[Federal Register Volume 76, Number 4 (Thursday, January 6, 2011)]
[Notices]
[Pages 792-793]
From the Federal Register Online via the Government Publishing Office [www.gpo.gov]
[FR Doc No: 2011-21]


-----------------------------------------------------------------------

DEPARTMENT OF HOMELAND SECURITY

Transportation Security Administration


Intent To Request Approval From OMB of One New Public Collection 
of Information: Exercise Information System

AGENCY: Transportation Security Administration, DHS.

ACTION: 60-day Notice.

-----------------------------------------------------------------------

SUMMARY: The Transportation Security Administration (TSA) invites 
public comment on a new Information Collection Request (ICR) abstracted 
below that we will submit to the Office of Management and Budget (OMB) 
for approval in compliance with the Paperwork Reduction Act (PRA). The 
ICR describes the nature of the information collection and its expected 
burden for the TSA Exercise Information System (EXIS). EXIS is a Web 
portal designed to serve stakeholders in the transportation industry in 
regard to security training exercises. It provides stakeholders with 
exercise information tailored to the transportation industry, best 
practices, and previous work for use in future exercises. It also 
allows stakeholders to design their own security exercises based on the 
unique needs of their specific transportation mode or method of 
operation. Utilizing and inputting information into EXIS is completely 
voluntary.

DATES: Send your comments by March 7, 2011.

ADDRESSES: Comments may be e-mailed to [email protected] or delivered to 
the TSA PRA Officer, Office of Information Technology (OIT), TSA-11, 
Transportation Security Administration, 601 South 12th Street, 
Arlington, VA 20598-6011.

FOR FURTHER INFORMATION CONTACT: Joanna Johnson at the above address, 
or by telephone (571) 227-3651.

SUPPLEMENTARY INFORMATION:

Comments Invited

    In accordance with the Paperwork Reduction Act of 1995 (44 U.S.C. 
3501 et seq.), an agency may not conduct or sponsor, and a person is 
not required to respond to, a collection of information unless it 
displays a valid OMB control number. The ICR documentation is available 
at http://www.reginfo.gov. Therefore, in preparation for OMB review and 
approval of the following information collection, TSA is soliciting 
comments to--
    (1) Evaluate whether the proposed information requirement is 
necessary for the proper performance of the functions of the agency, 
including whether the information will have practical utility;
    (2) Evaluate the accuracy of the agency's estimate of the burden;
    (3) Enhance the quality, utility, and clarity of the information to 
be collected; and
    (4) Minimize the burden of the collection of information on those 
who are to respond, including using appropriate automated, electronic, 
mechanical, or other technological collection techniques or other forms 
of information technology.

Information Collection Requirement

Purpose of Data Collection

    The Exercise Information System (EXIS) is an Internet-accessible 
knowledge-management system developed by TSA serving stakeholders--
industry, port authorities, Federal agencies, and State and local 
governments--and integrating other security-related training and 
exercise components at the sensitive security information level. It 
gives stakeholders valuable exercise information tailored to the 
transportation industry, best practices, and previous work for use in 
future exercises. With EXIS, transportation industry stakeholders can 
choose scenarios and objectives based on their particular needs, such 
as their transportation modes, or their regulated areas of operation.
    EXIS is a data management system that provides end-to-end security 
exercise support, from the initial planning meeting, through exercise 
design, implementation, evaluation, and reporting. Working in a secure 
online environment, EXIS users can easily:
     Customize exercise design--develop objectives, scenarios, 
Master Scenario Events List (MSEL) items, contingency injects, 
evaluation metrics, and other data sets.
     Conduct robust analyses--sort evaluation data by exercise 
objectives, transportation modes, scenario types, or functional areas.
     Create analytical reports--identify and sort lessons 
learned, corrective actions, and best practices from past exercises or 
from those of other jurisdictions.
     Collaborate and share information--build relationships 
with partners.
    EXIS was developed by TSA as part of its broad responsibilities and 
authorities under the Aviation and Transportation Security Act 
(ATSA),\1\ and delegated authority from the Secretary of Homeland 
Security, for ``security in all modes of transportation * * * including 
security responsibilities * * * over modes of transportation that are 
exercised by the Department of Transportation.'' \2\ It is a component 
of TSA's Intermodal Security Training Exercise Program (I-STEP), which 
works with surface transportation stakeholders in developing and 
conducting security exercises. The I-STEP also fulfills requirements of 
the Implementing Recommendations of the 9/11 Commission Act of 2007 (9/
11 Act) \3\ regarding the establishment of security training exercises 
for surface modes of transportation that can assess and improve the 
capabilities of these modes in preventing, preparing for, mitigating 
against, responding to, and recovering from acts of terrorism.\4\
---------------------------------------------------------------------------

    \1\ Public Law 107-71 (November 19, 2001).
    \2\ See 49 U.S.C. 114(d). The TSA Assistant Secretary's current 
authorities under ATSA have been delegated to him by the Secretary 
of Homeland Security. Section 403(2) of the Homeland Security Act 
(HAS) of 2002, Public Law 107-296, 116 Stat. 2315 (2002), 
transferred all functions of TSA, including those of the Secretary 
of Transportation and the Under Secretary of Transportation of 
Security related to TSA, to the Secretary of Homeland Security. 
Pursuant to DHS Delegation Number 7060.2, the Secretary delegated to 
the Assistant Secretary (then referred to as the Administrator of 
TSA), subject to the Secretary's guidance and control, the authority 
vested in the Secretary with respect to TSA, including that in 
section 403(2) of the HAS.
    \3\ Public Law 110-53 (August 3, 2007).
    \4\ 9/11 Act secs. 1407 (codified at 6 U.S.C. 1136(a)), 1516 
(codified at 6 U.S.C. 1166), and 1533 (codified at 6 U.S.C. 1183). 
See also the Security and Accountability for Every Port Act of 2006 
(SAFE Port Act), Public Law 109-347 (Oct. 13, 2006) (codified at 6 
U.S.C. 911(a)).
---------------------------------------------------------------------------

