Cyber Security at Fuel Cycle Facilities, 53478-53480 [2015-22051]

Download as PDF 53478 Federal Register / Vol. 80, No. 172 / Friday, September 4, 2015 / Proposed Rules compliance with the E-Government Act to promote the use of the Internet and other information technologies, to provide increased opportunities for citizen access to Government information and services, and for other purposes. For information pertinent to E-Government Act compliance related to this proposed rule, please contact Ms. Kimberly Hardy, APHIS’ Information Collection Coordinator, at (301) 851– 2727. Lists of Subjects 9 CFR Part 101 Animal biologics. Animal biologics, Reporting and recordkeeping requirements. Accordingly, we propose to amend 9 CFR parts 101 and 116 as follows: PART 101—DEFINITIONS 1. The authority citation for part 101 continues to read as follows: ■ Authority: 21 U.S.C. 151–159; 7 CFR 2.22, 2.80, and 371.4. 2. Section 101.2 is amended by adding definitions for adverse event and adverse event report in alphabetical order to read as follows: ■ Administrative terminology. * * * * Adverse event. Any observation in animals, whether or not the cause of the event is known, that is unfavorable and unintended, and that occurs after any use (as indicated on the label or any offlabel use) of a biological product, including events related to a suspected lack of expected efficacy. For products intended to diagnose disease, adverse events refer to a failure in product performance that hinders an expected discovery of the correct diagnosis. Adverse event report. Any communication concerning the occurrence of an adverse event from an identifiable first-hand reporter which includes the following information: (1) An identifiable reporter; (2) An identifiable animal; (3) An identifiable biologic product; and (4) One or more adverse events. * * * * * rmajette on DSK2VPTVN1PROD with PROPOSALS * PART 116—RECORDS AND REPORTS 3. The authority citation for part 116 continues to read as follows: ■ Authority: 21 U.S.C. 151–159; 7 CFR 2.22, 2.80, and 371.4. 4. In § 116.1, paragraph (a)(3) is revised to read as follows: ■ VerDate Sep<11>2014 13:58 Sep 03, 2015 (a) * * * (3) Records (other than disposition records and adverse event records) required by this part must be completed by the licensee, permittee, or foreign manufacturer, as the case may be, before any portion of a serial of any product may be marketed in the United States or exported. * * * * * ■ 5. Section 116.8 is revised to read as follows: unexpected must be reported within 15 business days of the date the report was first received. (3) All other adverse event reports must be reported within 90 calendar days of the date the report was first received. Done in Washington, DC, this 31st day of August 2015. Kevin Shea, Administrator, Animal and Plant Health Inspection Service. [FR Doc. 2015–21997 Filed 9–3–15; 8:45 am] BILLING CODE 3410–34–P § 116.8 Completion and retention of records. 9 CFR Part 116 § 101.2 § 116.1 Applicability and general considerations. Jkt 235001 All records (other than disposition records and adverse event records) required by this part must be completed by the licensee, permittee, or foreign manufacturer before any portion of a serial of any product may be marketed in the United States or exported. All records must be retained at the licensed or foreign establishment or permittee’s place of business for a period of 2 years after the expiration date of a product or longer as may be required by the Administrator. ■ 6. Section 116.9 is added to read as follows: § 116.9 Recording and reporting adverse events. (a) Licensees and permittees must maintain a detailed record for every adverse event report the licensee or permittee receives for any biological product it produces or distributes. These records shall be maintained for a period of 3 years after the date the adverse event report is received. The adverse event report form and guidance on how to complete it, including guidance specific to the various information blocks on the form, is available on the APHIS Web site at [ADDRESS TO BE ADDED IN FINAL RULE] or by writing to APHIS at [POSTAL ADDRESS TO BE ADDED IN FINAL RULE]. (b) A report of all adverse events reports received by a licensee or permittee must be compiled and submitted to the Animal and Plant Health Inspection Service. The frequency of report submission is as follows: (1) Immediate notification is required if at any time there are indications that raise questions regarding the purity, safety, potency, or efficacy of a product, or if it appears that there may be a problem regarding the preparation, testing, or distribution of a product. (2) Adverse event reports determined by the licensee or permittee to be product-related, serious, and PO 00000 Frm 00004 Fmt 4702 Sfmt 4702 NUCLEAR REGULATORY COMMISSION 10 CFR Part 73 [NRC–2015–0179] RIN 3150–AJ64 Cyber Security at Fuel Cycle Facilities Nuclear Regulatory Commission. ACTION: Draft regulatory basis; request for comment. AGENCY: The U.S. Nuclear