ML21244A281

From kanterella
Revision as of 21:46, 19 November 2024 by StriderTol (talk | contribs) (StriderTol Bot change)
Jump to navigation Jump to search
OMB 3150-0002, CY2021 OMB Clearance Renewal for 10 CFR Part 73-Physical Protection of Plants and Materials 30-Day Final Supporting Statement
ML21244A281
Person / Time
Issue date: 11/10/2021
From: Judy Petrucelli
NRC/NSIR/DPCP/RSB
To:
Petrucelli J
Shared Package
ML21112A182 List:
References
OMB 3150-0002
Download: ML21244A281 (37)
v  d  e


Text

FINAL SUPPORTING STATEMENT FOR 10 CFR PART 73 PHYSICAL PROTECTION OF PLANTS AND MATERIALS

(3150-0002)

EXTENSION

Description of the Information Collection

The U.S. Nuclear Regulatory Commission (NRC) regulations in Tit le 10 of the Code of Federal Regulations (10 CFR) Part 73, Physical protection of plants and materials, prescribe requirements for the establishment and maintenance of systems f or physical protection of special nuclear material (SNM) at fixed sites, of SNM in transi t, and of plants that use SNM.

These include the following reporting, recordkeeping, and third -party disclosure requirements, which are necessary to ensure adequate protection for nuclear f acilities and nuclear material (this list is not all-inclusive):

  • Development and maintenance of security documents, including a physical security plan (PSP), training and qualification plan (T&QP), safeguards conti ngency plan (SCP),

cybersecurity plan (CSP), and security implementing procedures

  • Notification to the NRC of safeguards and cy36y7r657y7sretyu`be rsecurity events
  • Notification to State Governors and Tribes of shipments of irra diated reactor fuel
  • Criminal history records check of individuals granted unescorte d access to nuclear power facilities or nonpower reactors, or granted access to saf eguards information (SGI)
  • Advance notification to the NRC of shipments of irradiated reac tor fuel and Category II SNM
  • Submission of fingerprinting cards to the NRC for background in vestigations

A. JUSTIFICATION

1. Need for and Practical Utility of the Information

The regulations are issued pursuant to the Atomic Energy Act of 1954, as amended, and Title II of the Energy Reorganization Act of 1974, as amended.

In general, the reports and records are necessary for one or mo re of the following reasons:

  • Information on the content and planned operation of the license es physical protection system (e.g., CSP, PSP, SCP, or T&QP) is es sential to the NRCs determination of whether the system meets regulato ry requirements.

1

- For a CSP for nuclear power reactors, this information includes descriptions of how a licensee protects computer and communication systems and networks against cyberattacks, up to and including the design-basis threats described in 10 CFR 73.1, Purpose and scope.

- For a PSP for Category I SNM sites and nuclear power reactors, this includes information on c apabilities to detect, assess, interdict, and neutralize threats up to and including the design-basis threats described in 10 CFR 73.1. For other PSPs, it includes descriptions of how the licensee will meet the requirements of 10 CFR 73.67, Licensee fixed site and in-trans it requirements for the physical protection of special nuclear material of moderate and low strategic significance, at a fixe d site or during transport.

- For an SCP for Category I SNM sites and nuclear power reactors, this information includes a description of how licens ee personnel implement their physical protection program to defend against threats to their facility, up to and including the desi gn-basis threats described in 10 CFR 73.1.

- For a T&QP for Category I SNM sites and nuclear power reactors, this includes information on the selection, training, equipping, testing, and qualification of individuals responsibl e for protecting SNM, nuclear facilities, and nuclear shipments.

  • Descriptions of the normal operation of the physical protection system (e.g., access authorizations, equipment performance logs) permi t the NRC to determine whether there is reasonable assurance that the system operates in accordance with regulatory requirements.
  • Reports to the NRC of the occurrence of and circumstances surro unding abnormal events (e.g., theft, sabotage, or overdue shipment) en able the NRC to respond to, investigate, and correct situations which ad versely affect public health and safety or the common defense and secur ity.

The section 10 CFR Part 73 Information Collection Requirements in this supporting statement lists the specific requirements in 10 CFR Part 73.

2. Agency Use of the Information

The NRC staff reviews the information included in applications, reports, and records to assess the adequacy of each licensees physical plan t, equipment, organization, training, experience, procedures, and plans for p rotection of public health and safety and the common defense and security. The sta ffs review and findings form the basis for NRC lic ensing decisions related to physical protection of SNM.

2 The agency has developed a series of regulatory guides on mater ials and plant protection, which provide guidance on how to meet the requireme nts above.

They can be found at https://www.nrc.gov/reading-rm/doc-collections/reg-guides/protection/rg/. A list of guidance documents pertinent to 10 CFR Part 73 requirements appears in a table at the end of this supporting s tatement.

3. Reduction of Burden through Information Technology

There are no legal obstacles to reducing the burden associated with this information collection. The NRC encourages respondents to use information technology when it would benefit them.

The NRC document Guidance for Electronic Submissions to the NRC provides direction for the electronic transmission and submittal of docu ments to the NRC.

Documents can be transmitted and submitted electronically throu gh the electronic information exchange process (available from the NRC s Electronic Submittals Web page, https://www.nrc.gov/site-help/e-submittals.html ), by optical storage media (e.g., CD-RO M, DVD), by fax, or by e-mail. It is estimated that approximately 90 percent of potential responses will be filed electronically. Because of the in formation security classifica tion level of some documents, licensees sometimes choose to submit responses in ha rd copy.

The 56 nuclear power reactor facilities and 20 decommissioning reactor facilities submit all fingerprint data electronically. Materia l licensees also submit fingerprint data electronically. Other licensees continue to s ubmit fingerprints via hardcopy fingerprint cards ver sus electronic submission.

4. Effort to Identify Duplication and Use Similar Information

The regulation in 10 CFR 73.38(d) eliminates duplication by spe cifying that background investigations do not apply to Federal, State, or lo cal law enforcement personnel who are performing escort duties.

The regulation in 10 CFR 73.38(g) eliminates duplication by spe cifying that a new fingerprint-based Federal Bureau of Investigations (FBI) cr iminal history records check is not required for individuals who have a valid unescorted access authorization pursuant to an NRC order or regulation wit hin 5 years of the effective date of the final rule on spent nuclear fuel (SNF ) in transit.

5. Effort to Reduce Small Business Burden

It is possible for licensees that use SNM to be small businesse s. However, since inadequate safeguards for SNM would cause the same risks to the common defense and security and to public health and safety whe ther the licensee were a large or a small entity, the frequency and comp leteness of reports, records, plans, and procedures cannot be decreased to reduce the burden on small businesses. The NRC staff estimates that none of the current licensees that use SNM and are subject to 10 CFR Part 73 inform ation collection requirements are small businesses.

3

6. Consequences to Federal Program or Policy Activities If the Col lection Is Not Conducted or Is Conducted Less Frequently

If the information collection were not conducted or were conduc ted less frequently, the NRC may not be notified of safeguards events in time to respond rapidly and help licensees achieve prompt resolution. The NRC receives and evaluates reports as events occur. In addition, the NRC staff inspects compiled licensee records to verify compliance with regulations. Applic ations for new licenses and amendments may be submitted at any time. Informat ion submitted in previous applications may be referenced without being resubm itted.

7. Circumstances Which Justify V ariation from Office of Management and Budget Guidelines

Certain sections of 10 CFR Part 73 depart from Office of Manage ment and Budget (OMB) guidelines by requiring that licensees submit repo rts to the NRC in less than 30 days. Sections 73.26, 73.27, 73.37, 73.67, 73.7 1, and 73.77 of 10 CFR require immediate notification of response forces, the N RC, and local law enforcement authorities; immediate communications between c onvoys and movement control centers; and immediate notification of consign ees and shippers. These notification requirements permit response forc es, the NRC, law enforcement authorities, shippers, and consignees to confir m the integrity of shipments, to determine whether SNM has been lost or diverted, and to initiate prompt action to recover it.

Certain other sections of 10 CFR Part 73 depart from the OMB gu idelines by requiring licensees to retain records for more than 3 years. S ome sections require retention of records for 5 years, or for extended perio ds such as duration of possession of the material, duration of employment, or 5 years after termination of access authorization (this list is not all-inclu sive). These requirements ensure that procedures for handling and safeguardi ng nuclear material are available for as long as the licensee possesses th e material or operates the facility. Other records are required for inspecti on or for reconstruction of events in case of a safeguards incident. The burden spreadsheet uploaded as a supplementary document lists all requ ired records retention periods.

8. Consultations outside the NRC

Opportunity for public comment on the information collection re quirements for this clearance package was published in the Federal Register on June 24, 2021, (86 FR 33382).

The NRC staff sent out, over electronic mail, five requests for comment to the draft information collection Federal Register Notice pertaining to 10 CFR Part

73. Of the five requests for comments, three went to nuclear p ower reactor licensees; one to a transportation of special nuclear material licensee; and one to a category I special nuclear material fuel cycle licensee. The NRC staff received two positive comments. One licensee responded that th e collection of information has a practical utility to provide NRC regional ins pectors ready

4 access to the information needed to complete their oversight fu nctions. A second licensee responded that there is no perceived manner in which the quality, utility and clarity of information to be collected can be improved.

Additionally, two public comments we re received from NextEra Energy that required NRC staff disposition:

Comment Number 1: One nuclear power reactor licensee responded that a 200-hour third party disclosure was potentially high, due to most o f the documents containing SGI.

NRC staff response: The third-party burden hours applicable to one nuclear power plant annually corresponds to, at the most, an estimated 6.25 hours2.893519e-4 days <br />0.00694 hours <br />4.133598e-5 weeks <br />9.5125e-6 months <br /> of SGI transmission or receipt. The remaining estimated 300.28 hours3.240741e-4 days <br />0.00778 hours <br />4.62963e-5 weeks <br />1.0654e-5 months <br /> of third-party burden, applicable to one nuclear power plant annually, are ass ociated with documentation that does not contain SGI.

Comment Number 2: Encrypted software could be used to expedite the transmission of information.

NRC staff response: The NRC staff acknowledges that under certa in circumstances, encryption software could be used to expedite th e transmission of information. Staff at NRC headquarters, for pre-inspection pla nning purposes, does accept electronically transmitted encrypted SGI. However, in contrast, the NRC Document Control Desk does not accept electronically transmitted encrypted SGI. In addition, for purposes of pre-inspection pla nning, the NRC regional staff does not allow for the receipt of electronically submitted encrypted SGI. Rather, they review security plans that contain SGI that are stored at the regional office. NRC regional staff also reviews SGI at the li censee site during inspection activities.

9. Payment or Gift to Respondents

Not applicable.

10. Confidentiality of Information

Trade secrets, privileged, or confidential commercial or financ ial information is marked as proprietary information and is protected in accordanc e with NRC regulations in 10 CFR 9.17(a) and 10 CFR 2.390(b).

Certain information, designated as SGI, is prohibited from publ ic disclosure in accordance with the provisions of the Atomic Energy Act of 1954, as amended, pursuant to Chapter 12, Section 147, or is designated as classi fied National Security Information, in accordance with Executive Order 12958, Classified National Security Information, dated April 17, 1995.

For criminal history checks, the NRC collects fingerprints, eit her on hardcopy cards or electronically; digitizes fingerprints captured on car ds; and passes the fingerprints electronically to the FBI. The FBI runs the finge rprints and provides

5 the criminal history report to the NRC. The NRC passes this re port on to the licensee without retaining a copy of it. This information coll ection is listed in the NRCs Privacy Act of 1974; Republication of Systems of Records Notices, Volume 81 of the Federal Register, page 81320 (81 FR 81320, November 17, 2016), under the heading of NRC 39, Personnel Sec urity Files and Associated Records. The NRC does not disclose or share th e information with anyone, except when initially submitting fingerprints to t he FBI and when passing on the FBI report to the licensee.

11. Justification for Sensitive Questions

The regulations in 10 CFR Part 73 require licensees to obtain t he criminal history records of individuals who are applying for or currentl y possess unescorted access to a nuclear power facility or a nonpower rea ctor. This sensitive information is necessary to allow licensees to determ ine whether these individuals are qualified to gain and maintain unescorted access to the site.

