The General Services Administration
(GSA) is extending an existing OMB information collection,
requiring contracting officers to insert the clause at 552.239–71,
Security Requirements for Unclassified Information Technology
Resources, in solicitations and contracts containing the provision
at 552.239–70, Information Technology Security Plan and Security
Authorization. As such, the provision and clause are inserted in
solicitations that include information technology products,
services or systems in which the contractor will have physical or
electronic access to government information that directly supports
the mission of GSA. The clause requires contractors, within 30 days
after contract award, to submit an IT Security Plan to the
Contracting Officer and Contracting Officer’s Representative for
acceptance that describes the processes and procedures that will be
followed to ensure appropriate security of IT resources that are
developed, processed, or used under the contract.
Using data generated from the
Federal Procurement Data System (FPDS) for FY15 and FY16, GSA
increased the burden hours as the number of respondents has
increased.
On behalf of this Federal agency, I certify that
the collection of information encompassed by this request complies
with 5 CFR 1320.9 and the related provisions of 5 CFR
1320.8(b)(3).
The following is a summary of the topics, regarding
the proposed collection of information, that the certification
covers:
(i) Why the information is being collected;
(ii) Use of information;
(iii) Burden estimate;
(iv) Nature of response (voluntary, required for a
benefit, or mandatory);
(v) Nature and extent of confidentiality; and
(vi) Need to display currently valid OMB control
number;
If you are unable to certify compliance with any of
these provisions, identify the item by leaving the box unchecked
and explain the reason in the Supporting Statement.
3090-0300_Supporting Statement 2017.docx
Implementation of Information Technology Security Provision; Sections Affected: 552.239-70 and 552.239-71