[Federal Register Volume 73, Number 195 (Tuesday, October 7, 2008)]
[Notices]
[Pages 58608-58609]
From the Federal Register Online via the Government Publishing Office [www.gpo.gov]
[FR Doc No: E8-23747]


=======================================================================
-----------------------------------------------------------------------

DEPARTMENT OF HOMELAND SECURITY


National Protection and Programs Directorate; Submission for 
Review: US-CERT Incident Reporting

AGENCY: National Protection and Programs Directorate, National Cyber 
Security Division, DHS.

ACTION: 30-Day Notice and request for comments.

-----------------------------------------------------------------------

SUMMARY: The Department of Homeland Security (DHS) invites the general 
public and other federal agencies the opportunity to comment on new 
information collection request 1670-NEW, US-CERT Incident Reporting. As 
required by the Paperwork Reduction Act of 1995, (Pub. L. 104-13, 44 
U.S.C. chapter 35) as amended by the Clinger-Cohen Act (Pub. L. 104-
106), DHS is soliciting comments for this collection. The information 
collection was previously published in the Federal Register on June 11, 
2008 at 73 FR 33101 allowing for a 60-day public comment period. No 
comments were received on this information collection. The purpose of 
this notice is to allow an additional 30 days for public comments.

DATES: Comments are encouraged and will be accepted until November 6, 
2008. This process is conducted in accordance with 5 CFR 1320.1.

ADDRESSES: Interested persons are invited to submit written comments on 
the proposed information collection to the Office of Information and 
Regulatory Affairs, Office of Management Budget, 725 17th Street, NW., 
Washington, DC 20503, Attention: Desk Officer for National Protection 
and Programs Directorate, DHS or sent via electronic mail to [email protected] or faxed to (202) 395-6974.

FOR FURTHER INFORMATION CONTACT: Interested persons are invited to 
submit written comments on the proposed information collection to the 
Office of Information and Regulatory Affairs, Office of Management 
Budget, 725 17th Street, NW., Washington, DC 20503, Attention: Desk 
Officer for National Protection and Programs Directorate, DHS or sent 
via electronic mail to [email protected] or faxed to (202) 
395-6974.

SUPPLEMENTARY INFORMATION: The Office of Management and Budget is 
particularly interested in comments that:
    1. Evaluate whether the proposed collection of information is 
necessary for the proper performance of the functions of the agency, 
including whether the information will have practical utility;

[[Page 58609]]

    2. Evaluate the accuracy of the agency's estimate of the burden of 
the proposed collection of information, including the validity of the 
methodology and assumptions used;
    3. Enhance the quality, utility, and clarity of the information to 
be collected; and
    4. Minimize the burden of the collection of information on those 
who are to respond, including through the use of appropriate automated, 
electronic, mechanical, or other technological collection techniques or 
other forms of information technology, e.g., permitting electronic 
submissions of responses.

Analysis

    Agency: Department of Homeland Security, National Protection and 
Programs Directorate, National Cyber Security Division.
    Title: US-CERT Incident Reporting.
    OMB Number: 1670-NEW.
    Frequency: Once.
    Affected Public: Federal, State, Local, Tribal, Private Sector.
    Number of Respondents: 6000 per year.
    Estimated Time Per Respondent: 20 minutes.
    Total Burden Hours: 2000 hours.
    Total Burden Cost (capital/startup): None.
    Total Burden Cost (operating/maintaining): None.
    Description: The Federal Information Security Management Act of 
2002 requires all federal agencies to report security incidents to a 
federal incident response center, designated as the United States 
Computer Emergency Readiness Team (US-CERT). US-CERT has created a web-
based Incident Reporting Form for all federal agencies, organizations, 
private and commercial companies, and individuals to submit incidents 
to US-CERT's security operations center. In July of 2006, OMB issued 
Memo M06-19 revising reporting procedures to require all federal 
agencies to report all incidents involving personally identifiable 
information (PII) to US-CERT within one hour of discovering the 
incident.

    Dated: August 14, 2008.
Matt Coose,
Acting Chief Information Officer, National Protection and Programs 
Directorate, Department of Homeland Security.
 [FR Doc. E8-23747 Filed 10-6-08; 8:45 am]
BILLING CODE 4410-10-P