Reviewing officials use the sensitive information to evaluate a n individuals trustworthiness and reliability. Licensees must inform affecte d individuals that their fingerprints will be used to obtain their criminal histor y records for review.

In addition, licensees must inform the individuals of proper pr ocedures for challenging or explaining their records. Each licensee must es tablish and maintain a system of files and procedures to protect this sensi tive personal information.

The regulation in 10 CFR 73.57(f)(2) requires licensees to prot ect information obtained from individual criminal history records:

The licensee may not disclose the record or personal informatio n collected and maintained to persons other than the subject individual, his or her representative, or to those who have a n eed to have access to the information in performing assigned duties in the process of granting or denying unescorted access to the nuclear power facility, the non-power reactor or access to Safeguards Information. No individual authorized to have access to the information may re-disseminate the information to any other individual who does not have a need to know.

12. Estimated Burden and Burden Hour Cost

The estimated burden is based on the following respondents:

  • 2 Category I fuel facilities
  • 5 Category II and III facilities
  • 56 power reactor sites
  • 20 decommissioning reactor facilities
  • 31 research and test reactors
  • 96 other entities that mark and handle SGI

6 The estimated number of annual respondents is 210.

The overall estimated annual burden is 495,892 hours0.0103 days <br />0.248 hours <br />0.00147 weeks <br />3.39406e-4 months <br />, at an est imated annual cost of $138 million (495,892 hours0.0103 days <br />0.248 hours <br />0.00147 weeks <br />3.39406e-4 months <br /> at $279 per hour). This in cludes 22,631 hours0.0073 days <br />0.175 hours <br />0.00104 weeks <br />2.400955e-4 months <br /> for reporting, 21,473 hours0.00547 days <br />0.131 hours <br />7.820767e-4 weeks <br />1.799765e-4 months <br /> for third-party notifi cation, and 451,788 hours0.00912 days <br />0.219 hours <br />0.0013 weeks <br />2.99834e-4 months <br /> for recordkeeping. Detailed burden tables have b een uploaded as a supplementary document (Excel spreadsheet).

Burden Summary Responses Hours Cost at $279/hr Reporting 40,889 22,631 $6,314,047 Recordkeeping 210 451,788 $126,048,726 Third-Party Disclosure 89,869 21,473 $5,9991,037 Total 130,968 495,892 $138,353,811

The $279 hourly rate used in the burden estimates is the rate g iven in 10 CFR 170.20, Average cost per professional staff-hour. For more information on the basis of this rate, see Revision of Fee Sch edules; Fee Recovery for Fiscal Year 2020 (85 FR 37250; June 19, 2020).

13. Estimate of Other Additional Costs

The NRC has determined that the records storage cost is roughly proportional to the recordkeeping burden cost. For a typical clearance, the records storage cost has been calculated as 0.04 percent of the recordkeeping b urden cost.

Therefore, the records storage cost for this clearance is estim ated to be

$50,419 (0.04 percent of 451,788 recordkeeping hours at $279 pe r hour).

In addition, the current cost charged to licensees for processi ng fingerprint cards is $10 per card. The total cost for processing fingerpri nt cards is

$502,550 (50,255 cards at $10 per card). The staff anticipates the current costs to increase by the end of the fiscal year.

The total additional cost to licensees for recordkeeping and fi ngerprint card processing is thus $552,969 ($50,419 + $502,550).

14. Estimated Annualized Cost to the Federal Government

The staff has developed estimates of annualized costs to the Fe deral Government for conducting this information collection. These e stimates are based on staff experience and subject-matter expertise and incl ude the burden of reviewing, analyzing, and processing the collected informati on, as well as any relevant operational expenses. The estimated cost to the gover nment for the review of required reports and records is approximately $1,255, 500 (4,500 hours0.00579 days <br />0.139 hours <br />8.267196e-4 weeks <br />1.9025e-4 months <br /> at $279 per hour), based on the NRC fee rate.

7

15. Reason for Change in Burden or Cost The estimated burden has decreased from 541,406 hours0.0047 days <br />0.113 hours <br />6.712963e-4 weeks <br />1.54483e-4 months <br /> to 495,89 2 hours2.314815e-5 days <br />5.555556e-4 hours <br />3.306878e-6 weeks <br />7.61e-7 months <br />, for a total decrease of 45,514 hours0.00595 days <br />0.143 hours <br />8.498677e-4 weeks <br />1.95577e-4 months <br />.

BURDEN CHANGE Current Burden in 2021 Estimates Changes ROCIS Hours Responses Hours Responses Hours Responses Reporting 22,591 40,819 22,631 40,889 40 70 Recordkeeping 475,852 210 451,788 210 -24,064 0 Third-Party Disclosure 42,963 136,957 21,473 89,869 -21,490 -47,088 Total 541,406 177,986 495,892 130,968 -45,514 -47,018

The increase in reporting estimates is due to: (1) an increase in transportation operations; (2) more accurately capturing required reporting fo r spent fuel and special nuclear material operations; and (3) increase in report ing of Safeguards events due to the changing types of licensees. The decreased t hird party estimates can largely be attributed to: (1) Most licensees chan ged SGI-M to SGI for documents maintained, (2) changes in transportation, and (3 ) the number of power reactor sites decreased, from 60 in 2018 to 56 in 2021.

16. Publication for Statistical Use

None.

17. Reasons for Not Displaying the Expiration Date

The recordkeeping and reporting requirements for this informati on collection are associated with regulations and are not submitted on instrument s such as forms or surveys. For this reason, there are no data instruments on which to display an OMB expiration date. Furthermore, amending the regulatory t ext of the CFR to display information that, in an annual publication, could be come obsolete would be unduly burdensome and too difficult to keep current.

18. Exceptions to the Certification Statement

None.

B. COLLECTIONS OF INFORMATION EMPLOYING STATISTICAL METHODS

None.

8 10 CFR PART 73 INFORMATION COLLECTION REQUIREMENTS

Section 73.5, Specific exemptions, provides that under specif ied conditions, the NRC may grant exemptions from the requirements of the regulations in 10 CFR Part 73, upon the application of any interested person or on its own initiative. The NRC staff examines applications for exemptions under 10 CFR 73.5 to determine whet her each requested exemption is authorized by law, will not endanger life or prope rty or the common defense and security, and is otherwise in the public interest.

Subsection 73.20(c) requires that each affected licensee establ ish, maintain, and follow NRC-approved safeguards physical protection and safeguards cont ingency plans that describe how the licensee will comply with the requirements of 10 CFR 73 (a)-(b). These plans are used to review the adequacy of a licensee's intended security system for compliance and enforcement purposes.

Subsection 73.22(b) requires licensees to determine, based on a background check or other means approved by the NRC, that each individual seeking access to SGI is trustworthy and reliable. The categories of individuals enumerated in 10 CFR 7 3.59, Relief from fingerprinting, identification and criminal histo ry records checks and other elements of background checks for designated categories of individuals, are exempt from this req uirement.

Subsection 73.22(d) requires that each document or other matter that contains SGI be conspicuously marked at the top and bottom of each page to indi cate the presence of such information, and that the first page also contain the following information:

  • the name, title, and organization of the individual authorized to make an SGI determination who has determined that the document or other mat ter contains SGI
  • the date the determination was made
  • an indication that unauthorized disclosure will be subject to c ivil and criminal sanctions

Transmittal letters or memoranda to or from the NRC which do no t in themselves contain SGI must be marked to indicate that attachments or enclosures conta in SGI but that the transmittal letter or memorandum does not. Transmittal documents or other media containing SGI must include the name and title of the certifying official and the d ate they were designated as containing SGI. Portion marking is required only for correspon dence to and from the NRC (i.e.,

for cover letters, but for not attachments) that contains SGI. The portion marking must be sufficient to allow the recipient to identify those sections of the transmittal document or other information containing SGI, and to distinguish them from those not containing SGI. Documents or other matter containing or transmitting SGI must, at a minim um, include the words Safeguards Information to ensure identification of protected information for the protection of facilities and material covered by 10 CFR 73.22, Protection of Safeguards Information: Specific Requirements.

Subsection 73.22(f) states that when documents or other matter containing SGI are transmitted outside an authorized place of use or storage, they must be pac kaged in two sealed envelopes or wrappers to preclude disclosure of the presence of SGI. The inner envelope or wrapper must contain the name and address of the intended recipient and be m arked on both sides, top and bottom, with the words Safeguards Information. The outer env elope or wrapper must be

9 opaque and addressed to the intended recipient; it must contain the address of the sender and may not bear any markings or indication that the document or ot her matter contains SGI.

Subsection 73.23(b) requires licensees to determine, based on a background check or other means approved by the NRC, that each individual seeking access to SGI designated as SGI-Modified Handling (SGI-M) is trustworthy and reliable. The cat egories of individuals enumerated in 10 CFR 73.59 are exempt from this requirement.

Subsection 73.23(d) requires that a document or other matter co ntaining SGI designated as SGI-M be conspicuously marked on the top and bottom of each pag e to indicate the presence of SGI-M. In addition, the first page of such a document must inc lude the name, title, and organization of the individual authorized to make a determinati on of SGI designated as SGI-M who has determined that the document contains SGI designated as SGI-M; the date the determination was made; and an indication that unauthorized dis closure will be subject to civil and criminal sanctions. Transmittal letters or memoranda to or from the NRC that do not in themselves contain SGI designated as SGI-M must be marked to in dicate that attachments or enclosures contain SGI designated as SGI-M but that the transmi ttal document does not.

Transmittal documents forwarding SGI designated as SGI-M must a lert the recipient that protected information is enclosed. Certification that a docume nt or other matter contains SGI designated as SGI-M must include the name and title of the cert ifying official and the date designated. Transmittal documents to and from the NRC require portion marking showing which portions of the material contain SGI designated as SGI-M and which do not. The marking of documents containing or transmitting SGI designated as SGI-M must, at a minimum, include the words Safeguards InformationModified Handling.

Subsection 73.23(f) requires that documents or other matter con taining SGI designated as SGI-M transmitted outside an authorized place of use or storage be packaged in two sealed envelopes or wrappers. The inner envelope or wrapper must cont ain the name and address of the intended recipient and be marked on both sides, top and bot tom, with the words Safeguards InformationModified Handling. The outer envelope or wrapper must be opaque and addressed to the intended recipient; it must include the ad dress of the sender and may not bear any markings or indication that the document contains SGI designated as SGI-M.

Subsection 73.24(b)(1) states that when making shipments of SNM in which individual shipments are less than a formula quantity, but the total quant ity simultaneously in transit could equal or exceed a formula quantity, licensees must log the arri val of each shipment at its final destination. This record is necessary to verify shipment arriv al and ensure that the total quantity of SNM in two or more shipments in transit at the same time doe s not equal or exceed a formula quantity.

Subsection 73.25(b) lists procedures required for the physical protection system and plan described in 10 CFR 73.20, General performance objective and r equirements. The information collection associated with these requirements appea rs in 10 CFR 73.20.

Subsection 73.25(c) lists procedures required for the physical protection system and plan described in 10 CFR 73.20. The information collection associate d with these requirements appears in 10 CFR 73.20.

Subsection 73.25(d) lists procedures required for the physical protection system and plan described in 10 CFR 73.20. The information collection associat ed with these requirements appears in 10 CFR 73.20.

10 Subsection 73.26(b)(3) requires that, before each SNM shipment, licensees inform the NRC of the shipper, consignee, carriers, transfer points, modes of shi pment, and security arrangements for the shipment. This information permits the NRC to verify t hat adequate measures will be taken to protect the material in transit.

Subsection 73.26(c) describes the records retention schedule fo r records associated with 10 CFR 73.25, 10 CFR 73.26, and 10 CFR 73.27. This requirement is not an information collection but adds detail on information collections listed elsewhere in this part. Any burden associated with records retention is recorded under the information collection containing the recordkeeping requirement.

Subsection 73.26(d)(3) requires that licensees maintain a writt en management system for the development, revision, implementation, and enforcement of trans portation physical protection procedures. The information collection associated with this req uirement appears in 10 CFR 73.20(c).

