CISA Reporting Survey

Generic Clearance for the Collection of Qualitative Feedback on Agency Service Delivery

1670-0027_CISA Product Survey_20200520_FINAL_INSTRUMENT

CISA Reporting Surveys

OMB: 1670-0027

Document [docx]
Download: docx | pdf

C ISA Product Survey


OMB Control Number: 1670-0027

OMB Expiration Date: MM/DD/YYYY



The Department of Homeland Security (DHS) Cybersecurity Infrastructure Security Agency (CISA) is charged with enhancing the security, resiliency, and reliability of the nation's cyber, communications, and physical infrastructure, as well as with supporting DHS’s mission to manage risk. CISA will use this survey to identify opportunities to improve our products and services, we ask that you please take 5 minutes to complete this anonymous and voluntary survey to understand your expectations and values, so we may use the information to help us bring those expectations and values to reality. Thank you.


Please note CISA does not intend to collect any Personally Identifiable Information (PII) such as respondent contact information (names, organizations, phone numbers, email addresses). Please do not provide any PII in the open text fields.


PRA Burden Statement: The public reporting burden to complete this information collection is estimated at 5 minutes per response, including the time completing and reviewing the collected information. The collection of this information is voluntary. An agency may not conduct or sponsor, and a person is not required to respond to a collection of information unless it displays a currently valid OMB control number and expiration date. Send comments regarding this burden estimate or any other aspect of this collection of information, including suggestions for reducing this burden to DHS/CISA. Mail Stop 0608, 245 Murray Lane SW, Arlington, VA 20598. ATTN: PRA [1670-0027].


Shape2

CYBER+INFRASTRUCTURE


<Enter product name/type>


  1. Please rate the product’s overall value:

    1. Very valuable

    2. Somewhat valuable

    3. Of limited value

    4. Not valuable


  1. Please rate the product’s utility:

    1. Highly actionable – shaped and/or strengthened <Enter cybersecurity, infrastructure, or risk management> policy or implementation (e.g. signature development, deemed shareable)

    2. Actionable – helped existing security posture or confidence

    3. Not actionable – did not contain usable/actionable information (e.g. TTPs, indicators)


  1. Please rate the product’s quality of analysis:

    1. High quality analysis – uniquely insightful, drove organizational strategic decisions, or drove significant operational/tactical actions

    2. Acceptable quality analysis – reinforced or corroborated other sources’ analysis

    3. Low quality analysis – did not address key questions and/or contained errors that eroded confidence in recommended actions


  1. Please rate the product’s timeliness:

    1. Very timely – helped organization to stay ahead of emerging threats (e.g. campaign, zero-days)

    2. Timely – helped organization to confirm known information and/or address existing challenges

    3. Not timely – information was provided after organization needed it, information was available earlier from other sources, or information was no longer relevant for defensive action


  1. What else did you find particularly useful or lacking in the product?

    1. [open text box]


  1. What improvements can be made to the product to better suit your needs?

    1. [open text box]


  1. How frequently do you use CISA products?

    1. Very frequently

    2. Frequently

    3. Infrequently

    4. Very infrequently


  1. How do you use CISA products? (please select all that apply)

    1. Daily network operations

    2. Situational awareness

    3. When an event affects my organization

    4. Personal interest

    5. I do not use CISA products


  1. What other sources do you use for cybersecurity threat or vulnerability information alerts? (please select all that apply)

    1. Federal Law Enforcement (ICE, USSS)

    2. The Intelligence Community (FBI, NSA, CIA)

    3. Private Sector Cybersecurity Vendors

    4. I only use CISA sources

    5. I was unaware of other sources

    6. Other, please identify: [open text box]


  1. How do CISA products compare to other sources from which you receive information?

    1. Excellent (exceeding the value, quality, and timeliness of the other products available; very actionable).

    2. Good (valuable to organizational <Enter cybersecurity, infrastructure, or risk management>; matches quality and detail of similar products; actionable in cybersecurity; sufficiently timely).

    3. Satisfactory (less valuable but actionable, lower quality, or less timely).

    4. Poor (lower value, not actionable, poor quality, or not timely).

    5. I do not use information from other sources.


  1. What is your role in <enter cybersecurity, infrastructure, or risk management> for your organization?

    1. < Enter cybersecurity, infrastructure, or risk management roles>

    2. < Enter cybersecurity, infrastructure, or risk management roles>

    3. < Enter cybersecurity, infrastructure, or risk management roles>

    4. < Enter cybersecurity, infrastructure, or risk management roles>

    5. I do not play a <Enter cybersecurity, infrastructure, or risk management> role for my organization

    6. Other, please identify: [open text box]


  1. Please describe your organization: (please select all that apply)

    1. U.S. Federal Government Department or Agency

    2. U.S. State, Local, Tribal, or Territorial Government

    3. Non-U.S. Government

    4. Non-U.S. Citizen

    5. Private Sector

    6. Academia

    7. Nonprofit

    8. Critical Infrastructure

    9. Cybersecurity Vendor/Provider

    10. Individual: Citizen/Retired/Student/etc.

    11. None of the above

4


File Typeapplication/vnd.openxmlformats-officedocument.wordprocessingml.document
AuthorLECOMPTE, JENNIFER (CTR)
File Modified0000-00-00
File Created2021-06-17
© 2025 OMB.report | Privacy Policy