FINAL OMB SUPPORTING STATEMENT FOR
TITLE 10 OF THE CODE OF FEDERAL REGULATIONS
PART 95 FACILITY SECURITY CLEARANCE AND SAFEGUARDING OF NATIONAL SECURITY INFORMATION AND RESTRICTED DATA
3150-0047
EXTENSION
Description of Information Collection
Title 10 of the Code of Federal Regulations (10 CFR) Part 95 establishes procedures for obtaining facility security clearance and for safeguarding Secret and Confidential National Security Information and Restricted Data. Licensees under 10 CFR Part 95 fall within two categories, those who possess, use or transmit classified matter at their site or a cleared contractor site, and those licensees and contractors who only need access to classified matter at a government or appropriately cleared non-government site. The licensees, and contractors make reportable information available at their places of business or send the reports to the U.S. Nuclear Regulatory Commission (NRC) at its headquarters or regional offices. Reports or applications that are only required as occasioned by the occurrence of specific events, such as a modification to an existing security Standard Practice Procedures Plan (SPPP), an update to NRC Form 405F due to a change to key personnel positions identified in the rule, or a report of loss of classified information, would be an event- triggered cost. This clearance included information collected by the NRC Form 405F. Periodic training and other requirements for recordkeeping that are necessary for checking the licensees’ and contractors’ procedures for maintaining acceptable security education, facility, and classification/declassification programs are examples of recurring costs. The limited amount of personal information submitted in connection with facility clearance requests, classification/declassification actions, and other areas within these requirements is handled and protected in accordance with NRC directives and the provisions of the Privacy Act of 1974.
The reporting requirements of 10 CFR Part 95 affect approximately 28 respondents, comprised of licensees, licensee contractors, and several other entities that access classified matter under the rule. The number of responses per respondent includes requested information submitted by the contractor via the licensee.
JUSTIFICATION
Need for and Practical Utility of the Collection of Information
Part 95 of 10 CFR contains numerous reporting, recordkeeping, and application requirements, including requirements for submittal of information, plans, and procedures for the protection of classified information, automatic data processing (ADP) and telecommunications security plans, security recordkeeping requirements for compliance purposes, and security reporting and notification procedures for compliance and appropriate responses to certain events. In all cases, the requirements are necessary to help ensure that an adequate level of protection is provided for information determined to be classified. The reporting, recordkeeping, and application requirements are necessary for one of the reasons listed below:
To obtain essential descriptive data concerning the content and planned operation of the licensees’, or their contractors information security program, which is necessary for the NRC to determine the adequacy of planned methods and procedures for safeguarding classified information and matter that is used, stored, transmitted, reproduced, or destroyed.
To obtain essential data describing the licensees’, or their contractors’ planned program for ensuring employee indoctrination and continued awareness of their security responsibilities, to preclude unauthorized disclosure of classified information or matter and to ensure compliance with Executive Order (E.O.) 13526 and the National Industrial Security Program Operating Manual.
To obtain essential data that will permit NRC review and inspection of the licensees’, or their contractors’ classification procedures and compliance with regulatory requirements for classification and procedures concerning release of classified information to International Atomic Energy Agency (IAEA) representatives.
To obtain essential data that will permit NRC review and appraisal of the licensees’ or their contractors’ degree of foreign ownership, control, or influence to prevent unauthorized international transfer or disclosure of classified information or matter, and to ensure that classified activities are not adversely affected.
The currently effective information collection requirements of 10 CFR
Part 95 are identified and described in detail at the end of this supporting statement in the “Description of Information Collection Requirements.”
Agency Use of Information
The reports, security plans, and other security information are submitted to the NRC Division of Security Operations, in the Office of Nuclear Security and Incident Response. The information is used to help determine whether a licensee or their contractor is eligible to use, process, store, transmit, or handle NRC-classified information. The information is also used for periodic reviews and inspections to ensure appropriate regulations are continuously followed.
