Supporting Statement for DHS CEA NICCS Cybersecurity Scholarships Intern Final 072015

Supporting Statement for DHS CEA NICCS Cybersecurity Scholarships Intern Final 072015.docx

NICCS Cybersecurity Scholarships, Internships, Camps & Clubs, and Competitions Web Forms

OMB: 1670-0032

Document [docx]
Download: docx | pdf


SUPPORTING STATEMENT FOR


Department of Homeland Security (DHS) Cybersecurity Education and Awareness (CE&A)

National Initiative for Cybersecurity Careers and Studies (NICCS)

Cybersecurity Scholarships, Internships, Camps & Clubs, and Competitions Collection


OMB Control No.: 1601-NEW

COLLECTION INSTRUMENTS:

NICCS Cybersecurity Scholarships, Internships, Camps & Clubs, and Competitions Web Forms


A. Justification


1. Explain the circumstances that make the collection of information necessary. Identify any legal or administrative requirements that necessitate the collection. Attach a copy of the appropriate section of each statute and regulation mandating or authorizing the collection of information.


Title II, Homeland Security Act, 6 U.S.C. §121(d)(1) To access, receive, and analyze law enforcement information, intelligence information and other information from agencies of the Federal Government, State and local government agencies…and Private sector entities and to integrate such information in support of the mission responsibilities of the Department.  The following authorities also permit DHS to collect information of the type contemplated: Federal Information Security Management Act of 2002 (FISMA), 44 U.S.C. §3546; Homeland Security Presidential Directive (HSPD) 7, “Critical Infrastructure Identification, Prioritization, and Protection” (2003); and NSPD-54/HSPD-23, “Cybersecurity Policy” (2008).


In May 2009, the President ordered a Cyberspace Policy Review to develop a comprehensive approach to secure and defend America’s infrastructure. The review built upon the Comprehensive National Cybersecurity Initiative (CNCI).


In response to increased cyber threats across the Nation, the National Initiative for Cybersecurity Education (NICE) expanded from a previous effort, the CNCI Initiative #8. NICE formed in 2010, and is a nationally coordinated effort comprised of over 20 federal departments and agencies, and numerous partners in academia and industry. NICE focuses on cybersecurity awareness, education, training and professional development. NICE seeks to encourage and build cybersecurity awareness and competency across the Nation and to develop an agile, highly skilled cybersecurity workforce.


The National Initiative for Cybersecurity Careers & Studies (NICCS) Portal is a national online resource for cybersecurity awareness, education, talent management, and professional development and training. NICCS Portal is an implementation tool for NICE. Its mission is to provide comprehensive cybersecurity resources to the public.


Note: Any information received from the public in support of the NICCS Portal is completely voluntary. Organizations and individuals who do not provide information can still utilize the NICCS Portal without restriction or penalty. An organization or individual who wants their information removed from the NICCS Portal can e-mail the NICCS Supervisory Office (SO). The NICCS SO email address, [email protected], is provided in many places throughout the website. The organization or individual can send the SO a brief email stating their desire to remove their data.



2. Indicate how, by whom, and for what purpose the information is to be used. Except for a new collection, indicate the actual use the agency has made of the information received from the current collection.


Department of Homeland Security (DHS) Cybersecurity Education and Awareness (CE&A) intends for a portion of the collected information from the NICCS Cybersecurity Scholarships, Internships, Camps & Clubs, and Competitions Web Form to be displayed on a publicly accessible website called the National Initiative for Cybersecurity Careers and Studies (NICCS) Portal (http://niccs.us-cert.gov/). Information will be made available to the public to support the National Initiative for Cybersecurity Education (NICE) mission. Table 1 defines the information categories collected by the NICCS Cybersecurity Scholarships, Internships, Camps & Clubs, and Competitions Web Form and whether the information will be displayed on the NICCS Portal.


Table 1 Information Categories

Information Categories

Displayed on NICCS Portal?

