[Federal Register Volume 85, Number 114 (Friday, June 12, 2020)]
[Notices]
[Pages 35925-35926]
From the Federal Register Online via the Government Publishing Office [www.gpo.gov]
[FR Doc No: 2020-12689]


=======================================================================
-----------------------------------------------------------------------

DEPARTMENT OF ENERGY

U.S. Energy Information Administration


Agency Information Collection Extension

AGENCY: U.S. Energy Information Administration (EIA), Department of 
Energy (DOE).

ACTION: Notice and request for comments.

-----------------------------------------------------------------------

SUMMARY: EIA requests a three-year extension, with changes, to Form OE-
417 Electric Emergency Incident and Disturbance Report, OMB Control 
Number 1901-0288, as required under the Paperwork Reduction Act of 
1995. Form OE-417 collects information for DOE to monitor electric 
emergency incidents and disturbances in the United States (including 
all 50 States, the District of Columbia, Puerto Rico, U.S. Virgin 
Islands, and the U.S. Territories). The information collected allows 
DOE to conduct post-incident reviews examining significant 
interruptions of electric power or threats to the national electric 
system.

DATES: EIA must receive all comments on this proposed information 
collection no later than August 11, 2020. If you anticipate any 
difficulties in submitting your comments by the deadline, contact the 
person listed in the ADDRESSES section of this notice as soon as 
possible.

ADDRESSES: Written comments may be sent to OE-417 Recertification, C/O 
Matthew Tarduogno, U.S. Department of Energy, 1000 Independence Avenue 
SW, Washington, DC 20585 or by fax at 202-586-2623, or by email at 
[email protected].

FOR FURTHER INFORMATION CONTACT: Matthew Tarduogno, U.S. Department of 
Energy, 1000 Independence Avenue SW, Washington, DC 20585, 
[email protected], 202-586-2892.The forms and instructions 
are available online at: https://www.oe.netl.doe.gov/oe417.aspx.

SUPPLEMENTARY INFORMATION: This information collection request 
contains:
    (1) OMB No.: 1901-0288;
    (2) Information Collection Request Title: Electric Emergency 
Incident and Disturbance Report;
    (3) Type of Request: Three-year extension with changes;
    (4) Purpose: DOE uses Form OE-417 Emergency Incident and 
Disturbance Report to monitor electric emergency incidents and 
disturbances in the United States (including all 50 States, the 
District of Columbia, Puerto Rico, U.S. Virgin Islands, and the U.S. 
Territories) and to investigate significant interruptions of electric 
power or threats to the electric system reliability. Form OE-417 also 
enables DOE to meet the Department's national security responsibilities 
as the coordinating agency for Emergency Support Function (ESF) #12--
Energy, under the National Response Framework, and the Sector-Specific 
Agency for the energy sector, pursuant to Presidential Policy Directive 
21--Critical Infrastructure Security and Resilience, Presidential 
Policy Directive 41--United States Cyber Incident Coordination, and the 
Fixing Americas Surface Transportation (FAST) Act, Public Law 114-94. 
The information may also be shared with other non-regulatory federal 
agencies assisting in emergency response and recovery operations, or 
investigating the causes of an incident or disturbance to the national 
electric system. Public summaries are published on Form OE-417 web page 
at https://www.oe.netl.doe.gov/oe417.aspx on a monthly basis to keep 
the public informed.
    (4a) Proposed Changes to Information Collection: DOE proposes to 
change the form number from Form OE-417 to Form DOE-417. The other 
changes proposed to Form OE-417 align the reporting requirements with 
the recently approved North American Electric Reliability Corporation 
(NERC) CIP-008-6 Reliability Standard, which established new 
definitions for a Cyber Security Incident and a Reportable Cyber 
Security Incident. CIP-008-6 also expanded the reporting requirements; 
including expanding the applicable systems to report on and adding new 
reporting requirements for attempted compromises of high and medium 
impact BES cyber systems and their associated electronic access control 
or monitoring systems. The continued alignment between Form OE-417 and 
NERC reporting requirements helps minimize confusion among industry 
stakeholders about where and how to file reports and enable industry 
stakeholders to train personnel to report using a single form. By 
incorporating the requirements established by NERC CIP-008-6 
Reliability Standard in Form OE-417, entities may only be required to 
submit Form OE-417. This change reduces the reporting burden for the 
electric power industry. Additional changes to Form OE-417 clarify 
reporting criteria and allow respondents to select potentially 
applicable exceptions under the Freedom of Information Act. While 
submitters may mark information as potentially exempt, whether 
information is or is not exempt as part of a FOIA response will be 
determined by the Department at the time of processing the FOIA 
request. See DOE's FOIA regulations at 10 CFR part 1004 for more 
information. A summary of these and other changes to Form OE-417 is 
provided below:
     Changed the lettering or name of the form from ``Form OE-
417'' to ``Form DOE-417''
     Added new reporting requirements from the North American 
Electric Reliability Corporation (NERC) CIP-008-6 Standard to reduce 
the combined burden on respondents reporting to NERC and DOE and 
streamline responses. It is expected that for NERC reporting entities 
registered in the United States; NERC will accept use of Form OE-417 to 
meet the submittal requirements that will be established by CIP-008-6 
to the Department of Homeland Security and the Electricity Information 
Sharing and Analysis Center
     Updated the ``Response Due'' criteria with new line 
numbers and added the following:
    [cir] ``If criterion 2 is met, also submit the Cyber Attributes on 
line T in Schedule 2.''