Regulatory Commission (NRC) is requesting comments on a draft regulatory basis to support a rulemaking that would amend its regulations by adopting new cyber security requirements for certain nuclear fuel cycle facility (FCF) licensees in order to address safety and security consequences of concern. Potentially affected licensees include certain FCFs authorized to possess Category I, II, or III quantities of special nuclear material and uranium hexafluoride conversion and deconversion facilities. DATES: Submit comments by October 5, 2015. Comments received after this date will be considered if it is practical to do so, but the NRC is only able to ensure consideration of comments received on or before this date. ADDRESSES: You may submit comments by any of the following methods (unless this document describes a different method for submitting comments on a specific subject): • Federal Rulemaking Web site: Go to http://www.regulations.gov and search for Docket ID NRC–2015–0179. Address questions about NRC dockets to Carol Gallagher; telephone: 301–415–3463; email: Carol.Gallagher@nrc.gov. For technical questions, contact the individual listed in the FOR FURTHER INFORMATION CONTACT section of this document. • Email comments to: Rulemaking.Comments@nrc.gov. If you SUMMARY: E:\FR\FM\04SEP1.SGM 04SEP1 Federal Register / Vol. 80, No. 172 / Friday, September 4, 2015 / Proposed Rules do not receive an automatic email reply confirming receipt, then contact us at 301–415–1677. • Fax comments to: Secretary, U.S. Nuclear Regulatory Commission at 301– 415–1101. • Mail comments to: Secretary, U.S. Nuclear Regulatory Commission, Washington, DC 20555–0001, ATTN: Rulemakings and Adjudications Staff. • Hand deliver comments to: 11555 Rockville Pike, Rockville, Maryland 20852, between 7:30 a.m. and 4:15 p.m. (Eastern Time) Federal workdays; telephone: 301–415–1677. For additional direction on obtaining information and submitting comments, see ‘‘Obtaining Information and Submitting Comments’’ in the SUPPLEMENTARY INFORMATION section of this document. FOR FURTHER INFORMATION CONTACT: Matthew Bartlett, Office of Nuclear Material Safety and Safeguards, U.S. Nuclear Regulatory Commission, Washington, DC 20555–0001; telephone: 301–415–7154, email: Matthew.Bartlett@nrc.gov. SUPPLEMENTARY INFORMATION: I. Obtaining Information and Submitting Comments rmajette on DSK2VPTVN1PROD with PROPOSALS A. Obtaining Information Please refer to Docket ID NRC–2015– 0179 when contacting the NRC about the availability of information for this action. You may obtain publiclyavailable information related to this action by any of the following methods: • Federal Rulemaking Web site: Go to http://www.regulations.gov and search for Docket ID NRC–2015–0179. • NRC’s Agencywide Documents Access and Management System (ADAMS): You may obtain publiclyavailable documents online in the ADAMS Public Documents collection at http://www.nrc.gov/reading-rm/ adams.html. To begin the search, select ‘‘ADAMS Public Documents’’ and then select ‘‘Begin Web-based ADAMS Search.’’ For problems with ADAMS, please contact the NRC’s Public Document Room (PDR) reference staff at 1–800–397–4209, 301–415–4737, or by email to pdr.resource@nrc.gov. The draft regulatory basis document is available in ADAMS under Accession No. ML15198A021. • NRC’s PDR: You may examine and purchase copies of public documents at the NRC’s PDR, Room O1–F21, One White Flint North, 11555 Rockville Pike, Rockville, Maryland 20852. B. Submitting Comments Please include Docket ID NRC–2015– 0179 in the subject line of your VerDate Sep<11>2014 13:58 Sep 03, 2015 Jkt 235001 comment submission, in order to ensure that the NRC is able to make your comment submission available to the public in this docket. If your comment contains proprietary or sensitive information, please contact the individual listed in the FOR INFORMATION CONTACT section of this document to determine the most appropriate method for submitting your comment. The NRC cautions you not to include identifying or contact information that you do not want to be publicly disclosed in your comment submission. The NRC will post all comment submissions at http:// www.regulations.gov as well as enter the comment submissions into ADAMS, and the NRC does not routinely edit comment submissions to remove identifying or contact information. If you are requesting or aggregating comments from other persons for submission to the NRC, then you should inform those persons not to include identifying or contact information that they do not want to be publicly disclosed in their comment submission. Your request should state that the NRC does not routinely edit comment submissions to remove such information before making the comment submissions available to the public or entering the comment into ADAMS. II. Discussion The NRC is requesting comments on a draft regulatory basis to support a rulemaking that would amend part 73 of Title 10 of the Code of Federal Regulations (10 CFR), ‘‘Physical Protection of Plants and