Subsection 73.26(d)(4) requires that licensees document the qua lification and requalification of members of the security organization. The licensee must retain the record of each individuals initial qualification for the term of employment and the record of each requalification for 5 years.

NRC inspectors review this information to verify that security organization members are properly qualified in accordance with the site T&QP and implementing pro cedures.

Subsection 73.26(e)(1) refers to the written contingency plan r equired by 10 CFR 73.20. The information collection associated with this requirement appears in 10 CFR 73.20.

Subsection 73.26(e)(2) requires that, upon detection of abnorma l presence or activity of persons or vehicles attempting to penetrate a moving convoy or persons attempting to gain access to a parked cargo vehicle, or upon evidence or indication of penetra tion of the cargo vehicle, armed escorts or other personnel inform local law enforcement agencie s of the threat and request assistance.

Subsection 73.26(f)(2) requires the following security procedur es for transfers of SNM:

(1) The commander of the armed personnel protecting the shipment sh all call a remote location at least every 30 minutes to report the status of the shipment.

(2) If they do not receive the calls, the remote location personnel shall request assistance from local law enforcement agencie s, notify the shipment movement control center, and initiate the appropriate contingency plans.

(3) Escorts shall notify the licensee of the latest status of the s hipment immediately after its departure.

Calling the remote location every 30 minutes is among the secur ity staffs normal duties and is not reported as part of the burden.

Subsection 73.26(g)(1) requires the use of a numbered picture b adge identification procedure to identify all individuals who will have custody of a shipment of SNM. Because all security officers assigned to duties involving shipments of nuclear material are required to wear numbered

11 picture badges as a normal part of their duties, this is not re ported as part of the burden; thus, the information collection is for the procedure only.

Subsection 73.26(h)(5) lists procedures required for the physic al protection system and plan described in 10 CFR 73.20. The information collection associat ed with this requirement appears in 10 CFR 73.20.

Subsection 73.26(h)(6) requires licensees to document the resul ts of annual audits of the transportation security program, along with recommendations for improvements, and to retain the documentation as a record for 3 years. NRC inspectors revi ew these records to verify that the effectiveness of the physical security system is evaluated by licensee personnel independent of security management and supervision.

Subsection 73.26(i)(1) requires that licensees prepare a detail ed route plan for SNM shipments by road, showing the routes to be taken, refueling and rest sto ps, and call-in times to the movement control center. This document is used to verify that the shipment is made on primary highways with minimum use of secondary roads, and that adequate measures for support and communications are available to protect the shipment.

Subsection 73.26(i)(5) requires the establishment of procedures in support of the physical protection system. The information collection associated with t his requirement appears in 10 CFR 73.20.

Subsection 73.26(i)(6) requires that SNM shipment or escort per sonnel make calls to the movement control center at least every half hour to convey the status and position of the shipment. If no call is received at a designated call-in time, the licensee must immediately notify law enforcement authorities and the NRC and initiate appropriat e contingency plans. This notification is necessary so that the NRC can ensure timely response or investigation. Calling the movement control center every 30 minutes is among the secur ity staffs normal duties and is not reported as part of the burden.

Subsection 73.26(j)(6) requires the establishment of procedures in support of the physical protection system. The information collection associated with this requirement appears in 10 CFR 73.20.

Subsection 73.26(k)(2) requires the establishment of procedures in support of the physical protection system. The information collection associated with this requirement appears in 10 CFR 73.20.

Subsection 73.26(k)(4) requires that, for SNM shipments by rail, if no call is received from the shipment or escort personnel at a designated call-in time, the licensee must immediately notify law enforcement authorities and the NRC and initiate appropriat e contingency plans. This notification is necessary so that the NRC can ensure timely response or investigation. The information collection associated with this requirement is capt ured under 10 CFR 73.26(i)(6), as the requirement is the same; only the transportation type diffe rs.

Subsection 73.27(a)(1) requires that a licensee delivering form ula quantities of strategic SNM (SSNM) to a carrier for transpor t immediately notify the consignee, by telephone, telegraph, or teletype, of the time of departure of the shipment, the method of transportation (including names of carriers), and the estimated time of arrival at the destinat ion. This information is needed to

12 ensure that the consignee is aware that the shipment is en rout e, so that the consignee can carry out the safeguards transportation protection plan.

Subsection 73.27(a)(2) requires that, in the case of a shipment free on board the point where it is delivered to a carrier for transport, the licensee shipper o btain written certification from the consignee who is to take delivery at the free on board point th at the required physical protection arrangements have been made. This information is needed to ens ure that the safeguards transportation protection plan will be carried out.

Subsection 73.27(a)(3) requires that a shipper arrange to recei ve immediate notification from the consignee when a shipment arrives at its destination or is lost or unaccounted for after the estimated time of arrival at its destination. This information is required so that the licensee can promptly notify the NRC of any missing material and initiate a trace investigation.

Subsection 73.27(b) requires a licensee receiving a shipment of formula quantities of SSNM to immediately notify the shipper and the NRC of the shipments ar rival at its destination, or of its failure to arrive at its destination at the estimated time. In the latter event, the shipper must also notify the NRC of the actions being taken to trace the shipment. This information is needed to maintain accountability for SSNM in transit, so that trace and recovery actions may be undertaken if necessary.

Subsection 73.27(c) states that if an SNM shipment is lost or u naccounted for, the licensee that made the physical protection arrangements must conduct a trace investigation and file a report with the NRC as specified in 10 CFR 73.71, Reporting of safegu ards events. This information permits the NRC to determine whether all appropriate measures h ave been taken to trace and recover the material. The information collection associated wi th this requirement appears in 10 CFR 73.71.

Subsection 73.37(a) requires licensees to notify the appropriat e response forces of any spent fuel shipment sabotage attempts as part of the physical protect ion system and plan described in 10 CFR 73.20. The information collection associated with this r equirement appears in 10 CFR 73.20.

Subsection 73.37(b)(1)(ii) requires licensees to preplan and co ordinate SNF shipments. The information collection associated with this requirement appears in 10 CFR 73.72, Requirement for advance notice of shipment of formula quantities of strateg ic special nuclear material, special nuclear material of moderate strategic significance, or irradia ted reactor fuel.

Subsection 73.37(b)(1)(iv) requires licensees to preplan and co ordinate SNF shipments through, or across the boundary of, any State with the Governor of that State, or with the Governors designee.

Subsection 73.37(b)(1)(vi) requires licensees to preplan and co ordinate with the NRC to obtain advance approval of the routes used for road and rail shipments of SNF, and of any U.S. ports where vessels carrying SNF shipments are scheduled to stop.

Subsection 73.37(b)(2) requires licensees to notify the NRC in advance of each shipment of SNF. The notification requirements appear in 10 CFR 73.72. Th e information collection associated with this requirement appears in 10 CFR 73.72.

13 Subsections 73.37(b)(2)(i)-(iii) require that before shipping S NF within or through a State, licensees notify the State. In addition, for each participatin g Tribe referenced in 10 CFR 71.97(c)(3), licensees must notify the Tribal official or Triba l officials designee before transporting SNF within or across the Tribal reservation. Lice nsees must also notify States before delivery for transport of licensed material outside the confines of the licensees facility or other place of use or storage.

Subsection 73.37(b)(2)(iv) requires a licensee to notify by tel ephone a responsible individual in the office of the Governor or in the office of the Governor's d esignee, and in the office of the Tribal official or in the office of the Tribal official's desig nee, of any schedule change that differs by more than 6 hours6.944444e-5 days <br />0.00167 hours <br />9.920635e-6 weeks <br />2.283e-6 months <br /> from the schedule information previously f urnished under 10 CFR 73.37(b)(2)(iii). The licensee shall inform that individual of the number of hours of advance or delay relative to the written schedule information previously f urnished.

Subsection 73.37(b)(2)(v) requires licensees that cancel a ship ment for which advance notification has been sent to send a cancellation notice to the Governor or Governors designee of each State previously notified, to each Tribal official or T ribal officials designee previously notified, and to the Director of the Division of Security Polic y at the NRCs Office of Nuclear Security and Incident Response. The licensee shall state in th e notice that it is a cancellation and identify the advance notification being canceled.

Subsection 73.37(b)(2)(vi) requires licensees to retain a copy of the preplanning and coordination activities, advance notification, and any revision or cancellation notice as a record for 3 years.

Subsection 73.37(b)(3)(iv) requires movement control center per sonnel and escorts to maintain a written log for each SNF shipment, which describes the shipme nt and significant events that occur during the shipment. The log must be available for revie w by authorized NRC personnel for a period of at least 3 years following completion of the sh ipment.

Subsection 73.37(b)(3)(v) requires the licensee to develop, mai ntain, revise and implement written transportation physical protection procedures.

Subsection 73.37(b)(3)(vi) requires the licensee to retain the transportation physical protection procedures as a record for 3 years after the close of the perio d for which the licensee possesses the SNF.

Subsection 73.37(b)(3)(vii)(B) requires, as a part of the trans portation physical protection program, that shipment escorts advise the movement control cent er at random intervals, not to exceed 2 hours2.314815e-5 days <br />5.555556e-4 hours <br />3.306878e-6 weeks <br />7.61e-7 months <br />, of the status of road and rail shipments, and o f sea shipments while shipment vessels are docked at U.S. ports.

Subsection 73.37(b)(3)(vii)(C) requires at least one armed esco rt to remain alert at all times, maintain constant visual surveillance of the shipment, and peri odically report to the movement control center at preset regular intervals during periods when the shipment vehicle is stopped or the shipment vessel is docked.

Subsection 73.37(b)(4)(iii) requires the licensee to retain the contingency and response procedures as a record for 3 years after the close of the perio d for which the licensee possesses the SNF under each license for which the plan is used. The licensee must retain superseded material for 3 years after each change.

14 Subsection 73.37(f) requires each licensee that makes arrangeme nts for the shipment of SNF to immediately conduct an investigation, in coordination with the receiving licensee, of any shipment that is lost or unaccounted for after the designated n o-later-than arrival time in the advance notification.

Subsection 73.37(g)(iii) requires State officials, State employ ees, Tribal officials, Tribal employees, and other individuals who receive schedule informati on to protect the information from unauthorized disclosure.

Subsection 73.38(a)(2) requires the licensee to establish, impl ement, and maintain an access authorization program.

Subsection 73.38(c)(2)(v) specifies a 3-year recordkeeping requ irement for documentation pertaining to access authorization relative to SNF in transit f or any individual who has an active Federal security clearance.

Subsection 73.38(d) requires the licensee to conduct a backgrou nd investigation before allowing an individual to act as an armed escort or to have unescorted a ccess to SNF in transit.

Subsection 73.38(d)(1) requires licensees not to initiate any e lement of a background investigation without the informed and signed consent of the su bject individual.

Subsection 73.38(d)(2) states that any individual who is requir ed to have a background investigation under the licensees access authorization program shall disclose the personal history information that is necessary to determine the individu als trustworthiness and reliability.

Subsection 73.38(d)(3) requires the licensee to conduct fingerp rinting and an FBI investigation and criminal history records check in accordance with 10 CFR 73.57, Requirements for criminal history records checks of individuals granted unescorted access to a nuclear power facility, a non-power reactor, or access to Safeguards Information. The f ingerprint card Form FD-258 is indicated as an acceptable method for submitting fingerprints. Form FD-258, covered under OMB Clearance 1110-0046, states the following as the Authority for the information collection:

Authority: The FBIs acquisition, preservation, and exchange of information requested by this form is generally authorized under 28 U.S.C. 534. Depending on the nature of your application, supplemental authorities inc lude numerous Federal statutes, hundreds of State statutes pursuant to Pub.L.92-544, Presidential executive orders, regulations and or orders of the Attorney General of the United States, or other authorized authorities. Example s include but are not limited to: 5 U.S.C. 9101; Pub.L. 94-29; Pub.L. 101-604; an d Executive Orders 10450 and 12968. Providing the requested information is voluntary; however, failure to furnish the information may affect timely c ompletion or approval of your application.

The licensee transmits fingerprint cards to the NRC for submiss ion to the FBI.

