Information Technology Security Essential Body of Knowledge, 56369-56370 [E7-19566]

Download as PDF rwilkins on PROD1PC63 with NOTICES Federal Register / Vol. 72, No. 191 / Wednesday, October 3, 2007 / Notices Date: October 25, 2007. Time: 2 p.m. to 4 p.m. Agenda: To review and evaluate grant applications. Place: National Institutes of Health, 6701 Rockledge Drive, Bethesda, MD 20892. Contact Person: Bernard F. Driscoll, PhD, Scientific Review Administrator, Center for Scientific Review, National Institutes of Health, 6701 Rockledge Drive, Room 5184, MSC 7844, Bethesda, MD 20892, (301) 435– 1242, driscolb@csr.nih.gov. Name of Committee: Center for Scientific Review Special Emphasis Panel, Alcohol Dependence, Addictions, Substance Use Disorders and Interventions. Date: October 25, 2007. Time: 2 p.m. to 4 p.m. Agenda: To review and evaluate grant applications. Place: National Institutes of Health, 6701 Rockledge Drive, Bethesda, MD 20892 (Virtual Meeting). Contact Person: Gabriel B. Fosu, PhD, Scientific Review Administrator, Center for Scientific Review, National Institutes of Health, 6701 Rockledge Drive, Room 3215, MSC 7808, Bethesda, MD 20892, (301) 435– 3562, fosug@csr.nih.gov. Name of Committee: Center for Scientific Review Special Emphasis Panel, Small Business Grant Applications: Immunology. Date: October 26, 2007. Time: 8:30 a.m. to 6 p.m. Agenda: To review and evaluate grant applications. Place: State Plaza Hotel, 2117 E Street, NW., Washington, DC 20037. Contact Person: Stephen M. Nigida, PhD, Scientific Review Administrator, Center for Scientific Review, National Institutes of Health, 6701 Rockledge Drive, Room 4212, MSC 7812, Bethesda, MD 20892, 301–435– 1222, nigidas@csr.nih.gov. Name of Committee: Center for Scientific Review Special Emphasis Panel, BMIT/MEDI Member Conflict Meeting. Date: October 26, 2007. Time: 10 a.m. to 2 p.m. Agenda: To review and evaluate grant applications. Place: National Institutes of Health, 6701 Rockledge Drive, Bethesda, MD 20892, (Virtual Meeting). Contact Person: Weihua Luo, MD, PhD, Scientific Review Administrator, Center for Scientific Review, National Institutes of Health, 6701 Rockledge Drive, Room 5114, MSC 7854, Bethesda, MD 20892, (301) 435– 1170, luow@csr.nih.gov. Name of Committee: Center for Scientific Review Special Emphasis Panel, Insulin Release and Action. Date: October 26, 2007. Time: 2 p.m. to 4:30 p.m. Agenda: To review and evaluate grant applications. Place: National Institutes of Health, 6701 Rockledge Drive, Bethesda, MD 20892, (Telephone Conference Call). Contact Person: Syed M. Amir, PhD, Scientific Review Administrator, Center for Scientific Review, National Institutes of Health, 6701 Rockledge Drive, Room 6172, MSC 7892, Bethesda, MD 20892, (301) 435– 1043, amirs@csr.nih.gov. VerDate Aug<31>2005 18:31 Oct 02, 2007 Jkt 211001 Name of Committee: Center for Scientific Review Special Emphasis Panel, Collaborative applications in Adult Psychopathology and Disorders of Aging. Date: October 26, 2007. Time: 12 p.m. to 5 p.m. Agenda: To review and evaluate grant applications. Place: Holiday Inn Georgetown, 2101 Wisconsin Avenue, NW., Washington, DC 20007. Contact Person: Alfonso R. Latoni, PhD, Scientific Review Officer, Center for Scientific Review, National Institutes of Health, 6701 Rockledge Drive, Room 3182, MSC 7848, Bethesda, MD 20892, 301–435– 0913, latonia@csr.nih.gov. (Catalogue of Federal Domestic Assistance Program Nos. 93.306, Comparative Medicine; 93.333, Clinical Research; 93.306, 93.333, 93.337, 93.393–93.396, 93.837–93.844, 93.846–93.878, 93.892, 93.893, National Institutes of Health, HHS) Dated: September 26, 2007. Jennifer Spaeth, Director, Office of Federal Advisory Committee Policy. [FR Doc. 07–4866 Filed 10–2–07; 8:45 am] BILLING CODE 4140–01–M DEPARTMENT OF HOMELAND SECURITY Office of the Secretary [Docket No. DHS–2007–0068] Information Technology Security Essential Body of Knowledge National Protection and Programs Directorate, DHS. ACTION: Notice of availability. AGENCY: SUMMARY: This notice informs the public and interested stakeholders that the Department of Homeland Security (DHS) is making available for public review and comment ‘‘Information Technology (IT) Security Essential Body of Knowledge (EBK): A Competency and Functional Framework for IT Security Workforce Development.’’ This framework is intended to assist the public, private, and academic sectors with strategic IT security workforce development initiatives including professional development, training and education. The EBK is not an additional set of DHS guidelines, and it is not intended to represent a standard, directive, or policy by DHS. Instead, it further clarifies key IT security terms and concepts for well-defined competencies, identifies notional security roles, defines four primary functional perspectives, and establishes an IT Security Role, Competency, and Functional Matrix. DATES: Submit comments on or before December 7, 2007. PO 00000 Frm 00039 Fmt 4703 Sfmt 4703 56369 To review the draft IT Security EBK, you may access the document and request comment forms through one of the following methods: • IT Security EBK Web site: http:// www.us-cert.gov/ITSecurityEBK • Send an e-mail request to ITSecurityEBK@dhs.gov. Submit completed comment forms via e-mail to ITSecurityEBK@dhs.gov. FOR FURTHER INFORMATION CONTACT: Brenda Oldfield, Director for Education, Training and Workforce Development, National Cyber Security Division, Department of Homeland Security, EMail: ITSecurityEBK@dhs.gov. SUPPLEMENTARY INFORMATION: The IT security workforce must be prepared to meet the challenges that exist today and in the future. IT security is a strategic aspect of an organization’s business or mission and as a strategic priority, it has the potential of enhancing productivity and improving the way an organization functions. As the IT security profession matures, it requires qualified professionals with the competencies to support increasingly sophisticated demands. In response to this challenge, the DHS-NCSD worked with higher education, government and private sector experts to develop an umbrella framework that establishes a national baseline representing the essential knowledge and skills that IT security practitioners must have to perform. The DHS National Cyber Security Division (NCSD) developed the IT Security EBK as a competency-based framework that links competencies and functional perspectives to IT security roles fulfilled by personnel in the public and private sectors. Potential benefits of the IT Security EBK for both professional development and workforce management initiatives include: • Articulating the functions that professionals within the IT security workforce perform, in a context-neutral format and language; • Promoting uniform competency guidelines to increase the overall efficiency of IT security role-based training; and • Providing a content guideline that can be leveraged to facilitate costeffective professional development of the IT workforce, including future training and education, academic curricula, or affiliated human resource activities. The IT Security EBK builds directly upon the work of established bodies of knowledge; it is not an additional set of guidelines, and it is not intended to represent a standard, directive or policy by DHS. Instead, it further clarifies key ADDRESSES: E:\FR\FM\03OCN1.SGM 03OCN1 56370 Federal Register / Vol. 72, No. 191 / Wednesday, October 3, 2007 / Notices IT security terms and concepts for welldefined competencies, identifies notional security roles, defines four primary functional perspectives, and establishes an IT Security Role, Competency and Functional Matrix to help advance the IT security training and certification landscape as we strive to ensure that we have the most qualified and appropriately trained IT security workforce possible. Dated: September 26, 2007. Greg Garcia, Assistant Secretary for Cybersecurity and Communications. [FR Doc. E7–19566 Filed 10–2–07; 8:45 am] BILLING CODE 4410–10–P DEPARTMENT OF HOMELAND SECURITY U.S. Immigration and Customs Enforcement Agency Information Collection Activities: Comment Request 30-Day Notice of Information Collection Under Review; the Student and Exchange Visitor Information System (SEVIS), OMB Control No. 1653–0038. rwilkins on PROD1PC63 with NOTICES ACTION: The Department of Homeland Security, U.S. Immigration and Customs Enforcement (USICE), has submitted the following information collection request for review and clearance in accordance with the Paperwork Reduction Act of 1995. The information collection is published to obtain comments from the public and affected agencies. The information collection was previously published in the Federal Register on July 12, 2007, Vol. 72 No. 133 38095, allowing for a 60-day comment period. No comments were received on this information collection. The purpose of this notice is to allow an additional 30 days for public comments. Comments are encouraged and will be accepted for thirty days until October 31, 2007. Written comments and suggestions regarding items contained in this notice, and especially with regard to the estimated public burden and associated response time should be directed to the Department of Homeland Security (DHS); Lee Shirkey, Acting Chief, Records Management Branch; U.S. Immigration and Customs Enforcement, 425 I Street, NW., Room 1122, Washington, DC 20536; (202) 353.2266. These comments and suggestions concerning the continued collection of information should address one or more of the following four points: VerDate Aug<31>2005 19:10 Oct 