[Federal Register Volume 89, Number 32 (Thursday, February 15, 2024)]
[Notices]
[Pages 11861-11862]
From the Federal Register Online via the Government Publishing Office [www.gpo.gov]
[FR Doc No: 2024-03151]


-----------------------------------------------------------------------

DEPARTMENT OF HOMELAND SECURITY

[Docket No. CISA-2024-0007]


Agency Information Collection Activities: Service Request Form 
for Enterprise Assessment Services

AGENCY: Cybersecurity and Infrastructure Security Agency (CISA), 
Department of Homeland Security (DHS).

ACTION: 60-Day notice and request for comments; 1670-NEW.

-----------------------------------------------------------------------

SUMMARY: The Cybersecurity Division (CSD) within Cybersecurity and 
Infrastructure Security Agency (CISA) will submit the following 
Information Collection Request (ICR) to the Office of Management and 
Budget (OMB) for review and clearance.

DATES: Comments are encouraged and will be accepted until April 15, 
2024.

ADDRESSES: You may submit comments, identified by docket number Docket 
# CISA-2024-0007, at:
    [cir] Federal eRulemaking Portal: http://www.regulations.gov. 
Please follow the instructions for submitting comments.
    Instructions: All submissions received must include the agency name 
and docket number Docket # CISA-2024-0007. All comments received will 
be posted without change to http://www.regulations.gov, including any 
personal information provided.
    Docket: For access to the docket to read background documents or 
comments received, go to http://www.regulations.gov.

SUPPLEMENTARY INFORMATION: The Cybersecurity and Infrastructure 
Security Agency (CISA) Cybersecurity Division (CSD) offers 
cybersecurity assessments to help reduce risk for Federal, State, 
local, Tribal, Territorial and private sector critical infrastructure 
partners. Information collected is used by CISA CSD staff to engage 
with customers and provide cybersecurity assessment services. Under 6 
U.S.C. 659(c)(6), CISA provides, upon request, ``. . . timely technical 
assistance, risk management support, and incident response capabilities 
to Federal and non-Federal entities with respect to cyber threat 
indicators, defensive measures, cybersecurity risks, and incidents, 
which may include attribution, mitigation, and remediation . . .''
    Number of Respondents: CISA estimates the number of respondents 
will be 5,000.
    Estimated Time per Respondent: CISA assumes the majority of 
individuals who will complete this form are Chief Information Officers 
or equivalent. The estimated time to complete the form was determined 
to be .11 hours after user testing.
    Total Annual Burden Cost: $97,674 from Economist review.
    Annual Burden Hours: The annual burden hours is 825 hours (5,000 
respondents x 1.5 responses per respondent x .11 hour per response).
    The Office of Management and Budget is particularly interested in 
comments which:
    1. Evaluate whether the proposed collection of information is 
necessary for the proper performance of the functions of the agency, 
including whether the information will have practical utility;
    2. Evaluate the accuracy of the agency's estimate of the burden of 
the proposed collection of information, including the validity of the 
methodology and assumptions used;
    3. Enhance the quality, utility, and clarity of the information to 
be collected; and
    4. Minimize the burden of the collection of information on those 
who are to respond, including through the use of appropriate automated, 
electronic, mechanical, or other technological collection techniques or 
other forms of information technology, e.g., permitting electronic 
submissions of responses.

Analysis

    Agency: Cybersecurity and Infrastructure Security Agency (CISA), 
Department of Homeland Security (DHS).
    Title: Service Request Form for Enterprise Assessment Services.
    OMB Number: 1670-NEW.
    Frequency: Information is required when an organization would 
initially request cybersecurity assessments or requests additional 
cybersecurity assessments. These requests are made at the discretion of 
the requestor therefore the program office is not able to determine 
when or how often such requests will occur.
    Affected Public: Business or other for-profit, not-for-profit 
institutions, Federal

[[Page 11862]]

Government, State, local or Tribal government.
    Number of Respondents: 5,000.
    Estimated Time per Respondent: .11 hours.
    Total Burden Hours: 825 hours.
    Estimated Annual Industry Cost: $97,674.
    Estimated Annual Federal Government Cost: $163,150.

Robert J. Costello,
Chief Information Officer, Cybersecurity and Infrastructure Security 
Agency, Department of Homeland Security.
[FR Doc. 2024-03151 Filed 2-14-24; 8:45 am]
BILLING CODE 9110-9P-P