<NOTICE>
DEPARTMENT OF HOMELAND SECURITY
<DEPDOC>[Docket No. CISA-2024-0007]</DEPDOC>
<SUBJECT>Agency Information Collection Activities: Service Request Form for Enterprise Assessment Services</SUBJECT>
<HD SOURCE="HED">AGENCY:</HD>
Cybersecurity and Infrastructure Security Agency (CISA), Department of Homeland Security (DHS).
<HD SOURCE="HED">ACTION:</HD>
30-Day notice and request for comments.
<SUM>
<HD SOURCE="HED">SUMMARY:</HD>
The Cybersecurity Division (CSD) within Cybersecurity and Infrastructure Security Agency (CISA) will submit the following information collection request (ICR) to the Office of Management and Budget (OMB) for review and clearance. CISA previously published this information collection request (ICR) in the
<E T="04">Federal Register</E>
on February 15, 2024 for a 60-day public
comment period. 0 comments were received by CISA. The purpose of this notice is to allow additional 30-days for public comments.
</SUM>
<DATES>
<HD SOURCE="HED">DATES:</HD>
Comments are encouraged and will be accepted until November 21, 2024. Submissions received after the deadline for receiving comments may not be considered.
</DATES>
<HD SOURCE="HED">ADDRESSES:</HD>
Written comments and recommendations for the proposed information collection should be sent within 30 days of publication of this notice to
<E T="03">www.reginfo.gov/public/do/PRAMain.</E>
Find this particular information collection by selecting “Currently under 30-day Review—Open for Public Comments” or by using the search function.
The Office of Management and Budget is particularly interested in comments which:
1. Evaluate whether the proposed collection of information is necessary for the proper performance of the functions of the agency, including whether the information will have practical utility;
2. Evaluate the accuracy of the agency's estimate of the burden of the proposed collection of information, including the validity of the methodology and assumptions used;
3. Enhance the quality, utility, and clarity of the information to be collected; and
4. Minimize the burden of the collection of information on those who are to respond, including through the use of appropriate automated, electronic, mechanical, or other technological collection techniques or other forms of information technology,
<E T="03">e.g.,</E>
permitting electronic submissions of responses.
<FURINF>
<HD SOURCE="HED">FOR FURTHER INFORMATION CONTACT:</HD>
Jonathan Pereira, 202.794.3427,
<E T="03">vulnerability@cisa.dhs.gov.</E>
</FURINF>
<SUPLINF>
<HD SOURCE="HED">SUPPLEMENTARY INFORMATION:</HD>
The Cybersecurity and Infrastructure Security Agency (CISA) Cybersecurity Division (CSD) offers cybersecurity assessments to help reduce risk for federal, state, local, tribal, territorial and private sector critical infrastructure partners. Information collected is used by CISA CSD staff to engage with customers and provide cybersecurity assessment services. For more information on the specific questions asked, please see
<E T="03">www.reginfo.gov/public/do/PRAMain.</E>
Under 6 U.S.C. 659(c)(6), CISA provides, upon request, “. . . timely technical assistance, risk management support, and incident response capabilities to Federal and non-Federal entities with respect to cyber threat indicators, defensive measures, cybersecurity risks, and incidents, which may include attribution, mitigation, and remediation . . .”
<E T="03">Number of Respondents:</E>
CISA estimates the number of respondents will be 5,000.
<E T="03">Estimated Time per Respondent:</E>
CISA assumes the majority of individuals who will complete this form are Chief Information Officers or equivalent. The estimated time to complete the form was determined to be .11 hours after user testing.
<E T="03">Total Annual Burden Cost:</E>
$97,674 from Economist review.
<E T="03">Annual Burden Hours:</E>
The annual burden hours is 825 hours (5,000 respondents × 1.5 responses per respondent × .11 hour per response).
<HD SOURCE="HD1">Analysis</HD>
<E T="03">Agency:</E>
Cybersecurity and Infrastructure Security Agency (CISA), Department of Homeland Security (DHS).
<E T="03">Title:</E>
Service Request Form for Enterprise Assessment Services.
<E T="03">OMB Number:</E>
1670-NEW.
<E T="03">Frequency:</E>
Information is required when an organization would initially request cybersecurity assessments or requests additional cybersecurity assessments. These requests are made at the discretion of the requestor therefore the program office is not able to determine when or how often such requests will occur.
<E T="03">Affected Public:</E>
Business or Other For-Profit, Not-For-Profit Institutions, Federal Government, State, Local or Tribal Government.
<E T="03">Number of Respondents:</E>
5,000.
<E T="03">Estimated Time per Respondent:</E>
0.11 hours.
<E T="03">Total Burden Hours:</E>
825 hours.
<E T="03">Estimated Annual Industry Cost:</E>
$97,674.
<E T="03">Estimated Annual Federal Government Cost:</E>
$163,150.
<SIG>
<NAME>Robert J. Costello,</NAME>
Chief Information Officer, Department of Homeland Security, Cybersecurity and Infrastructure Security Agency.
</SIG>
</SUPLINF>
<FRDOC>[FR Doc. 2024-24220 Filed 10-21-24; 8:45 am]</FRDOC>
</NOTICE>
This text is preserved for citation and comparison. View the official version for the authoritative text.