Subsection 73.38(d)(5)(iv)(A) states that if a previous employe r, educational institution, or any other entity with which an individual undergoing an employment history evaluation claims to have been engaged fails to provide information or indicates an inability or unwillingness to provide information, the licens ee shall document this refusal or unwillingness. The licensee

15 shall obtain a confirmation of employment, educational enrollme nt and attendance, or other form of engagement claimed by the individual from at least one alter nate source that has not been previously used.

Subsection 73.38(d)(5)(vi) requires the licensee to document an y telephone calls made to obtain information on employment history.

Subsection 73.38(f)(5) requires the licensee to retain all fing erprint and criminal history records received from the FBI on an individual (including data indicati ng no record), or copies if the files have been transferred, for 5 years from the date the individual no longer requires unescorted access or access authorization relative to SNF in transit.

Subsection 73.38(i) requires any individual who has applied for or is maintaining an access authorization to report to the reviewing official, his or her s upervisor, or other management personnel designated in licensee procedures any legal action(s) taken by a law enforcement authority or court of law to which the individual has been subj ect that could result in incarceration or a court order that requires a court appearance.

Subsection 73.38(j) requires the licensee to develop, implement, and maintain written procedures for conducting background investigations for persons who are applying for unescorted access authorization for SNF in transit; for updatin g background investigations for persons who are applying for reinstatement of unescorted access or access authorization; for ensuring that persons who have been denied unescorted access or access authorization are not allowed access to or information relative to SNF in transit; an d for notifying individuals who are denied unescorted access or access authorization for SNF in tra nsit.

Subsection 73.38(l) requires the licensee to maintain records o f background investigations of an individual employee for 5 years from the date the individual no longer requires access to SNF.

The licensee must also retain a copy of the access authorizatio n program procedures as a record for 5 years after the procedures are no longer needed. In addition, the licensee must retain the list of persons approved for or denied unescorted ac cess for 5 years after the list is superseded or replaced.

Section 73.40 requires that licensees provide physical protecti on at a fixed site, or contiguous sites where licensed activities are conducted, against radiolog ical sabotage, or against theft of SNM, or against both, in accordance with the applicable section s 10 CFR Part 73 for each specific class of facility or material license. If applicable, licensees are required to establish and maintain physical security in accordance with security plans ap proved by the NRC. The information collection associated with this requirement appears in 10 CFR 73.20.

Section 73.45 requires that the licensee's fixed site physical protection system (required by 10 CFR 73.20) contain certain provisions, procedures, and plans. The information collection associated with this requirement appears in 10 CFR 73.20.

Subsection 73.46(b)(1) requires that a licensee using a contrac t guard force for site security have a written agreement with the contractor that contains the following provisions:

  • The licensee is responsible to the NRC for maintaining safeguar ds in accordance with NRC regulations and the licensee's security plan.
  • The NRC may inspect, copy, and remove copies of required report s and documents.

16

  • The licensee must demonstrate the ability of the security force, including contractor personnel, to perform assigned duties.

This requirement is necessary to ensure that the licensee infor ms the security force contractor of its responsibilities.

Subsection 73.46(b)(3) requires that the licensee have a manage ment system that includes written security procedures that document the structure of the security organization and detail the duties of the Tactical Response Team, guards, watchmen, and other individuals responsible for security. The system must also make provision for written approval of such procedures and any revisions thereto by the indi vidual with overall responsibility for the security function. This requirement is necessary to ensure that a management system is in place, that responsibilities and duties are clearly defined, and that the security organizat ion is adequate to provide protection in accordance with the security plan.

Subsection 73.46(b)(4) requires that the licensee may not permi t an individual to act as a Tactical Response Team member, armed response person, guard, or other member of the security organization unless the individual has been trained, e quipped, and qualified to perform each assigned security duty in accordance with Appendix B of th is part, "General Criteria for Security Personnel." In addition, Tactical Response Team membe rs, armed response personnel, and guards shall be trained, equipped, and qualified for use of their assigned weapons in accordance with paragraphs (b)(6) and (b)(7) of this section. Tactical Response Team members, armed response personnel, and guards shall also b e trained and qualified in accordance with either paragraphs (b)(10) and (b)(11) or paragr aph (b)(12) of this section.

Upon the request of an authorized representative of the Commiss ion, the licensee shall demonstrate the ability of the physical security personnel, whe ther licensee or contractor employees, to carry out their assigned duties and responsibilit ies. Each Tactical Response Team member, armed response person, and guard, whether a licens ee or contractor employee, shall requalify in accordance with Appendix B of this part. Ta ctical Response Team members, armed response personnel, and guards shall also requalify in ac cordance with paragraph (b)(7) of this section at least once every 12 months. The licensee sh all document the results of the qualification and requalification. The licensee shall retain t he documentation of each qualification and requalification as a record for 3 years after each qualification and requalification. The burden for this information collection ha s been listed together with that of 10 CFR 73.46(b)(7)-(8) and 10 CFR 73.46(b)(11)(i).

Subsection 73.46(b)(7) requires that the licensee document the qualification and requalification of Tactical Response Team members, armed response personnel, an d guards in day and night firing. This documentation verifies that qualification and req ualification have occurred and provides a record of individual performance. The burden for th is information collection has been listed together with that of 10 CFR 73.46(b)(4), 10 CFR 73.46(b )(8), and 10 CFR 73.46(b)(11)(i).

Subsection 73.46(b)(8) requires that the licensee document the training of Tactical Response Team members in response tactics. This documentation verifies that training has occurred and provides a record of individual performance. The burden for thi s information collection has been listed together with that of 10 CFR 73.46(b)(4), 10 CFR 73.46(7 ), and 10 CFR 73.46(b)(11)(i).

17 Subsection 73.46(b)(9) requires that the licensee notify the NR C at least 60 days in advance of each scheduled training exercise for the security force that th e NRC will observe. The licensee must also document the results of all exercises. The notificat ion requirement allows the NRC to arrange for inspectors to observe the exercise. The documentat ion verifies that the exercise took place and provides a record of security force performance.

Subsection 73.46(b)(10)(iii) requires that the licensee obtain a written certification by an examining physician that there are no contraindications to any individual's participation in the physical fitness training program.

Subsection 73.46(b)(11)(i) requires that the licensee retain a record of each security force member's attempt to qualify or requalify by meeting or exceedin g the applicable qualification criteria. This is a repetition of the requirement in 10 CFR 73.46(b)(4) and is not, in itself, an information collection.

Subsection 73.46(b)(11)(iii) states that before participating i n physical performance testing, each security force member must obtain written certification from a licensed physician that there are no medical contraindications to the individuals participation in such testing.

Subsections 73.46(b)(12) and 73.46(b)(12)(i), taken together, r equire the licensee to submit site-specific, content-based physical fitness performance tests for NRC approval. This information is incorporated into the licensee's physical protec tion plan. The NRC may use the information to inspect the physical performance testing program to ensure that it is adequate to protect public health and safety. The burden for this informat ion collection is incorporated into that of 10 CFR 73.46(b)(4).

Subsection 73.46(b)(12)(ii) states that, before the first admin istration of the site-specific content-based physical fitness test, and annually thereafter, all secur ity force members shall undergo medical examination and obtain written certification from a lic ensed physician that there are no medical contraindications to their participation in the tests.

Subsection 73.46(d)(3) lists procedures required for the physic al protection system and plan described in 10 CFR 73.20. The information collection associat ed with this requirement appears in 10 CFR 73.20.

Subsection 73.46(d)(10) requires the licensee to maintain recor ds of the findings of teams conducting drum scanning and tamper sealing of containers of co ntaminated waste. These records verify that the scanning took place and document the sc an readings for later use in review of the waste shipments if needed.

Subsection 73.46(d)(11) requires that licensee teams verify and certify the contents of containers of SSNM being prepared for shipment offsite. These records verify the weight, assay, and tamper seal integrity of the containers.

Subsection 73.46(d)(13) requires that individuals provided esco rted access to protected areas register their name, date, time, purpose of visit, employment a ffiliation, citizenship, and name of the individual to be visited in a log. The log serves as a rec ord of visitors permitted access. It may be inspected to verify that access control requirements are being followed, and it facilitates any subsequent investigation of irregular events.

18 Subsection 73.46(g)(5) requires the establishment of procedures in support of the physical protection system and plan described in 10 CFR 73.20. The info rmation collection associated with this requirement appears in 10 CFR 73.20.

Subsection 73.46(g)(6) requires licensee staff to document and report to management the results of an annual independent review and audit of the securi ty program. NRC inspectors review these records to ensure that licensee personnel independ ent of security management and supervision evaluate the effectiveness of the security prog ram and report the results of the review to higher management. These records must be retained fo r 3 years.

Subsection 73.46(h)(1) restates and provides details on the req uirement in 10 CFR 73.20 for a safeguards contingency plan. The information collection associ ated with this requirement appears in 10 CFR 73.20.

Subsection 73.46(h)(2) requires that licensees establish and do cument response arrangements with local law enforcement authorities. Such arrangements are used to verify law enforcement response capabilities and to ensure that both parties clearly u nderstand what is expected and what assistance law enforcement authorities will provide in cas e of an emergency.

Subsection 73.46(h)(3) requires that the physical protection pl ans submitted to the NRC as required by 10 CFR 73.20 include the basis for determining the size and availability of an additional force of guards or armed response personnel. The in formation collection associated with this requirement appears in 10 CFR 73.20.

Subsection 73.46(h)(4)(iii)(B) requires that licensees inform l ocal law enforcement agencies of any detected threat and request assistance. This notification is necessary to ensure that licensees obtain law enforcement assistance to neutralize any t hreat to vital areas or material access areas.

Subsection 73.50(a)(3) requires certain licensees that possess, use, or store formula quantities of SSNM to maintain written security procedures that document t he structure of the security organization and detail the duties of guards, watchmen, and oth er individuals responsible for security.

Subsection 73.50(a)(4) requires that licensees document the qua lification and requalification of guards, watchmen, and other members of the security organizatio n. This documentation verifies that qualification and requalification have occurred a nd provides a record of individual performance.

Subsection 73.50(c)(5) specifies that licensees must require th at individuals provided escorted access to protected areas register their name, date, time, purp ose of visit, employment affiliation, citizenship, name and badge number of the escort, and name of the individual to be visited in a log. The log serves as a record of visitors permi tted access. It may be inspected to verify that access control requirements are being followed, and it facilitates any subsequent investigation of irregular events.

Subsection 73.50(g)(1) requires that licensees maintain an NRC-approved SCP for dealing with threats, thefts, and radiological sabotage related to SSNM and nuclear facilities. The information collection associated with this requirement appears in 10 CFR 73.20.

19 Subsection 73.50(g)(2) requires that licensees establish and do cument response arrangements (i.e., liaison) with local law enforcement authorities. Such a rrangements are used to verify law enforcement response capabilities and to ensure that both parti es clearly understand what is expected and what assistance law enforcement will provide in ca se of an emergency.

Subsection 73.50(g)(3)(iii)(B) requires that licensees inform l ocal law enforcement agencies of any detected threat and request assistance. This notification requirement is necessary to ensure that licensees obtain law enforcement assistance to neut ralize any threat to vital areas or material access areas.

Subsection 73.50(h) lists requirements for the NRC-approved T&Q P described in 10 CFR 73.20. The information collection associated with this r equirement appears in 10 CFR 73.20.

Subsection 73.51(d)(5) lists procedures required for the physic al protection system and plan described in 10 CFR 73.20.

Subsection 73.51(d)(6) requires a licensee to establish a docum ented liaison with local law enforcement or a designated response force as part of the secur ity plan.

Subsection 73.51(d)(10) lists procedures required for the physi cal protection system and plan described in 10 CFR 73.20.

Subsection 73.51(d)(12) requires a review of the licensees phy sical protection program every 24 months by individuals independent of both physical protectio n program management and personnel who have direct responsib ility for implementation of the physical protection program.

The review must include an evaluation of the effectiveness of t he physical protection system and a verification of the liaison established with the designat ed response force or local law enforcement agency.

Section 73.54 (in its introduction) gives the submittal deadlin e for NRC-approved CSPs. This requirement captures the one-time burden associated with creati ng and submitting CSPs. This requirement is complete.

