CISA Reporting Forms

ICR 202003-1670-002

OMB: 1670-0037

Federal Form Document

Forms and Documents
Document
Name
Status
Form and Instruction
Removed
Form and Instruction
Modified
Form and Instruction
Modified
Form and Instruction
Modified
Form and Instruction
Modified
Form and Instruction
Modified
Supplementary Document
2021-09-27
Supplementary Document
2021-09-27
Supporting Statement A
2021-09-27
Supplementary Document
2020-03-24
Supplementary Document
2020-03-24
Supplementary Document
2020-03-24
Supplementary Document
2020-03-24
Supplementary Document
2020-03-24
Supplementary Document
2020-03-24
ICR Details
1670-0037 202003-1670-002
Received in OIRA 201710-1670-003
DHS/CISA
CISA Reporting Forms
Revision of a currently approved collection   No
Regular 09/28/2021
  Requested Previously Approved
36 Months From Approved 12/31/2021
139,125 126,325
13,852 6,139
0 0

CISA is responsible for performing, coordinating, and supporting response to information security incidents, which may originate outside the Federal community and affect users within it, or originate within the Federal community and affect users outside of it. Often, therefore, the effective handling of security incidents relies on information sharing among individual users, industry, and the Federal Government, which may be facilitated by and through CISA. Per the Federal Information Security Modernization Act of 2014, CISA operates the Federal in-formation security incident center for the United States federal government. Each federal agency is required to notify and consult with CISA regarding information security incidents involving federal information systems. Additional entities report incident information to CISA voluntarily. CISA’s website (at US-CERT.gov) is a primary tool used by constituents to report incident in-formation, access information sharing products and services, and interact with CISA. Constituents, which may include anyone or any entity in the public, use forms located on the website to complete these activities.

US Code: 44 USC 3556 Name of Law: Federal Information Security Incident Center
   US Code: 44 USC 3553 Name of Law: Authority and Functions of the Director and the Secretary
   US Code: 6 USC 1504 Name of Law: Sharing of cyber threat indicators and defensive measures with the Federal Government
   US Code: 44 USC 3554 Name of Law: Information Security
   PL: Pub.L. 113 - 283 2(d) Name of Law: Federal Information Security
   US Code: 6 USC 659 Name of Law: National cybersecurity and communications integration center
  
None

Not associated with rulemaking

  84 FR 46554 09/04/2019
85 FR 516 01/06/2020
Yes

  Total Request Previously Approved Change Due to New Statute Change Due to Agency Discretion Change Due to Adjustment in Estimate Change Due to Potential Violation of the PRA
Annual Number of Responses 139,125 126,325 0 3,400 9,400 0
Annual Time Burden (Hours) 13,852 6,139 0 7,557 156 0
Annual Cost Burden (Dollars) 0 0 0 0 0 0
Yes
Miscellaneous Actions
Yes
Cutting Redundancy
This is a revision to an existing form. The changes to the collection since the previous OMB approval include: updating the name of the Agency from NPPD to CISA, updating the Incident Reporting Form, removing the ICSJWG Form, and updating the burden and cost estimates. The Incident Reporting Form was updated to add reporting options; and updated to improve user-friendliness by having the form be directional. The changes include: adding structured, distinct options for reporting incidents, major incidents, breaches, and events under investigation; and adding fields to collect expanded information on topics including attack vectors, indicators of compromise, communications from compromised systems, critical infrastructure sectors, memory captures, system and network logs, and unattributed cyber intrusions. Based on an increased number of respondents, the revisions to the form, and the updated hourly compensation rates, the burden and cost estimates have increased. The burden hour estimates increased by 7,713 hours, from 6,139 hours to 13,851 hours. The annual government cost increased by $1,592,127, from $506,956 to $2,099,083.

$1,886,112
No
    No
    Yes
No
No
No
No
Castronando Ross 202 494-7567 [email protected]

  No

On behalf of this Federal agency, I certify that the collection of information encompassed by this request complies with 5 CFR 1320.9 and the related provisions of 5 CFR 1320.8(b)(3).
The following is a summary of the topics, regarding the proposed collection of information, that the certification covers:
 
 
 
 
 
 
 
    (i) Why the information is being collected;
    (ii) Use of information;
    (iii) Burden estimate;
    (iv) Nature of response (voluntary, required for a benefit, or mandatory);
    (v) Nature and extent of confidentiality; and
    (vi) Need to display currently valid OMB control number;
 
 
 
If you are unable to certify compliance with any of these provisions, identify the item by leaving the box unchecked and explain the reason in the Supporting Statement.
09/28/2021


© 2024 OMB.report | Privacy Policy