed Source and Device Catalog-Release information on addresses of manufacturers/distributors.-Establish a password system for users with a valid need-to-know, and who have agreedto protect the information from unauthorized disclosure.
Attachment 2 C. Emergency Planning/Fire Protection Information- Release general descriptions of emergency procedures for safety related events, suchas radioactive material spills, releases, contamination, and fires.- Withhold information on routes to and from locations of radioactive material.
- Withhold information related to responses to security events and malevolent events.
- Withhold information on responses of offsite law enforcement officials.
- Withhold information designated by State or local governments as sensitive.D. Security Program Information- Certain security information at specified facilities is already designated as SafeguardsInformation and should continue to be withheld and protected accordingly. - In addition to withholding Safeguards Information, withhold any security informationrelated to malevolent events or which could be useful to potential adversaries.
Examples as given in Section A above: information on guards, access controls, key cards, alarms, barriers, chains, locks, etc.E. Vulnerability/Security Assessments/Accident Analyses-No additional guidance for medical, industrial, and academic users of nuclear materialfor this category.
Attachment 2 APPENDIX 4 - - SPENT FUEL/TRANSPORTATION REVIEWS (NRC
CONTACT
- SPENT
FUEL PROJECT OFFICE (SFPO), NMSS)A. Descriptions of Facilities Where Licensed Material Be LocatedSubjectDiscussion and/or typical controls
10 CFR Part 72 Specific ISFSILicenses and General Licenses
- Text descriptions of the following: general description, site characteristics, principal design criteria, storage cask design, operations, waste management, radiation protection, accident analyses, conduct of operations, operating controls and limits, and quality
assuranceUncontrolled - Information provided to the NRC forspecific ISFSI licenses and general licenses typically consists of analyses to show that the design feature will withstand the combinations of forces associated with design basis events and natural hazards. The analyses do not typically provide realistic information on the failure of structural features and are not considered sensitive.
10 CFR Part 72 Specific ISFSILicenses and General Licenses
- Drawings and locations of related hazardsPotentially Controlled - Decisions regarding the control ofinformation that show the plant site and buildings are dependent on the level of detail. Information clearly visible from locations accessible to the public near the site is generally released. This includes general (low- resolution) layout drawings of the site and adjacent areas.
Drawings showing details such as the specific locations of equipment within buildings, doorways, stairways, storage areas, etc. are to be withheld under 10 CFR 2.390(d).
Drawings showing locations of hazards in relation to the ISFSI are also withheld. A text description of the hazards in relation to the ISFSI is uncontrolled and will not be reviewed.10 CFR Part 72 Specific ISFSILicenses and General Licenses
- Nearby industrial, transportation, and military
facilitiesControlled - Information related to non-nuclear facilities located near the ISFSI such as pipeline data (usually withheld per DOT) and chemical facilities (some data withheld per EPA) is controlled. Other information may be protected by other federal agencies (e.g., DHS, FERC,
EPA, DOT)10 CFR Part 72 Specific ISFSILicenses and General Licenses Uncontrolled - Information related to radionuclides, form, and quantitiesLists of licensees registered touse NRC-approved 10 CFR Part 71 transportation packages.Withhold lists and associated letters required by 10 CFR71.17(c)(3).
Attachment 2 B. Design Information (non-site specific): Transportation Packages, and Spent Fuel CasksSubjectDiscussion and/or typical controls10 CFR Part 71 TransportationPackage Descriptions Text Descriptions Including Radionuclide Form, Content and QuantityUncontrolled - Information provided to the NRC typicallyconsists of analyses to show that the design feature will withstand the combinations of forces associated with design basis events and natural hazards. The analyses do not typically provide realistic information on the failure of structural features and are not considered sensitive.