Subsection 73.54(b)(1) requires licensees to analyze digital co mputer and communications systems to identify assets that must be protected. This analys is is contained in the CSP required by 10 CFR 73.54(e), and the information collection ass ociated with this requirement appears in that subsection.

Subsection 73.54(e) requires licensees to establish, implement, and maintain an NRC-approved CSP that implements the requirements of 10 CFR 73.54, Protecti on of digital computer and communication systems and networks, and accounts for the site-specific conditions that affect implementation. The CSP must include measures for incident res ponse and recovery for cyberattacks and must describe how the licensee will maintain t he capability for timely detection and response to cyberattacks, mitigate the consequences of cybe rattacks, correct exploited vulnerabilities, and restore systems, networks, and equipment a ffected by cyberattacks.

Subsection 73.54(f) requires licensees to develop and maintain written policies in support of the CSP required by 10 CFR 73.54(e). The information collection as sociated with this requirement appears in 10 CFR 73.54(e).

20 Subsection 73.55(b)(6) describes the requirement for a performa nce evaluation program (PEP).

The information collection associated with this requirement app ears in 10 CFR 73.55(c)(4), as the T&QP documents the PEP.

Subsection 73.55(b)(7) requires licensees to document its acces s authorization program in its PSP. The information collection associated with this requireme nt appears in 10 CFR 73.55(c)(3).

Subsection 73.55(b)(8) requires licensees to establish, maintai n, and implement a CSP. The information collection associated with this requirement appears in 10 CFR 73.54(e).

Subsection 73.55(b)(9) requires licensees to document an inside r mitigation program in its PSP.

This is a one-time requirement connected to 10 CFR 75.55(a). T his requirement is complete.

Subsection 73.55(b)(10) requires licensees to develop correctiv e action measures. The information collection associated with this requirement appears in 10 CFR 73.55(m).

Subsection 73.55(b)(11) requires that licensees coordinate plan and procedure implementation to preclude conflict. The information collection associated wi th this requirement appears in 10 CFR 73.58(d), which requires the communication of potential conflicts.

Subsection 73.55(c)(1) requires licensees to include certain de scriptions in security plans. The information collection associated with this requirement appears in 10 CFR 73.55(c)(3).

Subsection 73.55(c)(3) requires licensees to establish and main tain a PSP that includes the analyses and site-specific information identified in 10 CFR 73. 55, Requirements for physical protection of licensed activities in nuclear power reactors aga inst radiological sabotage.

Subsection 73.55(c)(4) requires licensees to establish, impleme nt, and maintain a T&QP.

Subsection 73.55(c)(5) requires licensees to establish, impleme nt, and maintain an SCP.

Subsection 73.55(c)(6) repeats the requirement for licensees to establish, implement, and maintain a CSP. The information collection associated with thi s requirement appears in 10 CFR 73.54(e).

Subsection 73.55(c)(7) requires licensees to establish, impleme nt, and maintain written security procedures that implement NRC requirements and security plans.

Subsection 73.55(e)(1) requires that licensees describe barrier s, barrier systems, and their functions in their PSPs. The information collection associated with this requirement appears in 10 CFR 73.55(c)(3).

Subsection 73.55(e)(2) lists records retention requirements for barrier analyses and descriptions. The information collection associated with this requirement appears in 10 CFR 73.55(c)(3).

21 Subsection 73.55(e)(8)(iv) requires the security plan to descri be portions of barriers comprising building walls or roofs. The information collection associated with this requirement appears in 10 CFR 73.55(c)(3).

Subsection 73.55(e)(10)(ii)(A) requires licensees to identify a reas from which a waterborne vehicle must be restricted and to coordinate with local, State, and Federal agencies having jurisdiction over waterway approaches to ensure that waterway a pproach routes are controlled.

This is a one-time requirement connected to 10 CFR 75.55(a), wh ich requires revised documentation to support the revised requirements of this subse ction. This requirement is complete for current nuclear power reactor licensees.

Subsection 73.55(f) requires licensees to document in site proc edures the process used to develop and identify target sets. This documentation must cover the analyses and methodologies used to determine and group the target set equipm ent or elements, including target set equipment or elements not contained within protected or vital areas. The information collection associated with this requirement appears in 10 CFR 7 3.55(c)(7).

Subsection 73.55(g)(5)(ii) requires licensees to develop certai n procedures for emergency conditions. This is a one-time requirement connected to 10 CFR 75.55(a). This requirement is complete.

Subsection 73.55(g)(6)(i)(B) requires licensees to maintain a r ecord (including name and affiliation) of all individuals to whom access control devices have been issued, and to inventory access control devices at least annually.

Subsection 73.55(g)(6)(ii)(C) requires licensees to maintain a record (including name and areas to which unescorted access is granted) of all individuals to wh om photo identification badges or keycards have been issued.

Subsection 73.55(g)(6)(iii) requires licensees to issue passwor ds and combinations to access control personnel.

Subsection 73.55(g)(7)(i)(A) requires licensees to implement pr ocedures for processing, escorting, and controlling visitors. This is a one-time requir ement connected to 10 CFR 75.55(a). This requirement is complete for current nucl ear power reactor licensees.

Subsection 73.55(g)(7)(i)(C) requires licensees to maintain a v isitor control register recording all pertinent visitor information.

Subsection 73.55(g)(8)(v) requires licensees to describe visito r-to-escort ratios and implementing procedures for protected and vital areas in PSPs. This is a one-time requirement connected to 10 CFR 75.55(a). This requirement is complete for current nuclear power reactor licensees.

Subsection 73.55(h)(2)(ii) requires licensees to describe the v ehicle search process for owner-controlled areas in implementing procedures. This is a o ne-time requirement connected to 10 CFR 75.55(a). This requirement is complete for current n uclear power reactor licensees.

22 Subsection 73.55(h)(3)(iv) requires licensees to describe the v ehicle search process for protected areas in implementing procedures. This is a one-time requirement connected to 10 CFR 75.55(a). This requirement is complete for current nucl ear power reactor licensees.

Subsection 73.55(h)(3)(v) requires licensees to describe items to be excepted from search in site procedures. This is a one-time requirement connected to 1 0 CFR 75.55(a). This requirement is complete for current nuclear power reactor licen sees.

Subsection 73.55(i)(4)(ii)(H) requires licensees to maintain a record of all alarm annunciations, the cause of each alarm, and the disposition of each alarm.

Subsection 73.55(i)(6)(iii) requires licensees to describe how lighting requirements are met in their security plans. This is a one-time requirement connected to 10 CFR 75.55(a). This requirement is complete for current nuclear power reactor licen sees.

Subsection 73.55(j)(6) requires that licensees account for area s where communication might be interrupted in implementing procedures. This is a one-time req uirement connected to 10 CFR 75.55(a). This requirement is complete for current nucl ear power reactor licensees.

Subsection 73.55(k)(5) requires licensees to document the neces sary number of armed responders in their security plans. The information collection associated with this requirement appears in 10 CFR 73.55(c)(3).

Subsection 73.55(k)(6) requires licensees to document the numbe r of armed security officers designated to strengthen onsite response capabilities in their security plans. The information collection associated with this requirement appears in 10 CFR 7 3.55(c)(3).

Subsection 73.55(k)(7) requires licensees to have procedures to reconstitute the documented number of available armed response personnel required to implem ent the protective strategy.

This is a one-time requirement connected to 10 CFR 75.55(a). T his requirement is complete for current nuclear power reactor licensees.

Subsection 73.55(k)(8) requires licensees to establish, maintai n, and implement a written protective strategy to be documented in procedures. The inform ation collection associated with this requirement appears in 10 CFR 73.55(c)(7).

Subsection 73.55(k)(8)(iii) requires that licensees notify law enforcement agencies upon receipt of an alarm or other indication of a threat.

Subsection 73.55(k)(9) requires licensees to document and maint ain current agreements with law enforcement agencies, including estimated response times and ca pabilities.

Subsection 73.55(l)(3) requires licensees to describe in their security plans the operational and administrative controls to be implemented for the receipt, insp ection, movement, storage, and protection of un-irradiated mixed-oxide (MOX) fuel assemblies, and to develop a material

23 control and accountability program to document the inventory an d location of the SSNM within the assemblies. The information collections associated with th is requirement are contained in 10 CFR 73.55(c)(7).

Subsection 73.55(l)(7) requires that requests for use of MOX fu el assemblies containing greater than 20 weight percent plutonium dioxide (PuO 2) be reviewed and approved by the NRC before receipt of MOX fuel assemblies.

Subsection 73.55(m) requires licensees to create and maintain w ritten reports on results and recommendations of onsite physical protection program reviews a nd audits, managements findings on program effectiveness, and any actions taken as a r esult of recommendations from prior reviews. It also requires licensees to enter findings fr om onsite physical protection program reviews, audits, and assessments into the site correcti ve action program.

Subsection 73.55(n)(1) requires licensees to establish, maintai n, and implement a maintenance, testing, and calibration program, described in the PSP and impl ementing procedures, to include the criteria for determining when problems, failures, deficienc ies, and other findings are documented in the site corrective action plan. The information collections associated with this requirement are contained in 10 CFR 73.55(c)(7).

Subsection 73.55(n)(7) requires licensees to specify in impleme nting procedures a program for testing or verifying the operability of devices or equipment lo cated in hazardous areas. This program must define alternate measures to be taken to ensure th e timely completion of testing or maintenance when the hazardous condition or other restrictio ns are no longer applicable.

This is a one-time requirement connected to 10 CFR 75.55(a). T his requirement is complete for current nuclear power reactor licensees.

Subsection 73.55(o) requires that licensees identify and descri be in their security plans criteria and measures to compensate for degraded or inoperable equipment, systems, and components to meet the requirements of 10 CFR 73.55. The information coll ection associated with this requirement appears in 10 CFR 73.55(c)(3).

Subsection 73.55(p)(1) requires licensees to get approval, at a minimum, from a licensed senior operator before suspending security measures during an emergenc y. It also requires licensees to get approval from a licensed senior operator, with input fro m the senior security supervisor or manager, before suspending securi ty measures because of severe weather. The information collection associated with this requirement appears in 10 CFR 7 3.55(p)(3).

Subsection 73.55(p)(3) requires licensees to document the suspe nsion of security measures in accordance with 10 CFR 73.71.

Subsection 73.55(q)(2) requires that the licensee shall maintai n all records required to be kept by Commission regulations, orders, or license conditions, until the Commission terminates the license for which the records were developed, and shall maintai n superseded portions of these records for at least 3 years after the record is superseded, un less otherwise specified by the Commission. There is no information collection for this requir ement.

Subsection 73.55(q)(3) requires licensees to retain any written agreement with a contracted security force for the duration of the contract.

24 Subsection 73.55(q)(4) requires licensees to retain all audit r eports, and to make them available for inspection, for 3 years. The information collection associ ated with this requirement appears in 10 CFR 73.55(m).

Subsection 73.55(r) describes the process by which licensees ma y submit requests for alternative measures in accordance with 10 CFR 50.4, Written c ommunications, and 10 CFR 50.90, Application for amendment of license, constructi on permit, or early site permit.

There is no information collection for this subsection.

Subsection 73.56(a)(4) allows a licensee or applicant to accept, in part or whole, an access authorization program implemented by a contractor or vendor. T o be acceptable, access authorization programs or progr am elements developed, implemented, or maintained by contractors or vendors must meet the requirements of 10 CFR 73. 56, Personnel access authorization requirements for nuclear power plants.

Subsection 73.56(d) requires a documented background investigat ion for any individual granted unescorted access to the protected or vital area of a nuclear p ower plant. This subsection requires licensees, applicants, and contractor or vendors to ob tain written consent from individuals who are applying for unescorted access authorizatio n before initiating background investigations. It also requires licensees, applicants, and co ntractor or vendors to inform individuals that they have the right to review information coll ected to ensure its accuracy; that withdrawal of consent will withdraw their current application f or access authorization; and that other licensees, applicants, and contractor or vendors will hav e access to information documenting the withdrawal. Licensees, applicants, and contrac tor or vendors must complete any background investigation elements that were in progress whe n an applicant withdrew his or her consent. They must record the individuals application for unescorted access authorization, his or her withdrawal of consent for the background investigati on, the reason given for the withdrawal, if any, and any pertinent information collected fro m the background investigation elements that were completed. This subsection requires any ind ividual who is applying for unescorted access authorization to disclose the personal histor y information that is required by the licensees, applicants, or contractor or vendors authoriz ation program, as well as any other information that may be necessary for the reviewing official to make a determination of the individuals trustworthiness and reliability.

