Information Collection Request

Enhancing Surface Cyber Risk Management

ICR 202409-1652-001 · OMB unassigned · Received in OIRA

Forms and Documents

Forms and supporting documents for this ICR
DocumentTypeStatusAvailability
1652-NEW Cyber CRM SS_11.7.2024.docx Supporting Statement A Uploaded 2024-11-07 Repair queued
2014-02206 79 FR 6609 SORN.pdf Supplementary Document Uploaded 2024-04-12 Missing upstream
2010-8316 75 FR 18867 SORN.pdf Supplementary Document Uploaded 2024-04-12 Repair queued

IC Document Collections

Information collection document groups
IC IDCollectionTypeStatusForm
266906 Pipelines _ Report Significant Physical Security Concerns to TSA (Reporting) Instruction Unchanged
266905 Pipelines - Physical Security Coordinator Information Submission (Reporting) Instruction Unchanged
266904 Pipelines _ Compliance Recordkeeping Instruction Unchanged
266903 PTPR _ Compliance Recordkeeping Instruction Unchanged
266902 FR _ Compliance Recordkeeping Instruction Unchanged
266901 Pipelines _ CAP Annual Report of Scheduled Testing of COIP - 30 % annually and 100% every 3 years – A part of CAP (Reporting) Instruction Unchanged
266900 PTPR _ CAP Annual Report of Scheduled Testing of COIP - 30 % annually and 100% every 3 years – A part of CAP (Reporting) Instruction Unchanged
266899 FR - CAP Annual Report of Scheduled Testing of COIP - 30 % annually and 100% every 3 years – A part of CAP (Reporting) Instruction Unchanged
266898 Pipelines _ Cybersecurity Assessment Plan (CAP) for TSA Approval (Reporting) Instruction Unchanged
266897 PTPR _ Cybersecurity Assessment Plan (CAP) for TSA Approval (Reporting) Instruction Unchanged
266896 FR _ Cybersecurity Assessment Plan (CAP) for TSA Approval (Reporting) Instruction Unchanged
266895 Pipelines _ CIRP Annual Exercise - Included in COIP (Record keeping) Instruction Unchanged
266894 PTPR _ CIRP Annual Exercise - Included in COIP (Record keeping) Instruction Unchanged
266893 FR _ CIRP Annual Exercise - Included in COIP (Record keeping) Instruction Unchanged
266892 Pipelines _ Cybersecurity Incident Response Plan (CIRP) - Included in COIP (Record keeping) Instruction Unchanged
266891 PTPR _ Cybersecurity Incident Response Plan (CIRP) - Included in COIP (Record keeping) Instruction Unchanged
266890 FR _ Cybersecurity Incident Response Plan (CIRP) - Included in COIP (Record keeping) Instruction Unchanged
266888 Pipelines _ Cybersecurity Training Recordkeeping - Included in COIP (Record keeping) Instruction Unchanged
266887 PTPR _ Cybersecurity Training Recordkeeping - Included in COIP (Record keeping) Instruction Unchanged
266886 FR _ Cybersecurity Training Recordkeeping - Included in COIP (Record keeping) Instruction Unchanged
266883 Pipelines _ Modified Cybersecurity Training Plan Development and Submission - Included in COIP (Reporting) Instruction Unchanged
266881 PTPR _ Modified Cybersecurity Training Plan Development and Submission - Included in COIP (Reporting) Instruction Unchanged
266877 FR _ Modified Cybersecurity Training Plan Development and Submission - Included in COIP (Reporting) Instruction Unchanged
266875 Pipelines _ Initial Cybersecurity Training Plan Development and Submission - Included in COIP (Reporting) Instruction Unchanged
266874 PTPR_Initial Cybersecurity Training Plan Development and Submission - Included in COIP (Reporting) Instruction Unchanged
266871 FR _ Initial Cybersecurity Training Plan Development and Submission - Included in COIP (Reporting) Instruction Unchanged
266869 Pipelines _ Annual Identification of Critical Cyber Systems - Included in COIP (Recordkeeping) Instruction Unchanged
266868 PTPR _ Annual Identification of Critical Cyber Systems - Included in COIP (Recordkeeping) Instruction Unchanged
266866 FR _ Annual Identification of Critical Cyber Systems - Included in COIP (Recordkeeping) Instruction Unchanged
266864 Pipelines _ Initial Identification of Critical Cyber Systems and Network Architecture - Included in COIP (Record keeping) Instruction Unchanged
266862 PTPR _ Initial Identification of Critical Cyber Systems and Network Architecture - Included in COIP (Record keeping) Instruction Unchanged
266860 FR _ Initial Identification of Critical Cyber Systems and Network Architecture - Included in COIP (Record keeping) Instruction Unchanged
266855 Pipelines _ Cybersecurity Coordinator Information Submission - Included in COIP (Reporting) Instruction Unchanged
266853 PTPR _ Cybersecurity Coordinator Information Submission - Included in COIP (Reporting) Instruction Unchanged
266849 FR _ Cybersecurity Coordinator Information Submission - Included in COIP (Reporting) Instruction Unchanged
266848 Pipelines _ Accountable Executive Information Submission - Included in COIP (Reporting) Instruction Unchanged
266846 PTPR _ Accountable Executive Information Submission - Included in COIP (Reporting) Instruction Unchanged
266845 FR _ Accountable Executive Information Submission - Included in COIP (Reporting) Instruction Unchanged
266842 Pipelines _ Cybersecurity Operational Implementation Plan (COIP) Submission - Submitted to TSA for review and approval (Reporting) Instruction Unchanged
266839 PTPR _ Cybersecurity Operational Implementation Plan (COIP) Submission - Submitted to TSA for review and approval (Reporting) Instruction Unchanged
266838 FR _ Cybersecurity Operational Implementation Plan (COIP) Submission - Submitted to TSA for review and approval (Reporting) Instruction Unchanged
266836 Pipelines _ Cybersecurity Evaluation (CSE) - Owner/operator holds for TSA inspection (Record keeping) Instruction Unchanged
266835 PTPR _ Cybersecurity Evaluation (CSE) - Owner/operator holds for TSA inspection (Record keeping) Instruction Unchanged
266818 FR _ Cybersecurity Evaluation (CSE) - Owner/operator holds for TSA inspection (Record keeping) Instruction Unchanged

