Establishment of the Communications Supply Chain Risk Information Partnership, 41006 [2020-14725]

Download as PDF 41006 Federal Register / Vol. 85, No. 131 / Wednesday, July 8, 2020 / Notices and the findings in the initial IHA remain valid. Dated: June 30, 2020. Donna S. Wieting, Director, Office of Protected Resources, National Marine Fisheries Service. [FR Doc. 2020–14617 Filed 7–7–20; 8:45 am] BILLING CODE 3510–22–P DEPARTMENT OF COMMERCE National Telecommunications and Information Administration Establishment of the Communications Supply Chain Risk Information Partnership National Telecommunications and Information Administration, U.S. Department of Commerce. ACTION: Notice. AGENCY: The National Telecommunications and Information Administration (NTIA) announces the establishment of the Communications Supply Chain Risk Information Partnership (C–SCRIP) in support of the requirements of Section 8 of the Secure and Trusted Communications Network Act of 2019 (Act). The Act directs NTIA, in cooperation with other designated federal agencies, to establish a program to share supply chain security risk information with trusted providers of advanced communications service and suppliers of communications equipment or services. DATES: Applicable on July 8, 2020. ADDRESSES: C–SCRIP, National Telecommunications and Information Administration, U.S. Department of Commerce, 1401 Constitution Avenue NW, Washington, DC 20230. FOR FURTHER INFORMATION CONTACT: Megan Doscher, National Telecommunications and Information Administration, U.S. Department of Commerce, 1401 Constitution Avenue NW, Room 4725, Washington, DC 20230; telephone (202) 482–2503; mdoscher@ntia.gov. Please direct media inquiries to NTIA’s Office of Public Affairs, (202) 482–7002, or at press@ ntia.gov. SUMMARY: Section 8 of the Secure and Trusted Communications Network Act of 2019 (Act) directs NTIA, in cooperation with the Office of the Director of National Intelligence (ODNI), the Department of Homeland Security (DHS), the Federal Bureau of Investigation (FBI), and the Federal Communications Commission (FCC), to establish a program to share ‘‘supply chain security risk’’ jbell on DSKJLSW7X2PROD with NOTICES SUPPLEMENTARY INFORMATION: VerDate Sep<11>2014 17:17 Jul 07, 2020 Jkt 250001 information with trusted providers of ‘‘advanced communications service’’ and suppliers of communications equipment or services.1 Through this Notice, NTIA is announcing the establishment of the Communications Supply Chain Risk Information Partnership (C–SCRIP), a partnership to share supply chain security risk information with trusted communications providers and suppliers. NTIA is collaborating with the ODNI, DHS, FBI, and FCC to establish the program. This program is aimed primarily at trusted small and rural communications providers and equipment suppliers, with the goal of improving their access to risk information about key elements in their supply chain.2 C–SCRIP will allow for regularly scheduled informational briefings, with a goal of providing more targeted information for C–SCRIP participants as the program matures over time. NTIA will aim to ensure that the risk information identified for sharing under the program is relevant and accessible, and will work with its government partners to enable the granting of security clearances under established guidelines when necessary. NTIA is using a phased approach to establish the C–SCRIP program, in cooperation with its government partners. In Phase 1, NTIA establishes the program and develops the required report to Congress on NTIA’s plan to work with its interagency partners on: (1) Declassifying material to help share information on supply chain risks with trusted providers; and (2) expediting and expanding the provision of security clearances for representatives of trusted providers.3 During Phase 1, NTIA will coordinate closely with its federal partners to take advantage of the existing processes and procedures in place for the processing of security clearances and the declassification of threat intelligence and to develop a strategic implementation plan for the C– SCRIP program to establish primary goals and operating principles for the partnership. The strategic implementation plan is intended to harmonize the C–SCRIP program with other government programs to ensure cohesion and to avoid overlap. In Phase 2, NTIA will operationalize the program, informed by public comments, and will establish the methods and means to initiate and 1 Secure and Trusted Communications Network Act of 2019, Public Law 116–124, § 8, 134 Stat. 158, 168 (2020) (codified at 47 U.S.C. 1607). 2 See id. § 8(a)(2)(A), (B). 3 See id. § 8(a)(2)(C). PO 00000 Frm 00045 Fmt 4703 Sfmt 4703 sustain the partnership community of providers and suppliers that are eligible under the Act to receive supply chain security risk information.4 Phase 2 will be driven by the strategic implementation plan. In particular, NTIA expects to establish partnership guidelines during Phase 2, as driven by the Act’s requirements. NTIA will also initiate ad hoc briefings to trusted providers during Phase 2 on an asneeded basis. In Phase 3, NTIA will refine its methods and means for generating and sharing information with the C–SCRIP partnership community to best secure U.S. communications networks against supply chain threats. NTIA also expects to formalize its process and schedule for briefings and alerts during this phase, and to establish mechanisms for ongoing coordination and communication. During Phase 4, NTIA will evaluate the initiation period of the program and make recommendations for adjustments or enhancements to advance the goal of diminishing supply chain risk among program participants. Dated: July 2, 2020. Douglas Kinkoph, Associate Administrator, Office of Telecommunications and Information Applications, performing the non-exclusive functions and duties of the Assistant Secretary of Commerce for Communications and Information. [FR Doc. 2020–14725 Filed 7–7–20; 8:45 am] BILLING CODE 3510–60–P DEPARTMENT OF DEFENSE Department of the Army Board of Visitors, United States Military Academy Department of the Army, DoD. Notice of open Federal advisory committee virtual meeting. AGENCY: ACTION: The Department of the Army is publishing this notice to announce the Federal Advisory Committee Microsoft Office 365 Teams virtual meeting of the U.S. Military Academy Board of Visitors (Board). This meeting is open to the public. For additional information about the Board, please visit the committee’s website at https:// SUMMARY: 4 See NTIA, Notice; request for public comments, Promoting the Sharing of Supply Chain Security Risk Information Between Government and Communications Providers and Suppliers, 85 FR 35919 (June 12, 2020), available at https:// www.ntia.doc.gov/federal-register-notice/2020/ request-comments-promoting-sharing-supply-chainsecurity-risk. E:\FR\FM\08JYN1.SGM 08JYN1

