Vulnerability Discovery Program

ICR 202102-1601-004

OMB: 1601-0028

Federal Form Document

Forms and Documents
Document
Name
Status
Supplementary Document
2021-02-25
Supporting Statement A
2021-02-25
Supplementary Document
2020-02-13
Supplementary Document
2020-02-13
Supplementary Document
2020-02-13
Supplementary Document
2020-02-13
IC Document Collections
IC ID
Document
Title
Status
239958 Modified
ICR Details
1601-0028 202102-1601-004
Received in OIRA 202002-1601-001
DHS/OS
Vulnerability Discovery Program
Revision of a currently approved collection   No
Emergency 03/01/2021
02/25/2021
  Requested Previously Approved
6 Months From Approved 08/31/2021
3,000 3,000
9,000 9,000
0 0
The collection of this information regarding to discovered security vulnerabilities by individuals, organizations, and companies is needed to fulfil the congressional mandate in Section 101 of the SECURE Technologies Act regarding a Vulnerability Disclosure Policy. In addition, without the ability to collect information on newly discovered security vulnerabilities in DHS information systems, the DHS will rely solely on the internal security personnel and or discovery through post occurrence of such a breach on security controls.
OMB approached the DHS Chief Information Officer (CIO) about utilizing the existing OMB approved collection across the government to ensure that the Department and Agencies meet an OMB and Cybersecurity and Infrastructure Security Agency (CISA) imposed deadline of March 1, 2021 to create vulnerability disclosure policies. On February 4, 2021, the CIO Program Council confirmed that the DHS CIO was amenable to this approach.
PL: Pub.L. 115 - 390 101 Name of Law: Strengthening and Enhancing Cyber-capabilities by Utilizing Risk Exposure Technology Act
  
None
Not associated with rulemaking
  84 FR 45166 08/28/2019
84 FR 70561 12/23/2019
No
1
IC Title Form No. Form Name
Vulnerability Discovery Program
  Total Request Previously Approved Change Due to New Statute Change Due to Agency Discretion Change Due to Adjustment in Estimate Change Due to Potential Violation of the PRA
Annual Number of Responses 3,000 3,000 0 0 0 0
Annual Time Burden (Hours) 9,000 9,000 0 0 0 0
Annual Cost Burden (Dollars) 0 0 0 0 0 0
No
No
This is a new collection.
$863,730
No
    No
    No
No
No
No
No
Tyrone Huff 202 447-0106 [email protected]
  No
On behalf of this Federal agency, I certify that the collection of information encompassed by this request complies with 5 CFR 1320.9 and the related provisions of 5 CFR 1320.8(b)(3).
The following is a summary of the topics, regarding the proposed collection of information, that the certification covers:
 
 
 
 
 
 
 
    (i) Why the information is being collected;
    (ii) Use of information;
    (iii) Burden estimate;
    (iv) Nature of response (voluntary, required for a benefit, or mandatory);
    (v) Nature and extent of confidentiality; and
    (vi) Need to display currently valid OMB control number;
 
 
 
If you are unable to certify compliance with any of these provisions, identify the item by leaving the box unchecked and explain the reason in the Supporting Statement.
02/25/2021
© 2024 OMB.report | Privacy Policy