SUPPORTING STATEMENT – PART A
Industry Cost Collection Report Survey – OMB 0704-0458
A. JUSTIFICATION
1. Need for the Information Collection
Executive Order 12829, “National Industrial Security Program,” required agency heads to account each year for intra-agency costs associated with the implementation of the NISP and to report these costs to the Director, Information Security Oversight Office (ISOO), who is responsible for including them in annual reports to the President. In furtherance of this requirement, and pursuant with 32 CFR, Subpart F, section 2001.61 (b); “Classified National Security Information; Final Rule,” the Secretary of Defense, acting as executive agent for the NISP, is obligated to collect cost estimates for classification-related activities of contractors, licensees, certificate holders, and grantees and report them to ISOO annually. The cost collection methodology employed by this Department since 1996 was validated with the ISOO in December, 2007.
Department of Defense Directive, 5105.42, “Subject: Defense Security Service”, delineates the mission, functions and responsibilities of DSS. In accordance with this Directive DSS was an Agency of the Department of Defense under the authority, direction, and control of the Assistant Secretary of Defense (Command, Control, Communication and Intelligence) (ASD(C3I)). Subsequently, Deputy Secretary of Defense Memorandum, Subject: Implementation Guidance on Restructuring Defense Intelligence – and Related Matters, dated, May 8, 2003, created and transferred the Industrial Security and Personnel Security responsibilities of ASD(C3I) to the Office of the Undersecretary of Defense for Intelligence (OUSD(I)). As such DSS was also transferred under the management and control of OUSD (I). In February 2005, DSS transferred the conduct of personnel security investigations to the Office of Personnel Management (OPM). As it pertains to this request for authority to collect information, DSS is currently responsible for the following:
Administer and implement the Defense portion of the National Industrial Security Program (NISP) for DoD and 30 other Non-DoD agencies pursuant to EO 12829 (reference (e).
Exercise authority delegated to the Secretary of Defense for issuance of security clearances to contractor employees, pursuant to EO 12829.
Executive Order 12829, “National Industrial Security Program” requires the Department of Defense to account each year for the costs associated with implementation of the National Industrial Security Program and report those costs to the Director of the ISOO. EO 12829 also authorizes the Executive Agent to issue, after consultation with affected agencies, standard forms that will promote the implementation of the NISP.
2. Use of the Information
A commercial web-based survey tool hosts the data collection. Prior to the annual launch of this collection, DSS randomly selects active NISP facilities that will be able to submit security costs. The random selection to submit facility cost estimates is dependent on the facility having an active Facility Clearance (FCL) and permanent Commercial and Government Entity (CAGE) Code. The data collection must be completed during the annual reporting period, which covers a two-week span. Typically the collection is deployed during the month of January.
The recipients from each of the facilities, referred to as Facility Security Officers (FSO), receive an email invitation at the launch of the reporting period. The FSO is a contractor that supervises and directs security-related activities and measures within a facility. The FSO will click a URL link contained within the email invitation to complete the data collection. There will be weekly follow-up reminders sent from the survey vendor to the FSO during the reporting period to those facilities yet to submit their cost estimates.
Information provided will become part of DSS records of cleared contractor facility data collections, retrieved by the name of the facility CAGE Code, not the FSO contact information. DSS is tasked to collect the costs from NISP contractors who possess classified information at their cleared facility pursuant to the reporting requirement of 32 CFR Part 2001, Subpart F, section 2001.61 (b); Classified National Security Information. The DoD estimates aggregate security costs for contractors to the ISOO.
3. Use of Information Technology
The use of information technology has been considered appropriate for the purposes of this collection. The email invitation includes a secure link to access and complete the online survey. 100% of contractor facilities participating in this data collection complete the "NISP Cost Collection" electronically.
