[Federal Register Volume 76, Number 250 (Thursday, December 29, 2011)]
[Notices]
[Pages 81955-81956]
From the Federal Register Online via the Government Publishing Office [www.gpo.gov]
[FR Doc No: 2011-33422]


-----------------------------------------------------------------------

DEPARTMENT OF HOMELAND SECURITY

[Docket No. DHS-2011-0069]


Assessment Questionnaire--IP Sector Specific Agency Risk Self 
Assessment Tool (IP-SSARSAT)

AGENCY: National Protection and Programs Directorate, DHS.

ACTION: 60-day notice and request for comments; New Information 
Collection Request: 1670-NEW.

-----------------------------------------------------------------------

SUMMARY: The Department of Homeland Security (DHS), National Protection 
and Programs Directorate (NPPD), Office of Infrastructure Protection 
(IP), Sector Specific Agency Executive Management Office (SSA EMO) will 
submit the following Information Collection Request (ICR) to the Office 
of Management and Budget (OMB) for review and clearance in accordance 
with the Paperwork Reduction Act of 1995 (Pub. L. 104-13, 44 U.S.C. 
Chapter 35).

DATES: Comments are encouraged and will be accepted until February 27, 
2012. This process is conducted in accordance with 5 CFR 1320.1.

ADDRESS: Written comments and questions about this Information 
Collection Request should be forwarded to DHS/NPPD/IP/SSA EMO, 245 
Murray Lane SW., Mail Stop 0640, Arlington, VA 20598-0630. Emailed 
requests should go to Jay Robinson, [email protected]. Comments 
must be identified by ``DHS-2011-0069'' and may be submitted by one of 
the following methods:
     Federal eRulemaking Portal: http://www.regulations.gov.
     Email: Include the docket number in the subject line of 
the message.
    Instructions: All submissions received must include the words 
``Department of Homeland Security'' and the docket

[[Page 81956]]

number for this action. Comments received will be posted without 
alteration at http://www.regulations.gov, including any personal 
information provided.

SUPPLEMENTARY INFORMATION: In order to identify and assess the 
vulnerabilities and risks pertaining to the critical infrastructures 
and key resources by the SSA EMO, owner-operators and/or security 
managers often volunteer to conduct an automated self risk assessment. 
The requested questionnaire information is necessary in order to 
facilitate electronic execution of the SSA EMO's risk assessment to 
focus protection resources and activities on those assets, systems, 
networks, and functions with the highest risk profiles. Currently, 
there is no known data collection that includes multiple critical nodes 
with specific sector related criteria. After the user logs into the 
system the user will be prompted with the assessment questionnaire and 
will answer various questions to input the data. Once the user begins 
the assessment, the only information required to be submitted to (and 
shared with) DHS before completing the assessment is venue 
identification information (e.g., point-of-contact information, 
address, latitude/longitude, venue type, or capacity). A user can elect 
to share their entire completed assessment with DHS, which will protect 
the information as Protected Critical Infrastructure Information 
(PCII). The information from the assessment will be used to assess the 
risk of the evaluated entity (e.g., calculate a vulnerability score by 
threat, evaluate protective/mitigation measures relative to 
vulnerability, calculate a risk score, or report threats presenting 
highest risks). The information will also be combined with data from 
other respondents to provide an overall sector perspective (e.g., 
report additional relevant protective/mitigation measures for 
consideration). OMB is particularly interested in comments which:
    1. Evaluate whether the proposed collection of information is 
necessary for the proper performance of the functions of the agency, 
including whether the information will have practical utility;
    2. Evaluate the accuracy of the agency's estimate of the burden of 
the proposed collection of information, including the validity of the 
methodology and assumptions used;
    3. Enhance the quality, utility, and clarity of the information to 
be collected; and
    4. Minimize the burden of the collection of information on those 
who are to respond, including through the use of appropriate automated, 
electronic, mechanical, or other technological collection techniques or 
other forms of information technology, e.g., permitting electronic 
submissions of responses.

Analysis

    Agency: Department of Homeland Security, National Protection and 
Programs Directorate, Office of Infrastructure Protection, Sector 
Specific Agency Executive Management Office.
    Title: Assessment Questionnaire--IP Sector Specific Agency Risk 
Self Assessment Tool (IP-SSARSAT).
    OMB Number: 1670-NEW.
    Frequency: On occasion.
    Affected Public: Private Sector.
    Number of Respondents: 4,000 respondents.
    Estimated Time per Respondent: 8 hours.
    Total Burden Hours: 32,000 annual burden hours.
    Total Burden Cost (capital/startup): $0.
    Total Burden Cost (operating/maintaining): $14,440.00.

    Dated: December 22, 2011.
David Epperson,
Chief Information Officer, National Protection and Programs 
Directorate, Department of Homeland Security.
[FR Doc. 2011-33422 Filed 12-28-11; 8:45 am]
BILLING CODE 9110-9P-P