Skip to Content


Nationwide Cyber Security Review (NCSR) Assessment

Document Details

Information about this document as published in the Federal Register.

Published Document

This document has been published in the Federal Register. Use the PDF linked in the document sidebar for the official electronic format.

Start Preamble


National Protection and Programs Directorate, DHS.


30-day notice and request for comments; New Information Collection Request.


The Department of Homeland Security (DHS), National Protection and Programs Directorate (NPPD), Office of Cybersecurity and Communications (CS&C), National Cyber Security Division (NCSD), Cyber Security Evaluation Program (CSEP), will submit the following Information Collection Request (ICR) to the Office of Management and Budget (OMB) for review and clearance in accordance with the Paperwork Reduction Act of 1995 (Pub. L. 104-13, 44 U.S.C. Chapter 35): New Information Collection Request, Nationwide Cyber Security Review (NCSR) Assessment. DHS previously published this ICR in the Federal Register on April 21, 2011, for a 60-day public comment period. DHS received no comments. The purpose of this notice is to allow an additional 30 days for public comments.


Comments are encouraged and will be accepted until August 22, 2011. This process is conducted in accordance with 5 CFR 1320.10.


Interested persons are invited to submit written comments on the proposed information collection to the Office of Information and Regulatory Affairs, OMB. Comments should be addressed to OMB Desk Officer, Department of Homeland Security, Office of Civil Rights and Civil Liberties. Comments must be identified by DHS-2011-0012 and may be submitted by one of the following methods:

Instructions: All submissions received must include the words “Department of Homeland Security” and the docket number for this action. Comments received will be posted without alteration at, including any personal information provided.

OMB is particularly interested in comments that:

1. Evaluate whether the proposed collection of information is necessary for the proper performance of the functions of the agency, including whether the information will have practical utility;

2. Evaluate the accuracy of the agency's estimate of the burden of the proposed collection of information, including the validity of the methodology and assumptions used;

3. Enhance the quality, utility, and clarity of the information to be collected; and

4. Minimize the burden of the collection of information on those who are to respond, including through the use of appropriate automated, electronic, mechanical, or other technological collection techniques or other forms of information technology, e.g., permitting electronic submissions of responses.

Start Further Info


Michael Leking, DHS/NPPD/CS&C/NCSD/CSEP,

End Further Info End Preamble Start Supplemental Information


Per House Report 111-298 and Senate Report 111-31, Department of Homeland Security Appropriations Bill, NPPD, in cooperation with FEMA and relevant stakeholders, shall develop the necessary tools for all levels of government to complete a cyber network security assessment so that a full measure of gaps and capabilities can be completed. The NCSR will be conducted via the United States Computer Emergency Readiness Team (US-CERT) Secure Portal. The assessment stakeholders will be states and major urban areas. The NCSR is a voluntary self-assessment designed to measure cybersecurity preparedness and resilience. Through the NCSR, CSEP will examine relationships, interactions, and processes governing IT management and the ability to effectively manage operational risk.


Agency: Department of Homeland Security, National Protection and Programs Directorate, Office of Cybersecurity and Communications, National Cyber Security Division, Cyber Security Evaluation Program.

Title: Nationwide Cyber Security Review (NCSR) Assessment.

OMB Number: 1670-NEW.

Frequency: Annually.

Affected Public: Chief Information Officers, Chief Information Security Officers, Chief Technology Officers, and IT security personnel within states and large urban areas.

Number of Respondents: 750 respondents (estimate).

Estimated Time per Respondent: 2 hours.

Total Burden Hours: 1,500 annual burden hours.

Total Burden Cost (capital/startup): $0.

Total Recordkeeping Burden: $0 (This assessment resides on the US-CERT Portal, and there is no cost associated Start Printed Page 43697with the recordkeeping of NCSR-related information.)

Total Burden Cost (operating/maintaining): $36,630.

Start Signature

Dated: July 12, 2011.

David Epperson,

Chief Information Officer, National Protection and Programs Directorate, Department of Homeland Security.

End Signature End Supplemental Information

[FR Doc. 2011-18414 Filed 7-20-11; 8:45 am]