Scholarship Sponsor Organization

Yes

Scholarship Organization URL

Yes

Scholarship Name

Yes

Scholarship Description

Yes

Scholarship URL

Yes

Scholarship Point of Contact (POC) First & Last Name

No

Scholarship POC Email Address

No

Scholarship Amount

Yes

Scholarship Focus

Yes

Scholarship Application Deadline

Yes

Scholarship Level

Yes

Scholarship Special Application Restrictions

Yes

Scholarship Logo

Yes

Internship Employer Name

Yes

Internship Title

Yes

Internship Description

Yes

Internship URL

Yes

Internship City and State

Yes

Internship POC First & Last Name

No

Internship POC Email Address

No

Internship Employer Type

Yes

Internship Full/Part Time

Yes

Internship Compensation

Yes

Internship College Credit

Yes

Internship Application Deadline

Yes

Internship Logo

Yes

Camp/Club Organization Name

Yes

Camp/Club Name

Yes

Camp/Club Description

Yes

Camp/Club URL

Yes

Camp/Club City and State

Yes

Camp/Club POC First & Last Name

No

Camp/Club POC E-mail Address

No

Camp/Club Grade Level

Yes

Camp/Club Type

Yes

Camp/Club Session

Yes

Camp/Club Cost

Yes

Camp/Club Application Deadline

Yes

Camp/Club Logo

Yes

Competition Organization Name

Yes

Competition Name

Yes

Competition Description

Competition Logo

Yes

Yes

Competition URL

Yes

Competition City and State

Yes

Competition POC First & Last Name

No

Competition POC Email Address

No

Competition Structured Registration

Yes

Competition Cost

Yes

Competition Academic Level

Yes

Competition Difficulty Level

Yes

Competition Play Composition

Yes

Competition Specialty Areas

Yes

Competition Knowledge Skills and Abilities

Competitions - Websites for Related Challenges

Yes

Yes


3. Describe whether, and to what extent, the collection of information involves the use of automated, electronic, mechanical, or other technological collection techniques or other forms of information technology, e.g., permitting electronic submission of responses, and the basis for the decision for adopting this means of collection. Also describe any consideration of using information technology to reduce burden.


The information will be completely collected via electronic means using the web form collection instruments. Once data is inputted into the web form collection instruments it will be automatically formatted and e-mailed to the NICCS Supervisory Office (SO) for review and processing. Correspondence between the public and DHS CE&A will be via the NICCS SO official e-mail address ([email protected]). Correspondence could include a confirmation to the public confirming the receipt and acceptance of their data entry. After this confirmation, correspondence will be limited to conversations initiated by the public.


All information collected from the NICCS Cybersecurity Scholarships, Internships, Camps & Clubs, and Competitions Web Form will be stored on the publicly accessible NICCS Portal.



4. Describe efforts to identify duplication. Show specifically why any similar information already available cannot be used or modified for use for the purposes described in Item 2 above.


After review of www.reginfo.gov, this information is not collected in any form, and therefore is not duplicated elsewhere.



5. If the collection of information impacts small businesses or other small entities (Item 5 of OMB Form 83-I), describe any methods used to minimize burden.


Impact to small businesses or other small entities is determined to be insignificant based on the fact that all information is completely voluntary and requires insignificant amount of time to provide (exchanged via e-mail, i.e. electronic submission of responses).



6. Describe the consequence to Federal program or policy activities if the collection is not conducted or is conducted less frequently, as well as any technical or legal obstacles to reducing burden.


The NICCS Portal was created to gather and share cybersecurity training and education information with the general public, specifically for cybersecurity professionals. DHS CE&A identified the type of information and collection frequency in order to provide relevant, accurate, and timely information.


In order to provide the public with information about cybersecurity education and training, public organizations must provide NICCS with data. This information must be collected so NICCS can be a robust information source, and to fulfill the strategic objectives of DHS CE&A. If the information is not collected, the list of scholarships, camps & clubs, internships, and competitions on NICCS will be very short, and it will not meet the needs of the public.


There are no legal obstacles.



7. Explain any special circumstances that would cause an information collection to be conducted in a manner:


Requiring respondents to report information to the agency more often than quarterly;


Requiring respondents to prepare a written response to a collection of information in fewer than 30 days after receipt of it;


Requiring respondents to submit more than an original and two copies of any document;


Requiring respondents to retain records, other than health, medical, government contract, grant-in-aid, or tax records for more than three years;


In connection with a statistical survey, that is not designed to produce valid and reliable results that can be generalized to the universe of study;


Requiring the use of a statistical data classification that has not been reviewed and approved by OMB;


That includes a pledge of confidentiality that is not supported by authority established in statute or regulation, that is not supported by disclosure and data security policies that are consistent with the pledge, or which unnecessarily impedes sharing of data with other agencies for compatible confidential use; or


Requiring respondents to submit proprietary trade secret, or other confidential information unless the agency can demonstrate that it has instituted procedures to protect the information's confidentiality to the extent permitted by law.


