On May 15, 2018 (83 FR 22413), the Nuclear Regulatory Commission (NRC) published a notice in the federal register discontinuing the rulemaking activity that would have developed cyber security requirements for byproduct materials licensees possessing risk-significant quantities of radioactive materials as stated in 10 CFR Part 37. The purpose of this action is to inform members of the public of the discontinuation of the rulemaking activity and to provide a brief discussion of the NRC’s decision. The rulemaking activity will no longer be reported in the NRC’s portion of the Unified Agenda of Regulatory and Deregulatory Actions (the Unified Agenda) as of May 15th, 2018. However, the NRC staff determined that it would be prudent to issue an Information Notice (IN) to communicate effective practices for cyber security to byproduct materials licensees possessing risk-significant quantities of radioactive material. The IN will provide licensees with a better understanding of contemporary cyber security issues and strategies to protect digital assets (e.g., computers, digital alarm systems), including those used to facilitate compliance with physical security requirements, such as those in10 CFR part 37. The IN, which will reference existing cyber security guidance developed by the NRC’s Office of Nuclear Reactor Regulation and other Federal agencies, will be issued later in 2018.

Click on the link below to download the full version:

NRC 05-15-2018 notice discontinue Part 37 Cyber Security