Reduction of Burden Through Information Technology
The NRC has issued Guidance for Electronic Submissions to the NRC which provides direction for the electronic transmission and submittal of documents to the NRC. Electronic transmission and submittal of documents can be accomplished via the following avenues: The Electronic Information Exchange process, which is available from the NRC’s “Electronic Submittals” Web page, by Optical Storage Media (e.g., CD-ROM, DVD), by facsimile, or by e-mail. It is estimated that less than 10% of the responses are filed electronically, the licenses can choose to file electronically or by mail.
Effort to Identify Duplication and to Use Similar Information
There is no duplication of requirements. In the event another agency also has an interest at the facility, this regulation specifically reduces or eliminates duplication through acceptance of the other agency’s security program to protect the NRC-classified information and matter.
Effort to Reduce Small Business Burden
Currently, no licensees who access classified information under the rule qualify as a small business. The requirements to access classified information under the rule are based on statutes or Executive Orders that must be complied with regardless of the size of the business.
Consequences to Federal Program or Policy Activities if the Collection is not Conducted or Conducted Less Frequently
Required reports and information are collected and evaluated on a continuing basis or as events occur. Applications for new facility clearances may be submitted at any time. If not submitted, approval to store NRC-classified information will not be processed. Other information collection requirements ensure that once placed at the facility that information continues to receive the required protection. Less frequent collection of this information may impact negatively on the NRC’s responsibility to ensure proper protection and may endanger the United States common defense and national security. If the information collection was not conducted, these determinations could not be made, and the licensees or contractor organizations would not be permitted to maintain this classified information which is pertinent to their activities.
The NRC is a Cognizant Security Agency (CSA) under the National Industrial Security Program (NISP) and, as such, has assigned responsibilities. If the NRC fails to collect the information or collects it less frequently, the NRC would not be able to demonstrate that it’s meeting its responsibilities under the NISP.
Circumstances Which Justify Variation from OMB Guidelines
Paragraph 95.34(b) of 10 CFR and 10 CFR 95.36(d) requires that licensees and their contractors shall retain records of foreign visits for 5 years beyond the date of the visit.
This requirement is needed to check the history of foreign visitors in case they become targets of interest by the United States Government.
Consultation Outside the NRC
Opportunity for public comment on the information collection requirements for this clearance package was published in the Federal Register on August 23, 2021 (86 FR 47165). The NRC solicited comments from 2 power reactor licensees and two fuel cycle licensees via email. No comments were received as a result of the staff’s direct solicitation of comment. The NRC received three public comments which were determined to be outside the scope of this collection. Two of the comments were by an anonymous commenter that did not reference Part 95 and the other was from another Federal Agency informing the NRC that it was pursuing a collection renewal on a topic unrelated to Part 95.
Payment or Gift to Respondents
Not applicable.
Confidentiality of Information
Confidential and proprietary information is protected in accordance with NRC regulations at 10 CFR 9.17(a) and 10 CFR 2.390(b).
Justification for Sensitive Questions
Some information, such as an individual’s social security number, may be collected using Form 405F to verify an existing personnel security clearance. There is no Privacy Act concern as the information collected is not retrieved using personal identifiable information.
Estimated Burden and Burden Hour Cost
The NRC estimates that there are 28 respondents to the information collection in 10 CFR Part 95. This reduced number reflects shifting the burden estimates from individual cleared contractors to the licensee that hired them. The number of licensees is stable while the number of contractors they hire changes. The reduced number more accurately reflects how large licensees report for multi-site facilities. The estimated annual reporting (rounded) burden is 490 hours and the estimated recordkeeping burden is 174 hours, for a total of 664 burden hours for the collection. The following table summarizes respondent burden, responses, and cost at $279/hr. Details of reporting and recordkeeping burden and cost estimates to the respondents, broken down by requirement, are reflected in Tables 1 and 2.
|
Responses |
Hours |
Cost at $279/hr. |
Reporting |
144 |
490 |
$136,710 |
Recordkeeping |
28 |
174 |
$48,434 |
Total |
172 |
664 |
$185,256 |
When evaluating the numbers, several things should be considered. One consideration is the reporting requirements under the rule are a combination of a few required periodic reporting requirements (e.g., event log reporting) affecting four of the twenty-eight respondents and event driven requirements that only generate reports or records upon occurrence that apply to all respondents. Burden is not uniformly distributed across respondents. The four respondents who possess classified information have burden that respondents who do not possess classified information don’t have. Large respondents, such as utilities, may generate many event driven reports and others few or none. A respondent sponsoring a contractor for a facility clearance may incur significant burden depending on the size and complexity of the company it’s sponsoring.