Materials,’’ by adopting new cyber security regulations for FCF licensees. The specific objectives of this rulemaking effort are to establish new requirements for FCF licensees that: (1) Require licensees authorized to possess a Category I quantity of special nuclear material (SNM) to establish and maintain a cyber security program that provides high assurance that digital computer systems, communication systems, and networks associated with safety, security, emergency preparedness, and material control and accounting (SSEPMCA) functions are protected from cyber attacks up to and including the design basis threats defined in 10 CFR 73.1; (2) require certain licensees authorized to possess source material or a Category II or III quantity of SNM to establish and maintain a cyber security program that provides reasonable assurance that digital computer systems, communication systems, and networks associated with SSEPMCA functions are protected from cyber attacks; (3) codify PO 00000 Frm 00005 Fmt 4702 Sfmt 4702 53479 existing cyber security requirements imposed on FCF licensees by security orders issued following the terrorist attacks of September 11, 2001, and applicable subsequent voluntary actions instituted by FCF licensees; (4) implement a graded, performance-based regulatory framework to prevent cyber attacks that could result in certain consequences of concern; and (5) implement cyber security reporting criteria. The scope of the draft regulatory basis includes cyber security for FCFs licensed under 10 CFR part 70 and uranium hexafluoride conversion and deconversion facilities licensed under 10 CFR part 40. These licensees have varying safety and security consequences of concern based on their functions and the type and quantity of material possessed. To account for these differences, the NRC plans to develop a graded, consequence-based approach for the identification and protection of digital assets associated with SSEPMCA functions. The draft regulatory basis, in part, explains why the NRC believes the existing regulations should be updated, revised, and enhanced; presents alternatives to rulemaking; and discusses costs and other impacts of the potential changes. III. Specific Requests for Comments The NRC requests that stakeholders consider answering the following questions when commenting on the draft regulatory basis: • Is the NRC considering an appropriate approach for each objective described in the draft regulatory basis? • Chapter 3 of the draft regulatory basis discusses the regulatory concerns the NRC expects to address through rulemaking. Chapter 4 presents the intended regulatory changes to address those regulatory concerns, and Chapter 5 discusses alternatives to rulemaking considered by the NRC staff. Are there other regulatory concerns within or related to the scope of the rulemaking efforts (see Chapter 1 of the draft regulatory basis) that the NRC should consider? Are there other approaches or alternatives the NRC should consider to resolve those regulatory concerns? • Chapter 8 of the draft regulatory basis presents the NRC staff’s initial consideration of costs and other impacts for a number of key aspects of the potential regulatory changes (i.e., cyber security programs, cyber incident reporting). This initial assessment is based on limited available data. The staff is seeking additional data and input relative to expected and/or unintentional impacts from the desired regulatory changes. What would be the E:\FR\FM\04SEP1.SGM 04SEP1 53480 Federal Register / Vol. 80, No. 172 / Friday, September 4, 2015 / Proposed Rules rmajette on DSK2VPTVN1PROD with PROPOSALS potential impacts to stakeholders/ licensees from implementing any of the desired regulatory changes described in this draft regulatory basis (e.g., what would be a reasonable cost estimate for implementation of the cyber security programs, including startup and annual costs)? • The NRC staff is aware of licensee voluntary efforts to address cyber security. Is there additional information related to these efforts that would inform the NRC staff’s assessment or analysis? IV. Cumulative Effects of Regulation The Cumulative Effects of Regulation (CER) describes the challenges that licensees or other impacted entities (such as State agency partners) may face while implementing new regulatory positions, programs, and requirements (e.g., rules, generic letters, backfits, inspections). The CER is an organizational effectiveness challenge that results from a licensee or impacted entity implementing a number of complex positions, programs, or requirements within a limited implementation period and with available resources (which may include limited available expertise to address a specific issue). The NRC has implemented CER enhancements to the rulemaking process to facilitate public involvement throughout the rulemaking process. Therefore, the NRC is specifically requesting comment on the cumulative effects that may result from this proposed rulemaking. In developing comments on