ML19242C763: Difference between revisions
StriderTol (talk | contribs) (Created page by program invented by StriderTol) |
StriderTol (talk | contribs) (StriderTol Bot change) |
||
| Line 1: | Line 1: | ||
{{Adams | |||
| number = ML19242C763 | |||
| issue date = 08/28/2019 | |||
| title = Information Request for the Cyber-Security, Baseline Security Inspection, Notification to Perform Inspection 05000390/2019411 and 05000391/2019411 | |||
| author name = Shaeffer S | |||
| author affiliation = NRC/RGN-II, NRC/RGN-II/DRS | |||
| addressee name = Shea J | |||
| addressee affiliation = Tennessee Valley Authority | |||
| docket = 05000390, 05000391 | |||
| license number = NPF-090, NPF-096 | |||
| contact person = Reeder D | |||
| document report number = IR 2019411 | |||
| document type = Letter | |||
| page count = 5 | |||
}} | |||
See also: [[see also::IR 05000390/2019411]] | |||
=Text= | |||
{{#Wiki_filter:OFFICIAL USE ONLY - SECURITY RELATED INFORMATION | |||
UNITED STATES | |||
NUCLEAR REGULATORY COMMISSION | |||
REGION II | |||
245 PEACHTREE CENTER AVENUE NE, SUITE 1200 | |||
ATLANTA, GEORGIA 30303-1257 | |||
August 28, 2019 | |||
Mr. Joseph W. Shea | |||
Vice President, Nuclear Regulatory Affairs | |||
and Support Services | |||
Tennessee Valley Authority | |||
1101 Market Street, LP 1-A i | |||
Chattanooga, TN 37402-2801 | |||
SUBJECT: WATTS BAR NUCLEAR PLANT - INFORMATION REQUEST FOR THE CYBER-SECURITY, | |||
BASELINE SECURITY INSPECTION, NOTIFICATION TO PERFORM INSPECTION | |||
05000390/2019411 AND 05000391/2019411 | |||
Dear Mr. Shea: | |||
On November 18, 2019, the U.S. Nuclear Regulatory Commission (NRC) will begin a baseline security | |||
inspection in accordance with Inspection Procedure (IP) 71130.10P Cyber-Security, Revision 0 at the | |||
Watts Bar Nuclear Plant. The inspection will be performed to evaluate and verify your ability to meet | |||
the Milestone 8 (i.e., full implementation) requirements of the NRCs Cyber-Security Rule, Title 10, Code | |||
of Federal Regulations (CFR), Part 73, Section 54, Protection of Digital Computer and Communication | |||
Systems and Networks. The onsite portion of the inspection will take place during the weeks of | |||
November 18 thru December 13, 2019. | |||
Experience has shown that baseline inspections are extremely resource intensive, both for the NRC | |||
inspectors and the licensee staff. In order to minimize the inspection impact on the site and to ensure a | |||
productive inspection for both parties, we have enclosed a request for documents needed for the | |||
inspection. These documents have been divided into four groups. | |||
The first group specifies information necessary to assist the inspection team in choosing the focus areas | |||
(i.e., sample set) to be inspected by the cyber-security IP. This information should be made available | |||
via secure site (i.e., SharePoint, Certrec) no later than October 7, 2019. The inspection team will review | |||
this information and will request any additional specific items that should be provided for review to aid | |||
in inspection planning and preparation. | |||
Enclosure transmitted herewith contain(s) SUNSI. When separated from the enclosure(s), this | |||
transmittal document is decontrolled. | |||
LIMITED INTERNAL | |||
DISTRIBUTION PERMITTED | |||
OFFICIAL USE ONLY - SECURITY RELATED INFORMATION | |||
OFFICIAL USE ONLY - SECURITY RELATED INFORMATION | |||
J. Shea 3 | |||
inspection team will review this information and will request any additional specific items that should be | |||
provided for review to aid in inspection planning and preparation. | |||
The second group of additional requested documents will assist the inspection team in the evaluation of | |||
the critical systems and critical digital assets (CSs/CDAs), defensive architecture, and the areas of the | |||
licensees cyber security plan (CSP) selected for the cyber-security inspection. This information will be | |||
requested for review via secure site (i.e., SharePoint, Certrec) before November 4, 2019. | |||
The third group of requested documents consists of those items that the inspection team will review, or | |||
need access to, during the inspection. Please have this information available by the first day of the | |||
onsite inspection, November 18, 2019. | |||
