[Federal Register Volume 76, Number 241 (Thursday, December 15, 2011)]
[Notices]
[Pages 78009-78010]
From the Federal Register Online via the Government Publishing Office [www.gpo.gov]
[FR Doc No: 2011-32156]


=======================================================================
-----------------------------------------------------------------------

GENERAL SERVICES ADMINISTRATION

[OMB Control No. 3090-0294; Docket No. 2011-0001; Sequence 4]


Information Collection; Implementation of Information Technology 
Security Provision

AGENCY: General Services Administration (GSA).

ACTION: Notice of request for public comments regarding a new OMB 
information clearance.

-----------------------------------------------------------------------

SUMMARY: Under the provisions of the Paperwork Reduction Act, the 
Regulatory Secretariat will be submitting to the Office of Management 
and Budget (OMB) a request to review and approve a new information 
collection requirement regarding Implementation of Information 
Technology Security Provision.
    Public comments are particularly invited on: Whether this 
collection of information is necessary for the proper performance of 
functions of the GSAR, and whether it will have practical utility; 
whether our estimate of the public burden of this collection of 
information is accurate, and based on valid assumptions and 
methodology; ways to enhance the quality, utility, and clarity of the 
information to be collected; and ways in which we can

[[Page 78010]]

minimize the burden of the collection of information on those who are 
to respond, through the use of appropriate technological collection 
techniques or other forms of information technology.

DATES: Submit comments on or before February 13, 2012.

ADDRESSES: Submit comments identified by Information Collection 3090-
0294, Implementation of Information Technology Security Provision, by 
any of the following methods:
     Regulations.gov: http://www.regulations.gov. Submit 
comments via the Federal eRulemaking portal by inputting ``Information 
Collection 3090-0294, Implementation of Information Technology Security 
Provision,'' under the heading ``Enter Keyword or ID'' and selecting 
``Search''. Select the link ``Submit a Comment'' that corresponds with 
``Information Collection 3090-0294, Implementation of Information 
Technology Security Provision''. Follow the instructions provided at 
the ``Submit a Comment'' screen. Please include your name, company name 
(if any), and ``Information Collection 3090-0294, Implementation of 
Information Technology Security Provision'' on your attached document.
     Fax: (202) 501-4067.
     Mail: General Services Administration, Regulatory 
Secretariat (MVCB), 1275 First Street NE., Washington, DC 20417. Attn: 
Hada Flowers/IC 3090-0294, Implementation of Information Technology 
Security Provision.
    Instructions: Please submit comments only and cite Information 
Collection 3090-0294, Implementation of Information Technology Security 
Provision, in all correspondence related to this collection. All 
comments received will be posted without change to http://www.regulations.gov, including any personal and/or business 
confidential information provided.

FOR FURTHER INFORMATION CONTACT: Ms. Deborah Lague, Procurement 
Analyst, Office of Acquisition Policy, at (202) 694-8149 or via email 
at [email protected].

SUPPLEMENTARY INFORMATION:

A. Purpose

    The General Services Administration (GSA) issued a interim rule (76 
FR 34886) to implement a recommendation from the Office of the 
Inspector General (OIG) based on an internal audit of the security of 
GSA's information technology data and systems. The audit recommended 
that GSA develop standard requirements and deliverables for IT service 
contracts and task orders that promote compliance with GSA IT Security 
Policy and Procedures.
    The rule requires contracting officers to insert the clause at 
552.239-71, Security Requirements for Unclassified Information 
Technology Resources, in solicitations and contracts containing the 
provision at 552.239-70, Information Technology Security Plan and 
Accreditation. As such, the provision and clause will be inserted in 
solicitations that include information technology supplies, services or 
systems in which the contractor will have physical or electronic access 
to government information that directly supports the mission of GSA. 
The rule requires contractors, within 30 days after contract award to 
submit an IT Security Plan to the Contracting Officer and Contacting 
Officer's Representative that describes the processes and procedures 
that will be followed to ensure appropriate security of IT resources 
that are developed, processes, or used under the contract. The rule 
will also require that contractors submit written proof of IT security 
authorization six months after contract award, and verify that the IT 
Security Plan remains valid annually.

B. Annual Reporting Burden

    Respondents: 147.
    Responses per Respondent: 2.
    Hours per Response: 5.
    Total Burden Hours: 1,470.
    Obtaining Copies of Proposals: Requesters may obtain a copy of the 
information collection documents from the General Services 
Administration, Regulatory Secretariat (MVCB), 1275 First Street NE., 
Washington, DC 20417, telephone (202) 501-4755. Please cite OMB Control 
No. 3090-0294, Implementation of Information Technology Security 
Provision, in all correspondence.

    Dated: December 9, 2011.
Joseph A. Neurauter,
Director, Office of Acquisition Policy, Senior Procurement Executive.
[FR Doc. 2011-32156 Filed 12-14-11; 8:45 am]
BILLING CODE 6820-61-P