NRC IT Policy Archive

It is the policy of the U.S. Nuclear Regulatory Commission (NRC) to ensure efficient and effective governance of all information technology and information management (IT/IM) investments throughout their lifecycle, in a manner that maximizes value and minimizes risks, in accordance with Federal statutes and regulations. The strategy for implementing this policy is to use an integrated IT/IM governance framework.

The integrated IT/IM governance framework encompasses the processes, methodologies, and guidance for the following governance activities, which span the full lifecycle of IT/IM investments:

• Strategic Planning and Enterprise Architecture
• IT Investment Management
• Project Management Methodology
• Records and Information Quality Principles

Combined these provide executive leadership with a process for reviewing investments and providing guidance to investment managers throughout the life cycle of an investment and projects under investments. For more details, please see Management Directive 2.8, Integrated Information Technology/Information Management (IT/IM) Governance Framework.

On this page:

• IT/IM Governance Boards
• Acquisition Governance Associated with IT/IM
• Capital Planning and Investment Control Policy
• Capital Planning and Investment Control Processes
• IT Asset Management Policy
• IT Budget Guidance
• TechStat Policy
• NRC IT Policy Archive (ZIP)

IT/IM Governance Boards

The NRC Enterprise Digital Strategy Council (EDSC) serves as the agency’s senior governance body, unifying oversight of IT investments and operations. The EDSC’s goals are to streamline technology decision‑making, enhance operational efficiency, and ensure that IT investments, including AI and data, are enhanced to best support the agency’s mission and strategic priorities.

The EDSC oversees the IT portfolio - including major investments, cybersecurity, privacy, and open data - and operates with two primary subcommittees: the Investment Review Board (IRB) and the Artificial Intelligence Steering Committee (AISC). The Investment Review Board focuses on development, modernization and enhancement (DME) initiatives. The AISC focuses on management of the agency’s AI and data projects.

Acquisition Governance Associated with IT/IM

The NRC implemented a 21st century acquisition program, consisting of strategic acquisition business processes and the implementation/integration of the Strategic Acquisition System. The Office of Administration (ADM) Associate Directorate for Strategic Acquisition (ADSA) was established effective March 13, 2011, to implement this program. Responsibility for the program transferred to the Acquisition Management Division (AMD) on October 1, 2013. The Commission's Staff Requirements Memoranda (SRM) of February 28, 2011, on COMSECY-10-0020 and August 19, 2011, on COMGBJ-11-0004-FY2013 Budget Proposal provide the Commission's guidance for this initiative, and provides direction to the staff. The desired outcome for the implementation is a more integrated and informed acquisition planning approach that leverages agency resources and contract dollars utilizing effective and efficient business processes and automated tools. The program includes all agency contract support to commercial contracts; grants; DOE Laboratory Agreements; other Interagency Agreements; and Purchase Card acquisitions.

The strategic acquisition business process improvements are being implemented through the establishment of Portfolio Councils, which are cross-functional agency teams responsible for centralized acquisition planning, identification, and prioritization of opportunities to establish strategic sourcing strategies, including establishing enterprise wide contracts (EWCs) to address similar requirements across office and program lines. Three Portfolio Councils have been established to support the agency's key areas of spending – Corporate Support (consulting, corporate/administrative services, education/training, facilities, health & safety, meetings/conferences, and other/miscellaneous products), Information Technology, and Research/Technical Assistance. The number of Portfolio Councils may change over time as the needs of the agency shift and evolve.

With respect to the agency's implementation of the Federal Source Code Policy (FSCP), the NRC has determined that ownership rights to custom code developed for and funded by the NRC are granted to the agency under the provisions provided by the FAR under clause 52.227-14 (Rights in Data-General to include Alternate I and Alternate II).  As a result, no amendments to agency acquisitions policy is needed at this time to ensure compliance with the FSCP.  In order to ensure that agency acquisitions processes can effectively implement the policy as stated and to further guarantee the rights to custom-developed code, the NRC will update its standard Statement of Work (SOW) template to direct agency Contract Officers to select the proper clause for IT contracts.  Following the release of guidance provided by the OMB-sponsored Procurement Attorney's Roundtable, the NRC will finalize its review and amendment of the SOW template.

For more information, please see the following charters:

• Strategic Sourcing Group Charter
• Information Technology Portfolio Council Charter