Subsection 73.56(e) requires psychological assessments of indiv iduals applying for or having unescorted access. It requires that the licensee, applicant, o r contractor or vendor enable the licensed clinical psychologist or psychiatrist conducting an as sessment to communicate with other medical personnel as needed, and that the psychologist or psychiatrist advise the reviewing official of any indications or information, including medical conditions, that could adversely impact the individuals fitness for duty or trustwort hiness and reliability. In the case of an individual currently granted unescorted access or access aut horization, if the psychologist or psychiatrist identifies or discovers any information that could adversely impact the individuals fitness for duty or trustworthiness and reliability, he or she must inform the reviewing official of the discovery within 24 hours2.777778e-4 days <br />0.00667 hours <br />3.968254e-5 weeks <br />9.132e-6 months <br /> and must provide the results of t he evaluation and a recommendation to the reviewing official.

Subsection 73.56(f) requires each person subject to the behavio r observation program to report any concerns arising from behavioral observation.

25 Subsection 73.56(g) requires any individual who has applied for or is maintaining unescorted access authorization to promptly report to the reviewing offici al any formal actions taken against him or her by a law enforcement authority or court of law, incl uding arrests, indictments, the filing of charges, and convictions. Licensees must inform indi viduals of this obligation in writing before granting unescorted access or certifying unescorted acce ss authorization.

Subsection 73.56(i) requires licensees, applicants, and contrac tor or vendors to complete a criminal history update, credit history reevaluation, and psych ological reassessment of each individual with unescorted access within 5 years of the date on which these elements were last completed, or more frequently, depending on job assignment. Li censees, applicants, and contractor or vendors must administratively withdraw an individ uals unescorted access authorization if the criminal history update, credit history re evaluation, psychological reassessment, and supervisory review have not been completed.

Subsection 73.56(j) requires licensees to establish, implement, and maintain a list of individuals who are authorized to have unescorted access to specific nuclea r power plant vital areas during nonemergency conditions. This list assists in limiting nonemerg ency access to vital areas. The list must be approved by a cognizant licensee or applicant mana ger or supervisor who is responsible for directing the work activities of the individual who is granted unescorted access to each vital area, and it must be updated and reapproved no less frequently than every 31 days.

Subsection 73.56(k) requires licensees, applicants, and contrac tor or vendors to conduct background checks on individuals who collect, process, or have access to the sensitive personal information used to make unescorted access determinati ons, increasing the scope of individuals who are subject to background checks.

Subsection 73.56(l) requires licensees to include review and no tification procedures in their access authorization program. The information collection assoc iated with this requirement appears in 10 CFR 73.55(c)(7).

Subsection 73.56(m) requires licensees, applicants, and contrac tor or vendors that collect personal information about individuals for compliance with 10 C FR 73.56 to establish and maintain a system of files and procedures to protect the person al information.

Subsection 73.56(m)(1) requires licensees and contractor or ven dors to obtain signed consent from the subject individual that authorizes the disclosure of a ny personal information collected and maintained under 10 CFR 73.56 before disclosing the informa tion. This does not apply to disclosures of such information to other licensees and applican ts, or their authorized representatives, such as contractor or vendors, who are legitim ately seeking the information for unescorted access or unescorted access authorization determinat ions under 10 CFR 73.56.

Subsection 73.56(m)(2) requires licensees, applicants, and cont ractor or vendors to provide copies of all records pertaining to a denial or unfavorable ter mination of unescorted access authorization to the subject individual or his or her designate d representative upon written request.

26 Subsection 73.56(m)(4) requires the establishment of procedures for the secure storage and handling of personal information. The information collection a ssociated with this requirement appears in 10 CFR 73.55(c)(7).

Subsection 73.56(n)(1) requires each licensee to ensure that it s entire access authorization program is audited nominally every 24 months.

Subsection 73.56(n)(2) states that if a licensee or applicant r elies upon a contracts and vendors program or program element to meet the requirements of 10 CFR 7 3.56, and if the contractor or vendors personnel providing the program services either are off site, or are on site but not under the direct daily supervision or observation of the licensees o r applicants personnel, then the licensee or applicant must audit the contactors and vendors pr ogram or program element on a nominal 12-month frequency. This subsection also requires that any access authorization program services that a contractor or vendor receives from subc ontractor personnel who are off site or are not under the direct daily supervision or observati on of the contractor or vendors personnel must be audited on a nominal 12-month frequency. The information collection associated with this requirement appears in 10 CFR 73.56(n)(1).

Subsection 73.56(n)(6) specifies how the audits required by 10 CFR 73.56(n)(1)-(2) must be documented. The information collection associated with this re quirement appears in 10 CFR 73.56(n)(1).

Subsection 73.57(a) states that each applicant for a license to operate a nuclear power reactor, as well as each entity that has provided written notice to the NRC of intent to file an application for licensing, certification, permitting, or approval of a prod uct subject to NRC regulation, shall submit fingerprint cards for individuals who will have access to SGI. Nuclear power plant licensees shall fingerprint each individual who will have access to SGI o r who will require unescorted access to the nuclear power facility.

Subsection 73.57(b)(1) requires that licensees fingerprint each individual who is permitted or seeking unescorted access to the nuclear power facility, unesco rted access to the nonpower reactor facility (in according with 10 CFR 73.57(g)), or access to SGI.

Subsection 73.57(b)(3) requires each nuclear power reactor lice nsee or nonpower reactor licensee to notify fingerprinted individuals that their fingerp rints will be used to secure a review of their criminal history recor ds, and to inform them of proper procedures for revising the record or including explanation in the record.

Subsection 73.57(b)(6) requires that nuclear power reactor lice nsees and nonpower reactor licensees submit fingerprints to the Attorney General of the Un ited States through the NRC. The information collection associated with this requirement appears in 10 CFR 73.57(b)(1).

Subsection 73.57(d) provides instructions for submitting finger print cards. The information collection associated with this requirement appears in 10 CFR 7 3.57(a).

Subsection 73.57(d)(1) requires nuclear power reactor licensees and nonpower reactor licensees to obtain, complete, and send to the NRC one fingerpr int record (Form FD-258) for each individual requiring unescorted access. The subsection al so requires that licensees establish procedures to minimize the rejection rate of fingerpr int cards. The information collection associated with this requirement appears in 10 CFR 7 3.57(b)(1).

27 Subsection 73.57(d)(2) requires the NRC to review applications for completeness and return applications that are incomplete or contain evident errors to l icensees. The information collection associated with this requirement appears in 10 CFR 7 3.57(b)(1).

Subsection 73.57(e) states that, before making a final adverse determination, the licensee must make available to the individual the contents of records obtain ed from the FBI for the purpose of assuring correct and complete information, and must retain a re cord of receipt by the individual of this notification for 1 year from the date of the notificati on. If, after reviewing the record, an individual believes that it is incorrect or incomplete and wish es to make changes, corrections, or updates, or to explain any matter in the record, the individual may initiate challenge procedures.

Additionally, an individual par ticipating in an NRC adjudication and seeking to obtain SGI for use in that adjudication may appeal a final adverse determination b y the NRC.

Subsection 73.57(f)(1) requires each nuclear power reactor lice nsee or nonpower reactor licensee to establish and maintain a system of files and proced ures to protect criminal history records and personal information from unauthorized disclosure.

Subsection 73.57(f)(3) allows each nuclear power reactor licens ee or nonpower reactor licensee to transfer records on an individual to another licensee upon t he individuals written request and upon verification of personal information by the gaining licens ee.

Subsection 73.57(f)(4) requires nuclear power reactor licensees and nonpower reactor licensees to make records available to the NRC so that the NRC can determine compliance with regulations and laws.

Subsection 73.57(f)(5) requires nuclear power reactor licensees and nonpower reactor licensees to retain all fingerprint and criminal history record s, or copies of the records, on an individual for 1 year after termination or denial of: unescorte d access to the nuclear power reactor facility, nonpower reactor facility, or safeguards info rmation.

Subsection 73.57(g)(1) requires a review of an individuals cri minal history record by an NRC-approved reviewing official before the individual receives unes corted access to a nonpower reactor facility. The information collection associat ed with this requirement appears in 10 CFR 73.57(b)(1).

Subsections 73.57(g)(2)(i) and 73.57(g)(2)(ii) require nonpower reactor licensees to obtain fingerprints for a criminal history records check for each indi vidual seeking or permitted unescorted access to vital areas or SNM in the nonpower reactor facility. The information collection associated with this requirement appears in 10 CFR 7 3.57(b)(1).

Subsection 73.58(b) requires licensees to assess and manage the potential for adverse effects on safety and security before implementing changes to plant con figurations, procedures, facility conditions, or security. This implies that licensees need to m aintain safety/security interface written procedures.

Subsection 73.58(d) requires licensees to communicate identifie d adverse interactions to the appropriate licensee personnel and to take compensatory and/or mitigative actions to maintain safety and security.

28 Subsection 73.60(e) requires licensees to establish, maintain, and follow an NRC-approved SCP. The information collection associated with this requireme nt appears in 10 CFR 73.20.

Subsection 73.67(a) requires the physical protection system to respond to indications of unauthorized removal of SNM and notify the appropriate response forces of its removal in order to facilitate its recovery.

Subsection 73.67(c) requires the licensee to submit a security plan or amended security plan describing how the licensee will comply with the physical prote ction requirements 10 CFR 73.67. The information collection associated with this requirement appears in 10 CFR 73.20.

Subsection 73.67(d)(11) requires the establishment of response procedures in support of the physical protection program. The information collection associ ated with this requirement appears in 10 CFR 73.20.

Subsection 73.67(e)(1) requires that a licensee shipping SNM of moderate strategic significance provide advance notification to the receiver of any planned shi pments, specifying the mode of transport, estimated time of arrival, location of the nuclear m aterial transfer point, name of the carrier, and transport identification. Before commencement of the shipment, the licensee must also receive confirmation from the receiver that the receiver w ill be ready to accept the shipment at the planned time and location and acknowledges the specified mode of transport. The required notification and confirmation alert the intended recei ver of an impending shipment and ensure that the shipper has preplanned the transportation of th e material and that the receiver is ready to accept the material. It also helps ensure positive co ntrol of the material during transport and facilitates tracing of any missing material.

Subsection 73.67(e)(3) states that a licensee that arranges for the in-transit physical protection of SNM of moderate strategic significance, or that takes delive ry of this material free on board the point at which it is delivered to a carrier for transport, must establish and maintain written response procedures for dealing with thefts or threats of theft s of the material. The licensee must retain a copy of the procedures as a record. The licensee uses this information to provide instructions to employees for dealing with contingencies. The NRC inspects the information to verify that the licensee has developed adequate procedures for dealing with thefts or threats of thefts. Licensees must make arrangements to be notified immedi ately of the arrival of the shipment at its destination, or of any such shipment that is lo st or unaccounted for after the estimated time of arrival at its destination. The licensee use s this information to determine that a shipment either has arrived safely or is missing. The notifi cation gives the licensee a basis for initiating a trace investigation, which is required if a shipme nt is delayed or lost. Licensees must notify the NRC Operations Center within 1 hour1.157407e-5 days <br />2.777778e-4 hours <br />1.653439e-6 weeks <br />3.805e-7 months <br /> after the discov ery of the loss of a shipment and within 1 hour1.157407e-5 days <br />2.777778e-4 hours <br />1.653439e-6 weeks <br />3.805e-7 months <br /> after recovery of or accounting for a lost shipme nt, in accordance with 10 CFR 73.71. This notification permits the NRC to initiate or terminate a trace investigation if necessary.

Subsections 73.67(e)(4), 73.67(e)(5), and 73.67(e)(6)(i) list t he retention requirements for records required by 10 CFR 73.67(c) and 10 CFR 73.67(e). Burde n for records retention is captured under each specific requirement.

