Cybersecurity Maturity Model Certification Assessment Information

ICR 202211-0704-001

OMB: 0704-0677

Federal Form Document

Forms and Documents
Document
Name
Status
Supporting Statement A
2023-07-26
ICR Details
202211-0704-001
Received in OIRA
DOD/DODDEP 0704-CMMC
Cybersecurity Maturity Model Certification Assessment Information
New collection (Request for a new OMB Control Number)   No
Regular 07/28/2023
  Requested Previously Approved
36 Months From Approved
31,612 0
6,374,254 0
1,243,651,131 0

The Cybersecurity Maturity Model Certification (CMMC) Program provides for the assessment of contractor implementation of cybersecurity requirements to enhance confidence in contactor protection of unclassified information within the DoD supply chain. The CMMC Program is implemented under 48 CFR, with associated rulemaking for CMMC to align CMMC Program requirements (e.g., CMMC Scoring Methodology, certificate issuance, information accessibility) under 32 CFR Subpart D. This information collection is necessary to support the implementation of the CMMC assessment process for Levels 1 and 2 self-assessment, as defined in 32 CFR Part § 170.31 and 32 CFR Part § 170.32 respectively; Level 2 certification assessment, as defined in 32 CFR Part § 170.33; and Level 3 certification assessment, as defined in 32 CFR Part § 170.34.

US Code: 5 USC 301 Name of Law: National Defense Authorization Act for Fiscal Year 2020
  
None

0790-AL49 Proposed rulemaking 88 FR 48536 07/27/2023

No

  Total Request Previously Approved Change Due to New Statute Change Due to Agency Discretion Change Due to Adjustment in Estimate Change Due to Potential Violation of the PRA
Annual Number of Responses 31,612 0 0 31,612 0 0
Annual Time Burden (Hours) 6,374,254 0 0 6,374,254 0 0
Annual Cost Burden (Dollars) 1,243,651,131 0 0 1,243,651,131 0 0
Yes
Miscellaneous Actions
No
This is a new collection with a new associated burden.

$5,976,267
No
    No
    No
No
No
No
No
Nicholas Schuff 757 817-7203 [email protected]

  No

On behalf of this Federal agency, I certify that the collection of information encompassed by this request complies with 5 CFR 1320.9 and the related provisions of 5 CFR 1320.8(b)(3).
The following is a summary of the topics, regarding the proposed collection of information, that the certification covers:
 
 
 
 
 
 
 
    (i) Why the information is being collected;
    (ii) Use of information;
    (iii) Burden estimate;
    (iv) Nature of response (voluntary, required for a benefit, or mandatory);
    (v) Nature and extent of confidentiality; and
    (vi) Need to display currently valid OMB control number;
 
 
 
If you are unable to certify compliance with any of these provisions, identify the item by leaving the box unchecked and explain the reason in the Supporting Statement.
07/28/2023


© 2024 OMB.report | Privacy Policy