The response for recordkeeping is not applicable since these records are maintained by the respondent at their respective sites. However, the records must be available for NRC review upon demand for purposes such as required inspections to verify compliance under the rule.
The $279 hourly rate used in the burden estimates is based on the NRC’s fee for hourly rates as noted in 10 CFR 170.20 “Average cost per professional staff-hour.” For more information on the basis of this rate, see the Revision of Fee Schedules; Fee Recovery for Fiscal Year 2020 (85 FR 37250, June 19, 2020).
Estimate of Other Additional Costs
The NRC has determined that the quantity of records to be maintained is roughly proportional to the recordkeeping burden and, therefore, can be used to calculate approximate records storage costs. Based on the number of pages maintained for a typical facility clearance, the records storage cost has been determined to be equal to 0.0004 times the recordkeeping burden cost. Because the recordkeeping burden is estimated to be 174 hours, the storage cost for this clearance is $19 (174 hours x 0.0004 x $279/hour).
Estimated Annualized Cost to the Federal Government
The staff has developed estimates of annualized costs to the Federal Government related to the conduct of this collection of information. These estimates are based on staff experience and subject matter expertise and include the burden needed to review, analyze, and process the collected information and any relevant operational expenses. The burden to the Federal Government has gone down as the number of applications, terminations and reports have decreased. The estimated annual cost to the Federal Government in administering the program and procedures contained in these requirements is:
Total Annual cost - professional effort
(1,000 hrs. $279/hr.) = $279,000
Reasons for Change in Burden or Cost
The overall burden decreased by 409 hours from 1073 hours to 664 hours. The burden decrease is primarily due to more accurate burden estimates based on received data and fewer event driven reports and records being generated (e.g. foreign visits). The number of respondents was normalized to make licensees responsible for reporting for their cleared contractors who do not possess classified information and the reduction in cleared contractors generating reportable information. No new classes of licensees are expected to come under the rule and the number of cleared contractors to licensees is expected to remain relatively flat over the next 3 years.
The hourly fee rates increased from $263/hr. to $279/hr. for professional effort in this clearance.
Publication for Statistical Use
There is no application of statistics in the information collected. There is no publication of this information.
Reason for Not Displaying the Expiration Date
The recordkeeping and reporting requirements for this information collection are
associated with regulations and are not submitted on instruments such as forms or
surveys. For this reason, there are no data instruments on which to display an OMB expiration date. Further, amending the regulatory text of the CFR to display
information that, in an annual publication, could become obsolete would be unduly
burdensome and too difficult to keep current.
Exceptions to the Certification Statement
There are no exceptions.
COLLECTIONS OF INFORMATION EMPLOYING STATISTICAL
METHODS Not applicable.