the draft regulatory basis, consider the following questions: (1) In light of any current or projected CER challenges, what should be a reasonable effective date, compliance date, or submittal date(s) from the time the final rule is published to the actual implementation of any new proposed requirements, including changes to programs, procedures, or the facility? (2) If current or projected CER challenges exist, what should be done to address this situation (e.g., if more time is required to implement the new requirements, what period of time would be sufficient, and why such a time frame is necessary)? (3) Do other regulatory actions (e.g., orders, generic communications, license amendment requests, and inspection findings of a generic nature) by NRC or other agencies influence the implementation of the potential proposed requirements? (4) Are there unintended consequences? Does the potential proposed action create conditions that would be contrary to the potential proposed action’s purpose and VerDate Sep<11>2014 13:58 Sep 03, 2015 Jkt 235001 objectives? If so, what are the consequences and how should they be addressed? Please provide information on the costs and benefits of the potential proposed action. This information will be used to support any regulatory analysis by the NRC. DEPARTMENT OF TRANSPORTATION V. Availability of Documents Airworthiness Directives; Viking Air Limited Airplanes The NRC may post additional materials related to this rulemaking activity to the Federal rulemaking Web site at www.regulations.gov under Docket ID NRC–2015–0179. By making these documents publicly available, the NRC seeks to inform stakeholders of the current status of the NRC’s rulemaking development activities and to provide preparatory material for future public meetings. The Federal rulemaking Web site allows you to receive alerts when changes or additions occur in a docket folder. To subscribe: (1) Navigate to the docket folder (NRC–2015–0179); (2) click the ‘‘Sign up for Email Alerts’’ link; and (3) enter your email address and select how frequently you would like to receive emails (daily, weekly, or monthly). VI. Plain Writing The Plain Writing Act of 2010 (Pub. L. 111–274) requires Federal agencies to write documents in a clear, concise, well-organized manner. The NRC has written this document to be consistent with the Plain Writing Act as well as the Presidential Memorandum, ‘‘Plain Language in Government Writing,’’ published in the Federal Register on June 10, 1998 (63 FR 31883). The NRC requests comment on this document with respect to the clarity and effectiveness of the language used. Dated at Rockville, Maryland, this 27th day of August, 2015. For the Nuclear Regulatory Commission. Marissa G. Bailey, Director, Division of Fuel Cycle Safety, Safeguards, and Environmental Review, Office of Nuclear Materials Safety and Safeguards. [FR Doc. 2015–22051 Filed 9–3–15; 8:45 am] BILLING CODE 7590–01–P PO 00000 Frm 00006 Fmt 4702 Sfmt 4702 Federal Aviation Administration 14 CFR Part 39 [Docket No. FAA–2015–3073; Directorate Identifier 2015–CE–017–AD] RIN 2120–AA64 Federal Aviation Administration (FAA), DOT. ACTION: Proposed rule; correction. AGENCY: The FAA is correcting a notice of proposed rulemaking (NPRM) that published in the Federal Register. That NPRM applies to Viking Air Limited Model DHC–3 airplanes. The repetitive inspection column in ‘‘Table 1 of Paragraph (f)(3) of This AD— Inspection Schedule’’ contains data that is intended to apply to all conditions. However, the way the table is displayed makes it look as if it only applies to the first condition. This document corrects it to assure that it applies to all conditions. In all other respects, the original document remains the same. DATES: The last date for submitting comments to the NPRM (80 FR 44892, July 28, 2015) remains September 11, 2015. SUMMARY: You may send comments by any of the following methods: • Federal eRulemaking Portal: Go to http://www.regulations.gov. Follow the instructions for submitting comments. • Fax: (202) 493–2251. • Mail: U.S. Department of Transportation, Docket Operations, M– 30, West Building Ground Floor, Room W12–140, 1200 New Jersey Avenue SE., Washington, DC 20590. • Hand Delivery: U.S. Department of Transportation, Docket Operations, M– 30, West Building Ground Floor, Room W12–140, 1200 New Jersey Avenue SE., Washington, DC 20590, between 9 a.m. and 5 p.m., Monday through Friday, except Federal holidays. For service information identified in this proposed AD, contact Viking Air Limited Technical Support, 1959 De Havilland Way, Sidney, British Columbia, Canada, V8L 5V5; Fax: 250– 656–0673; telephone: (North America) 1–800–663–8444; email: technical.support@vikingair.com; Internet: http://www.vikingair.com/ support/service-bulletins. It is also available on the Internet at http:// www.regulations.gov by searching for and locating Docket No. FAA–2015– 3073.You may view this referenced service information at the FAA, Small ADDRESSES: E:\FR\FM\04SEP1.SGM 04SEP1