Agencies

[Federal Register Volume 85, Number 131 (Wednesday, July 8, 2020)]
[Notices]
[Page 41006]
From the Federal Register Online via the Government Publishing Office [www.gpo.gov]
[FR Doc No: 2020-14725]


-----------------------------------------------------------------------

DEPARTMENT OF COMMERCE

National Telecommunications and Information Administration


Establishment of the Communications Supply Chain Risk Information 
Partnership

AGENCY: National Telecommunications and Information Administration, 
U.S. Department of Commerce.

ACTION: Notice.

-----------------------------------------------------------------------

SUMMARY: The National Telecommunications and Information Administration 
(NTIA) announces the establishment of the Communications Supply Chain 
Risk Information Partnership (C-SCRIP) in support of the requirements 
of Section 8 of the Secure and Trusted Communications Network Act of 
2019 (Act). The Act directs NTIA, in cooperation with other designated 
federal agencies, to establish a program to share supply chain security 
risk information with trusted providers of advanced communications 
service and suppliers of communications equipment or services.

DATES: Applicable on July 8, 2020.

ADDRESSES: C-SCRIP, National Telecommunications and Information 
Administration, U.S. Department of Commerce, 1401 Constitution Avenue 
NW, Washington, DC 20230.

FOR FURTHER INFORMATION CONTACT: Megan Doscher, National 
Telecommunications and Information Administration, U.S. Department of 
Commerce, 1401 Constitution Avenue NW, Room 4725, Washington, DC 20230; 
telephone (202) 482-2503; [email protected]. Please direct media 
inquiries to NTIA's Office of Public Affairs, (202) 482-7002, or at 
[email protected].

