Illinois Administrative Code
Title 32 - ENERGY
Part 337 - PHYSICAL PROTECTION OF CATEGORY 1 AND CATEGORY 2 QUANTITIES OF RADIOACTIVE MATERIAL
Subpart C - PHYSICAL PROTECTION REQUIREMENTS DURING USE
Section 337.2020 - General Security Program Requirements
Universal Citation: 32 IL Admin Code ยง 337.2020
Current through Register Vol. 48, No. 12, March 22, 2024
a) Security Plan
1) Each licensee identified in Section
337.2010(a)
shall develop a written security plan specific to its facilities and
operations. The purpose of the security plan is to establish the licensee's
overall security strategy to ensure the integrated and effective functioning of
the security program required by this Subpart. The security plan shall, at a
minimum:
A) Describe the measures and
strategies used to implement the requirements of this Subpart; and
B) Identify the security resources, equipment
and technology used to satisfy the requirements of this Subpart.
2) The security plan shall be
reviewed and approved by the individual with overall responsibility for the
security program.
3) A licensee
shall revise its security plan as necessary to ensure the effective
implementation of this Part. The licensee shall ensure that:
A) The revision has been reviewed and
approved by the individual with overall responsibility for the security
program; and
B) The affected
individuals are instructed on the revised plan before the changes are
implemented.
4) The
licensee shall retain a copy of the current security plan as a record for 3
years after the security plan is no longer required. If any portion of the plan
is superseded, the licensee shall retain the superseded portion for 3 years
after the record is superseded.
b) Implementing Procedures
1) The licensee shall develop and maintain
written procedures that document how the requirements of this Subpart and the
security plan will be met.
2) The
implementing procedures and revisions to these procedures shall be approved in
writing by the individual with overall responsibility for the security
program.
3) The licensee shall
retain a copy of the current procedure as a record for 3 years after the
procedure is no longer needed. Superseded portions of the procedure shall be
retained for 3 years after the record is superseded.
c) Training
1) Each licensee shall conduct training to
ensure that those individuals implementing the security program possess and
maintain the knowledge, skills and abilities to carry out their assigned duties
and responsibilities effectively. The training shall include:
A) The licensee's security program and
procedures to secure category 1 or category 2 quantities of radioactive
material and the purposes and functions of the security measures
employed;
B) The responsibility to
promptly report to the licensee any condition that causes or may cause a
violation of this Part;
C) The
responsibility of the licensee to promptly report to the LLEA and licensee any
actual or attempted theft, sabotage or diversion of category 1 or category 2
quantities of radioactive material; and
D) The appropriate response to security
alarms.
2) In
determining those individuals who shall be trained on the security program, the
licensee shall consider each individual's assigned activities during authorized
use and response to potential situations involving actual or attempted theft,
diversion or sabotage of category 1 or category 2 quantities of radioactive
material. The extent of the training shall be commensurate with the
individual's potential involvement in the security of category 1 or category 2
quantities of radioactive material.
3) Refresher training shall be provided at a
frequency not to exceed 12 months and when significant changes have been made
to the security program. This training shall include:
A) Review of the training requirements of
subsection (c) and any changes made to the security program since the last
training;
B) Reports on any
relevant security issues, problems and lessons learned;
C) Relevant results of IEMA inspections;
and
D) Relevant results of the
licensee's program review and testing and maintenance.
4) The licensee shall maintain records of the
initial and refresher training for 3 years from the date of the training. The
training records shall include dates of the training, topics covered, a list of
licensee personnel in attendance and related information.
d) Protection of Information
1) Licensees authorized to possess category 1
or category 2 quantities of radioactive material shall limit access to and
unauthorized disclosure of their security plan, implementing procedures and the
list of individuals that have been approved for unescorted access.
2) Efforts to limit access shall include the
development, implementation and maintenance of written policies and procedures
for controlling access to, and for proper handling and protection against
unauthorized disclosure of, the security plan and implementing
procedures.
3) Before granting an
individual access to the security plan or implementing procedures, licensees
shall:
A) Evaluate an individual's need to
know the security plan or implementing procedures; and
B) If the individual has not been authorized
for unescorted access to category 1 or category 2 quantities of radioactive
material, safeguards information or safeguards information - modified handling,
the licensee shall complete a background investigation to determine the
individual's trustworthiness and reliability. A trustworthiness and reliability
determination shall be conducted by the reviewing official and shall include
the background investigation elements contained in Section
337.1030(a)(2) through
(a)(5), (b) and (c).
4) Licensees need not subject the following
individuals to the background investigation elements for protection of
information:
A) The categories of individuals
listed in Section
337.1050(a);
or
B) Security service provider
employees, if written verification that the employee has been determined to be
trustworthy and reliable, by the required background investigation in Section
337.1030(a)(2) through
(a)(5), (b) and (c) has been provided by the
security service provider.
5) The licensee shall document the basis for
concluding that an individual is trustworthy and reliable and should be granted
access to the security plan or implementing procedures.
6) Licensees shall maintain a list of persons
currently approved for access to the security plan or implementing procedures.
When a licensee determines that a person no longer needs access to the security
plan or implementing procedures, or no longer meets the access authorization
requirements for access to the information, the licensee shall remove the
person from the approved list as soon as possible, but no later than 7 business
days, and take prompt measures to ensure that the individual is unable to
obtain the security plan or implementing procedures.
7) When not in use, the licensee shall store
its security plan and implementing procedures in a manner designed to prevent
unauthorized access. Information stored in nonremovable electronic form shall
be password protected.
8) The
licensee shall retain as a record for 3 years after the document is no longer
needed:
A) A copy of the information
protection procedures; and
B) The
list of individuals approved for access to the security plan or implementing
procedures.
Disclaimer: These regulations may not be the most recent version. Illinois may have more current or accurate information. We make no warranties or guarantees about the accuracy, completeness, or adequacy of the information contained on this site or the information linked to on the state site. Please check official sources.
This site is protected by reCAPTCHA and the Google
Privacy Policy and
Terms of Service apply.