Agencies

[Federal Register Volume 80, Number 172 (Friday, September 4, 2015)]
[Proposed Rules]
[Pages 53478-53480]
From the Federal Register Online via the Government Publishing Office [www.gpo.gov]
[FR Doc No: 2015-22051]


=======================================================================
-----------------------------------------------------------------------

NUCLEAR REGULATORY COMMISSION

10 CFR Part 73

[NRC-2015-0179]
RIN 3150-AJ64


Cyber Security at Fuel Cycle Facilities

AGENCY: Nuclear Regulatory Commission.

ACTION: Draft regulatory basis; request for comment.

-----------------------------------------------------------------------

SUMMARY: The U.S. Nuclear Regulatory Commission (NRC) is requesting 
comments on a draft regulatory basis to support a rulemaking that would 
amend its regulations by adopting new cyber security requirements for 
certain nuclear fuel cycle facility (FCF) licensees in order to address 
safety and security consequences of concern. Potentially affected 
licensees include certain FCFs authorized to possess Category I, II, or 
III quantities of special nuclear material and uranium hexafluoride 
conversion and deconversion facilities.

DATES: Submit comments by October 5, 2015. Comments received after this 
date will be considered if it is practical to do so, but the NRC is 
only able to ensure consideration of comments received on or before 
this date.

ADDRESSES: You may submit comments by any of the following methods 
(unless this document describes a different method for submitting 
comments on a specific subject):
     Federal Rulemaking Web site: Go to http://www.regulations.gov and search for Docket ID NRC-2015-0179. Address 
questions about NRC dockets to Carol Gallagher; telephone: 301-415-
3463; email: Carol.Gallagher@nrc.gov. For technical questions, contact 
the individual listed in the FOR FURTHER INFORMATION CONTACT section of 
this document.
     Email comments to: Rulemaking.Comments@nrc.gov. If you

[[Page 53479]]

do not receive an automatic email reply confirming receipt, then 
contact us at 301-415-1677.
     Fax comments to: Secretary, U.S. Nuclear Regulatory 
Commission at 301-415-1101.
     Mail comments to: Secretary, U.S. Nuclear Regulatory 
Commission, Washington, DC 20555-0001, ATTN: Rulemakings and 
Adjudications Staff.
     Hand deliver comments to: 11555 Rockville Pike, Rockville, 
Maryland 20852, between 7:30 a.m. and 4:15 p.m. (Eastern Time) Federal 
workdays; telephone: 301-415-1677.
    For additional direction on obtaining information and submitting 
comments, see ``Obtaining Information and Submitting Comments'' in the 
SUPPLEMENTARY INFORMATION section of this document.

FOR FURTHER INFORMATION CONTACT: Matthew Bartlett, Office of Nuclear 
Material Safety and Safeguards, U.S. Nuclear Regulatory Commission, 
Washington, DC 20555-0001; telephone: 301-415-7154, email: 
Matthew.Bartlett@nrc.gov.