Text descriptions regarding the design of transportation packages do not need to be controlled for 3 basic reasons: 1) Part 71 does not authorize possession of byproduct, source or special nuclear material, 2) package design information is required for commerce both domestically and internationally, and 3) the information that could reasonably be expected to be useful to terrorists in planning or executing an attack for transportation packages containing large quantities of byproduct, source or special nuclear material is controlled by other means (e.g., route controls, escort requirements, etc., in accordance with Commission Orders, interim compensatory measures or other applicable requirements).10 CFR Part 71 DrawingsPotentially Controlled - Withhold diagrams showingdetailed design information. Do not withhold drawingswhich have already been made public through FOIA
requests, hearings, rulemakings, or other public forums.10 CFR Part 71 TransportationQuality Assurance Program Plan DescriptionsUncontrolled - An entity wishing to use or fabricate anapproved transportation package must submit a description of its quality assurance program to the NRC.
This submittal is assigned a 10 CFR Part 71 docket and reviewed and approved by the staff. The QA program description typically does not contain the type of information found in the generic criteria that would cause it to be controlled. In addition, filing and approving a QA
program description does not authorize possession of byproduct, source, or special nuclear material.10 CFR Part 71 PackageInformation related to radionuclides, form and
quantitiesUncontrolled Attachment 2 SubjectDiscussion and/or typical controls10 CFR Part 71 AdvanceNotification of Shipments of Irradiated Reactor Fuel and Nuclear WasteNSIR has programmatic responsibility for reviewing andcontrolling this information. 10 CFR 71.97 requires advance notifications to the governor of a State, or the governors designee, of certain shipments of high-risk radioactive material. 10 CFR Part 72 Dry CaskStorage Systems -Certificates of Compliance (COC) safety analysis report informationUncontrolled - Information provided to the NRC typicallyconsists of analyses to show that the design feature will withstand the combinations of forces associated with design basis events and natural hazards. The analyses do not typically provide realistic information on the failure of structural features and are not considered sensitive.
Text information in the safety analysis report including design information is not controlled for the following reasons: 1) the design of the casks are simple by nature
and the criteria for which they are designed are widely known; 2) most casks designs involve storage of the casks in open areas on concrete pads that are often readily seen from offsite locations; and 3) this information has been historically released to the public to support rulemaking for approved cask designs, and other public
outreach efforts.10 CFR Part 72 Dry CaskStorage Systems -DrawingsPotentially Controlled - Withhold diagrams showingdetailed design information. Do not withhold drawingswhich have already been made public through FOIA
requests, hearings, rulemakings, or other public forums.10 CFR Part 72 PackageInformation related to radionuclides, form and
quantitiesUncontrolled Attachment 2 C. Emergency Planning InformationSubjectDiscussion and/or typical controls
10 CFR Part 72 Specific ISFSILicenses and General Licenses
- Emergency PlanningPotentially Controlled - Incoming documents are initiallyprofiled as nonpublic - staff will review for release upon request. Most information related to emergency planning will not need to be designated as sensitive. Special attention is needed to determine if information relates to the response by a licensee or government agency to a terrorist attack. Note that some State and local governments consider parts of their emergency plans to be sensitive. D. Security Program InformationSubjectDiscussion and/or typical controls
10 CFR Part 72 Specific ISFSILicenses and General Licenses
- SecurityPotentially Controlled - Information related to securityprograms is generally designated as SGI or SGI-M and is protected in a manner similar to classified confidential information. Security-related information within the inspection and oversight program is withheld from public disclosure under 10 CFR 2.390(d). E. Vulnerability/Security Assessments/Accident Analyses/Risk AssessmentsSubjectDiscussion and/or typical controlsVulnerability/SecurityAssessments for:
-10 CFR Part 71transportation package
designs-10 CFR Part 72 dry caskstorage systems-10 CFR Part 72independent spent fuel storage installations (ISFSI) Controlled - Vulnerability/security assessments todetermine the ability of transportation packages, dry cask storage systems, or ISFSIs to withstand events from malevolent acts have been and will continue to be withheld from public disclosure.
Attachment 2 APPENDIX 5 - - EXPORT/IMPORT LICENSING (NRC
CONTACT
- OFFICE OFINTERNATIONAL PROGRAMS (OIP)-Withhold information on authorized quantities or actual inventories of radionuclides,above the thresholds in Table 1, mixed oxide materials, and enriched uranium above 6%
U-235. Release information identifying radionuclides and form.-For quantities above the thresholds in Table 1, mixed oxide materials, and enricheduranium above 6% U-235, withhold information on projected or actual shipmentschedules, delivery dates, date required, mode of transport, storage arrangements, orany other related logistical information provided by the licensee in the application or added by the NRC.
