US NRC 10 CFR 73.54 - Cyber Security for Nuclear Power Plants
US Nuclear Regulatory Commission (NRC) regulation 10 CFR 73.54 establishes requirements for nuclear power plant licensees to protect digital computer and communication systems and networks associated with safety, security, and emergency preparedness functions from cyber attacks. Implemented through NEI 08-09 (Cyber Security Plan for Nuclear Power Reactors), endorsed by NRC Regulatory Guide 5.71. Requires a cyber security programme, assessment of digital assets, defensive architecture, and ongoing monitoring. All US operating nuclear power plants must have NRC-approved cyber security plans.
Framework summaries on this platform are AI-assisted interpretations for educational and compliance planning purposes. They do not reproduce or replace the official standards. Refer to the authoritative source for the definitive text. Framework names and trademarks belong to their respective organisations.
Framework Domains (5)
CDA
| Code | Title |
|---|---|
| USNRCCYBER-2 | Critical Digital Asset (CDA) Identification and Protection |
Defense in Depth
| Code | Title |
|---|---|
| USNRCCYBER-4 | Defense-in-Depth and Technical Controls |
Incident Response
| Code | Title |
|---|---|
| USNRCCYBER-5 | Incident Response, Reporting, NRC Cooperation |
Plan
| Code | Title |
|---|---|
| USNRCCYBER-3 | Cyber Security Plan and Programme |
Scope
| Code | Title |
|---|---|
| USNRCCYBER-1 | High Assurance Standard and Scope |
Your Compliance Coverage
If you comply with US NRC 10 CFR 73.54 - Cyber Security for Nuclear Power Plants, you already cover:
ISO/IEC 27400:2022
20%
1 controls mapped
Compare →ISO/IEC 27011:2024
20%
1 controls mapped
Compare →FISMA
20%
1 controls mapped
Compare →+ 8 more: Ghana Cybersecurity Act (20%), HKMA Cyber Resilience Assessment Framework (C-RAF) (20%)
See all 11 mapped frameworks ↓Maps to 11 other frameworks
Frequently Asked Questions
What is US NRC 10 CFR 73.54 - Cyber Security for Nuclear Power Plants?
US NRC 10 CFR 73.54 - Cyber Security for Nuclear Power Plants is a compliance framework from United States (NRC) with 5 domains and 5 controls. US Nuclear Regulatory Commission (NRC) regulation 10 CFR 73.54 establishes requirements for nuclear power plant licensees to protect digital computer and communication systems and networks associated with safety, security, and emergency preparedness functions from cyber attacks. Implemented through NEI 08-09 (Cyber Security Plan for Nuclear Power Reactors), endorsed by NRC Regulatory Guide 5.71. Requires a cyber security programme, assessment of digital assets, defensive architecture, and ongoing monitoring. All US operating nuclear power plants must have NRC-approved cyber security plans. It is used by organisations to establish and maintain compliance with industry standards and regulatory requirements.
How many controls does US NRC 10 CFR 73.54 - Cyber Security for Nuclear Power Plants have?
US NRC 10 CFR 73.54 - Cyber Security for Nuclear Power Plants has 5 controls organised across 5 domains. The largest domains are CDA (1 controls), Defense in Depth (1 controls), Incident Response (1 controls). Each control defines specific requirements that organisations must implement to achieve compliance.
What frameworks does US NRC 10 CFR 73.54 - Cyber Security for Nuclear Power Plants map to?
US NRC 10 CFR 73.54 - Cyber Security for Nuclear Power Plants maps to 11 other compliance frameworks. The top mapping partners are ISO/IEC 27400:2022 (20% coverage), ISO/IEC 27011:2024 (20% coverage), FISMA (20% coverage). Use our comparison tool to explore control-level mappings between frameworks.
How do I get started with US NRC 10 CFR 73.54 - Cyber Security for Nuclear Power Plants compliance?
Start your US NRC 10 CFR 73.54 - Cyber Security for Nuclear Power Plants compliance journey by running a self-assessment on our platform to identify your current compliance posture. Our AI advisory can answer specific questions about US NRC 10 CFR 73.54 - Cyber Security for Nuclear Power Plants requirements, and cross-framework mapping helps you leverage existing controls from other frameworks you may already comply with. Create a free account to access all 5 controls and track your progress.
Start Your Compliance Journey
Create a free account to run self-assessments, get AI advisory, and track your compliance progress across 718 frameworks.
Get Started Free →Free forever — no credit card required