0703-istf_ssa_7.26.2023

0703-ISTF_SSA_7.26.2023.docx

Navy Insider Threat Report Form

OMB: 0703-0092

Document [docx]
Download: docx | pdf


SUPPORTING STATEMENT – PART A


Navy Insider Threat Report Form – 0703-ISTF


1. Need for the Information Collection


The U.S. Navy Insider Threat Program/Navy Analytic Hub (Navy Hub) is requiring information collection in accordance with Executive Order 13587,Structural Reforms to Improve the Security of Classified Networks and the Responsible Sharing and Safeguarding of Classified Information,” which directs U.S. government executive branch departments and agencies to establish, implement, monitor, and report on the effectiveness of insider threat programs to protect classified national security information, and requires the development of an executive branch program for the deterrence, detection, and mitigation of insider threats or other unauthorized disclosure. Accordingly, the Navy Hub is soliciting standardized information via OPNAV Form 5510/423, “Navy Insider Threat Report.” The use of this form allows the Navy to collect the required information by means of a single vehicle, rather than through repeated communication. Hence, Navy Hub’s mission is to prevent, detect, deter, and mitigate insider threat risks from potential malicious or unwitting Navy insiders by gathering, integrating, reviewing, assessing, and responding to information about potential insider threats. The OPNAVINST 5510.165B, “Navy Insider Threat Program,” which prescribes this new form, provides instruction to all U.S. Navy commands, activities and field offices with responsibilities as it pertains to Insider Threat. The revision of this instruction is currently pending finalization, replacing OPNAVINST 5510.165A, which published 1 Oct 2015.


2. Use of the Information


The OPNAV 5510/423 will be utilized to obtain information about a potential insider threat. This information gathering may take place when initiating an insider threat concern by a reporting individual or be used to gather information about a potential threat by a Navy Hub employee. When an inquiry is made for help in the investigation of a potential insider threat, the Navy Hub sends the OPNAV 5510/423 to the respondent via email. Respondents may also access the form at the Navy Forms On-Line website (https://forms.documentservices.dla.mil/order/), or the Navy Insider Threat SharePoint Portal (https://www.secnav.navy.mil/itp). The OPNAV 5510/423 is completed by respondents as a fillable portable document format (PDF). They will then save the form and transfer it to the Navy Insider Threat Hub via DOD SAFE to ensure encryption and protection of PII. The OPNAV 5510/423 will not be accepted via U.S. mail. Once received and processed by a Navy Hub analyst, the OPNAV 5510/423 will be stored on Navy networks for use by the Navy Hub.


The respondents are military, civilian, and contractor personnel who may or may not have access to government systems. Respondents are providing the information needed to inform the Navy Hub of concerning issues which may lead to an insider threat. Each collection instrument and its format will be obtained as outlined in the newly created OPNAV 5510/423. Submitter Information (Section I), information about the subject(s) in question (Section II), a detailed narrative description of the concerning behavior and any additional concerns (Section III), and a description of any known mitigation measures that have occurred or are currently in place, including any additional reporting measures taken and the contact information of any organization or individual to which the information was previously reported (Section IV).


There are no invitations or other communications sent to the respondent associated with the information collection. Respondents or reporting individuals will complete the OPNAV 5510/423 for information gathering or initial reporting purposes, and the form will not be returned to those filling out the form. Where position allows, such as Security Managers, the SSN will be entered on the form. Where SSN is unavailable, it will not be provided by the respondent but completed later by the processing Navy Hub analyst if possible. The OPNAV 5510/423 will be kept on a Navy network. The successful effect of the information collection will be information or data sharing to the Navy Hub in support of the Navy Insider Threat Program mission.


3. Use of Information Technology


In use of the OPNAV 5510/423, the Navy Hub anticipates the majority, or over 99%, of responses will be collected electronically via email or file transfer service. While we cannot plan for every eventuality, the primary solicitation and collection method will be electronically.


4. Non-duplication


The information obtained through this collection is unique and is not already available for use or adaptation from another cleared source.


5. Burden on Small Businesses


This information collection does not impose a significant economic impact on a substantial number of small businesses or entities.


6. Less Frequent Collection


Collection will be received two or three times weekly on average. However, there is no way to know for sure when a reporting incident warrants the use of the OPNAV 5510/423. The information/data provided on the form is needed in support of the Navy Hub mission stated above. It is imperative that the Navy Hub receives timely concerns of potential insider threats as soon as they occur.


7. Paperwork Reduction Act Guidelines

This collection of information does not require collection to be conducted in a manner inconsistent with the guidelines delineated in 5 CFR 1320.5(d)(2).

8. Consultation and Public Comments

Part A: PUBLIC NOTICE

A 60-Day Federal Register Notice (FRN) for the collection published on Friday, February 10, 2023. The 60-Day FRN citation is 88 FR 8829.

No comments were received during the 60-Day Comment Period.

A 30-Day Federal Register Notice for the collection published on Wednesday, July 26, 2023. The 30-Day FRN citation is 88 FR 48220.

Part B: CONSULTATION

No additional consultation apart from soliciting public comments through the Federal Register was conducted for this submission.