The special circumstances contained in item 7 of the Supporting Statement are not applicable to this information collection.



8. If applicable, provide a copy and identify the data and page number of publication in the Federal Register of the agency's notice, required by 5 CFR 1320.8(d), soliciting comments on the information collection prior to submission to OMB. Summarize public comments received in response to that notice and describe actions taken by the agency in response to these comments. Specifically address comments received on cost and hour burden.


Describe efforts to consult with persons outside the agency to obtain their views on the availability of data, frequency of collection, the clarity of instructions and recordkeeping, disclosure, or reporting format (if any), and on the data elements to be recorded, disclosed, or reported.


Consultation with representatives of those from whom information is to be obtained or those who must compile records should occur at least once every 3 years -- even if the collection of information activity is the same as in prior periods. There may be circumstances that may preclude consultation in a specific situation. These circumstances should be explained.


A 60 Day Federal Register Notice requesting public comments was published on Friday, December 19, 2014, 79 FR 75824. No comments were received.


A 30 Day Federal Register Notice requesting public comments was published on Monday, March 2, 2015, 80 FR 40. No comments were received.



9. Explain any decision to provide any payment or gift to respondents, other than remuneration of contractors or grantees.


There is no offer of monetary or material value for this information collection.



  1. Describe any assurance of confidentiality provided to respondents and the basis for the

assurance in statute, regulation, or agency policy.


The following privacy documents address this collection request:


  • DHS Privacy Threshold Analysis (PTA) Contact List

  • DHS/ALL/PIA-006 - DHS General Contacts List Privacy Impact Assessments (PIA)

  • DHS/ALL/SORN-002 - Department of Homeland Security (DHS) Mailing and Other Lists Systems System Of Records Notice (SORN)


All information, excluding Points of Contacts (POC) names and e-mail addresses, will be made available on the public-facing NICCS web Portal. See Table 1, Information Categories. POC names and e-mail addresses will not be shared.


There is no assurance of confidentiality provided to the respondents for this collection of information.


11. Provide additional justification for any questions of a sensitive nature, such as sexual behavior and attitudes, religious beliefs, and other matters that are commonly considered private. This justification should include the reasons why the agency considers the questions necessary, the specific uses to be made of the information, the explanation to be given to person’s form whom the information is requested, and any steps to be taken to obtain their consent.

There are no questions of sensitive nature.


12. Provide estimates of the hour burden of the collection of information. The statement should:


Indicate the number of respondents, frequency of response, annual hour burden, and an explanation of how the burden was estimated. Unless directed to do so, agencies should not conduct special surveys to obtain information on which to base hour burden estimates. Consultation with a sample (fewer than 10) of potential respondents is desirable. If the hour burden on respondents is expected to vary widely because of differences in activity, size, or complexity, show the range of estimated hour burden, and explain the reasons for the variance. Generally, estimates should not include burden hours for customary and usual business practices.


If this request for approval covers more than one form, provide separate hour burden estimates for each form and aggregate the hour burdens in Item 13 of OMB Form 83-I.


Provide estimates of annualized cost to respondents for the hour burdens for collections of information, identifying and using appropriate wage rate categories. The cost of contracting out or paying outside parties for information collection activities should not be included here. Instead, this cost should be included in Item 14



Type of Respondent

Form Name /

Form Number

No. Of Respondents

No. Of Responses per Respondent

Total Annual No. Of Responses

Avg. Burden per Response (in hours)

Total Annual Burden (in hours)

Avg. Hourly Wage Rate**

Total Annual Respondent Cost

Academic Institutions

Federal Government Organizations, Agencies, and Departments;

Private Institutions/Organizations

NICCS Cybersecurity Scholarships, Internships, Camps & Clubs, and CompetitionsWeb Form

150

1

150

30 mins.

75

$29.24*

$2,193

Total


150

1

150

30 mins.