Attachment 2 Table 1: Radionuclide Screening Threshold ValuesRadionuclideQuantity ofConcern 1 (TBq)Quantity ofConcern 2 (Ci )Am-2410.061.6Am-241/Be0.061.6Cf-2520.020.54Cm-2440.051.4Co-600.030.81Cs-1370.12.7Gd-153127Ir-192 0.082.2Pm-147401100Pu-2380.061.6Pu-239/Be0.061.6Se-750.25.4Sr-90 (Y-90)127Tm-17020540Yb-1690.38.1Combinations ofradioactive materials listed
above 3See Footnote Below 4 1 The aggregate activity of multiple, collocated sources should be included when the totalactivity exceeds the quantity of concern.
2 TBq values are the regulatory standard and the Curie values are rounded to two significant figures. 3 Radioactive materials are to be considered collocated if breaching a common physical securitybarrier (e.g., a locked door at the entrance to a storage room) would allow access to the radioactive material or devices containing the radioactive material. For sources installed in devices, each device should be considered a separate location.
4 If several radionuclides are aggregated, the sum of the ratios of the activity of each source, Iof radionuclide, n , A (i,n), to the quantity of concern for radionuclide n , Q (n), listed for thatradionuclide exceeds one. [(aggregated source activity for radionuclide A) ÷ (quantity ofconcern for radionuclide A)] + [(aggregated source activity for radionuclide B) ÷ (quantity of concern for radionuclide B)] + etc........ >
1 Attachment 3 Recently Issued NMSS Generic CommunicationsDateGC No.Subject
Addressees
2/11/05BL-05-01Material Control and Accounting at Reactors and Wet Spent Fuel Storage FacilitiesAll holders of operating licenses fornuclear power reactors, decommissioning
nuclear power reactor sites storing spent fuel in a pool, and wet spent fuel storage sites.11/23/05RIS-05-24Control of Radiation Dose toVisitors of Hospital Patients All medical licensees.11/14/05RIS-05-21Clarification of the Reporting Requirements in
10 CFR 20.2201All U.S. Nuclear Regulatory Commissionlicensees and Part 76 certificate holders authorized to possess licensed material.11/08/05RIS-05-27NRC Timeliness Goals,Prioritization of Incoming License Applications and Voluntary Submittal of Schedule for Future Actions for NRC ReviewAll 10 CFR Parts 71 and 72 licenseesand certificate holders.10/28/05RIS-05-22Requirements for the PhysicalProtection During Transportation of Special Nuclear Material of Moderate and Low Strategic Significance: 10 CFR Part 72 vs.
Regulatory Guide 5.59 (1983)All holders of licenses for the possessionof special nuclear material (SNM) that ship Category II and III quantities of this
material.10/07/05RIS-05-23Clarification of the PhysicalPresence Requirement During Gamma Stereotactic Radiosurgery
TreatmentsAll gamma stereotactic radiosurgery(GSR) licensees.09/27/05RIS-04-17, Rev. 1Revised Decay-in-StorageProvisions for the Storage of
Radioactive Waste Containing Byproduct MaterialAll licensees regulated under 10 CFRParts 30, 32, 33, 35, 39, and 50.08/25/05RIS-05-18Guidance for Establishing andMaintaining a Safety Conscious
Work EnvironmentAll licensees, applicants for licenses,holders of certificates of compliance, and their contractors subject to NRC authority08/10/05RIS-05-16Issuance of NRC ManagementDirective 8.17, Licensee Complaints Against NRC
EmployeesAll licensees and certificate holders.08/03/05RIS-05-15Reporting Requirements forDamaged Industrial Radiographic
EquipmentAll material licensees possessingindustrial radiographic equipment, regulated under 10 CFR Part 34.