Subsection 73.67(e)(6)(ii) requires that a licensee that import s SNM of moderate strategic significance notify the exporter who delivered the material to a carrier for transport of the arrival

29 of such material. The exporting licensee uses this information to determine that a shipment either has arrived safely or is missing. Such notification giv es the licensee a basis for initiating a trace investigation if a shipment is delayed or lost.

Subsection 73.67(e)(7)(i) requires a shipper to provide additio nal information on a planned shipment upon request by the NRC. This information, if request ed, is used by the NRC to determine whether it is necessary to issue orders to licensees, if it appears to the NRC that two or more shipments of SNM of moder ate strategic significance, wh ose total amount is equal to or greater than a formula quantity of SSNM, may be en route at the same time.

Subsection 73.67(e)(7)(ii) requires that the receiver, or the s hipper if the receiver is not a licensee, notify the NRC by telephone within 24 hours2.777778e-4 days <br />0.00667 hours <br />3.968254e-5 weeks <br />9.132e-6 months <br /> after the arrival of a shipment at its final destination, or after the shipment has left the United States a s an export. This notification permits the NRC to confirm the integrity of the shipment at the time of receipt or exit from the United States.

Subsection 73.67(f)(4) requires the establishment of response p rocedures in support of the physical protection program. The information collection associ ated with this requirement appears in 10 CFR 73.20.

Subsections 73.67(g)(1)-(2) require that a licensee shipping SN M of low strategic significance provide advance notification to the receiver of any planned shi pments, specifying the mode of transport, estimated time of arrival, location of the nuclear m aterial transfer point, name of the carrier, and transport identification. Before commencement of the shipment, the licensee must also receive confirmation from the receiver that the receiver w ill be ready to accept the shipment at the planned time and location and acknowledges the specified mode of transport. The receiving licensee must notify the shipper of the receipt of th e material in accordance with 10 CFR 74.15, Nuclear material transaction reports. The requ ired notifications and confirmation ensure that the shipper has preplanned the transpo rtation of the material and that the receiver is ready to accept the material. They also help e nsure positive control of the material during transport and traceability of any missing mater ial.

Subsection 73.67(g)(3)(i) requires the establishment of respons e procedures in support of the physical protection program. The information collection associ ated with this requirement appears in 10 CFR 73.20.

Subsection 73.67(g)(3)(ii) requires that a shipper of SNM of lo w strategic significance make arrangements to be notified immediately of the arrival of the s hipment at its destination, or of any such shipment that is lost or unaccounted for after the est imated time of arrival at its destination. The licensee uses this information to determine t hat a shipment either has arrived safely or is missing. The notification gives the licensee a ba sis for initiating a trace investigation if a shipment is delayed or lost.

Subsection 73.67(g)(3)(iii) requires that a licensee notify the NRC Operations Center within 1 hour1.157407e-5 days <br />2.777778e-4 hours <br />1.653439e-6 weeks <br />3.805e-7 months <br /> after the discovery of the loss of a shipment and within 1 hour1.157407e-5 days <br />2.777778e-4 hours <br />1.653439e-6 weeks <br />3.805e-7 months <br /> after recovery of or accounting for a lost shipment, in accordance with 10 CFR 73.71. This notification permits the NRC to initiate or terminate a trace investigation if necessary.

Subsection 73.67(g)(4) lists the records retention requirements for materials export records.

Burden associated with records retention is reported under each specific requirement.

30 Subsection 73.67(g)(5)(i) lists the records retention requireme nts for materials import records.

Burden associated with records retention is reported under each specific requirement.

Subsection 73.67(g)(5)(ii) requires that a licensee notify the person who delivered material to a carrier for transport of the arrival of the material. The lice nsee uses this information to determine that a shipment either has arrived safely or is missi ng. The notification gives the licensee a basis for initiating a trace investigation if a ship ment is delayed or lost.

Subsection 73.70(a) requires that the licensee keep a record of the names and addresses of all authorized individuals. This information serves to identify th ose responsible for surveillance of SNM, and to limit the number of individuals with such responsib ility. It identifies persons who had access if an investigation pr oves necessary and provides ve rification, during inspections, that designation and access control procedures are being proper ly conducted.

Subsection 73.70(b) requires that the licensee keep a record of the names, addresses, and badge numbers of all individuals authorized to have access to v ital equipment or SNM, and the vital areas and material access areas to which authorization is granted. This record provides formal access authorization control. It provides verification that access control requirements are being met and serves to limit the number of individuals with su ch access.

Subsection 73.70(c) requires that the licensee keep a register of visitors, vendors, and other individuals not employed by the licensee. The information coll ections associated with this requirement appear in 10 CFR 73.46, 10 CFR 73.50, and 10 CFR 73.55.

Subsection 73.70(d) requires that the licensee keep a log of al l individuals granted access to a vital area, except those individuals entering or exiting the re actor control room. This record shows who had access to vital areas. It is inspected to assess licensee performance in minimizing unnecessary access. It can also provide data to aid an investigation of an irregular event.

Subsection 73.70(e) requires that the licensee keep documentati on of all routine security tours and inspections, and of all tests, inspections, and maintenance performed on physical barriers, intrusion alarms, communications equipment, and other security-related equipment. This documentation provides a record of security tours, tests, and maintenance and allows verification during inspections of the frequency of tests and p rompt maintenance after failures.

It also provides an equipment maintenance history that is usefu l in evaluating operating performance.

Subsection 73.70(f) requires that the licensee keep a record at each onsite alarm annunciation location of each alarm, false alarm, alarm check, and tamper in dication. The licensee must also record details of response by facility guards and watchmen to e ach alarm, intrusion, or other security incident. This includes all types of signals sent to the alarm systems main computer, including authorized door openings and closings. The record pr ovides verification that alarms are operating properly, that licensees respond properly, and th at operational checks are conducted in accordance with the regulations. It also facilita tes evaluation of the long-term reliability of the alarm system.

Subsection 73.70(g) requires that the licensee keep a record of shipments of SNM subject to the requirements of 10 CFR Part 73, including names of carriers, major roads to be used, flight numbers for air shipments, dates and expected times of departur e and arrival of shipments,

31 verification of communication equipment on board the transfer v ehicle, names of individuals who are to communicate with the transport vehicle, container seal d escriptions and identification, and other details to confirm compliance with protection requirement s. The licensee must also record information obtained during the course of the shipment, such as reports of all communications, changes of shipping plan (including monitor changes), trace inv estigations, and other information. These records serve as a part of the material con trol system by documenting bulk inventory change at any given plant. They also provide an audi t trail and experience base for evaluating the transportation process at a later time.

Subsection 73.70(h) requires that the licensee maintain written procedures for controlling access to protected areas and for controlling access to keys fo r locks used to protect SNM.

These procedures aid in access control and lock and key control. They also serve as a record that may be inspected to assess the licensee's performance in m inimizing access and providing adequate control of key and lock operations.

Subsection 73.71(a) requires that each licensee subject to the provisions of 10 CFR 73.25, 10 CFR 73.26, 10 CFR 73.27(c), 10 CFR 73.37, 10 CFR 73.67(e), o r 10 CFR 73.67(g) notify the NRC Operations Center within 1 hour1.157407e-5 days <br />2.777778e-4 hours <br />1.653439e-6 weeks <br />3.805e-7 months <br /> after the discovery of the loss of any shipment of SNM or SNF and within 1 hour1.157407e-5 days <br />2.777778e-4 hours <br />1.653439e-6 weeks <br />3.805e-7 months <br /> after recovery of or accounting for such a lost shipment. This notification permits the NRC to initiate or terminate a trace investigation if necessary. Each such licensee must follow the initial telephonic notification with a written report to the NRC within 60 days.

This report permits the NRC to analyze and evaluate the event a nd subsequent recovery efforts.

The licensee must make a follow-up telephonic notification and written report to the NRC if any significant supplemental information is discovered or if correc tions to previous reports are necessary. The licensee must retain copies of the written repo rts as a record for 3 years.

Subsection 73.71(b) requires that each licensee subject to the provisions of 10 CFR 73.20, 10 CFR 73.37, 10 CFR 73.50, 10 CFR 73.55, 10 CFR 73.60, or 10 C FR 73.67 notify the NRC Operations Center within 1 hour1.157407e-5 days <br />2.777778e-4 hours <br />1.653439e-6 weeks <br />3.805e-7 months <br /> after the discovery of a theft or attempted theft or unlawful diversion of SNM. Each licensee subject to the provisions of 1 0 CFR 73.20, 10 CFR 73.37, 10 CFR 73.50,10 CFR 73.51, 10 CFR 73.55, or 10 CFR 73.60, or posse ssing SSNM and subject to10 CFR 73.67, must notify the NRC Operations Center within 1 hour1.157407e-5 days <br />2.777778e-4 hours <br />1.653439e-6 weeks <br />3.805e-7 months <br /> after the discovery of the following:

  • actual or attempted significant physical damage to a nuclear po wer reactor or any facility possessing SSNM or its equipment or carrier equipment transporting nuclear fuel or SNF, or to the nuclear fuel or SNF a facility or carrie r possesses
  • actual or attempted interruption of normal operation of a licen sed nuclear power reactor through the unauthorized use of or tampering with its machinery, components, or controls, including the security system
  • an actual entry of an unauthorized person into a protected area, material access area, controlled access area, vital area, or transport; or any failur e, degradation, or discovered vulnerability in a safeguard system that could allow unauthorized or undetected access to one of the above areas, for which compensa tory measures have not been employed

32 Each licensee subject to the provisions of 10 CFR 73.20, 10 CFR 73.37, 10 CFR 73.50, 10 CFR 73.51, 10 CFR 73.55, or 10 CFR 73.60 must notify the NRC Operations Center within 1 hour1.157407e-5 days <br />2.777778e-4 hours <br />1.653439e-6 weeks <br />3.805e-7 months <br /> after the discovery of an event involving actual or attemp ted introduction of contraband into one of the above areas. The NRC requires the reports made purs uant to 10 CFR 73.71 so that it may evaluate the significance of events and determine whethe r a change in a licensee's safeguards plan is needed and whether a report to Congress is n ecessary in accordance with Section 208 of the Energy Reorganization Act of 1974, as amende d. The NRC also needs the safeguards event reports to develop a database to help identify generic problems and give feedback to licensees for improving their safeguards systems.

Subsection 73.71(c) requires that each licensee subject to the provisions of 10 CFR 73.20, 10 CFR 73.37, 10 CFR 73.50, 10 CFR 73.51, 10 CFR 73.55, or 10 C FR 73.60, or possessing SSNM and subject to 10 CFR 73.67(d), must maintain a current lo g and record the safeguards events described in Subsections II(a)-(b) of Appendix G, Repor table Safeguards Events, to 10 CFR Part 73, within 24 hours2.777778e-4 days <br />0.00667 hours <br />3.968254e-5 weeks <br />9.132e-6 months <br /> of discovery by a licensee employe e or member of the licensee's contract security organization.

Subsection 73.71(d) provides guidance for submitting the 60-day reports required under the foregoing provisions of 10 CFR 73.71. It states that nuclear p ower reactor licensees must submit the written report using NRC Form 366, Licensee Event R eport. Other licensees must submit the written report in letter format. NRC Form 366 has p reviously been cleared under OMB No. 3150-0104, which should be referred to for additional s upporting information and burden and cost data. Both the licensee and the NRC need to ma intain copies of the reports, for the following reasons. The licensee must maintain copies t o perform the yearly security audit required by 10 CFR 73.46(g)(6) for fuel facilities and by 10 CFR 73.55(g)(4) for power reactors. This audit evaluates the effectiveness of the securi ty systems at these facilities. Also, in order to maintain the level of security deemed adequate by t he NRC, the licensee must observe and analyze the operational aspects of its security sys tem. This requires the maintenance and analysis of records such as those for security events. The NRC maintains copies of security event records to conduct analyses to identif y and characterize generic and facility-specific precursors to certain safeguards events. Imp roving its ability to identify generic precursors or defects allows the NRC to initiate corrective act ion, if needed, before a vulnerability can adversely affect public health and safety.

