Computer-Security Incident Notification

ICR 202204-7100-005

OMB: 7100-0384

Federal Form Document

Forms and Documents
Document
Name
Status
Supporting Statement A
2022-05-18
IC Document Collections
IC ID
Document
Title
Status
252615
New
252613
New
ICR Details
7100-0384 202204-7100-005
Active
FRS FR 2231
Computer-Security Incident Notification
New collection (Request for a new OMB Control Number)   No
Delegated
Approved without change 05/18/2022
Retrieve Notice of Action (NOA) 05/18/2022
  Inventory as of this Action Requested Previously Approved
05/31/2025 36 Months From Approved
834 0 0
2,502 0 0
0 0 0
The FR 2231 covers the information collections included in a final rule (Final Rule) promulgated by the Board, Office of the Comptroller of the Currency (OCC), and Federal Deposit Insurance Corporation (FDIC) (collectively, the agencies) on November 23, 2021. The Final Rule requires a banking organization to notify its primary Federal banking regulator of any “computer-security incident” that rises to the level of a “notification incident,” as soon as possible and no later than 36 hours after the banking organization determines that a notification incident has occurred. The banking organizations for which the Board serves as primary Federal banking regulator for the purposes of the Final Rule are U.S. bank holding companies, U.S. savings and loan holding companies, state member banks, U.S. operations of foreign banking organizations, and Edge or agreement corporations. The Final Rule also requires a bank service provider to notify each affected banking organization customer as soon as possible when the bank service provider determines that it has experienced an unplanned computer-security incident that has caused, or is reasonably likely to cause, a material service disruption or degradation for four or more hours.
US Code: 12 USC 321-338a Name of Law: Federal Reserve Act
   US Code: 12 USC 1844(b) Name of Law: Bank Holding Company Act of 1956
   US Code: 12 USC 1467a(g) Name of Law: Home Owners’ Loan Act
   US Code: 12 USC 1861-1867 Name of Law: Bank Service Company Act
   US Code: 12 USC 3101 et seq. Name of Law: International Banking Act of 1978
  
None
7100-AG06 Final or interim final rulemaking 86 FR 66424 11/23/2021
  86 FR 2299 01/12/2021
86 FR 66424 11/23/2021
Yes
2
IC Title Form No. Form Name
Disclosure Section 225.303
Reporting Section 225.302
  Total Approved Previously Approved Change Due to New Statute Change Due to Agency Discretion Change Due to Adjustment in Estimate Change Due to Potential Violation of the PRA
Annual Number of Responses 834 0 0 834 0 0
Annual Time Burden (Hours) 2,502 0 0 2,502 0 0
Annual Cost Burden (Dollars) 0 0 0 0 0 0
Yes
Changing Regulations
No
This is a new collection. The estimated total annual burden for the FR 2231 is 2,502 hours. For both the reporting and the disclosure requirement, the agencies estimate it will take up to 3 hours to comply with the reporting and disclosure requirements.
$0
No
    Yes
    No
No
No
No
No
Richard Palmer 202 502-8438 [email protected]
  No
On behalf of this Federal agency, I certify that the collection of information encompassed by this request complies with 5 CFR 1320.9 and the related provisions of 5 CFR 1320.8(b)(3).
The following is a summary of the topics, regarding the proposed collection of information, that the certification covers:
 
 
 
 
 
 
 
    (i) Why the information is being collected;
    (ii) Use of information;
    (iii) Burden estimate;
    (iv) Nature of response (voluntary, required for a benefit, or mandatory);
    (v) Nature and extent of confidentiality; and
    (vi) Need to display currently valid OMB control number;
 
 
 
If you are unable to certify compliance with any of these provisions, identify the item by leaving the box unchecked and explain the reason in the Supporting Statement.
05/18/2022
© 2024 OMB.report | Privacy Policy