OMB.report

Federal forms, ICRs, and supporting documents

Information Collection Request

Safeguarding Covered Defense Information, Cyber Incident Reporting, and Cloud Computing

ICR 202509-0704-003 · OMB 0704-0478 · Active

Forms and Documents
DocumentTypeStatusAvailability
DARS-2025-0006-0002_attachment_1.pdf Public Comments Uploaded 2026-01-29 Repair queued
DARS-2025-0006-0002.pdf Public Comments Uploaded 2026-01-29 Repair queued
Comment1_DOD_0704-0478_DFARS7012.pdf Public Comments Uploaded 2026-03-24 Repair queued
PC_202509-0704-003_032426_122630_1.pdf Public Comments Uploaded 2026-03-24 Repair queued
0704-0478 Supporting Statement 2026-04-23.docx Supporting Statement A Uploaded 2026-04-23 Repair queued
0704-0478 Supporting Statement 2026-02-19.docx Supporting Statement A Uploaded 2026-02-19 Available
IC Document Collections
IC IDCollectionTypeStatusForm
197144 Safeguarding Covered Defense Information, Cyber Incident Reporting, and Cloud Computing Other-Contract Clauses Modified
ICR Details
0704-0478 202509-0704-003
Active 202208-0704-009
DOD/DODDEP
Safeguarding Covered Defense Information, Cyber Incident Reporting, and Cloud Computing
Reinstatement without change of a previously approved collection   No
Regular
Approved with change 05/26/2026
Retrieve Notice of Action (NOA) 03/04/2026
  Inventory as of this Action Requested Previously Approved
05/31/2029 36 Months From Approved 01/31/2026
16,233 0 16,760
6,770 0 7,695
697,310 0 638,685
This collection implements mandatory tracking and reporting of intrusions on unclassified networks or contractor information technology systems that process DoD information or those contractors designated as providing operationally critical support. DoD is required by statute to establish programs and activities to protect DoD information and DoD information systems, including information and information systems operated and maintained by contractors or others in support of DoD activities. Offerors and contractors must report cyber incidents on unclassified networks or information systems, within cloud computing services, and when they affect contractors designated as providing operationally critical support, as required by statute.
US Code: 41 USC 1303 Name of Law: Federal Acquisition Regulatory Council
   PL: Pub.L. 113 - 291 1632 Name of Law: NDAA for FY 2015
   PL: Pub.L. 112 - 239 941 Name of Law: NDAA for FY 2013
  
None
Not associated with rulemaking
  90 FR 24196 06/06/2025
91 FR 1511 01/14/2026
Yes
1
IC Title Form No. Form Name
Safeguarding Covered Defense Information, Cyber Incident Reporting, and Cloud Computing
  Total Approved Previously Approved Change Due to New Statute Change Due to Agency Discretion Change Due to Adjustment in Estimate Change Due to Potential Violation of the PRA
Annual Number of Responses 16,233 16,760 0 0 -527 0
Annual Time Burden (Hours) 6,770 7,695 0 0 -925 0
Annual Cost Burden (Dollars) 697,310 638,685 0 0 58,625 0
No
No
$472,651
No
    Yes
    No
No
No
No
No
Loreen Lisle 703 334-1114 [email protected]
  No
On behalf of this Federal agency, I certify that the collection of information encompassed by this request complies with 5 CFR 1320.9 and the related provisions of 5 CFR 1320.8(b)(3).
The following is a summary of the topics, regarding the proposed collection of information, that the certification covers:
 
 
 
 
 
 
 
    (i) Why the information is being collected;
    (ii) Use of information;
    (iii) Burden estimate;
    (iv) Nature of response (voluntary, required for a benefit, or mandatory);
    (v) Nature and extent of confidentiality; and
    (vi) Need to display currently valid OMB control number;
 
 
 
If you are unable to certify compliance with any of these provisions, identify the item by leaving the box unchecked and explain the reason in the Supporting Statement.
03/04/2026