IR 05000254/2025401

From kanterella
Revision as of 21:46, 8 July 2025 by StriderTol (talk | contribs) (StriderTol Bot insert)
(diff) ← Older revision | Latest revision (diff) | Newer revision → (diff)
Jump to navigation Jump to search
(Quad) Information Request for the Cyber-Security Baseline Inspection Notification to Perform Inspection 05000254/2025401 05000265/2025401
ML25174A343
Person / Time
Site: Quad Cities  Constellation icon.png
Issue date: 06/23/2025
From: Fay K
NRC/RGN-III/DORS/EB2
To: Rhoades D
Constellation Energy Generation, Constellation Nuclear
References
IR 2025401
Download: ML25174A343 (1)
v  d  e


Text

SUBJECT:

QUAD CITIES NUCLEAR POWER STATION (QUAD), INFORMATION REQUEST FOR THE CYBER-SECURITY BASELINE INSPECTION, NOTIFICATION TO PERFORM INSPECTION 05000254/2025401; 05000265/2025401

Dear David Rhoades:

On August 25, 2025, the U.S. Nuclear Regulatory Commission (NRC) will begin a baseline inspection in accordance with Inspection Procedure (IP) 71130.10 Cyber-Security, Revision 0 at your Quad Cities Station. The inspection will be performed to evaluate and verify your ability to meet the NRCs Cyber-Security Rule, Title 10, Code of Federal Regulations (CFR), Part 73, Section 54, Protection of Digital Computer and Communication Systems and Networks. The onsite portion of the inspection will take place August 25-29, 2025.

Experience has shown that baseline inspections are extremely resource intensive, both for the NRC inspectors and the licensee staff. In order to minimize the inspection impact on the site and to ensure a productive inspection for both parties, we have enclosed a request for documents needed for the inspection. These documents have been divided into four groups.

The first group specifies information necessary to assist the inspection team in choosing the focus areas (i.e., sample set) to be inspected by the cyber-security IP. This information should be made available electronically no later than July 14, 2025. The inspection team will review this information and, by July 18, 2025, will request the specific items that should be provided for review.

The second group of additional requested documents will assist the inspection team in the evaluation of the critical systems and critical digital assets (CSs/CDAs), defensive architecture, and the areas of the licensees Cyber-Security Plan (CSP) selected for the cyber-security inspection. This information will be requested for review in the regional office prior to the inspection Aug 11, 2025, as identified above.

The third group of requested documents consists of those items that the inspection team will review, or need access to, during the inspection. Please have this information available by the first day of the onsite inspection, August 25, 2025.

June 23, 2025 The fourth group of information is necessary to aid the inspection team in tracking issues identified as a result of the inspection. It is requested that this information be provided to the lead inspector as the information is generated during the inspection. It is important that all of these documents are up-to-date and complete in order to minimize the number of additional documents requested during the preparation and/or the onsite portions of the inspection.

The lead inspector for this inspection is Kevin Fay. We understand that our regulatory contact for this inspection is Richard Swat of your organization. If there are any questions about the inspection or the material requested, please contact the lead inspector at 630-829-9866 or via email at Kevin.Fay@NRC.gov.

This letter does not contain new or amended information collection requirements subject to the Paperwork Reduction Act of 1995 (44 U.S.C. 3501 et seq.). Existing information collection requirements were approved by the Office of Management and Budget, Control Number 3150-0011. The NRC may not conduct or sponsor, and a person is not required to respond to, a request for information or an information collection requirement unless the requesting document displays a currently valid Office of Management and Budget control number.

In accordance with 10 CFR 2.390, Public Inspections, Exemptions, Requests for Withholding, of the NRC's "Rules of Practice," a copy of this letter and its enclosure will be available electronically for public inspection in the NRCs Public Document Room or from the Publicly Available Records (PARS) component of the NRC's Agencywide Documents Access and Management System (ADAMS). ADAMS is accessible from the NRC website at http://www.nrc.gov/reading-rm/adams.html (the Public Electronic Reading Room).

Sincerely, Kevin Fay, Senior Reactor Inspector Engineering Branch 2 Division of Operating Reactor Safety Docket Nos. 50-254 and 50-265 License Nos. DPR-29 and DPR-30 Enclosure:

Cyber-Security Inspection Document Request cc w/encl: Distribution via LISTSERV Signed by Fay, Kevin on 06/23/25

Retrieved from "https://kanterella.com/w/index.php?title=IR_05000254/2025401&oldid=5517588"