Section 73.72 states that licensees shipping a formula quantity of SSNM, SNM of moderate strategic significance, or irradiated reactor fuel that must be protected pursuant to 10 CFR 73.37, Requirements for physical protection of irradiat ed reactor fuel in transit, must notify the NRC in writing at least 10 days before shipment, pro viding shipment details and itinerary, and must notify the NRC by telephone of the transmit tal of the advance notice and of any changes to the shipment itinerary. Such notification allow s the NRC to review shipment details and schedule appropriate monitoring of the shipment. I t also allows verification of shipment details during inspections.

Section 73.73 requires licensees exporting SNM of low strategic significance to notify the NRC in writing at least 10 days before shipment, providing shipment details and itinerary. Licensees may notify the NRC by telephone of any changes to the shipment details or itinerary. Such notification allows the NRC to review shipment details and sche dule appropriate monitoring of the shipment. It also allows verification of shipment details during inspections.

Section 73.74 requires licensees importing SNM of low strategic significance from a country not a party to the Convention on the Physical Protection of Nuclear Material to notify the NRC in

33 writing at least 10 days before shipment, providing shipment de tails and itinerary. Licensees may notify the NRC by telephone of any changes to the shipment details or itinerary. Such notification allows the NRC to review shipment details and sche dule appropriate monitoring of the shipment. It also allows verification of shipment details during inspections.

Subsection 73.77(a)(1) requires licensees subject to the provis ions of 10 CFR 73.54 to notify the NRC Operations Center of the cybersecurity events identifie d at 10 CFR 73.77(a)(1) through the Emergency Notification System within 1 hour1.157407e-5 days <br />2.777778e-4 hours <br />1.653439e-6 weeks <br />3.805e-7 months <br /> after discovery. Notifications must be made according to 10 CFR 73.77(c).

Subsection 73.77(a)(2) requires licensees subject to the provis ions of 10 CFR 73.54 to notify the NRC Operations Center of the cybersecurity events identifie d at 10 CFR 73.77(a)(2)(i)-(iii) through the Emergency Notification System within 4 hours4.62963e-5 days <br />0.00111 hours <br />6.613757e-6 weeks <br />1.522e-6 months <br /> after discovery. Notifications must be made according to 10 CFR 73.77(c).

Subsection 73.77(a)(3) requires licensees subject to the provis ions of 10 CFR 73.54 to notify the NRC Operations Center of the cybersecurity events identifie d at 10 CFR 73.77(a)(3) through the Emergency Notification System within 8 hours9.259259e-5 days <br />0.00222 hours <br />1.322751e-5 weeks <br />3.044e-6 months <br /> after discover y. Notifications must be made according to 10 CFR 73.77(c).

Subsection 73.77(b) requires lice nsees subject to the provisions of 10 CFR 73.54 to record cybersecurity events identified at 10 CFR 73.77(b) using the si te corrective action program within 24 hours2.777778e-4 days <br />0.00667 hours <br />3.968254e-5 weeks <br />9.132e-6 months <br /> after discovery.

Subsections 73.77(c)(1)-(4) describe the notification process. Burden for these notifications is captured under 10 CFR 73.77(a)(1)-(3).

Subsection 73.77(d) requires licensees making an initial teleph onic notification of cybersecurity events to the NRC according to the provisions of 10 CFR 73.77(a )(1), 10 CFR 73.77(a)(2)(i),

and 10 CFR 73.77(a)(2)(iii) to also submit a written security f ollow-up report to the NRC within 60 days of the telephonic notification, using NRC Form 366. Li censees are not required to submit a written security follow-up report following a telephon ic notification made under 10 CFR 73.77(a)(2)(iii) and 10 CFR 73.77(a)(3).

Subsection 73.77(d)(12) requires licensees to maintain a copy o f the written security follow-up report of an event submitted under 10 CFR 73.77, Cyber securit y event notifications, as a record for a period of 3 years from the date of the report or u ntil the NRC terminates the license for which the records were developed, whichever comes first.

Appendix B, General Criteria for Security Personnel, to 10 CF R Part 73 sets the minimum training and qualification criteria for security personnel. Mu ch of the information in this appendix repeats requirements listed earlier in this part with more deta il. Where the appendix identifies new or additional requirements, they are captured below.

Subsection VI B.4.a.1 of Appendix B to 10 CFR Part 73 requires licensees to obtain and retain a written certification from a licensed physician that no medical conditions were disclosed by the medical examination that would preclude the individuals abilit y to participate in the physical fitness tests or meet the physical fitness attributes or object ives associated with assigned duties.

34 Subsection VI B.4.b.4 of Appendix B to 10 CFR Part 73 requires that a qualified training instructor document the physical fitness qualification of each armed member of the security organization, and that this qualification be attested to by a s ecurity supervisor. The information collection for this requirement includes the requalification re quirement contained in Section VI B.5.b of Appendix B.

Subsection VI B.5.b of Appendix B to 10 CFR Part 73 requires th at a qualified training instructor document the physical fitness requalification of each armed mem ber of the security organization, and that this requalification be attested to by a security supervisor. The information collection associated with this requirement appears in Subsection VI B.4.b.4 of Appendix B.

Subsection VI C.2.b of Appendix B to 10 CFR Part 73 requires th at a licensee training instructor document, and a security supervisor attest to, each individual s on-the-job training.

Subsection VI C.3.a of Appendix B to 10 CFR Part 73 requires li censees to develop, implement, and maintain a documented PEP. The PEP shall be referenced in the T&QP. This is a one-time requirement connected to 10 CFR 75.55(a).

Subsection VI C.3.g of Appendix B to 10 CFR Part 73 requires ea ch tactical response drill and force-on-force exercise to include a documented post-exercise c ritique in which participants identify failures, deficiencies, or other findings.

Subsection VI C.3.h of Appendix B to 10 CFR Part 73 requires do cumentation of scenarios and participants for all drills and exercises. The information col lection associated with this requirement appears in Subsection VI C.3.g of Appendix B.

Subsection VI C.3.i of Appendix B to 10 CFR Part 73 requires li censees to enter findings, deficiencies, and failures identified in drills and exercises i nto the corrective action program.

The information collection associated with this requirement app ears in Subsection VI C.3.g of Appendix B.

Subsection VI C.3.m of Appendix B to 10 CFR Part 73 requires li censees to develop and document scenarios for drills and exercises. The information c ollection associated with this requirement appears in Subsection VI C.3.g of Appendix B.

Subsection VI E.1.b of Appendix B to 10 CFR Part 73 requires li censees to use firearms instructors who are certified from a national or state recogniz ed entity. Each instructors certification must specify the weapon type(s) for which the ins tructor is qualified to teach.

Firearms instructors shall be recertified in accordance with th e standards recognized by the certifying national or state entity, but in no case shall recer tification exceed 3 years.

Subsection VI E.1.d of Appendix B to 10 CFR Part 73 requires li censees to include in the T&QP the following additional standards: target identification and e ngagement, weapon malfunctions, cover and concealment, and weapon familiarization. This is a o ne-time requirement whose burden is included in 10 CFR 73.55(a).

Subsection VI F.1.b of Appendix B to 10 CFR Part 73 requires li censees to document and retain the results of weapons qualification and requalification.

35 Subsection VI F.2 of Appendix B to 10 CFR Part 73 requires that a licensees written T&QP describe the firearms used, the firearms qualification program, and other tactical training required to implement the licens ees NRC-approved security plans, protective strategy, and implementing procedures. This is a one-time requirement whose burden is included in 10 CFR 73.55(a).

Subsection VI F.5.a of Appendix B to 10 CFR Part 73 requires li censees to requalify armed members of the security organization for each assigned weapon a t least annually, in accordance with NRC requirements and the NRC-approved T&QP, and to document and retain the results as a record. The information collection associated with this requirement appears in Subsection VI F.1.b of Appendix B.

Subsection VI G.3.a of Appendix B to 10 CFR Part 73 requires li censees to include in the T&QP a firearms maintenance and accountability program to ensure tha t weapons and ammunition are properly maintained, function as designed, and are properly sto red and accounted for. This is a one-time requirement whose burden is included in 10 CFR 73.55(a ).

Subsection VI H.1 of Appendix B to 10 CFR Part 73 requires lice nsees to retain all reports, records, or other documentation required by Appendix B in accor dance with the requirements of 10 CFR 73.55(q). The burden for this requirement is included i n each specific recordkeeping requirement.

Appendix C, Licensee Safeguards Contingency Plans, to 10 CFR Part 73 describes the specific requirements for the SCP required by 10 CFR 73.20 and 10 CFR 73.55(c)(5). There are no additional information collections in Appendix C.

Appendix G to 10 CFR Part 73 clarifies the requirements for rep orting safeguards events.

Safeguards events provide a vehicle for feedback to licensees a bout the effectiveness of safeguards systems. Some safeguards events require immediate r esponse by the NRC. Under 10 CFR 73.71, these events must be reported within 1 hour1.157407e-5 days <br />2.777778e-4 hours <br />1.653439e-6 weeks <br />3.805e-7 months <br /> of de tection of their occurrence to permit timely response by NRC regional and headquarters staff; licensees must provide a written report within 60 days. Other safeguards events, while less significant, must be reported to determine trends in deficiencies in safeguards systems. The NRC has established a program for collecting and analyzing all pertinent safeguards data. Th e NRC enters these data immediately into its database and begins analysis as soon as th e data are entered. Upon completion of the analysis, the NRC initiates appropriate actio n and response. To achieve program objectives, a standardized level of detail is required for the evaluation of safeguards events. Analysis results are used to improve regulations for f acilities, to prepare for inspections, and to give feedback to licensees for improving their safeguard s systems.

Confirmatory Action Letter (CAL), No. NRR-02-005, dated October 28, 2002, requires research and test reactors (currently called nonpower reactors) to estab lish a physical security and access authorization program. The implementation plans were su bmitted for this CAL when the compensatory measures were first issued, in 2003 and 2005, and there are currently no submissions. Compensatory measures have now been incorporated into the PSP. Burden for ongoing recordkeeping is captured in the estimates for establis hing and maintaining NRC-approved PSPs, T&QPs, and SCPs.

36 10 CFR PART 73 GUIDANCE DOCUMENTS1

Title Agencywide Documents Access and Management System (ADAMS)

Accession No. or Link RG 1.206, Combined License Applications for ML18131A181 Nuclear Power Plants, Rev. 1, October 2018NRC Regulatory Guides (RGs)Materials and Plant https://www.nrc.gov/reading-rm/doc-Protection (Division 5) collections/reg-guides/protection/rg/

RG 7.13, Transportation Security Plans for ML14287A484 (nonpublic)

Classified Matter Shipments, Rev. 0, June 2015 NUREG-0561, Physical Protection of Shipments ML13120A230 of Irradiated Reactor Fuel, Rev. 2, April 2013 NUREG-1619, Standard Review Plan for ML020720453 Physical Protection Plans for the Independent Storage of Spent Fuel and High-Level Radioactive Waste, July 1998 Generic Letter 91-03, Reporting of Safeguards ML031140131 Events, March 6, 1991 Nuclear Energy Institute (NEI) 03-12, Template ML112800379 plus an SGI document for the Security Plan, Training and Qualification Plan, Safeguards Contingency Plan, [and Independent Spent Fuel Storage Installation Security Program], Rev. 7, October 2011 NEI 03-12, Template for the Security Plan, ML18137A359 plus an SGI document Training and Qualification Plan, Safeguards Contingency Plan, [and Independent Spent Fuel Storage Installation Security Program], Rev. 7.1, January 2018 NEI 08-09 (NRC-endorsed), Cyber Security Plan ML101180437 for Nuclear Power Reactors, Rev. 6, April 2010 NEI 08-09 (NRC-endorsed), Addendum 7, ML19058A511 Evaluating and Documenting Use of Alternative Cyber Security Controls/Countermeasures, December 2018 NEI 11-08 (NRC-endorsed), Guidance on ML12216A194 Submitting Security Plan Changes, Rev. 0, August 2012 NEI 99-02, Regulatory Assessment ML092931123 Performance Indicator Guideline, Rev. 6, October 2009

1 This list is not all-inclusive.

37

Retrieved from "https://kanterella.com/w/index.php?title=ML21244A281&oldid=3747199"