Cybersecurity Maturity Model Certification (CMMC) Enterprise Mission Assurance Support-Service (eMASS) Instantiation Information Collection

ICR 202311-0704-006

OMB: 0704-0676

Federal Form Document

Forms and Documents
Document
Name
Status
Supporting Statement A
2023-11-16
IC Document Collections
IC ID
Document
Title
Status
263503
New
263502
New
ICR Details
202311-0704-006
Received in OIRA
DOD/DODDEP 0704-EMSS
Cybersecurity Maturity Model Certification (CMMC) Enterprise Mission Assurance Support-Service (eMASS) Instantiation Information Collection
New collection (Request for a new OMB Control Number)   No
Regular 11/16/2023
  Requested Previously Approved
36 Months From Approved
11,182 0
2,755 0
580,735 0
The CMMC Program provides for the assessment of contractor implementation of cybersecurity requirements to enhance confidence in contactor protection of unclassified information within the DoD supply chain. CMMC contractual requirements are implemented under a Title 48 acquisition rule, with associated rulemaking for the CMMC Program requirements (e.g., CMMC Scoring Methodology, certificate issuance, information accessibility) under a Title 32 program rule (32 CFR Part 170). The CMMC Title 32 program rule includes two separate information collection requests (ICR), one for the CMMC Program and this one for CMMC eMASS. The CMMC instantiation of eMASS is the electronic collection mechanism for collecting CMMC program data, which provides the Department of Defense (DoD) visibility of the CMMC Levels 2 and 3 certification assessment results. This information collection is necessary to support the implementation of the CMMC assessment process for CMMC Level 2 and Level 3 certification assessments, as defined in 32 CFR 170.17 and 170.18 respectively.
US Code: 5 USC 301 Name of Law: Departmental regulations
   PL: Pub.L. 116 - 92 1648 Name of Law: National Defense Authorization Act for Fiscal Year 2020
  
None
0790-AL49 Proposed rulemaking
No
2
IC Title Form No. Form Name
Accreditation Body submission of C3PAO information in eMASS
C3PAO submission of assessment data and results in eMASS
  Total Request Previously Approved Change Due to New Statute Change Due to Agency Discretion Change Due to Adjustment in Estimate Change Due to Potential Violation of the PRA
Annual Number of Responses 11,182 0 0 11,182 0 0
Annual Time Burden (Hours) 2,755 0 0 2,755 0 0
Annual Cost Burden (Dollars) 580,735 0 0 580,735 0 0
Yes
Miscellaneous Actions
No
This is a new collection with a new associated burden.
$2,737,479
No
    No
    No
No
No
No
No
Nicholas Schuff 757 817-7203 [email protected]
  No
On behalf of this Federal agency, I certify that the collection of information encompassed by this request complies with 5 CFR 1320.9 and the related provisions of 5 CFR 1320.8(b)(3).
The following is a summary of the topics, regarding the proposed collection of information, that the certification covers:
 
 
 
 
 
 
 
    (i) Why the information is being collected;
    (ii) Use of information;
    (iii) Burden estimate;
    (iv) Nature of response (voluntary, required for a benefit, or mandatory);
    (v) Nature and extent of confidentiality; and
    (vi) Need to display currently valid OMB control number;
 
 
 
If you are unable to certify compliance with any of these provisions, identify the item by leaving the box unchecked and explain the reason in the Supporting Statement.
11/16/2023
© 2024 OMB.report | Privacy Policy