United States Department of Energy
Supporting Statement B
“Electric Sector Cybersecurity Risk Management Maturity Initiative”
OMB Number 1910-New
Collections of Information Employing Statistical Methods.
The agency should be prepared to justify its decision not to use statistical methods in any case where such methods might reduce burden or improve accuracy of results. When Item 17 on the Form OMB 83-I is checked, “YES”, the following documentation should be included in the Supporting Statement to the extent that it applies to the methods proposed:
Describe (including a numerical estimate) the potential respondent universe and any sampling or other respondent selection methods to be used.
The electric sector consists of 3,273 traditional electric utilities and 1,738 nonutility power producers serving 143 million customers1. The Department, through a notice on its website, and through communication with industry trade associations and their members (which represent all services within the sector), requested volunteers to participate in this pilot process. Seventeen volunteers came forward and all were selected to participate, based on their willingness and their roles and responsibilities across the various services within the sector.
2. Describe the procedures for the collection of information including:
Statistical methodology for stratification and sample selection, estimation procedure, Degree of accuracy needed for the purpose describe in the justification, unusual problems requiring specialized sampling procedures, and any use of periodic data collection cycles to reduce burden.
Describe methods to maximize response rates and to deal with issues of non-response.
Methods to maximize response rates were not utilized, due to time and budget constraints, as well as the need to maintain the scope of the pilot. After the conclusion of the pilot and resulting revisions, future iterations of the model will attempt to maximize response across the sector. Non-response was not an issue.
4. Describe any tests of procedures or methods to be undertaken.
The purpose of the pilot is to test the methods to be undertaken in the final version of the model and the assessment tool. Both have been provided to OMB for review.
The model is tested by evaluating the corresponding model questionnaire. Organizations will conduct a self evaluation by selecting one of four responses that reflect the level of implementation for the defined practices. The four possible responses include: Fully Implemented, Largely Implemented, Partially Implemented, and Not Implemented.
The model defines four maturity indicator levels (MILs), and holds a fifth level in reserve for use in future versions of the model. Each of the four defined levels is referenced by a number (0 through 3) and a name, for example, “MIL3: Managed.” The Maturity Indicator Levels are:
MIL0: Incomplete
MIL1: Initiated
MIL2: Performed
MIL3: Managed
MILX: Reserved for future use
The MIL levels are cumulative within each domain; an organization must satisfy each of the characteristics in a level and the predecessor level(s). For example, each of the characteristics in MIL1 and MIL2 must be satisfied for a domain in order to be rated MIL2 in the domain. Similarly, characteristics in MIL1, MIL2, and MIL3 must be satisfied in order to be rated MIL3.
Completion of a MIL is computed from answer input provided for the questions presented in the ten domains. Each question describes a characteristic that can be answered with the four point answer scale. The characteristics are assigned scores based on the answer selected. The scores are assigned as follows:
‘Fully Implemented’ characteristic = Complete
‘Largely Implemented’ characteristic = Complete
‘Partially Implemented’ characteristic = Incomplete
‘Not Implemented’ characteristic = Incomplete
Provide the name and telephone number of individuals consulted on statistical aspects of the design and the name of the agency unit, contractor(s), grantee(s) or other person(s) who will actually collect and/or analyze the information for the agency.
DOE: Samara Moore, 202-586-1283
Matthew Light, 202-586-8550
SEI: David White, 917-209-9284
James Stevens, 724-272-0376
ICFI: David Scott, 202-684-8024
PNNL: Paul Skare, 612-889-9424
| File Type | application/vnd.openxmlformats-officedocument.wordprocessingml.document |
| Author | lemiesu |
| File Modified | 0000-00-00 |
| File Created | 2021-01-31 |