SUPPLEMENTARY INFORMATION: Section 8 of the Secure and Trusted 
Communications Network Act of 2019 (Act) directs NTIA, in cooperation 
with the Office of the Director of National Intelligence (ODNI), the 
Department of Homeland Security (DHS), the Federal Bureau of 
Investigation (FBI), and the Federal Communications Commission (FCC), 
to establish a program to share ``supply chain security risk'' 
information with trusted providers of ``advanced communications 
service'' and suppliers of communications equipment or services.\1\ 
Through this Notice, NTIA is announcing the establishment of the 
Communications Supply Chain Risk Information Partnership (C-SCRIP), a 
partnership to share supply chain security risk information with 
trusted communications providers and suppliers.
---------------------------------------------------------------------------

    \1\ Secure and Trusted Communications Network Act of 2019, 
Public Law 116-124, Sec.  8, 134 Stat. 158, 168 (2020) (codified at 
47 U.S.C. 1607).
---------------------------------------------------------------------------

    NTIA is collaborating with the ODNI, DHS, FBI, and FCC to establish 
the program. This program is aimed primarily at trusted small and rural 
communications providers and equipment suppliers, with the goal of 
improving their access to risk information about key elements in their 
supply chain.\2\ C-SCRIP will allow for regularly scheduled 
informational briefings, with a goal of providing more targeted 
information for C-SCRIP participants as the program matures over time. 
NTIA will aim to ensure that the risk information identified for 
sharing under the program is relevant and accessible, and will work 
with its government partners to enable the granting of security 
clearances under established guidelines when necessary.
---------------------------------------------------------------------------

    \2\ See id. Sec.  8(a)(2)(A), (B).
---------------------------------------------------------------------------

    NTIA is using a phased approach to establish the C-SCRIP program, 
in cooperation with its government partners. In Phase 1, NTIA 
establishes the program and develops the required report to Congress on 
NTIA's plan to work with its interagency partners on: (1) Declassifying 
material to help share information on supply chain risks with trusted 
providers; and (2) expediting and expanding the provision of security 
clearances for representatives of trusted providers.\3\ During Phase 1, 
NTIA will coordinate closely with its federal partners to take 
advantage of the existing processes and procedures in place for the 
processing of security clearances and the declassification of threat 
intelligence and to develop a strategic implementation plan for the C-
SCRIP program to establish primary goals and operating principles for 
the partnership. The strategic implementation plan is intended to 
harmonize the C-SCRIP program with other government programs to ensure 
cohesion and to avoid overlap.
---------------------------------------------------------------------------

    \3\ See id. Sec.  8(a)(2)(C).
---------------------------------------------------------------------------

    In Phase 2, NTIA will operationalize the program, informed by 
public comments, and will establish the methods and means to initiate 
and sustain the partnership community of providers and suppliers that 
are eligible under the Act to receive supply chain security risk 
information.\4\ Phase 2 will be driven by the strategic implementation 
plan. In particular, NTIA expects to establish partnership guidelines 
during Phase 2, as driven by the Act's requirements. NTIA will also 
initiate ad hoc briefings to trusted providers during Phase 2 on an as-
needed basis.
---------------------------------------------------------------------------

    \4\ See NTIA, Notice; request for public comments, Promoting the 
Sharing of Supply Chain Security Risk Information Between Government 
and Communications Providers and Suppliers, 85 FR 35919 (June 12, 
2020), available at https://www.ntia.doc.gov/federal-register-notice/2020/request-comments-promoting-sharing-supply-chain-security-risk.
---------------------------------------------------------------------------

    In Phase 3, NTIA will refine its methods and means for generating 
and sharing information with the C-SCRIP partnership community to best 
secure U.S. communications networks against supply chain threats. NTIA 
also expects to formalize its process and schedule for briefings and 
alerts during this phase, and to establish mechanisms for ongoing 
coordination and communication.
    During Phase 4, NTIA will evaluate the initiation period of the 
program and make recommendations for adjustments or enhancements to 
advance the goal of diminishing supply chain risk among program 
participants.

    Dated: July 2, 2020.
Douglas Kinkoph,
Associate Administrator, Office of Telecommunications and Information 
Applications, performing the non-exclusive functions and duties of the 
Assistant Secretary of Commerce for Communications and Information.
[FR Doc. 2020-14725 Filed 7-7-20; 8:45 am]
BILLING CODE 3510-60-P