The fourth group of information is necessary to aid the inspection team in tracking issues identified | |||
during or as a result of the inspection. It is requested that this information be provided to the lead | |||
inspector as the information is generated during the inspection. It is important that all these documents | |||
are kept up to date and complete in order to minimize the number of additional documents requested | |||
during the preparation and/or the onsite portions of the inspection. | |||
On August 12, 2019, during a telephone conversation between Mr. Braaten of our staff and Mr. Castro | |||
of your staff, the attributes of the enclosed were discussed. The lead inspector for this inspection is Mr. | |||
Phillip Braaten. We understand that our regulatory contact for this inspection will be Mr. Jason | |||
Weathersby of your organization. If there are any questions about the inspection or the material | |||
requested, please contact the lead inspector at 404-997-4651 or via e-mail at Philipp.Braaten@nrc.gov | |||
or me at 404-997-4521 or email at Scott.Shaeffer@nrc.gov. | |||
This letter does not contain new or amended information collection requirements subject to the | |||
Paperwork Reduction Act of 1995 (44 U.S.C. 3501 et seq.). Existing information collection requirements | |||
were approved by the Office of Management and Budget, control number 3150-0011. The NRC may not | |||
conduct or sponsor, and a person is not required to respond to, a request for information or an | |||
information collection requirement unless the requesting document displays a currently valid Office of | |||
Management and Budget control number. | |||
In accordance with 10 CFR 2.390, Public Inspections, Exemptions, Requests for Withholding, of the | |||
NRC's "Rules of Practice," a copy of this letter and its enclosure will not be available electronically for | |||
public inspection in the NRCs Public Document Room or from the Publicly Available Records (PARS) | |||
component of the NRC's Agencywide Documents Access and | |||
OFFICIAL USE ONLY - SECURITY RELATED INFORMATION | |||
OFFICIAL USE ONLY - SECURITY RELATED INFORMATION | |||
J. Shea 4 | |||
Management System (ADAMS). ADAMS is accessible from the NRC Web site at | |||
http://www.nrc.gov/reading-rm/adams.html (the Public Electronic Reading Room). | |||
Sincerely, | |||
/RA/ | |||
Scott M. Shaeffer, Chief | |||
Engineering Branch 2 | |||
Division of Reactor Safety | |||
Docket Nos.: 50-390, 50-391 | |||
License Nos.: NPF-90, NPF-96 | |||
Enclosure: | |||
Security Inspection Document Request | |||
cc: See Page 3 | |||
OFFICIAL USE ONLY - SECURITY RELATED INFORMATION | |||
ML 19242C763 _ SUNSI REVIEW COMPLETE FORM 665 ATTACHED | |||
OFFICE RII/DRS/EB2 RII/DRS/EB2 | |||
NAME P. Braaten S. Shaeffer | |||
DATE 8/28 / 2019 8/ 28 /2019 | |||
E-MAIL COPY? YES NO YES NO | |||
}} | |||
Revision as of 16:40, 3 March 2020
| ML19242C763 | |
| Person / Time | |
|---|---|
| Site: | Watts Bar  |
| Issue date: | 08/28/2019 |
| From: | Scott Shaeffer NRC/RGN-II, Division of Reactor Safety II |
| To: | James Shea Tennessee Valley Authority |
| Reeder D | |
| References | |
| IR 2019411 | |
| Download: ML19242C763 (5) | |
See also: IR 05000390/2019411
Text
OFFICIAL USE ONLY - SECURITY RELATED INFORMATION
UNITED STATES
NUCLEAR REGULATORY COMMISSION
REGION II
245 PEACHTREE CENTER AVENUE NE, SUITE 1200
ATLANTA, GEORGIA 30303-1257
August 28, 2019
Mr. Joseph W. Shea
Vice President, Nuclear Regulatory Affairs
and Support Services
Tennessee Valley Authority
1101 Market Street, LP 1-A i
Chattanooga, TN 37402-2801
SUBJECT: WATTS BAR NUCLEAR PLANT - INFORMATION REQUEST FOR THE CYBER-SECURITY,
BASELINE SECURITY INSPECTION, NOTIFICATION TO PERFORM INSPECTION
05000390/2019411 AND 05000391/2019411
Dear Mr. Shea:
On November 18, 2019, the U.S. Nuclear Regulatory Commission (NRC) will begin a baseline security
inspection in accordance with Inspection Procedure (IP) 71130.10P Cyber-Security, Revision 0 at the
Watts Bar Nuclear Plant. The inspection will be performed to evaluate and verify your ability to meet
the Milestone 8 (i.e., full implementation) requirements of the NRCs Cyber-Security Rule, Title 10, Code
of Federal Regulations (CFR), Part 73, Section 54, Protection of Digital Computer and Communication
Systems and Networks. The onsite portion of the inspection will take place during the weeks of
November 18 thru December 13, 2019.