4. Non-duplication
The joint-government-industry Industrial Security Cost Task Force was formed in early 1995 to develop an acceptable model to fulfill 32 CFR, Subpart F obligations of the Secretary of Defense under the NISP. The objective of the Task Force was to formulate a cost collection and reporting methodology that would not be prohibitively expensive, but would take into account “lessons learned” from previous related studies, and responsibly address newly articulated problematic aspects expressed by its industry members. The draft methodology was supported by the joint-government-industry NISP Policy Advisory Committee during its meeting of September 27, 1995 and was accepted for implementation on February 9, 1996 by the six industry group signatories to the memorandum of understanding established to convey consensus positions to appropriate government security authorities relative to NISP policies, procedures, and practices.
Since this data collection’s implementation in 1995 no other duplicative efforts have been undertaken to estimate Industry cost associated with implementation of the National Industrial Security Program. Government organizations and industry representatives within the Industrial Security Cost Task Force are aware that this is an annual request, slated to occur in late winter of each calendar year to align with the budget cycle.
DSS is only asking for the minimum amount of information necessary for reporting needs. Due to the unique facility categories of contractors participating in the NISP, DSS can employ a random sampling technique to minimize the amount of respondents required. DSS conducts an annual survey (1,014 respondents) at cleared contractor facilities eligible to protect classified information participating within the NISP. In short, this collection has a very minimal impact on businesses.
6. Less Frequent Collection
Pursuant to Executive Order 12829 “National Industrial Security Program” (NISP), and reporting requirement of 32 CFR Part 2001, Subpart F, section 2001.61 (b); Classified National Security Information, the DoD estimates aggregate security costs for contractors to the Information Security Oversight Office (ISOO). In turn, ISOO reports to the President on the cost of the NISP annually. To meet the requirement of the Order, DSS is tasked to collect the costs by surveying contractors who possess classified information at their cleared facility.
7. Paperwork Reduction Act Guidelines
There are no special circumstances affecting this collection.
8. Consultation and Public Comments
The 60-day notice was posted to the Federal Register on December 14th, 2016 under citation 81 FR 90338. Two comments were received. However, these were determined to be spam by the Federal Register and are therefore not relevant to this information collection.
The 30-day notice was posted to the Federal Register on February 28th, 2017 under citation 82 FR 12084.
Part B: CONSULTATION
The Defense Security Service has consulted with staff from the Information Security Oversight Office and Industry members of the National Industrial Security Program Policy Advisory Committee (NISPPAC). The NISPPAC is responsible for recommending changes in industrial security policy through modifications to Executive Order 12829. The NISPPAC also advises the ISOO on all matters concerning NISP policy and serves as a forum to discuss policy issues in dispute. As a result of those discussions, an effort is underway to improve this data collection through incorporating additional definitions. DSS expects the dialogue with ISOO to continue into the future. However, there are no plans to alter the questions themselves. In the future, DSS will implement these changes once finalized and after going through to necessary revision approval with OMB.
No payments or gifts will be provided to respondents.
10. Confidentiality
The response to questions on the “Industry Cost Collection Report” may be considered by the respondent to be company proprietary. Information provided by the contractor will be kept private to the extent permitted by law. Information collected is compiled to create an aggregate estimated cost of NISP classification-related activities. Only the aggregate data is reported and all individual company information is kept in DSS records.
A Privacy Act Statement (PAS) is not required since PII is not being collected.
A SORN is not required since records are not retrieved by PII.
A PIA is not required since PII is not being collected electronically.
The Records Retention and Disposition Schedule is 040 - DAA-GRS- 2013-0003-0012 and reads as follows: “Cost accounting for stores, inventory, and materials) for this collection are temporary destroy when 3 years old, but longer retention is authorized if required for business use.”
11. Sensitive Questions
There are no sensitive questions asked in this collection.
