Agency Information Collection Activities: Vulnerability Assessments, 61923-61924 [2019-24743]

Download as PDF Federal Register / Vol. 84, No. 220 / Thursday, November 14, 2019 / Notices FEMA Form 009–0–125 Rented Equipment Summary Record; FEMA Form 009–0–126 Contract Work Summary Record; FEMA Form 009–0– 127 Force Account Equipment Summary Record; FEMA Form 009–0– 128 Applicant’s Benefits Calculation Worksheet; FEMA Form 009–0–111, Quarterly Progress Report; FEMA Form 009–0–141, FAC–TRAX System. Abstract: The information collected is utilized by FEMA to make determinations for Public Assistance grants based on the information supplied by the respondents. Affected Public: State, local or Tribal government. Estimated Number of Respondents: 1,012. Estimated Number of Responses: 398,068. Estimated Total Annual Burden Hours: 466,025. Estimated Total Annual Respondent Cost: $29,601,921. Estimated Respondents’ Operation and Maintenance Costs: N/A. Estimated Respondents’ Capital and Start-Up Costs: N/A. Estimated Total Annual Cost to the Federal Government: $1,891,473. Comments khammond on DSKJM1Z7X2PROD with NOTICES Comments may be submitted as indicated in the ADDRESSES caption above. Comments are solicited to (a) evaluate whether the proposed data collection is necessary for the proper performance of the agency, including whether the information shall have practical utility; (b) evaluate the accuracy of the agency’s estimate of the burden of the proposed collection of information, including the validity of the methodology and assumptions used; (c) enhance the quality, utility, and clarity of the information to be collected; and (d) minimize the burden of the collection of information on those who are to respond, including through the use of appropriate automated, electronic, mechanical, or other technological collection techniques or other forms of information technology, e.g., permitting electronic submission of responses. Maile Arthur, Deputy Director, Information Management Division, Office of the Chief Administrative Officer, Mission Support, Federal Emergency Management Agency, Department of Homeland Security. [FR Doc. 2019–24719 Filed 11–13–19; 8:45 am] BILLING CODE 9111–23–P VerDate Sep<11>2014 17:47 Nov 13, 2019 Jkt 250001 DEPARTMENT OF HOMELAND SECURITY Agency Information Collection Activities: Vulnerability Assessments Infrastructure Security Division (ISD), Cybersecurity and Infrastructure Security Agency (CISA), Department of Homeland Security (DHS). ACTION: 30-Day notice and request for comments; revision, 1670–0035. AGENCY: DHS CISA ISD will submit the following information collection request (ICR) to the Office of Management and Budget (OMB) for review and clearance in accordance with the Paperwork Reduction Act of 1995. CISA previously published this ICR for a 60-day public comment period. No comments were received by CISA. The purpose of this notice is to allow an additional 30 days for public comments. DATES: Comments are due by December 16, 2019. ADDRESSES: Interested persons are invited to submit written comments on the proposed information collection to the Office of Information and Regulatory Affairs, OMB. Comments should be addressed to the OMB Desk Officer, Department of Homeland Security and sent via electronic mail to dhsdeskofficer@omb.eop.gov. All submissions must include the words ‘‘Department of Homeland Security’’ and the OMB Control Number 1670– 0035. Comments submitted in response to this notice may be made available to the public through relevant websites. For this reason, please do not include in your comments information of a confidential nature, such as sensitive personal information or proprietary information. If you send an email comment, your email address will be automatically captured and included as part of the comment that is placed in the public docket and made available on the internet. Please note that responses to this public comment request containing any routine notice about the confidentiality of the communication will be treated as public comments that may be made available to the public notwithstanding the inclusion of the routine notice. FOR FURTHER INFORMATION CONTACT: Ricky Morgan, 866–844–8163, IPGatewayHelpDesk@hq.dhs.gov. SUPPLEMENTARY INFORMATION: The Presidential Policy Directive-21 and the National Infrastructure Protection Plan highlight the need for a centrally managed repository of infrastructure SUMMARY: PO 00000 Frm 00056 Fmt 4703 Sfmt 4703 61923 attributes capable of assessing risks and facilitating data sharing. To support this mission need, the DHS CISA ISD has developed a data collection system that contains several capabilities which support the homeland security mission in the area of critical infrastructure (CI) protection. Protective Security Advisors (PSAs) and Cyber Security Advisors (CSAs) conduct voluntary assessments on CI facilities. These assessments are webbased and are used to collect an organization’s basic, high-level information, and its dependencies. This data is then used to determine a Protective Measures Index (PMI) and a Resilience Measures Index (RMI) for the assessed organization. This information allows an organization to see how it compares to other organizations within the same sector as well as allows them to see how adjusting certain aspects would change their score. This allows the organization to then determine where best to allocate funding and perform other high-level decisionmaking processes pertaining to the security and resiliency of the organization. The information will be gathered by site visits, arranged between the organization owners and DHS PSAs or CSAs. The PSA or CSA will then visit the site and perform the assessment, as requested. They then return to complete the vulnerability assessment and input the data into the system where the data is then accessible to system users. Once available, the organization and other relevant system users can then review the data and use it for planning, risk identification, mitigation and decision making. All data is captured electronically by the PSA, CSA or by the organization as a self-assessment. Participation in the vulnerability assessments is voluntary, but full completion of the assessment data collection is required if the organization desires to receive a complete evaluation of their security posture. After assessments are input into the system, the user is prompted to participate in a feedback questionnaire. Every user is prompted to participate in the Post Assessment questionnaire after entering an assessment. Participation in the Post Assessment questionnaire is voluntary. The Post Assessment Questionnaires