US-CERT is responsible for performing,
coordinating, and supporting response to information security
incidents, which may originate outside the Federal community and
affect users within it, or originate within the Federal community
and affect users outside of it. Often, therefore, the effective
handling of security incidents relies on information sharing among
individual users, industry, and the Federal Government, which may
be facilitated by and through US-CERT. US-CERT fulfills the role of
the Federal information security incident center for the United
States federal government as defined in the Federal Information
Security Modernization Act of 2014. Each federal agency is required
to notify and consult with US-CERT regarding information security
incidents involving the information and information systems
(managed by a federal agency, contractor, or other source) that
support the operations and assets of the agency. Additional
entities report incident information to US-CERT voluntarily. The
US-CERT website is a primary tool used by constituents to report
incident information, access information sharing products and
services, and interact with US-CERT and its partners within the
NCCIC. Constituents, which may include anyone or any entity in the
public, use forms located on the website to complete these
activities.
US Code:
6 USC
148 Name of Law: National Cybersecurity and Communications
Integration Center
US Code: 44
USC 3556 Name of Law: Federal Information Security Incident
Center
US Code: 44
USC 3553 Name of Law: Authority and Functions of the Director
and the Secretary
US Code: 6 USC
1504 Name of Law: Sharing of cyber threat indicators and
defensive measures with the Federal Government
US Code: 44
USC 3554 Name of Law: Information Security
On behalf of this Federal agency, I certify that
the collection of information encompassed by this request complies
with 5 CFR 1320.9 and the related provisions of 5 CFR
1320.8(b)(3).
The following is a summary of the topics, regarding
the proposed collection of information, that the certification
covers:
(i) Why the information is being collected;
(ii) Use of information;
(iii) Burden estimate;
(iv) Nature of response (voluntary, required for a
benefit, or mandatory);
(v) Nature and extent of confidentiality; and
(vi) Need to display currently valid OMB control
number;
If you are unable to certify compliance with any of
these provisions, identify the item by leaving the box unchecked
and explain the reason in the Supporting Statement.
Industrial Control Systems Joint Working Group (ICSJWG)
1670-NEW - USCERT.gov_30 day FRN.pdf
1670-NEW_Supporting Statement A - USCERT FINALv4.doc
Industrial Control Systems Joint Working Group (ICSJWG)