12. Respondent Burden, and its Labor Costs
Estimation of Respondent Burden
Estimation of Respondent Burden Hours |
|||||
|
Number of Respondents |
Number of Responses per Respondent |
Number of Total Annual Responses |
Response Time (Amount of time needed to complete the collection instrument) |
Respondent Burden Hours (Total Annual Responses multiplied by Response Time) Please compute these into hours) |
Industry Cost Collection Report Survey |
1,014 |
1 |
1,014 |
30 min. |
507 |
Total |
1,014 |
1 |
1,014 |
30 min. |
507 |
Labor Cost of Respondent Burden
Labor Cost of Respondent Burden |
|||||
|
Number of Responses |
Response Time per Response |
Respondent Hourly Wage (2016, DC, GS-13 Step 1) |
Labor Burden per Response (Response Time multiplied by Respondent Hourly Wage) |
Total Labor Burden (Number of Respondents multiplied by Response Time multiplied by Respondent Hourly Wage) |
Industry Cost Collection Report Survey |
1,014 |
30 min. |
$44.15 |
$22.08
|
$22,389.12 |
Total |
1014 |
30 min. |
$44.15 |
$22.08 |
$22,389.12 |
The cited above was taken from the OPM 2016 General Schedule for Washington-Baltimore-Arlington , DC-MD-VA-WV-PA, GS-13 Step 1, which best captures the pay level for the occupation of Facility Security Officer. The cited wage can be found at :https://www.opm.gov/policy-data-oversight/pay-leave/salaries-wages/2016/general-schedule/
13. Respondent Costs Other Than Burden Hour Costs
There are no costs to respondents other than labor costs.
14. Cost to the Federal Government
Labor Cost to the Federal Government |
||
|
Industry Cost Collection Report Survey |
Total |
Number of Responses |
1,014 |
1,014 |
Processing Time Per Response (in hours) |
0.09 |
0.09 |
Hourly Wage of Worker(s) Processing Responses |
$53.92
|
$53.92
|
Cost to Process Each Response (Processing Time Per Response multiplied by Hourly Wage of Worker(s) Processing Responses) |
$4.85
|
$4.85
|
Total Cost to Process Responses (Cost to Process Each Response multiplied by Number of Responses |
$4,917.90 |
$4,917.90 |
The weighted average wage is $53.92, which is based on 60 hours at $59.13 for GS-14 Step 5 and 32 hours at $44.15 for GS-13- Step 1 using OPM 2016 General Schedule for Washington-Baltimore-Arlington , DC-MD-VA-WV-PA. The cited wages can be found at :https://www.opm.gov/policy-data-oversight/pay-leave/salaries-wages/2016/general-schedule/
Operational and Maintenance Costs |
||||||
Equipment |
Printing |
Postage |
Software Purchases |
Licensing Costs |
Other |
Total |
$0.00 |
$0.00 |
$0.00 |
$0.00 |
$0.00 |
$0.00 |
$0.00 |
There are no operational and maintenance costs that come as a result of this collection, as no new equipment, printing, postage, software purchases, licensing costs, or other costs are involved.
Total Cost to the Federal Government |
||
Operational and Maintenance Costs |
Labor Cost to the Federal Government |
Total Cost (O&M Costs + Labor Cost) |
$0.00 |
$4,917.90 |
$4,917.90 |
15. Reasons for Change in Burden
Information collection proposal is currently at zero burden hours, as this is a reinstatement of a previously approved collection for which has expired.
The burden time for each respondent to complete this survey has remained the same (30 minutes) since the last time this collection was approved in 2009. However, the number of respondents has decreased from 1,613 to 1,014 due to a decrease in contracted facilities. This has resulted in an overall decrease in total burden hours and costs.
16. Publication of Results
The data is analyzed and reported by DSS to the Director of the Information Security Oversight Office (ISOO) in order to comply with Executive Order 12829, “National Industrial Security Program” which requires the Department of Defense to account each year for the costs associated with implementation of the National Industrial Security Program and report those costs.
17. Non-Display of OMB Expiration Date
Approval is not sought for avoiding display of the expiration date for OMB approval of the information collection.
18. Exceptions to "Certification for Paperwork Reduction Submissions"
No exemptions are sought with this collection.
| File Type | application/msword |
| File Title | Supporting Statement Part A |
| Author | Patricia Toppings |
| Last Modified By | Ian Armstrong |
| File Modified | 2017-02-28 |
| File Created | 2017-02-10 |