are designed to capture feedback about a vulnerability assessment and the system. There are three different questionnaires correlated and prompted after entering a particular assessment into the database. The results are used internally within DHS to make programmatic improvements. E:\FR\FM\14NON1.SGM 14NON1 khammond on DSKJM1Z7X2PROD with NOTICES 61924 Federal Register / Vol. 84, No. 220 / Thursday, November 14, 2019 / Notices The collection of information uses automated electronic vulnerability assessments and questionnaires. The vulnerability assessments and questionnaires are electronic in nature and include questions that measure the security, resiliency and dependencies of an organization. The vulnerability assessments are arranged at the request of an organization and are then scheduled and performed by a PSA or CSA. The changes to the collection since the previous OMB approval include: Updating the title of the collection, adding three customer feedback questionnaires, increase in burden estimates and costs. The three questionnaires were added to the collection to provide user feedback on the content and functionality of the system. The addition of the questionnaires have increased the burden estimates by $3,861. The annual burden cost for the collection has increased by $121,591, from $1,786,166 to $1,907,757, due to the addition of the Post Assessment Questionnaires and updated wage rates. The annual government cost for the collection has increased by $509,195, from $1,710,959 to $2,220,152, due to the addition of the Post Assessment Questionnaires and updated wage rates. This is a revision and renewal of an information collection. OMB is particularly interested in comments that: 1. Evaluate whether the proposed collection of information is necessary for the proper performance of the functions of the agency, including whether the information will have practical utility; 2. Evaluate the accuracy of the agency’s estimate of the burden of the proposed collection of information, including the validity of the methodology and assumptions used; 3. Enhance the quality, utility, and clarity of the information to be collected; and 4. Minimize the burden of the collection of information on those who are to respond, including through the use of appropriate automated, electronic, mechanical, or other technological collection techniques or other forms of information technology, e.g., permitting electronic submissions of responses. Title of Collection: Cybersecurity and Infrastructure Security Agency Vulnerability Assessments. OMB Control Number: 1670–0035. Frequency: Annually. Affected Public: State, Local, Tribal, and Territorial Governments and Private Sector Individuals. VerDate Sep<11>2014 17:47 Nov 13, 2019 Jkt 250001 Number of Annualized Respondents: 3,181. Estimated Time per Respondent: 7.5 hours, 0.17 hours. Total Annualized Burden Hours: 21,907 hours. Total Annualized Respondent Opportunity Cost: $1,907,757. Total Annualized Respondent Out-ofPocket Cost: $0. Total Annualized Government Cost: $2,220,152. Scott Libby, Deputy Chief Information Officer. [FR Doc. 2019–24743 Filed 11–13–19; 8:45 am] BILLING CODE 9110–9P–P DEPARTMENT OF THE INTERIOR Bureau of Land Management [LLAK940000.L14100000.BX0000.20X. LXSS001L0100] Filing of Plats of Survey: Alaska Bureau of Land Management, Interior. ACTION: Notice of official filing. AGENCY: The plats of survey of lands described in this notice are scheduled to be officially filed in the Bureau of Land Management (BLM), Alaska State Office, Anchorage, Alaska. These surveys were executed at the request of the U.S. Coast Guard, the Bureau of Indian Affairs and BLM, are necessary for the management of these lands. DATES: The BLM must receive protests by December 16, 2019. ADDRESSES: You may buy a copy of the plats from the BLM Alaska Public Information Center, 222 W 7th Avenue, Mailstop 13, Anchorage, AK 99513. Please use this address when filing written protests. You may also view the plats at the BLM Alaska Public Information Center, Fitzgerald Federal Building, 222 W 8th Avenue, Anchorage, Alaska, at no cost. FOR FURTHER INFORMATION CONTACT: Douglas N. Haywood, Chief, Branch of Cadastral Survey, Alaska State Office, Bureau of Land Management, 222 W. 7th Avenue, Anchorage, AK 99513; 907–271–5481; dhaywood@blm.gov. People who use a telecommunications device for the deaf may call the Federal Relay Service (FRS) at 1–800–877–8339 to contact the BLM during normal business hours. The FRS is available 24 hours a day, 7 days a week, to leave a message or question with the above individual. You will receive a reply during normal business hours. SUPPLEMENTARY INFORMATION: The lands surveyed are: SUMMARY: PO 00000 Frm 00057 Fmt 4703 Sfmt 4703 U.S. Survey No. 4486, accepted October 31, 2019, situated within: Kateel River Meridian, Alaska T. 25 N, R. 19 W U.S. Survey No. 5877, accepted October 31, 2019, situated within: Seward Meridian, Alaska T. 8 S, R. 14 W U.S. Survey No. 8610, accepted October 31, 2019, situated within: Fairbanks Meridian, Alaska T. 8 N, R. 5 W U.S. Survey No. 9480, accepted October 31, 2019, situated within: Fairbanks Meridian, Alaska Tps. 11 N, Rs. 17 and 18 E U.S. Survey No. 14383, accepted August 21, 2019, situated within: Seward Meridian, Alaska T. 2 N, R. 6 E U.S. Survey No. 14471, accepted August 21, 2019, situated within: Copper River Meridian, Alaska T. 16 S, R. 6 W U.S. Survey No. 14488, accepted October 31, 2019, situated within: Fairbanks Meridian, Alaska T. 8 N, R. 14 W U.S. Survey No. 14490, accepted October 31, 2019, situated within: Kateel River Meridian, Alaska T. 5 S, R. 6 E U.S. Survey No. 14491, accepted August 21, 2019, situated within: Seward Meridian, Alaska T. 9 N, R. 10 E U.S. Survey No. 14492, accepted August 21, 2019, situated within: Seward Meridian, Alaska T. 2 N, R. 9 E U.S. Survey No. 14493, accepted August 21, 2019, situated within: Seward Meridian, Alaska T. 5 N, R. 10 E U.S. Survey No. 14494, accepted August 21, 2019, situated within: Seward Meridian, Alaska T. 11 N, R. 9 E Copper River Meridian, Alaska T. 28 N, R. 14 E, accepted October 31, 2019 T. 9 S, R. 3 E, accepted August 21, 2019 T. 68 S, R. 78 E, accepted June 21, 2019 T. 68 S, R. 79 E, accepted June 21, 2019 T. 73 S, R. 91 E, accepted June 21, 2019 T. 73 S, R. 92 E, accepted June 21, 2019 T. 74 S, R. 92 E, accepted June 21, 2019 Fairbanks Meridian, Alaska T. 4 S, R. 8 W, accepted October 31, 2019 Kateel River Meridian, Alaska T. 18 N, R. 18 E, accepted August 21, 2019 T. 33 N, R. 19 W, accepted August 6, 2019 T. 6 S, R. 20 E, accepted October 31, 2019 T. 3 S, R. 10 W, accepted August 6, 2019 E:\FR\FM\14NON1.SGM 14NON1