75



$29.24*

$2,193

*Based on the following Mean hourly wages (source: http://www.bls.gov/bls/blswage.htm):


    • Educational Services, Privately owned - Computer and Mathematical Occupations - Information Security Analysts, Web Developers, and Computer Network Architects: $34.38


    • Technical and trade schools, Privately owned - Information Security Analysts, Web Developers, and Computer Network Architects - $26.02


    • Technical and trade schools, Local government owned - Network and Computer Systems Administrators - $26.00


    • Technical and trade schools, State government owned - Network and Computer Systems Administrators - $25.10


    • Colleges, universities, and professional schools, Privately owned - Information Security Analysts, Web Developers, and Computer Network Architects - $35.07


    • Colleges, universities, and professional schools, Local government owned - Information Security Analysts, Web Developers, and Computer Network Architects - $28.54


    • Colleges, universities, and professional schools, State government owned - Information Security Analysts, Web Developers, and Computer Network Architects - $29.57


13. Provide an estimate of the total annual cost burden to respondents or record keepers resulting from the collection of information. (Do not include the cost of any hour burden shown in Items 12 and 14).


The cost estimate should be split into two components: (a) a total capital and start-up cost component (annualized over its expected useful life); and (b) a total operation and maintenance and purchase of services component. The estimates should take into account costs associated with generating, maintaining, and disclosing or providing the information. Include descriptions of methods used to estimate major cost factors including system and technology acquisition, expected useful life of capital equipment, the discount rate(s), and the time period over which costs will be incurred. Capital and start-up costs include, among other items, preparations for collecting information such as purchasing computers and software; monitoring, sampling, drilling and testing equipment; and record storage facilities.

If cost estimates are expected to vary widely, agencies should present ranges of cost burdens and explain the reasons for the variance. The cost of purchasing or contracting out information collection services should be a part of this cost burden estimate. In developing cost burden estimates, agencies may consult with a sample of respondents (fewer than 10), utilize the 60-day pre-OMB submission public comment process and use existing economic or regulatory impact analysis associated with the rulemaking containing the information collection, as appropriate.

Generally, estimates should not include purchases of equipment or services, or portions thereof, made: (1) prior to October 1, 1995, (2) to achieve regulatory compliance with requirements not associated with the information collection, (3) for reasons other than to provide information or keep records for the government or (4) as part of customary and usual business or private practices.


There are no record keeping, capital, start-up or maintenance costs associated with this information collection.



14. Provide estimates of annualized cost to the Federal government. Also, provide a description of the method used to estimate cost, which should include quantification of hours, operational expenses (such as equipment, overhead, printing, and support staff), and any other expense that would not have been incurred without this collection of information. Agencies also may aggregate cost estimates from Items 12, 13, and 14 in a single table.


The estimated annualized cost to the Federal government for this collection is calculated to be approximately $43,875. The following method was used to estimate the cost (based on General Schedule Grade 9, step 5, WASHINGTON-BALTIMORE-NORTHERN VIRGINIA, DC-MD-VA-WV-PA locality, annual pay):


  • Cost of NICSS SO to review NICCS Cybersecurity Scholarships, Internships, Camps & Clubs, and Competitions Web Form: 2 personnel x 15% annual time = $17,550

  • Cost of NICCS Portal web developers: 3 personnel x 15% annual time = $26,325

    --Total: $43,875 annually



15. Explain the reasons for any program changes or adjustments reporting in Items 13 or 14 of the OMB Form 83-I.


This is a new collection; therefore, there has been no increase or decrease in the estimated annual burden hours previously reported for this information collection.



16. For collections of information whose results will be published, outline plans for tabulation, and publication. Address any complex analytical techniques that will be used. Provide the time schedule for the entire project, including beginning and ending dates of the collection of information, completion of report, publication dates, and other actions.


A portion of information collected from the NICCS Cybersecurity Scholarships, Internships, Camps & Clubs, and Competitions Web Form will be stored on the publicly accessible NICCS Portal (http://niccs.us-cert.gov/). See Table 1 for details. No complex analytical techniques will be used.


This project has no set end date.


Collection of information will commence upon official collection approval.



17. If seeking approval to not display the expiration date for OMB approval of the information collection, explain the reasons that display would be inappropriate.


DHS CE&A will display the expiration date for OMB approval of this information collection.



  1. Explain each exception to the certification statement identified in Item 19, "Certification for Paperwork Reduction Act Submission," of OMB 83-I.


DHS CE&A does not request an exception to the certification of this information collection.

File Typeapplication/vnd.openxmlformats-officedocument.wordprocessingml.document
AuthorMichael Wigal
File Modified0000-00-00
File Created2021-01-22
© 2024 OMB.report | Privacy Policy