Cybersecurity Maturity Model
Certification (CMMC) Enterprise Mission Assurance Support-Service
(eMASS) Instantiation Information Collection
New
collection (Request for a new OMB Control Number)
No
Regular
11/16/2023
Requested
Previously Approved
36 Months From Approved
11,182
0
2,755
0
580,735
0
The CMMC Program provides for the
assessment of contractor implementation of cybersecurity
requirements to enhance confidence in contactor protection of
unclassified information within the DoD supply chain. CMMC
contractual requirements are implemented under a Title 48
acquisition rule, with associated rulemaking for the CMMC Program
requirements (e.g., CMMC Scoring Methodology, certificate issuance,
information accessibility) under a Title 32 program rule (32 CFR
Part 170). The CMMC Title 32 program rule includes two separate
information collection requests (ICR), one for the CMMC Program and
this one for CMMC eMASS. The CMMC instantiation of eMASS is the
electronic collection mechanism for collecting CMMC program data,
which provides the Department of Defense (DoD) visibility of the
CMMC Levels 2 and 3 certification assessment results. This
information collection is necessary to support the implementation
of the CMMC assessment process for CMMC Level 2 and Level 3
certification assessments, as defined in 32 CFR 170.17 and 170.18
respectively.
US Code:
5 USC
301 Name of Law: Departmental regulations
PL:
Pub.L. 116 - 92 1648 Name of Law: National Defense
Authorization Act for Fiscal Year 2020
On behalf of this Federal agency, I certify that
the collection of information encompassed by this request complies
with 5 CFR 1320.9 and the related provisions of 5 CFR
1320.8(b)(3).
The following is a summary of the topics, regarding
the proposed collection of information, that the certification
covers:
(i) Why the information is being collected;
(ii) Use of information;
(iii) Burden estimate;
(iv) Nature of response (voluntary, required for a
benefit, or mandatory);
(v) Nature and extent of confidentiality; and
(vi) Need to display currently valid OMB control
number;
If you are unable to certify compliance with any of
these provisions, identify the item by leaving the box unchecked
and explain the reason in the Supporting Statement.