Table
1 (REPORTING) |
||||||
Section |
Requirement |
No. of Respondents |
Responses Per Respondent |
No. of Responses |
Burden Per Response |
Total Annual Burden Hrs. |
95.11 |
Specific Exemptions |
0 |
0 |
0 |
10 |
0 |
95.15(a) & (b)/95.49 |
Facility Clearance Requests |
4 |
2 |
8 |
40 |
320 |
95.17 |
Report of foreign ownership, control, or influence (Completion of NRC Form 405F) |
28 |
2 |
56 |
0.1 |
6 |
95.18(a) & (b) |
Key Personnel |
28 |
0 |
0 |
4 |
0 |
95.19 |
Changes in Security Practices and Procedures |
28 |
1 |
28 |
4 |
112 |
95.21 |
Cancellation of Facility Clearance Requests |
4 |
0 |
0 |
1 |
0 |
95.37(a) |
Classification and Document Preparation |
4 |
0 |
0 |
5 |
0 |
95.39(d) |
Telecommunication of Classified Information |
4 |
1 |
0 |
0 |
0 |
95.45(a) & (d) |
Changes in Classification |
4 |
0 |
0 |
2 |
0 |
95.53(a) & (b) |
Facility Clearance Terminated |
4 |
1 |
4 |
1 |
4 |
95.57(b) |
Event Reporting (monthly log) |
4 |
12 |
48 |
1 |
48 |
|
||||||
|
|
|
|
|
|
|
Totals (rounded) |
|
28 |
19 |
144 |
62 |
490 |
TABLE 2: ANNUAL RECORDKEEPING BURDEN |
|
|||||
Requirement |
Description |
Number of Recordkeepers |
Burden Per Recordkeeper |
Total Annual Burden Hours |
Cost at $279/hr |
|
95.13 |
Maintenance of Records (burden identified below) |
28 |
0 |
0 |
$0 |
|
95.18(a) |
Key Personnel |
28 |
0.1 |
3 |
$781 |
|
95.19(c) |
Update NRC Facility Clearance |
28 |
0.1 |
3 |
$781 |
|
95.25(d) |
Records of Combinations |
4 |
1 |
4 |
$1,116 |
|
95.25(g) |
Posted Information |
4 |
1 |
2 |
$558 |
|
95.25(i) |
Unattended Security Container Found Open (see 95.57(b) for burden cost) |
0 |
0 |
0 |
$0 |
|
95.25(j) |
Key and Lock Accountability Records |
4 |
4 |
16 |
$4,464 |
|
95.33(h) |
Security Education Training Records |
28 |
3 |
84 |
$23,436 |
|
95.34(b) |
Foreign Visitors |
4 |
0 |
0 |
$0 |
|
95.36(d) |
IAEA Visit Records (5 years) |
4 |
0 |
0 |
$0 |
|
95.37(c), (e)(2), (f), (g) & (j) /95.45(b) |
Marking Requirements |
4 |
0 |
0 |
$0 |
|
95.37(h) |
Classification Challenges |
4 |
0 |
0 |
$0 |
|
95.39(b)(4) |
External Transmission |
4 |
.5 |
2 |
$558 |
|
95.39(e) |
Classified Information in Transit |
4 |
1 |
4 |
$1,116 |
|
95.41 |
External Receipt and Dispatch of Records (2 years) |
4 |
1 |
4 |
$1,116 |
|
95.43(a) |
Marking Classified Reproductions |
4 |
1 |
4 |
$1,116 |
|
95.57(b) |
Maintenance of Log |
4 |
12 |
48 |
$13,392 |
|
Total (rounded) |
|
28 |
24 |
174 |
$48,434 |
|
|
|
|||||
Note: Some requirements are demand driven. For example, if no foreign visits occur, no records are generated.
|
||||||
|
DESCRIPTION OF INFORMATION COLLECTION REQUIREMENTS CONTAINED IN
TITLE 10 OF THE CODE OF FEDERAL REGULATIONS PART 95 FACILITY SECURITY CLEARANCE AND SAFEGUARDING OF NATIONAL SECURITY INFORMATION AND RESTRICTED DATA
3150-0047
Section 95.11 The NRC may grant exemptions from the requirements of the regulations of 10 CFR Part 95 upon application by any interested person or upon its own initiative, provided the exemptions are authorized by law, will not present an undue risk to the public health and safety, and are consistent with the common defense and security.
Section 95.13 This section requires that licensees maintain records that are subject to review and inspection by the Cognizant Security Agency (CSA) representatives during security reviews.
Paragraph 95.15(a) A licensee shall request an NRC facility clearance to store or handle classified information in connection with NRC-related activities.
Paragraph 95.15(b) This paragraph specifies the content of the request required by
10 CFR 95.15(a). If there is no existing facility clearance, the request must include a security SPPP that outlines the facility’s proposed security procedures and controls for the protection of classified information; a floor plan of the area in which the matter is to be used, processed, stored, reproduced, transmitted, transported, or handled; and foreign ownership, control or influence (FOCI) information.
The request for facility clearance and accompanying security SPPP provides pertinent data including information concerning FOCI which enables the NRC Division of Security Operations to assess the licensees’ or their contractors’ eligibility for a facility clearance. Facilities are inspected to ensure their compliance with the procedures outlined in their security SPPP and the reporting requirements contained within 10 CFR Part 95.