Agencies

[Federal Register Volume 84, Number 220 (Thursday, November 14, 2019)]
[Notices]
[Pages 61923-61924]
From the Federal Register Online via the Government Publishing Office [www.gpo.gov]
[FR Doc No: 2019-24743]


-----------------------------------------------------------------------

DEPARTMENT OF HOMELAND SECURITY


Agency Information Collection Activities: Vulnerability 
Assessments

AGENCY: Infrastructure Security Division (ISD), Cybersecurity and 
Infrastructure Security Agency (CISA), Department of Homeland Security 
(DHS).

ACTION: 30-Day notice and request for comments; revision, 1670-0035.

-----------------------------------------------------------------------

SUMMARY: DHS CISA ISD will submit the following information collection 
request (ICR) to the Office of Management and Budget (OMB) for review 
and clearance in accordance with the Paperwork Reduction Act of 1995. 
CISA previously published this ICR for a 60-day public comment period. 
No comments were received by CISA. The purpose of this notice is to 
allow an additional 30 days for public comments.

DATES: Comments are due by December 16, 2019.

ADDRESSES: Interested persons are invited to submit written comments on 
the proposed information collection to the Office of Information and 
Regulatory Affairs, OMB. Comments should be addressed to the OMB Desk 
Officer, Department of Homeland Security and sent via electronic mail 
to [email protected]. All submissions must include the words 
``Department of Homeland Security'' and the OMB Control Number 1670-
0035.
    Comments submitted in response to this notice may be made available 
to the public through relevant websites. For this reason, please do not 
include in your comments information of a confidential nature, such as 
sensitive personal information or proprietary information. If you send 
an email comment, your email address will be automatically captured and 
included as part of the comment that is placed in the public docket and 
made available on the internet. Please note that responses to this 
public comment request containing any routine notice about the 
confidentiality of the communication will be treated as public comments 
that may be made available to the public notwithstanding the inclusion 
of the routine notice.

