SUPPORTING STATEMENT
By the Defense Security Services (DSS)
Information
Collection in Support of the
DSS Commercial and Government
Entity (CAGE) Code Request for Information
Justification
Need for Information Collection
Executive Order 12829, “National Industrial Security Program (NISP)” Section 202 (a) directs that the Secretary of Defense serve as the Executive Agent for inspecting and monitoring “the contractors, licensees, and grantees who require or will require access to, or who store or will store classified information”; and, for determining the eligibility for access to classified information of contractors, licensees, and grantees and their respective employees. The specific requirements necessary to protect classified information released by U.S. Government agencies to contractors are set forth in the “National Industrial Security Program Operating Manual (NISPOM)” (DoD 5220.22-M). The Secretary of Defense, as Executive Agent, has the authority to issue, after consultation with affected agencies, standard forms or other standardization that will promote implementation of the NISP. Contractors participating in the NISP are subject to an initial Facility Security Clearance (FCL) assessment and periodic security inspections to determine their eligibility to participate in the NISP and to ensure that safeguards employed are adequate for the protection of classified information.
Use of the Information
Department of Defense Directive, 5105.42, “Subject: Defense Security Service”, delineates the mission, functions and responsibilities of DSS. In accordance with this directive, DSS is an agency of the Department of Defense, currently under the authority of the Under Secretary of Defense for Intelligence (USD(I)). As it pertains to this request for authority to collect information, DSS is responsible for the following:
Administering and implementing the Defense portion of the NISP for DoD and 24 other non-DoD agencies pursuant to EO 12829.
Exercising authority delegated to the Secretary of Defense for the issuance of security clearances to contractor employees, pursuant to EO 12829.
The DSS Industrial Operations Division (IO) supports this mission by assessing the security posture at cleared contractor facilities to ensure compliance with the National Industrial Security Program Operating Manual (NISPOM) and ensuring identified vulnerabilities are mitigated. The Commercial and Government Entity (CAGE) Code Request for Information is focused on strengthening analysis of technology associated with CAGE codes by ensuring the accuracy of contract, technology, program, and facility data in the Industrial Security Facilities Database (ISFD). This initiative will improve effectiveness and efficiency by establishing an accurate baseline of information and providing DSS with an inventory of technology, military weapon systems, subsystems, components and contracts associated with all active CAGE codes. DSS staff will use the baseline information collected via the initial information collection to administer, manage, and maintain accurate contract, technology, program, and facility data pertaining to the Industrial Security Facilities and thereby inform their efforts pertaining to the NISP. DSS staff will also use the information to meet the National Industrial Security Program Operating Manual standards. The initial information collection will be completed by all 13,541 respondents over the course of approximately one year. The follow-up information collections will not begin until after that time and will take place annually with a portion of the respondents depending on need for inspection and/or monitoring. The documents for both the initial and the follow up information collections are included in this submission.
Use of Information Technology
Information technology has been identified as appropriate for the purposes of this collection. DSS will send an email invitation to a designated point-of-contact at each cleared facility operating under the National Industrial Security Program (NISP) to provide the requested web-based request for information (RFI). The email invitation will include instructions to complete the RFI online via the Industrial Security Facilities Database, a secure database hosted by DSS.
Non-Duplication
The Commercial and Government Entity (CAGE) Code Request for Information is a new methodology to collect and document the attributes of the contract, technology, program and facility data to be included in the Industrial Security Facilities Database (ISFD). The objective of this initiative is to establish an accurate baseline of information and has not been implemented in the past. No other such information of CAGE facilities exists which can satisfy the requirements of contract, technology, program and facility data to be included in the Industrial Security Facilities Database (ISFD). The coordination of the data collection effort between Department of Defense and DSS avoids duplication that would result from independent agency information collections.
Burden on Small Businesses
The collection of information does not have a significant impact on small businesses or other entities. DSS is requesting the minimum amount of information necessary for evaluation. Participation by eligible CAGE facilities is strictly on a voluntary basis. In addition, efforts have been made to minimize response burden through careful design of the data collection strategy and efficient construction of the web-based tools.
Less Frequent Collection
As stated above, the initial information collection will be completed over the course of approximately one year. The follow-up information collections will not begin until after that time and will take place annually with a portion of the respondents depending on need for inspection and/or monitoring. Failure to collect this data within these time frames will hinder DSS’s ability to accurately monitor and support the security programs related to the inventory of classified technology, military weapon systems, subsystems, components and contracts associated with cleared facilities operating under the National Industrial Security Program (NISP). This will limit DSS’s ability to objectively evaluate performance related to the administration and implementation of the NISP as outlined in Executive Order (EO) 12829.
Paperwork Reduction Act Guidelines
The proposed data collection activities are consistent with the guidelines set forth in 5 CFR 1320.6 (Controlling Paperwork Burden on the Public—General Information Collection Guidelines). There are no special circumstances affecting this collection
Consultation and Public Comments
In accordance with the Paperwork Reduction Act of 1995, the Department of Defense published a 60-day Federal Register Notice (FRN) in the Federal Register on July 22, 2013; Vol 78, No 140, page 43863. No comments were received.
A 30-day FRN was published on July 18, 2014, Vol. 79, No. 138, page 41994.
Gifts or Payment
No payments or gifts will be provided to respondents.
Confidentiality
Responses to the Commercial and Government Entity (CAGE) Code Request for Information will be protected to the extent permitted by the law. Respondent names will not be released when data and analytic results are reported. Respondents will be provided with sufficient information to be assured of their privacy, and clearly understand their privacy rights in both the initial email invitation and on the instruction screens on the web-site. Participants will be informed that their results will remain anonymous and they will not be identifiable by name or other personal information.
Sensitive Questions
There are no sensitive questions asked in this collection as defined by the OMB 83-I Instruction, 10/95.
Respondent Burden, and its Labor Costs
Estimation of Respondent Burden:
(1) Responses per Respondent: 1
(2) Number of Respondents: 13,541
(3) Hours per Response: 20 minutes
(4) Total Annual Burden Hours: 4,514
Cost of Respondent Burden:
The cost to respondents is based on the approximate salary of a GS-13 Step 1
(FY14 Base Schedule, basic pay): $34.69 (rate per hour)/60 (minutes). . The total labor cost for this information collection is $34.69 * 4,514, or $156,591.
Respondent Costs Other Than Burden Hour Costs
There are no respondent costs other than the burden hour costs.
Cost to Government
There are no administrative costs (printing, mailing, distributing and reviewing) since all action is taken through email and the online tool.
On-line Tool Development and Maintenance Costs: The total contracted cost to the federal government for the development of the Commercial and Government Entity (CAGE) Code Request for Information and related data maintenance costs is $81,394.
The federal labor costs associated with the collection is: $102,382
The total cost to the federal government for this information collection is: $183,776
Reason for Change in Burden
This is a new submission.
Publication of Results
The information collected will not be published or reported. The data will be used to update the Industrial Security Facilities Database (ISFD), which will allow DSS to more effectively administer and implement the Defense portion of the NISP for DoD and 24 other non-DoD agencies pursuant to Executive Order (EO) 12829.
Non-Display of OMB Expiration Date
Approval is not sought for avoiding display of the expiration date for OMB approval of the information collection.
Exceptions to the “Certification for Paperwork Reduction Submissions”
This submission describing data collection requests no exceptions to the Certificate for Paperwork Reduction Act (5 CFR 1320.9).
| File Type | application/vnd.openxmlformats-officedocument.wordprocessingml.document |
| Author | Brown, Adriene, CIV, DSS |
| File Modified | 0000-00-00 |
| File Created | 2021-01-27 |