National Protection and Programs Directorate, National Cyber Security Division, DHS.
30-Day Notice and request for comments.
The Department of Homeland Security (DHS) invites the general public and other federal agencies the opportunity to comment on new information collection request 1670-NEW, US-CERT Incident Reporting. As required by the Paperwork Reduction Act of 1995, (Pub. L. 104-13, 44 U.S.C. chapter 35) as amended by the Clinger-Cohen Act (Pub. L. 104-106), DHS is soliciting comments for this collection. The information collection was previously published in the Federal Register on June 11, 2008 at 73 FR 33101 allowing for a 60-day public comment period. No comments were received on this information collection. The purpose of this notice is to allow an additional 30 days for public comments.
Comments are encouraged and will be accepted until November 6, 2008. This process is conducted in accordance with 5 CFR 1320.1.
Interested persons are invited to submit written comments on the proposed information collection to the Office of Information and Regulatory Affairs, Office of Management Budget, 725 17th Street, NW., Washington, DC 20503, Attention: Desk Officer for National Protection and Programs Directorate, DHS or sent via electronic mail to firstname.lastname@example.org or faxed to (202) 395-6974.Start Further Info
FOR FURTHER INFORMATION CONTACT:
Interested persons are invited to submit written comments on the proposed information collection to the Office of Information and Regulatory Affairs, Office of Management Budget, 725 17th Street, NW., Washington, DC 20503, Attention: Desk Officer for National Protection and Programs Directorate, DHS or sent via electronic mail to email@example.com or faxed to (202) 395-6974.End Further Info End Preamble Start Supplemental Information
The Office of Management and Budget is particularly interested in comments that:
1. Evaluate whether the proposed collection of information is necessary for the proper performance of the functions of the agency, including whether the information will have practical utility; Start Printed Page 58609
2. Evaluate the accuracy of the agency's estimate of the burden of the proposed collection of information, including the validity of the methodology and assumptions used;
3. Enhance the quality, utility, and clarity of the information to be collected; and
4. Minimize the burden of the collection of information on those who are to respond, including through the use of appropriate automated, electronic, mechanical, or other technological collection techniques or other forms of information technology, e.g., permitting electronic submissions of responses.
Agency: Department of Homeland Security, National Protection and Programs Directorate, National Cyber Security Division.
Title: US-CERT Incident Reporting.
OMB Number: 1670-NEW.
Affected Public: Federal, State, Local, Tribal, Private Sector.
Number of Respondents: 6000 per year.
Estimated Time Per Respondent: 20 minutes.
Total Burden Hours: 2000 hours.
Total Burden Cost (capital/startup): None.
Total Burden Cost (operating/maintaining): None.
Description: The Federal Information Security Management Act of 2002 requires all federal agencies to report security incidents to a federal incident response center, designated as the United States Computer Emergency Readiness Team (US-CERT). US-CERT has created a web-based Incident Reporting Form for all federal agencies, organizations, private and commercial companies, and individuals to submit incidents to US-CERT's security operations center. In July of 2006, OMB issued Memo M06-19 revising reporting procedures to require all federal agencies to report all incidents involving personally identifiable information (PII) to US-CERT within one hour of discovering the incident.Start Signature
Dated: August 14, 2008.
Acting Chief Information Officer, National Protection and Programs Directorate, Department of Homeland Security.
[FR Doc. E8-23747 Filed 10-6-08; 8:45 am]
BILLING CODE 4410-10-P