[[Page 35926]]

    [cir] ``By the end of the next calendar day after a determination, 
submit Schedule 1 and lines N-S and the Cyber Attributes on line T in 
Schedule 2 as an Attempted Cyber Compromise if criterion 14 is met.''
     Renumbered reporting criteria due to the new reporting 
requirements.
     To align with reporting requirements established by the 
NERC CIP-008-06 standard:
    [cir] Reworded Criteria 2 to ``Reportable Cyber Security Incident''
    [cir] Added new Criteria 3 ``Cyber event that is not a Reportable 
Cyber Security Incident that causes interruptions of electrical system 
operations.''
     To align with reporting requirements established by the 
NERC CIP-008-06 standard
    [cir] Added ``Attempted Cyber Compromise'' Alert Type to be filed 
within 1-Day
    [cir] Added corresponding criteria ``Cyber Security Incident that 
was an attempt to compromise a High or Medium Impact Bulk Electric 
System Cyber System or their associated Electronic Access Control or 
Monitoring Systems''
     Updated Line Numbers throughout Schedule 1 and Schedule 2
     Added self-identified FOIA Exemption criteria for 
respondents to identify whether the respondent considers the 
information in Schedule 1 Lines C & D may be exempt FOIA due to the 
following:
    [cir] ``Privileged or confidential information, e.g., trade 
secrets, commercial, or financial information''
    [cir] ``Critical Electric Infrastructure Information''
    [cir] ``Other information exempt from FOIA''
     Added self-identified FOIA Exemption criteria for 
respondents to identify whether information in Schedule 2 may be exempt 
FOIA due to the following:
    [cir] ``Privileged or confidential information, e.g., trade 
secrets, commercial, or financial information''
    [cir] ``Critical Electric Infrastructure Information''
    [cir] ``Other information exempt from FOIA''
     Added the following to the direction to the Narrative 
Section ``Cyber Attributes: For cyber events, including attempted cyber 
compromises, provide the following attributes (at a minimum): (1) The 
functional impact, (2) the attack vector used, and (3) the level of 
intrusion that was achieved or attempted.''
     Added the DHS CISA Integrated Operations Coordination 
Center (CIOCC) or their successor(s) to Line W.
    (5) Annual Estimated Number of Respondents: 2,515.
    (6) Annual Estimated Number of Total Responses: 250.
    (7) Annual Estimated Number of Burden Hours: 5,457.
    (8) Annual Estimated Reporting and Recordkeeping Cost Burden: 
$437,324.
    Comments are invited on whether or not: (a) The proposed collection 
of information is necessary for the proper performance of agency 
functions, including whether the information will have a practical 
utility; (b) EIA's estimate of the burden of the proposed collection of 
information, including the validity of the methodology and assumptions 
used, is accurate; (c) EIA can improve the quality, utility, and 
clarity of the information it will collect; and (d) EIA can minimize 
the burden of the collection of information on respondents, such as 
automated collection techniques or other forms of information 
technology.
    Statutory Authority: 15 U.S.C. 772(b), 764(b); 764(a); and 790a and 
42 U.S.C. 7101 et seq. and the Public Utility Regulatory Policies Act 
of 1978 (16 U.S.C. 2601, Pub. L. 93-275.
    Signing Authority: This document of the Department of Energy was 
signed on June 3, 2020, by Nicholas Andersen, Deputy Assistant 
Secretary, Office of Cybersecurity, Energy Security, and Emergency 
Response, pursuant to delegated authority from the Secretary of Energy. 
That document with the original signature and date is maintained by 
DOE. For administrative purposes only, and in compliance with 
requirements of the Office of the Federal Register, the undersigned DOE 
Federal Register Liaison Officer has been authorized to sign and submit 
the document in electronic format for publication, as an official 
document of the Department of Energy. This administrative process in no 
way alters the legal effect of this document upon publication in the 
Federal Register.

    Signed in Washington, DC, on June 8, 2020.
Treena V. Garrett,
Federal Register Liaison Officer,U.S. Department of Energy.
[FR Doc. 2020-12689 Filed 6-11-20; 8:45 am]
BILLING CODE 6450-01-P