Section 95.17 Within 30 days of submitting a request for a facility clearance, the licensee or their contractor must advise the NRC of any significant events or changes that may affect its status concerning FOCI (e.g., changes in ownership; changes that affect the company’s answers to original FOCI questions; indebtedness; and changes in the required Form that identifies owners, officers, directors, and executive personnel). The burden for developing the list of employees, reviewing, and filing it, and forwarding a copy to the CSA is estimated to require a maximum of 15 hours
Paragraph 95.18(a) This paragraph requires that licensees submit documentation when excluding key management officials from access to classified information. These individuals may not occupy positions that would enable them to adversely affect the organization’s policies or practices in the performance of activities involving classified information. A record must be made concerning the lack of clearance for all such personnel and a copy forwarded by the organization’s executive body to the CSA.
Paragraph 95.18(b) This paragraph requires that each licensee and their contractors submit documentation when excluding key management officials from access to higher-level
classified information. These individuals may not occupy positions that would enable them to adversely affect the organization’s policies or practices in the protection of classified information. A record must be made concerning the lack of clearance for all such personnel and a copy forwarded by the organization’s executive body to the CSA.
Paragraph 95.19(a) This paragraph requires that each licensee and their contractors shall obtain prior CSA approval for any proposed change to the name, location, security procedures and controls, or floor plan of the approved facility. These substantive changes to a security SPPP are reported to the CSA (the NRC Division of Security Operations) and the appropriate NRC Regional Administrator. The substantive changes to the SPPP that affect security of the facility must be submitted to the CSA 30 days prior to the change.
Paragraph 95.19(b) This paragraph requires that a licensee or their contractors may affect a minor, non-substantive change to an approved SPPP for the safeguarding of classified information without receiving prior CSA approval. These minor changes that do not affect the security of the facility may be submitted to the addressees noted in Section (a) of this section within 30 days of the change.
Paragraph 95.19(c) This paragraph requires that a licensee or their contractors must update its NRC facility clearance every 5 years, either by submitting a complete SPPP or a certification that the existing SPPP is fully current.
Section 95.21 This section requires the reporting of withdrawal or cancellation requests for facility clearances to the NRC Division of Security Operations by the requestor in the most expeditious manner so that processing for these clearances may be terminated. The requestor shall confirm the notification promptly in writing.
The information required by this section is necessary each time a licensee or contractor wishes to withdraw or cancel a facility clearance request. This information will be used by the NRC Division of Security Operations as a basis for discontinuing further processing of the application and, if no access to classified information or matter is needed, would indicate that pending personnel security access authorization requests should also be canceled.
Paragraph 95.25(d) If a record is made of a classified combination to an authorized storage container, the record must be marked with the highest classification of matter authorized for storage in the container. Superseded combinations must be destroyed. This record should be kept as long as the classified storage container is in use.
This information and recordkeeping requirement helps ensure that written lock combinations are properly classified and safeguarded in accordance with the provisions of E.O. 13526 and its implementing directives.
Paragraph 95.25(g) A record of names of persons having knowledge of the combination must be posted inside the container to ensure that responsible personnel may be contacted in the case of an emergency. This record should be kept as long as the classified storage container is in use.
Paragraph 95.25(i) If an unattended security container housing classified matter is found unlocked, the custodian or an alternate must be notified immediately, and the container must be secured by appropriate personnel. Incidents such as these are entered into a written log that is provided to the NRC on a monthly basis (see 10 CFR 95.57(b)).
This information collection and recordkeeping requirement assures: (1) that the licensee or other organization complies with the Information Security Oversight Office directive to report the loss or possible compromise of classified information; and (2) that the NRC may evaluate such occurrences and corrective actions which have been taken.
Paragraph 95.25(j) This paragraph requires that a key and lock register be maintained, and that a monthly audit of keys and locks and a key inventory be performed with each change of custody. This recordkeeping requirement permits the NRC inspection and review of lock and key accountability records to determine that proper individuals with appropriate level of access authorization are issued keys and locks.
Paragraph 95.33(d) Facility Security Officers must submit SF-312, “Classified Information Nondisclosure Agreement,” forms to the CSA for retention. Facility Security Officers must also submit a report to the CSA in the event that an employee refuses to sign the SF-312.