02, 2007 Jkt 211001 (1) Evaluate whether the proposed collection of information is necessary for the proper performance of the functions of the agency, including whether the information will have practical utility; (2) Evaluate the accuracy of the agencies estimate of the burden of the proposed collection of information, including the validity of the methodology and assumptions used; (3) Enhance the quality, utility, and clarity of the information to be collected; and (4) Minimize the burden of the collection of information on those who are to respond, including through the use of appropriate automated, electronic, mechanical, or other technological collection techniques or other forms of information technology, e.g., permitting electronic submission of responses. Overview of This Information Collection (1) Type of information collection: Extension of currently approved information collection. (2) Title of the form/collection: Petition for Approval of School for Attendance by Nonimmigrant Student and Certificate of Eligibility for Nonimmigrant Student Status. (3) Agency form number, if any, and the applicable component of the Department of Homeland Security sponsoring the collection: Forms I–17 and I–20/Student and Exchange Visitor Program (SEVP). (4) Affected public who will be asked or required to respond, as well as a brief abstract: Primary. Approximately 30,000 designated school officials (DSOs) representing some 8,300 academic and vocational institutions. Section 641 of the Illegal Immigration Reform and Immigrant Responsibility Act of 1996 (IIRIRA), Public Law 104– 208, Div. C (Sept. 30, 1996; see attachment 1) requires the creation of a program to collect current information, on an ongoing basis, from schools and exchange visitor programs relating to nonimmigrant F, M or J foreign students and exchange visitors during the course of their stay in the United States (U.S.), using electronic reporting technology to the fullest extent practicable. It further requires Federal approval and authorization of schools and exchange visitor programs participating in such enrollment. The information collection about nonimmigrants mandated by IIRIRA includes the identity and current address in the United States of the alien, the nonimmigrant classification of the alien, the date on which a visa under the classification was issued or extended or the date on which a change PO 00000 Frm 00040 Fmt 4703 Sfmt 4703 to such classification was approved by the Department of Homeland Security (DHS), the current academic status of the alien, including whether the alien is maintaining status as a full-time student, or whether an exchange visitor is satisfying the terms and conditions of his or her program, and any disciplinary action taken by the institution or exchange visitor program sponsor against the alien as a result of a conviction of a crime. The Uniting and Strengthening America by Providing Appropriate Tools Required to Intercept and Obstruct Terrorism (USA PATRIOT) Act of 2001, Public Law 107–56 (October 26, 2001), subsequently amended IIRIRA and added the requirement that information be collected on the date of entry and portof-entry. On October 30, 2001, the President issued Homeland Security Directive No. 2 (Directive 2) requiring DHS to conduct periodic, ongoing review of all institutions certified to accept nonimmigrant students. On May 14, 2002 the Enhanced Border Security and Visa Entry Reform Act of 2002 (Border Security Act), Public Law 107– 173, 116 Stat. 543 (May 14, 2002), was enacted. It required DHS to recertify all schools approved for attendance by F or M nonimmigrant students within two years of the passage of the Border Security Act. Further, it mandates that DHS conduct an additional recertification of these schools every two years following. Data collection requirements for SEVP certification, oversight and recertification of schools authorized to enroll F or M nonimmigrant students are not specified in the aforementioned legislation, but are enumerated in 8 CFR 214.3 and 214.4. The Student and Exchange Visitor Program (SEVP), a component of U.S. Immigration and Customs Enforcement (ICE), is the program mandated by these laws to carry out these responsibilities. (5) An estimate of the total number of respondents and the amount of time estimated for an average respondent to respond annually: Respondents ............................... Time for student management reporting. Time for management of SEVP certification. Average time per respondent. 30,000. 6.8 hours. 2.3 hours 9.1 hours. (6) An estimate of the total public burden (in hours) associated with the collection: 273,000. Comments and/or questions; requests for a copy of the proposed information collection instrument, with instructions; E:\FR\FM\03OCN1.SGM 03OCN1