Attachment 3 DateGC No.Subject
Addressees
07/13/05RIS-05-13NRC Incident Response and theNational Response PlanAll licensees and certificate holders.07/11/05RIS-05-12Transportation of RadioactiveMaterial Quantities of Concern NRC Threat Advisory and Protective Measures SystemLicensees authorized to possessradioactive material that equals or exceeds the threshold values in the Additional Security Measures (ASM) for transportation of Radioactive Material Quantities of Concern (RAMQC) under their 10 CFR Part 30, 32, 50, 70, and 71 licenses and Agreement State licensees similarly authorized to possess such material in such quantities under their Agreement State licenses.07/11/05RIS-05-11Requirements for Power ReactorLicensees in Possession of Devices Subject to the General License Requirements of 10 CFR
31.5All holders of operating licenses fornuclear power reactors and generally
licensed device
vendors.06/10/05 RIS-05-10 Performance-Based Approach forAssociated Equipment in 10 CFR
34.20All industrial radiography licensees andmanufacturers and distributors of industrial radiography equipment.04/18/05RIS-05-06Reporting Requirements forGauges Damaged at Temporary
Job SitesAll material licensees possessingportable gauges, regulated under 10 CFR
Part 30.04/14/05RIS-05-04Guidance on the Protection ofUnattended Openings that Intersect a Security Boundary or
AreaAll holders of operating licenses orconstruction permits for nuclear power
reactors, research and test reactors, decommissioning reactors with fuel on site, Category 1 fuel cycle facilities, critical mass facilities, uranium conversion facility, independent spent
fuel storage installations, gaseous diffusion plants, and certain other material licensees.02/28/05RIS-05-0310 CFR Part 40 Exemptions forUranium Contained in Aircraft Counterweights - Storage and
RepairAll persons possessing aircraftcounterweights containing uranium under the exemption in
10 CFR 40.13(c)(5).11/17/05IN-05-31Potential Non-conservative Error inPreparing Problem-dependent Cross Sections for use with the KENO V.a or KENO-VI Criticality
CodeAll licensees using the KENO V.a orKENO-VI criticality code module in Version 5 of the Standardized Computer Analyses for Licensing Evaluation (SCALE) software developed by Oak Ridge National Laboratory (ORNL).10/31/05IN-05-28Inadequate Test Procedure Failsto Detect Inoperable Criticality Accident Alarm HornsAll licensees authorized to possess acritical mass of special nuclear material.10/07/05IN-05-27Low Dose-Rate ManualBrachytheraphy Equipment Related Medical Events All medical licensees.
Attachment 3 DateGC No.Subject
Addressees
07/29/05IN-05-22Inadequate Criticality SafetyAnalysis of Ventilation Systems at Fuel Cycle FacilitiesAll licensees authorized to possess acritical mass of special nuclear material.06/23/05IN-05-17Manual Brachytherapy Source JammingAll medical licensees authorized topossess a Mick applicator.05/17/05IN-05-13Potential Non-conservative Error inModeling Geometric Regions in
the Keno-v.a Criticality CodeAll licensees using the Keno-V.a criticalitycode module in Standardized Computer Analyses for Licensing Evaluation (SCALE) software developed by Oak Ridge National Laboratory (ORNL)05/17/05IN-05-12Excessively Large Criticality SafetyLimits Fail to Provide Double Contingency at Fuel Cycle FacilityAll licensees authorized to possess acritical mass of special nuclear material.04/07/05IN-05-10Changes to 10 CFR Part 71 PackagesAll 10 CFR Part 71 licensees andcertificate holders.040/01/05IN-05-07Results of HEMYC ElectricalRaceway Fire Barrier System Full Scale Fire TestingAll holders of operating licenses fornuclear power reactors, except those who
have permanently ceased operations and have certified that fuel has been permanently
removed from the reactor vessel, and fuel facilities
licensees.03/10/05IN-05-05Improving Material Control andAccountability Interface with Criticality Safety Activities at Fuel
Cycle FacilitiesAll licensees authorized to possess acritical mass of special nuclear material.Note: NRC generic communications may be found on the NRC public website athttp://www.nrc.gov, under Electronic Reading Room/Document Collections.