[Federal Register Volume 74, Number 133 (Tuesday, July 14, 2009)]
[Notices]
[Page 34053]
From the Federal Register Online via the Government Publishing Office [www.gpo.gov]
[FR Doc No: E9-16654]


-----------------------------------------------------------------------

NUCLEAR REGULATORY COMMISSION

[NRC-2009-0311]


Fiscal Year 2010-2015 Information Security Strategic Plan; 
Solicitation of Public Comment

AGENCY: Nuclear Regulatory Commission.

ACTION: Solicitation of public comment.

-----------------------------------------------------------------------

SUMMARY: The Nuclear Regulatory Commission (NRC) is soliciting public 
comment on its draft information security strategic plan (ISSP) for 
Fiscal Year 2010-2015 (ADAMS Accession No. ML090230026). The purpose of 
the NRC's ISSP is to establish an information security (IS) vision and 
to focus the NRC's IS program on attaining that vision.

DATES: Comments must be filed no later than 30 days from the date of 
publication of this notice in the Federal Register. Comments received 
after this date will be considered, if it is practical to do so, but 
the Commission is able to ensure consideration only for comments 
received on or before this date.

ADDRESSES: Comments submitted in writing or in electronic form will be 
made available to the public in their entirety through the NRC's 
Agencywide Documents Access and Management System (ADAMS).
    We request that any party soliciting or aggregating comments 
received from other persons for submission to the NRC to inform those 
persons that the NRC will not edit their comments to remove any 
identifying or contact information, and therefore, they should not 
include any information in their comments that they do not want it to 
be publicly disclosed.
    Comments may be mailed to: Chief, Rulemaking and Directives Branch, 
Mail Stop: TWB-05-B01M, Office of Administration, U.S. Nuclear 
Regulatory Commission, Washington, DC 20555-0001.
    Persons may also provide comments through the Federal e-Rulemaking 
Portal: http://www.regulations.gov; search on docket ID: NRC-2009-0311. 
Address questions about NRC dockets to Carol Gallagher, (301) 492-3668; 
e-mail [email protected]. You can also fax comments to: 
Rulemaking and Directives Branch, Office of Administration, U.S. 
Nuclear Regulatory Commission at (301) 492-3446.
    The NRC maintains ADAMS, which provides text and image files of 
NRC's public documents. These documents may be accessed through the 
NRC's Public Electronic Reading Room on the Internet at http://www.nrc.gov/reading-rm/adams.html. Persons who do not have access to 
ADAMS or who encounter problems in accessing the documents located in 
ADAMS should contact the NRC Public Document Room reference staff at 1-
800-397-4209, 301-415-4737, or by e-mail at [email protected].

FOR FURTHER INFORMATION CONTACT: Ms. Kathy Lyons-Burke, Senior IT 
Security Officer, Computer Security Office, U.S. Nuclear Regulatory 
Commission, Washington, DC 20555-0001; telephone 301-415-6595 or e-mail 
at [email protected] or Mr. Scott Morris, Deputy Director for 
Reactor Security, Division of Security Policy, Office of Nuclear 
Security and Incident Response, U.S. Nuclear Regulatory Commission, 
Washington, DC 20555-0001; telephone 301-415-7083 or e-mail at 
[email protected].

SUPPLEMENTARY INFORMATION: The NRC staff is issuing this notice to 
solicit public comments on the draft ISSP. After the NRC staff 
considers any public comments, it will make a determination regarding 
the draft ISSP.
    The IS involves: (1) Ensuring that accurate information is 
available to those authorized to access the information when they need 
it, and (2) protecting information an information systems from 
unauthorized access, use, disclosure, disruption, modification, and 
destruction. The NRC's Draft ISSP defines IS as (1) protecting NRC and 
licensee information and information systems from unauthorized access, 
use, disclosure, disruption, modification, or destruction; (2) 
protecting electronic control functions from unauthorized access or 
manipulation; and (3) ensuring that adequate controls for protecting 
security-related information are used in the conduct of NRC business, 
both internal and external to the agency. The ISSP describes the NRC's 
strategy for strengthening its capabilities across all aspects of the 
IS program. This plan provides a strategic approach for planning and 
decision making and focuses on all types of activities closely related 
to IS, including but not limited to: (1) Physical and environmental 
security, (2) personnel security, (3) classification management, (4) 
documentation, (5) systems, (6) telecommunications, (7) embedded 
information, (8) intelligence information, and (9) cyber-terrorism in 
its various forms. The IS program addresses activities in the following 
areas: requirements and guidance, licensing and approval, inspection, 
enforcement, allegation processing, and emergency preparedness and 
incident response.

    Dated at Rockville, Maryland, this 6th day of July 2009.

    For the Nuclear Regulatory Commission.
Scott Morris,
Deputy Director for Reactor Security, Division of Security Policy, 
Office of Nuclear Security and Incident Response.
 [FR Doc. E9-16654 Filed 7-13-09; 8:45 am]
BILLING CODE 7590-01-P