Access Authorization Programs

On this page:

For additional information, see our Frequently Asked Questions About Access Authorization or you can Contact us.


The licensee for each nuclear power plant licensed under 10 CFR Part 50 is required to develop, implement, and maintain an Access Authorization (AA) program to protect against an insider threat at the plant. The purpose of an AA program is to demonstrate that each person granted unescorted acces to the facility

  • is trustworty and reliable,
  • does not constitute an unreasonable risk to the health and safety of the public or the common defense and security, and
  • does not pose a threat to interrupt the normal operations of the plant or to commit radiological sabotage.

To top of page

Scope of Requirements

The requirements for an AA program apply to each nuclear power plant licensee under 10 CFR Part 50, including their contractors, subcontractors and vendors who provide services to the licensee.

An AA program must be implemented in accordance with an approved NRC security plan, and requirements from 10 CFR Part 73 (Physical Protection Requirements), NRC Security Order EA-02-261 (Compensatory Measures for Access Authorization), and 10 CFR Part 26 (Fitness for Duty). These rules require the licensee to perform the following reviews and screenings of each person granted unescorted acces to an NRC-licensed facility.

  • Employment history review (including all periods of unemployment)
  • Military history review
  • Criminal history review
  • Credit history review
  • Education history review
  • Interviews with provided references
  • Initial drug and alcohol screening
  • Initial psychological screening

The rules also require that each person granted unescorted access be observed by a supervisor trained to detect, at a minimum, changes in behavior that could indicate degraded or impaired performance.

Initial follow-up and random drug testing of personnel are a major component of NRC's program to ensure the trustworthiness and reliability of licensee personnel with unescorted access to the protected areas (PAs) and vital areas (VAs) in a nuclear power plant.

To top of page


On May 29, 1991, the NRC published 10 CFR 73.56 (56 FR 24239) to support the safe operation of nuclear power plants licensed by the NRC. This rule was implemented in part by 10 CFR 73.57 and 10 CFR Part 26.

Following the events of September 11, 2001, the NRC increased emphasis on the trustworthiness and reliability of individuals who have unescorted access to the PAs and VAs of nuclear power plants. On September 14 and again on October 6, 2001, the NRC advised its licensees to assume a heightened level of awareness with regard to access authorization at nuclear power plants.

Recognizing the new threat environment, the NRC began comprehensive reviews of its safeguards and security programs to ensure that the existing requirements were reasonable and prudent. After completing these reviews, the agency issued advisories and security orders to enhance the control of personnel access to nuclear power plants and the monitoring of their movement within these facilities. On February 25, 2002, the NRC issued orders to all nuclear power plant licensees requiring formal implementation of certain enhancements issued in previous advisories. On January 7, 2003, the NRC issued an additional security order (EA-02-0261) to all Part 50 licensees, effective immediately, imposing compensatory measures to enhance the AA program in 10 CFR 73.56. The order allowed for an implementation period that was commensurate with the complexity of the enhancement.

On April 16, 2004, the NRC endorsed the Nuclear Energy Institute's (NEI) implementation guidance in "Nuclear Power Plant Access Authorization Program" (NEI-03-01 Rev. 1), applicable for 10 CFR 73.56, 10 CFR 73.57, and 10 CFR Part 26. In Staff Requirements Memorandum (SRM) COMSECY-04-0047, dated July 19, 2004, the Commission endorsed the staff's plans to amend the requirements in 10 CFR Part 73 to align them with the January 7, 2003, AA security orders. In its response to the SRM, the staff agreed with the Commission's recommendation to align the security orders with the requirements in 10 CFR 73.56 to achieve regulatory stability, increase program effectiveness, clarify existing regulatory requirements among stakeholders, and codify the requirements in one location.

To top of page

Page Last Reviewed/Updated Tuesday, March 10, 2020