SUPPLEMENTARY INFORMATION:

I. Obtaining Information and Submitting Comments

A. Obtaining Information

    Please refer to Docket ID NRC-2015-0179 when contacting the NRC 
about the availability of information for this action. You may obtain 
publicly-available information related to this action by any of the 
following methods:
     Federal Rulemaking Web site: Go to http://www.regulations.gov and search for Docket ID NRC-2015-0179.
     NRC's Agencywide Documents Access and Management System 
(ADAMS): You may obtain publicly-available documents online in the 
ADAMS Public Documents collection at http://www.nrc.gov/reading-rm/adams.html. To begin the search, select ``ADAMS Public Documents'' and 
then select ``Begin Web-based ADAMS Search.'' For problems with ADAMS, 
please contact the NRC's Public Document Room (PDR) reference staff at 
1-800-397-4209, 301-415-4737, or by email to pdr.resource@nrc.gov. The 
draft regulatory basis document is available in ADAMS under Accession 
No. ML15198A021.
     NRC's PDR: You may examine and purchase copies of public 
documents at the NRC's PDR, Room O1-F21, One White Flint North, 11555 
Rockville Pike, Rockville, Maryland 20852.

B. Submitting Comments

    Please include Docket ID NRC-2015-0179 in the subject line of your 
comment submission, in order to ensure that the NRC is able to make 
your comment submission available to the public in this docket.
    If your comment contains proprietary or sensitive information, 
please contact the individual listed in the FOR INFORMATION CONTACT 
section of this document to determine the most appropriate method for 
submitting your comment.
    The NRC cautions you not to include identifying or contact 
information that you do not want to be publicly disclosed in your 
comment submission. The NRC will post all comment submissions at http://www.regulations.gov as well as enter the comment submissions into 
ADAMS, and the NRC does not routinely edit comment submissions to 
remove identifying or contact information.
    If you are requesting or aggregating comments from other persons 
for submission to the NRC, then you should inform those persons not to 
include identifying or contact information that they do not want to be 
publicly disclosed in their comment submission. Your request should 
state that the NRC does not routinely edit comment submissions to 
remove such information before making the comment submissions available 
to the public or entering the comment into ADAMS.

II. Discussion

    The NRC is requesting comments on a draft regulatory basis to 
support a rulemaking that would amend part 73 of Title 10 of the Code 
of Federal Regulations (10 CFR), ``Physical Protection of Plants and 
Materials,'' by adopting new cyber security regulations for FCF 
licensees. The specific objectives of this rulemaking effort are to 
establish new requirements for FCF licensees that: (1) Require 
licensees authorized to possess a Category I quantity of special 
nuclear material (SNM) to establish and maintain a cyber security 
program that provides high assurance that digital computer systems, 
communication systems, and networks associated with safety, security, 
emergency preparedness, and material control and accounting (SSEPMCA) 
functions are protected from cyber attacks up to and including the 
design basis threats defined in 10 CFR 73.1; (2) require certain 
licensees authorized to possess source material or a Category II or III 
quantity of SNM to establish and maintain a cyber security program that 
provides reasonable assurance that digital computer systems, 
communication systems, and networks associated with SSEPMCA functions 
are protected from cyber attacks; (3) codify existing cyber security 
requirements imposed on FCF licensees by security orders issued 
following the terrorist attacks of September 11, 2001, and applicable 
subsequent voluntary actions instituted by FCF licensees; (4) implement 
a graded, performance-based regulatory framework to prevent cyber 
attacks that could result in certain consequences of concern; and (5) 
implement cyber security reporting criteria.
    The scope of the draft regulatory basis includes cyber security for 
FCFs licensed under 10 CFR part 70 and uranium hexafluoride conversion 
and deconversion facilities licensed under 10 CFR part 40. These 
licensees have varying safety and security consequences of concern 
based on their functions and the type and quantity of material 
possessed. To account for these differences, the NRC plans to develop a 
graded, consequence-based approach for the identification and 
protection of digital assets associated with SSEPMCA functions. The 
draft regulatory basis, in part, explains why the NRC believes the 
existing regulations should be updated, revised, and enhanced; presents 
alternatives to rulemaking; and discusses costs and other impacts of 
the potential changes.