Experience has shown that baseline inspections are extremely resource intensive, both for the NRC
inspectors and the licensee staff. In order to minimize the inspection impact on the site and to ensure a
productive inspection for both parties, we have enclosed a request for documents needed for the
inspection. These documents have been divided into four groups.
The first group specifies information necessary to assist the inspection team in choosing the focus areas
(i.e., sample set) to be inspected by the cyber-security IP. This information should be made available
via secure site (i.e., SharePoint, Certrec) no later than October 7, 2019. The inspection team will review
this information and will request any additional specific items that should be provided for review to aid
in inspection planning and preparation.
Enclosure transmitted herewith contain(s) SUNSI. When separated from the enclosure(s), this
transmittal document is decontrolled.
LIMITED INTERNAL
DISTRIBUTION PERMITTED
OFFICIAL USE ONLY - SECURITY RELATED INFORMATION
OFFICIAL USE ONLY - SECURITY RELATED INFORMATION
J. Shea 3
inspection team will review this information and will request any additional specific items that should be
provided for review to aid in inspection planning and preparation.
The second group of additional requested documents will assist the inspection team in the evaluation of
the critical systems and critical digital assets (CSs/CDAs), defensive architecture, and the areas of the
licensees cyber security plan (CSP) selected for the cyber-security inspection. This information will be
requested for review via secure site (i.e., SharePoint, Certrec) before November 4, 2019.
The third group of requested documents consists of those items that the inspection team will review, or
need access to, during the inspection. Please have this information available by the first day of the
onsite inspection, November 18, 2019.
The fourth group of information is necessary to aid the inspection team in tracking issues identified
during or as a result of the inspection. It is requested that this information be provided to the lead
inspector as the information is generated during the inspection. It is important that all these documents
are kept up to date and complete in order to minimize the number of additional documents requested
during the preparation and/or the onsite portions of the inspection.
On August 12, 2019, during a telephone conversation between Mr. Braaten of our staff and Mr. Castro
of your staff, the attributes of the enclosed were discussed. The lead inspector for this inspection is Mr.
Phillip Braaten. We understand that our regulatory contact for this inspection will be Mr. Jason
Weathersby of your organization. If there are any questions about the inspection or the material
requested, please contact the lead inspector at 404-997-4651 or via e-mail at Philipp.Braaten@nrc.gov
or me at 404-997-4521 or email at Scott.Shaeffer@nrc.gov.
This letter does not contain new or amended information collection requirements subject to the
Paperwork Reduction Act of 1995 (44 U.S.C. 3501 et seq.). Existing information collection requirements
were approved by the Office of Management and Budget, control number 3150-0011. The NRC may not
conduct or sponsor, and a person is not required to respond to, a request for information or an
information collection requirement unless the requesting document displays a currently valid Office of
Management and Budget control number.
In accordance with 10 CFR 2.390, Public Inspections, Exemptions, Requests for Withholding, of the
NRC's "Rules of Practice," a copy of this letter and its enclosure will not be available electronically for
public inspection in the NRCs Public Document Room or from the Publicly Available Records (PARS)
component of the NRC's Agencywide Documents Access and
OFFICIAL USE ONLY - SECURITY RELATED INFORMATION
OFFICIAL USE ONLY - SECURITY RELATED INFORMATION
J. Shea 4
Management System (ADAMS). ADAMS is accessible from the NRC Web site at
http://www.nrc.gov/reading-rm/adams.html (the Public Electronic Reading Room).
Sincerely,
/RA/
Scott M. Shaeffer, Chief
Engineering Branch 2
Division of Reactor Safety
Docket Nos.: 50-390, 50-391
Enclosure:
Security Inspection Document Request
cc: See Page 3
OFFICIAL USE ONLY - SECURITY RELATED INFORMATION
ML 19242C763 _ SUNSI REVIEW COMPLETE FORM 665 ATTACHED
OFFICE RII/DRS/EB2 RII/DRS/EB2
NAME P. Braaten S. Shaeffer
DATE 8/28 / 2019 8/ 28 /2019
E-MAIL COPY? YES NO YES NO