FOR FURTHER INFORMATION CONTACT: Ricky Morgan, 866-844-8163, 
[email protected].

SUPPLEMENTARY INFORMATION: The Presidential Policy Directive-21 and the 
National Infrastructure Protection Plan highlight the need for a 
centrally managed repository of infrastructure attributes capable of 
assessing risks and facilitating data sharing. To support this mission 
need, the DHS CISA ISD has developed a data collection system that 
contains several capabilities which support the homeland security 
mission in the area of critical infrastructure (CI) protection.
    Protective Security Advisors (PSAs) and Cyber Security Advisors 
(CSAs) conduct voluntary assessments on CI facilities. These 
assessments are web-based and are used to collect an organization's 
basic, high-level information, and its dependencies. This data is then 
used to determine a Protective Measures Index (PMI) and a Resilience 
Measures Index (RMI) for the assessed organization. This information 
allows an organization to see how it compares to other organizations 
within the same sector as well as allows them to see how adjusting 
certain aspects would change their score. This allows the organization 
to then determine where best to allocate funding and perform other 
high-level decision-making processes pertaining to the security and 
resiliency of the organization.
    The information will be gathered by site visits, arranged between 
the organization owners and DHS PSAs or CSAs. The PSA or CSA will then 
visit the site and perform the assessment, as requested. They then 
return to complete the vulnerability assessment and input the data into 
the system where the data is then accessible to system users. Once 
available, the organization and other relevant system users can then 
review the data and use it for planning, risk identification, 
mitigation and decision making. All data is captured electronically by 
the PSA, CSA or by the organization as a self-assessment. Participation 
in the vulnerability assessments is voluntary, but full completion of 
the assessment data collection is required if the organization desires 
to receive a complete evaluation of their security posture.
    After assessments are input into the system, the user is prompted 
to participate in a feedback questionnaire. Every user is prompted to 
participate in the Post Assessment questionnaire after entering an 
assessment. Participation in the Post Assessment questionnaire is 
voluntary. The Post Assessment Questionnaires are designed to capture 
feedback about a vulnerability assessment and the system. There are 
three different questionnaires correlated and prompted after entering a 
particular assessment into the database. The results are used 
internally within DHS to make programmatic improvements.

[[Page 61924]]

    The collection of information uses automated electronic 
vulnerability assessments and questionnaires. The vulnerability 
assessments and questionnaires are electronic in nature and include 
questions that measure the security, resiliency and dependencies of an 
organization. The vulnerability assessments are arranged at the request 
of an organization and are then scheduled and performed by a PSA or 
CSA.
    The changes to the collection since the previous OMB approval 
include: Updating the title of the collection, adding three customer 
feedback questionnaires, increase in burden estimates and costs. The 
three questionnaires were added to the collection to provide user 
feedback on the content and functionality of the system. The addition 
of the questionnaires have increased the burden estimates by $3,861.
    The annual burden cost for the collection has increased by 
$121,591, from $1,786,166 to $1,907,757, due to the addition of the 
Post Assessment Questionnaires and updated wage rates.
    The annual government cost for the collection has increased by 
$509,195, from $1,710,959 to $2,220,152, due to the addition of the 
Post Assessment Questionnaires and updated wage rates.
    This is a revision and renewal of an information collection.
    OMB is particularly interested in comments that:
    1. Evaluate whether the proposed collection of information is 
necessary for the proper performance of the functions of the agency, 
including whether the information will have practical utility;
    2. Evaluate the accuracy of the agency's estimate of the burden of 
the proposed collection of information, including the validity of the 
methodology and assumptions used;
    3. Enhance the quality, utility, and clarity of the information to 
be collected; and
    4. Minimize the burden of the collection of information on those 
who are to respond, including through the use of appropriate automated, 
electronic, mechanical, or other technological collection techniques or 
other forms of information technology, e.g., permitting electronic 
submissions of responses.
    Title of Collection: Cybersecurity and Infrastructure Security 
Agency Vulnerability Assessments.
    OMB Control Number: 1670-0035.
    Frequency: Annually.
    Affected Public: State, Local, Tribal, and Territorial Governments 
and Private Sector Individuals.
    Number of Annualized Respondents: 3,181.
    Estimated Time per Respondent: 7.5 hours, 0.17 hours.
    Total Annualized Burden Hours: 21,907 hours.
    Total Annualized Respondent Opportunity Cost: $1,907,757.
    Total Annualized Respondent Out-of-Pocket Cost: $0.
    Total Annualized Government Cost: $2,220,152.

Scott Libby,
Deputy Chief Information Officer.
[FR Doc. 2019-24743 Filed 11-13-19; 8:45 am]
 BILLING CODE 9110-9P-P