    EXIS helps users design an exercise through the use of a 
``wizard.'' The wizard walks the user through a step-by-step process 
allowing them to build a profile for their exercise. EXIS provides 
users with suggested scenarios and Master Scenario Events List (MSEL) 
items based on the area of focus and objectives selected by the user. 
Users also have the ability to create custom MSEL items or modify a 
Generic EXIS Community Scenario. Exercise Administrators may suggest 
modified scenarios and custom MSEL items for the MSEL and scenario 
libraries.
    At the completion of the wizard, EXIS generates a collaborative 
workspace for exercise team members to work within. All exercise 
elements can be customized

[[Page 793]]

and saved. Lessons learned, best management practices, and corrective 
actions are pre-populated into the workspace based on the scenario and 
objectives of the exercise determined during its creation. EXIS is 
adaptable to changing exercise, tracking, and reporting needs as they 
mature and can support the addition of future exercise elements.
    The program tags exercise objectives, scenarios, and findings, in 
order to automatically populate the database with lessons learned from 
past exercises conducted in similar environments. Users cannot only 
call up their own past experiences, but identify lessons learned by 
other organizations in the industry. Recognizing the extent to which 
surface modes include thousands of geographically dispersed owner/
operators, such a Web-based capability is invaluable for connecting and 
sharing information.
    By linking ``exercise communities,'' users can also tackle cross-
jurisdictional issues, such as interoperability. Users are able to 
focus on the underlying issues of transportation security and 
preparedness, and avoid repeating costly mistakes. Finally, users can 
also provide feedback on the usefulness of EXIS itself so that TSA may 
improve this system to better suit the stakeholders' future security 
needs.
    TSA intends EXIS to be used primarily by individuals with security 
responsibilities, such as heads of security, for public and private 
owner/operators in the surface transportation community, including mass 
transit systems, freight/rail operators, highway/trucking companies, 
school bus operators, and pipeline systems. These individuals, and 
other stakeholders, can voluntarily contact TSA to request access to 
EXIS; TSA does not require participation in EXIS. Those seeking access 
or desiring more information about I-STEP products and services can 
contact a TSA modal representative or send their request by e-mail to 
[email protected].

Description of Data Collection

    TSA will collect five types of information through EXIS. The 
collection is voluntary. EXIS users are not required to provide all 
information requested--however, if users choose to withhold 
information, they will not receive the benefits of EXIS associated with 
that information collection.
    1. User registration information. TSA will collect this information 
to ensure only those members of the transportation community with a 
relevant interest in conducting security training exercises and with an 
appropriate level of need to access security training information can 
be allowed onto EXIS. Such registration information will include the 
user's name, professional contact information, agency/company, job 
title, employer, and employment verification contact information.
    2. Desired nature and scope of the exercise. TSA will collect this 
information to generate an EXIS training exercise appropriate for the 
particular user. Users are asked to submit their desired transportation 
mode, exercise properties, objectives, scenario events, other 
participating agencies, and pre-exercise data (to assess the user's 
state of readiness for transportation security incidents prior to the 
exercise).
    3. Corrective actions/lessons learned/best practices. TSA collects 
this information to document and share the users' ideas and methods for 
improving transportation security with other transportation 
stakeholders.
    4. Evaluation feedback. TSA collects this information for the 
purpose of evaluating the usefulness of EXIS in facilitating security 
training exercises for the users. TSA can then modify EXIS to better 
suit its users' needs.
    5. After-Action Reports. TSA collects reports that summarize 
information from items (2) and (3) mentioned above in order to create 
formal After-Action Reports. This includes reports on the exercise 
overview, goals and objectives, scenario event synopsis, analysis of 
critical issues, exercise design characteristics, conclusions, and the 
executive summary.

Use of Results

    TSA will use this information to assess and improve the 
capabilities of all surface transportation modes to prevent, prepare 
for, mitigate against, respond to, and recover from transportation 
security incidents. A failure to collect this information will limit 
TSA's ability to effectively test security countermeasures, security 
plans, and the ability of a modal operator to respond to and quickly 
recover after a transportation security incident. Insufficient 
awareness, prevention, response, and recovery to a transportation 
security incident will result in increased vulnerability of the U.S. 
transportation network and a reduced ability of DHS to assess system 
readiness.
    Based on industry population estimates and growth rates, and 
interest generated amongst the surface transportation modes prior to 
EXIS' release to the public, TSA estimates that there will be 
approximately 380,000 users within the first three years of the 
system's use. TSA estimates users will spend approximately 8 hours per 
EXIS user inputting the information described above. TSA estimates that 
an EXIS user will conduct one security training exercise per year. 
Given this information, the total annual hour burden for this 
information collection for all respondents within the first three years 
of EXIS' release is estimated to be approximately 3,000,000. There are 
no fees to use EXIS. The total annual cost burden to respondents is 
$0.00.

    Issued in Arlington, Virginia on January 3, 2011.
Joanna Johnson,
TSA Paperwork Reduction Act Officer, Office of Information Technology.
[FR Doc. 2011-21 Filed 1-5-11; 8:45 am]
BILLING CODE 9110-05-P