III. Specific Requests for Comments

    The NRC requests that stakeholders consider answering the following 
questions when commenting on the draft regulatory basis:
     Is the NRC considering an appropriate approach for each 
objective described in the draft regulatory basis?
     Chapter 3 of the draft regulatory basis discusses the 
regulatory concerns the NRC expects to address through rulemaking. 
Chapter 4 presents the intended regulatory changes to address those 
regulatory concerns, and Chapter 5 discusses alternatives to rulemaking 
considered by the NRC staff. Are there other regulatory concerns within 
or related to the scope of the rulemaking efforts (see Chapter 1 of the 
draft regulatory basis) that the NRC should consider? Are there other 
approaches or alternatives the NRC should consider to resolve those 
regulatory concerns?
     Chapter 8 of the draft regulatory basis presents the NRC 
staff's initial consideration of costs and other impacts for a number 
of key aspects of the potential regulatory changes (i.e., cyber 
security programs, cyber incident reporting). This initial assessment 
is based on limited available data. The staff is seeking additional 
data and input relative to expected and/or unintentional impacts from 
the desired regulatory changes. What would be the

[[Page 53480]]

potential impacts to stakeholders/licensees from implementing any of 
the desired regulatory changes described in this draft regulatory basis 
(e.g., what would be a reasonable cost estimate for implementation of 
the cyber security programs, including startup and annual costs)?
     The NRC staff is aware of licensee voluntary efforts to 
address cyber security. Is there additional information related to 
these efforts that would inform the NRC staff's assessment or analysis?

IV. Cumulative Effects of Regulation

    The Cumulative Effects of Regulation (CER) describes the challenges 
that licensees or other impacted entities (such as State agency 
partners) may face while implementing new regulatory positions, 
programs, and requirements (e.g., rules, generic letters, backfits, 
inspections). The CER is an organizational effectiveness challenge that 
results from a licensee or impacted entity implementing a number of 
complex positions, programs, or requirements within a limited 
implementation period and with available resources (which may include 
limited available expertise to address a specific issue). The NRC has 
implemented CER enhancements to the rulemaking process to facilitate 
public involvement throughout the rulemaking process. Therefore, the 
NRC is specifically requesting comment on the cumulative effects that 
may result from this proposed rulemaking. In developing comments on the 
draft regulatory basis, consider the following questions:
    (1) In light of any current or projected CER challenges, what 
should be a reasonable effective date, compliance date, or submittal 
date(s) from the time the final rule is published to the actual 
implementation of any new proposed requirements, including changes to 
programs, procedures, or the facility?
    (2) If current or projected CER challenges exist, what should be 
done to address this situation (e.g., if more time is required to 
implement the new requirements, what period of time would be 
sufficient, and why such a time frame is necessary)?
    (3) Do other regulatory actions (e.g., orders, generic 
communications, license amendment requests, and inspection findings of 
a generic nature) by NRC or other agencies influence the implementation 
of the potential proposed requirements?
    (4) Are there unintended consequences? Does the potential proposed 
action create conditions that would be contrary to the potential 
proposed action's purpose and objectives? If so, what are the 
consequences and how should they be addressed?
    Please provide information on the costs and benefits of the 
potential proposed action. This information will be used to support any 
regulatory analysis by the NRC.

V. Availability of Documents

    The NRC may post additional materials related to this rulemaking 
activity to the Federal rulemaking Web site at www.regulations.gov 
under Docket ID NRC-2015-0179. By making these documents publicly 
available, the NRC seeks to inform stakeholders of the current status 
of the NRC's rulemaking development activities and to provide 
preparatory material for future public meetings.
    The Federal rulemaking Web site allows you to receive alerts when 
changes or additions occur in a docket folder. To subscribe: (1) 
Navigate to the docket folder (NRC-2015-0179); (2) click the ``Sign up 
for Email Alerts'' link; and (3) enter your email address and select 
how frequently you would like to receive emails (daily, weekly, or 
monthly).

VI. Plain Writing

    The Plain Writing Act of 2010 (Pub. L. 111-274) requires Federal 
agencies to write documents in a clear, concise, well-organized manner. 
The NRC has written this document to be consistent with the Plain 
Writing Act as well as the Presidential Memorandum, ``Plain Language in 
Government Writing,'' published in the Federal Register on June 10, 
1998 (63 FR 31883). The NRC requests comment on this document with 
respect to the clarity and effectiveness of the language used.

    Dated at Rockville, Maryland, this 27th day of August, 2015.
    For the Nuclear Regulatory Commission.
Marissa G. Bailey,
Director, Division of Fuel Cycle Safety, Safeguards, and Environmental 
Review, Office of Nuclear Materials Safety and Safeguards.
[FR Doc. 2015-22051 Filed 9-3-15; 8:45 am]
 BILLING CODE 7590-01-P