The SF-312 is a required agreement with the United States not to disclose classified information. Submission of forms to the CSA and reports to the CSA in the event that an employee refuses to sign the SF-312, will allow verification through inspection that
Section 25.23 requirements are being met before access to classified information is granted.
Paragraph 95.33(h) All cleared employees must be provided with security training and briefings commensurate with their involvement with classified information. The facility may obtain defensive security, threat awareness, and other education and training information and matter from their CSA or other sources. Records reflecting an individual’s initial and refresher security orientations and security termination must be maintained for 3 years after termination of the individual’s access authorization.
This requirement provides reasonable assurance that records are available when NRC conducts an inspection. This recordkeeping requirement permits verification through NRC inspection that individuals granted access authorizations are appropriately indoctrinated as to their individual security responsibilities and duties relative to the protection of classified information.
Paragraph 95.34(b) Licensees or their contractors subject to 10 CFR Part 95 shall take measures as may be necessary to preclude access to classified information by foreign visitors. The licensee or contractor shall retain records of visits for 5 years beyond the date of the visit.
Paragraph 95.36(d) Records of IAEA or other international organization visits, and records of inspections and disclosure authorizations must be maintained for 5 years. This recordkeeping requirement and its inspectability through NRC inspections ensures that licensees or their contractors maintain the proper procedures and controls over the release of classified information to IAEA or other international representatives in accordance with the disclosure authorization granted by the NRC Division of Security Operations. The licensee or their contractors shall retain records of visits for 5 years beyond the date of the visit.
Paragraph 95.37(a) A licensee or their contractors must appropriately mark classified information in accordance with provided guidance.
This paragraph requires licensees and others who possess classified matter which is not conducive to markings (e.g., equipment) to request approval for exemption from marking requirements for such matter. This requirement provides assurance that: (1) only those
officials delegated classification authority are classifying matter; (2) classified matter is not downgraded or declassified without proper authority; and (3) there is accountability for future classification, downgrading, and declassification actions.
Paragraph 95.37(c) A licensee or their contractors are responsible for applying classification markings for National Security Information and Restricted Data.
These marking and labeling requirements, which require an authorized classifier to place the appropriate classification markings on the document and sign his/her name, will be used whenever an NRC licensee or contractor derivative classifier generates a classified document, or the classification of an existing document is to be changed (e.g., declassified or downgraded).
A file or record copy must be maintained of the derivatively classified document as long as the document remains classified. These requirements provide assurance that: (1) only those officials delegated classification authority are classifying documents; (2) documents are not downgraded or declassified without proper authority; and (3) there is accountability for future classification, downgrading, and declassification actions.
Paragraph 95.37(e)(2) If the originator or classifier determines that reproduction or further dissemination of a document should be restricted, the following additional wording may be placed on the face of the document: Reproduction or Further Dissemination Requires Approval of .
Paragraph 95.37(f) In addition to the information required on the face of the document, each classified document is required, by marking or other means, to indicate clearly which portions are classified (e.g., paragraphs or pages) and which portions are not classified. If this type of portion marking is not practicable, the document must contain a description sufficient to identify the classified information and the unclassified information.
Paragraph 95.37(g) If a document transmitting classified information contains no classified information or the classification level of the transmittal document is not as high as the highest classification level of its enclosures, then the document must be marked at the top and bottom with a classification at least as high as its highest classified enclosure. When the content of the transmittal document warrants a lower classification than the highest classified enclosures(s) or combination of enclosures or requires no classification, a stamp or marking such as the following must also be used on the transmittal document: UPON REMOVAL OF ATTACHMENTS THIS DOCUMENT IS: (classification level of transmittal document standing alone or the word UNCLASSIFIED if the transmittal document contains no classified information).
Paragraph 95.37(h) Persons authorized possession of classified National Security Information, who in good faith believe a classification status is too high or too low, shall refer the document to the originator or authorized classifier for review. The classifier shall review the document and render a written classification decision to the holders of the information.