Agencies

[Federal Register Volume 72, Number 191 (Wednesday, October 3, 2007)]
[Notices]
[Pages 56369-56370]
From the Federal Register Online via the Government Printing Office [www.gpo.gov]
[FR Doc No: E7-19566]


=======================================================================
-----------------------------------------------------------------------

DEPARTMENT OF HOMELAND SECURITY

Office of the Secretary

[Docket No. DHS-2007-0068]


Information Technology Security Essential Body of Knowledge

AGENCY: National Protection and Programs Directorate, DHS.

ACTION: Notice of availability.

-----------------------------------------------------------------------

SUMMARY: This notice informs the public and interested stakeholders 
that the Department of Homeland Security (DHS) is making available for 
public review and comment ``Information Technology (IT) Security 
Essential Body of Knowledge (EBK): A Competency and Functional 
Framework for IT Security Workforce Development.'' This framework is 
intended to assist the public, private, and academic sectors with 
strategic IT security workforce development initiatives including 
professional development, training and education. The EBK is not an 
additional set of DHS guidelines, and it is not intended to represent a 
standard, directive, or policy by DHS. Instead, it further clarifies 
key IT security terms and concepts for well-defined competencies, 
identifies notional security roles, defines four primary functional 
perspectives, and establishes an IT Security Role, Competency, and 
Functional Matrix.

DATES: Submit comments on or before December 7, 2007.

ADDRESSES: To review the draft IT Security EBK, you may access the 
document and request comment forms through one of the following 
methods:
     IT Security EBK Web site: http://www.us-cert.gov/
ITSecurityEBK
     Send an e-mail request to ITSecurityEBK@dhs.gov.
    Submit completed comment forms via e-mail to ITSecurityEBK@dhs.gov.

FOR FURTHER INFORMATION CONTACT: Brenda Oldfield, Director for 
Education, Training and Workforce Development, National Cyber Security 
Division, Department of Homeland Security, E-Mail: 
ITSecurityEBK@dhs.gov.

SUPPLEMENTARY INFORMATION: The IT security workforce must be prepared 
to meet the challenges that exist today and in the future. IT security 
is a strategic aspect of an organization's business or mission and as a 
strategic priority, it has the potential of enhancing productivity and 
improving the way an organization functions. As the IT security 
profession matures, it requires qualified professionals with the 
competencies to support increasingly sophisticated demands. In response 
to this challenge, the DHS-NCSD worked with higher education, 
government and private sector experts to develop an umbrella framework 
that establishes a national baseline representing the essential 
knowledge and skills that IT security practitioners must have to 
perform.
    The DHS National Cyber Security Division (NCSD) developed the IT 
Security EBK as a competency-based framework that links competencies 
and functional perspectives to IT security roles fulfilled by personnel 
in the public and private sectors. Potential benefits of the IT 
Security EBK for both professional development and workforce management 
initiatives include:
     Articulating the functions that professionals within the 
IT security workforce perform, in a context-neutral format and 
language;
     Promoting uniform competency guidelines to increase the 
overall efficiency of IT security role-based training; and
     Providing a content guideline that can be leveraged to 
facilitate cost-effective professional development of the IT workforce, 
including future training and education, academic curricula, or 
affiliated human resource activities.
    The IT Security EBK builds directly upon the work of established 
bodies of knowledge; it is not an additional set of guidelines, and it 
is not intended to represent a standard, directive or policy by DHS. 
Instead, it further clarifies key

[[Page 56370]]

IT security terms and concepts for well-defined competencies, 
identifies notional security roles, defines four primary functional 
perspectives, and establishes an IT Security Role, Competency and 
Functional Matrix to help advance the IT security training and 
certification landscape as we strive to ensure that we have the most 
qualified and appropriately trained IT security workforce possible.

    Dated: September 26, 2007.
Greg Garcia,
Assistant Secretary for Cybersecurity and Communications.
[FR Doc. E7-19566 Filed 10-2-07; 8:45 am]
BILLING CODE 4410-10-P