9. Gifts or Payment


No payments or gifts are being offered to respondents as an incentive to participate in the collection.


10. Confidentiality


A Privacy Act Statement (PAS) is required for this collection because we are requesting individuals to furnish personal information for a system of records. The PAS is located at the top of the OPNAV 5510/423.


A copy of the associated SORN (Department of Defense (DoD) Insider Threat Management and Analysis Center (DITMAC) and DoD Component Insider Threat Records System, DUSDI 01 DoD) may be found at: https://www.federalregister.gov/documents/2019/03/22/2019-05540/privacy-act-of-1974-system-of-records.


A Privacy Impact Assessment (PIA) is not required for this collection because PII is not being collected electronically.


The records retention schedule is provided in the U.S. Insider Threat Security Classification Guide, 3.1.1 Policy and Scope, Item 6 (16 Dec. 2013), providing agency guidelines and procedures for documenting insider threat issues and responses taken, when the content identifies sensitive sources and methods. The retention period for insider threat documents (unclassified and classified) is the current date plus 25 years.


11. Sensitive Questions


Sensitive personal information must be collected to validate the subject listed on the form. While not mandated, because it is not always attainable, the SSN is preferred because it validates the individual and allows Navy Hub analysts to use databases for research that depend on SSN for query. For example, without a SSN it would be difficult or impossible to validate that the person alleged in the OPNAV 5510/423 is the correct person. At times, alerts received have similar names or names that are common, causing identification to be difficult. SSN is also used to validate an individual’s security clearance. The respondent may also provide the individual’s DoDID when SSN is unavailable. The information is necessary for the Navy Hub to perform its insider threat mitigation mission.


12. Respondent Burden and its Labor Costs


Part A: ESTIMATION OF RESPONDENT BURDEN


  1. Collection Instrument

OPNAV 5510/423

  1. Number of Respondents: 100

  2. Number of Responses Per Respondent: 1

  3. Number of Total Annual Responses: 100

  4. Response Time: 15 minutes

  5. Respondent Burden Hours: 25 hours


  1. Total Submission Burden

    1. Total Number of Respondents: 100

    2. Total Number of Annual Responses: 100

    3. Total Respondent Burden Hours: 25 hours


Part B: LABOR COST OF RESPONDENT BURDEN


  1. Collection Instrument

OPNAV 5510/423

  1. Number of Total Annual Responses: 100

  2. Response Time: 15 minutes

  3. Respondent Hourly Wage: $28.42

  4. Labor Burden per Response: $7.11

  5. Total Labor Burden: $710.50

  1. Overall Labor Burden

    1. Total Number of Annual Responses: 100

    2. Total Labor Burden: $711


The Respondent hourly was wage determined by using the OPM Pay & Leave Salary Table for 2023 (https://www.opm.gov/policy-data-oversight/pay-leave/salaries-wages/salary-tables/23Tables/html/GS_h.aspx) and by using the average grade to fill out the form which was determined to be GS-11 equivalent.


13. Respondent Costs Other Than Burden Hour Costs


There are no annualized costs to respondents other than the labor burden costs addressed in Section 12 of this document to complete this collection.


14. Cost to the Federal Government


Part A: LABOR COST TO THE FEDERAL GOVERNMENT


  1. Collection Instrument

OPNAV 5510/423

  1. Number of Total Annual Responses: 100

  2. Processing Time per Response: 0.17 hours

  3. Hourly Wage of Worker(s) Processing Responses: $40.51

  4. Cost to Process Each Response: $6.89

  5. Total Cost to Process Responses: $688.67

  1. Overall Labor Burden to the Federal Government

    1. Total Number of Annual Responses: 100

    2. Total Labor Burden: $688.67


The estimated hourly wage was determined by using the average grade to process the OPNAV 5510/423, which was determined to be GS-13 equivalent, without the locality pay per OPM: (https://www.opm.gov/policy-data-oversight/pay-leave/salaries-wages/salary-tables/23Tables/html/GS_h.aspx).


Part B: OPERATIONAL AND MAINTENANCE COSTS


  1. Cost Categories

    1. Equipment: $0

    2. Printing: $0

    3. Postage: $0

    4. Software Purchases: $0

    5. Licensing Costs: $0

    6. Other: $0


  1. Total Operational and Maintenance Cost: $0


Part C: TOTAL COST TO THE FEDERAL GOVERNMENT


  1. Total Labor Cost to the Federal Government: $688.67


  1. Total Operational and Maintenance Costs: $0


  1. Total Cost to the Federal Government: $689


15. Reasons for Change in Burden


This is a new collection with a new associated burden.


16. Publication of Results


The results of this information collection will not be published.


17. Non-Display of OMB Expiration Date


We are not seeking approval to omit the display of the expiration date of the OMB approval on the collection instrument.


18. Exceptions to “Certification for Paperwork Reduction Submissions”


We are not requesting any exemptions to the provisions stated in 5 CFR 1320.9.



File Typeapplication/vnd.openxmlformats-officedocument.wordprocessingml.document
AuthorKaitlin Chiarelli
File Modified0000-00-00
File Created2023-09-18

© 2024 OMB.report | Privacy Policy