[Federal Register Volume 89, Number 80 (Wednesday, April 24, 2024)]
[Notices]
[Pages 31211-31212]
From the Federal Register Online via the Government Publishing Office [www.gpo.gov]
[FR Doc No: 2024-08744]


=======================================================================
-----------------------------------------------------------------------

DEPARTMENT OF HOMELAND SECURITY

[Docket No. CISA-2024-0011]


Agency Information Collection Activities: CISA Gateway User 
Registration

AGENCY: Cybersecurity and Infrastructure Security Agency (CISA), 
Department of Homeland Security (DHS).

ACTION: 60-Day notice and request for comments; renewal, 1670-0009.

-----------------------------------------------------------------------

SUMMARY: DHS CISA Infrastructure Security Division (ISD) will submit 
the following Information Collection Request (ICR) to the Office of 
Management and Budget (OMB) for review and clearance.

DATES: Comments are due by June 24, 2024. Submissions received after 
the deadline for receiving comments may not be considered.

ADDRESSES: You may submit comments, identified by docket number CISA-
2024-0011 at:
    Federal eRulemaking Portal: http://www.regulations.gov. Please 
follow the instructions for submitting comments.
    Instructions: All submissions received must include the words 
``Department of Homeland Security'' and the docket number for this 
action. Comments received will be posted without alteration at http://www.regulations.gov, including any personal information provided.
    Docket: For access to the docket and comments received, please go 
to www.regulations.gov and enter docket number CISA-2024-0011.
    Comments submitted in response to this notice may be made available 
to the public through relevant websites. For this reason, please do not 
include in your comments information of a confidential nature, such as 
sensitive personal information or proprietary information. If you send 
an email comment, your email address will be automatically captured and 
included as part of the comment that is placed in the public docket and 
made available on the internet. Please note that responses to this 
public comment request containing any routine notice about the 
confidentiality of the communication will be treated as public comments 
that may be made available to the public notwithstanding the inclusion 
of the routine notice.

FOR FURTHER INFORMATION CONTACT: Iesha Alexander, 202-440-0834, 
[email protected].

SUPPLEMENTARY INFORMATION: The Homeland Security Presidential 
Directive-7, Presidential Policy Directive-21, and the National 
Infrastructure Protection Plan highlight the need for a centrally 
managed repository of infrastructure attributes capable of assessing 
risks and facilitating data sharing. The Critical Infrastructure 
Information Act of 2002 and Title 6 Code of Federal Regulation part 29 
direct an information protection program and a system to record the 
receipt, acknowledgement, and validation of submitted critical 
infrastructure information (CII), as well as storage, dissemination, 
and destruction of original Protected Critical Infrastructure 
Information (PCII). To support these missions, the DHS CISA ISD 
developed the CISA Gateway and the Protected Critical Infrastructure 
Information Management System (PCIIMS). The CISA Gateway and PCIIMS 
contain several capabilities which support the homeland security 
mission in the area of critical infrastructure (CI) and information 
protection.
    The purpose of this collection is to gather the details pertaining 
to the users of the CISA Gateway and PCIIMS for the purpose of creating 
accounts to access the CISA Gateway and PCIIMS. This information is 
also used to verify a need to know to access the CISA Gateway and 
PCIIMS. After being vetted and granted access, users are prompted and 
required to take an online training course upon first logging into the 
system. After completing the training, users are permitted full access 
to the systems. In addition, this collection will gather feedback from 
the users of the CISA Gateway to determine any future system 
improvements.

[[Page 31212]]

    The information gathered will be used by the CISA Gateway Program 
Management Team and the PCII Program Office for PCIIMS to vet users for 
a need to know and grant access to the system. For the CISA Gateway, as 
part of the registration process, users are required to take a one-time 
online training course. When logging into the system for the first 
time, the system prompts users to take the training courses. Users 
cannot opt out of the training and are required to take the course in 
order to gain and maintain access to the system. When users complete 
the training, the system automatically logs that the training is 
complete and allows full access to the system. For PCIIMS, after 
registration and vetting, users are directed to take PCII Authorized 
User training, which must be retaken annually to maintain their active 
status.
    The collection of information uses automated electronic forms. 
During the online registration process, there is an electronic form 
used to create a user account and an online training course required to 
grant access.
    The collection was initially approved on October 9, 2007, and the 
most recent approval was on December 19, 2023, with an expiration date 
of June 30, 2024. The changes to the collection since the previous OMB 
approval include; updating the title of the collection, decrease in 
burden estimates and decrease in costs The total annual burden cost for 
this collection has changed by $3,096.40, from $4,128 to $7,224.40 due 
to the removal of the utilization survey, and the addition of PCIIMS 
respondents. For the CISA Gateway, the total number of responses has 
increased from 350 to 700 due to the updated metrics resulting from the 
awareness campaign and due to the registration process changing which 
does not include the training registration. The annual government cost 
for this collection has changed by $8,340.92 from $5,723 to $14,063.92 
due to the removal of the utilization survey, and the addition of 
PCIIMS respondents. The This is a renewal with changes of an 
information collection.
    OMB is particularly interested in comments that:
    1. Evaluate whether the proposed collection of information is 
necessary for the proper performance of the functions of the agency, 
including whether the information will have practical utility;
    2. Evaluate the accuracy of the agency's estimate of the burden of 
the proposed collection of information, including the validity of the 
methodology and assumptions used;
    3. Enhance the quality, utility, and clarity of the information to 
be collected; and
    4. Minimize the burden of the collection of information on those 
who are to respond, including through the use of appropriate automated, 
electronic, mechanical, or other technological collection techniques or 
other forms of information technology, e.g., permitting electronic 
submissions of responses.

Analysis

    Agency: Cybersecurity and Infrastructure Security Agency (CISA), 
Department of Homeland Security (DHS).
    Title of Collection: CISA Gateway User Registration.
    OMB Control Number: 1670-0009.
    Frequency: Annually.
    Affected Public: State, Local, Tribal, and Territorial Governments 
and Private Sector Individuals.
    Number of Annualized Respondents: 700.
    Estimated Time Per Respondent: 0.167 hours for Registration, 0.167 
hours for Training.
    Total Annualized Burden Hours: 116.679 hours.
    Total Annualized Respondent Opportunity Cost: $7,224.40.
    Total Annualized Respondent Out-of-Pocket Cost: $0.
    Total Annualized Government Cost: $14,063.92.

Robert J. Costello,
Chief Information Officer, Cybersecurity and Infrastructure Security 
Agency, Department of Homeland Security.
[FR Doc. 2024-08744 Filed 4-23-24; 8:45 am]
BILLING CODE 9110-9P-P