This is a required procedure for document custodians to assure that any questions regarding proper classification are referred to the originator and that appropriate steps to safeguard the document are taken. The recordkeeping requirement permits verification through NRC inspections of actions taken when unauthorized disclosures may have occurred.
Paragraph 95.37(j) Drafts of documents and working papers that contain, or are believed to contain, classified information must be marked as classified information. This requirement ensures there is accountability for future classification, downgrading, and declassification actions.
Paragraph 95.39(b)(4) This requirement applies to Secret documents prepared for external transmission. It requires document receipts signed by the recipient to be returned to the sender as a way to officially transfer a Secret document to another person.
This requirement permits verification through inspection that Secret documents that have been transferred to another person are properly accounted for.
Paragraph 95.39(d) Licensees or their contractors who may require a secure telecommunication system shall submit a telecommunication plan as part of their request for facility clearance, as outlined in 10 CFR 95.15, or as an amendment to their existing SPPP.
Paragraph 95.39(e) Licensees and their contractors that have classified matter that, because of the nature of the matter, cannot transmit the classified matter via conventional means, must submit a classified matter transportation security plan to the CSA for approval.
The requirement to submit the classified transportation security plan for review ensures that licensees’ procedures meet minimum security requirements in 10 CFR Part 95.
Section 95.41 Each licensee or contractor possessing classified information shall maintain records of the date of the matter, receipt or dispatch, classification, an unclassified description of the matter, and the identity of the sender for 2 years after receipt or dispatch.
This procedure and recordkeeping requirement provides assurance that records are available when the NRC conducts an inspection.
Paragraph 95.43(a) This paragraph requires that each licensee or contractor possessing classified information shall establish a reproduction control system to ensure that reproduction of classified matter is held to a minimum consistent with operational procedures.
Paragraph 95.43(c) The licensee or contractor is required to mark classified reproductions with the same classification markings as the original classified document.
This requirement assures that classified reproductions receive the same protection as other hard-copy classified documents.
Paragraph 95.45(a) Requests for downgrading or declassifying any NRC-classified information should be forwarded to the NRC Division of Security Operations. Requests for downgrading or declassifying Restricted Data should be forwarded to the NRC Division of Security Operations for coordination with the U.S. Department of Energy.
Paragraph 95.45(b) If a change of classification or declassification is approved, the previous classification marking must be canceled and a statement to that effect must be placed on the first page of the document.
Paragraph 95.45(d) Any persons making a classification change shall forward a notice of classification change to all known holders of the document.
These reporting and marking procedures in 10 CFR 95.45(a), 10 CFR 95.45(b), and
10 CFR 95.45(d) ensure that documents which may warrant downgrading or declassification are reviewed by the NRC Division of Security Operations or are referred to the U.S. Department of Energy, as may be appropriate, and that all known holders are notified of the action.
Paragraph 95.53(a) If a facility clearance is terminated, the facility shall submit a certification of non-possession of classified information to the NRC Division of Security Operations within
30 days of termination.
These procedures and notifications ensure that the facility clearance is terminated, suspended, or revoked when no longer needed or when continuation would not be in the interest of national security. The certificate of non-possession provides assurance that all classified information and matter has been returned to the NRC or destroyed in accordance with NRC security requirements.
Paragraph 95.57(a) Each licensee and their contractors having a facility clearance shall report to the CSA and the Regional Administrator of the appropriate NRC regional office listed in 10 CFR Part 73, Appendix A, any alleged or suspected violation of Federal acts or statutes, related to classified information (e.g., deliberate disclosure of classified information to persons not authorized to receive it, theft of classified information) within 1 hour of the event, followed by written confirmation within 30 days of the incident.
Paragraph 95.57(b) Any infractions, losses, compromises, or possible compromises of classified information not falling within paragraph (a) of this section must be entered into a written log and provided to the NRC on a monthly basis.
The procedures in 10 CFR 95.57(a) and 10 CFR 95.57(b) are necessary to ensure that possible losses, compromises, violations of law, and disclosures of classified information are investigated and assessed in a timely manner.
File Type | application/vnd.openxmlformats-officedocument.wordprocessingml.document |
Author | Cullison, David |
File Modified | 0000-00-00 |
File Created | 2021-11-11 |