ICR Details

Reginfo record details
table that charts list comparision
  Requested Previously Approved
36 Months From Approved
535,070 0
99,790 0
0 0





Reginfo record details
44
table that charts list of burden
IC Title Form No. Form Name
FR - CAP Annual Report of Scheduled Testing of COIP - 30 % annually and 100% every 3 years – A part of CAP (Reporting)
FR _ Accountable Executive Information Submission - Included in COIP (Reporting)
FR _ Annual Identification of Critical Cyber Systems - Included in COIP (Recordkeeping)
FR _ CIRP Annual Exercise - Included in COIP (Record keeping)
FR _ Compliance Recordkeeping
FR _ Cybersecurity Assessment Plan (CAP) for TSA Approval (Reporting)
FR _ Cybersecurity Coordinator Information Submission - Included in COIP (Reporting)
FR _ Cybersecurity Evaluation (CSE) - Owner/operator holds for TSA inspection (Record keeping)
FR _ Cybersecurity Incident Response Plan (CIRP) - Included in COIP (Record keeping)
FR _ Cybersecurity Operational Implementation Plan (COIP) Submission - Submitted to TSA for review and approval (Reporting)
FR _ Cybersecurity Training Recordkeeping - Included in COIP (Record keeping)
FR _ Initial Cybersecurity Training Plan Development and Submission - Included in COIP (Reporting)
FR _ Initial Identification of Critical Cyber Systems and Network Architecture - Included in COIP (Record keeping)
FR _ Modified Cybersecurity Training Plan Development and Submission - Included in COIP (Reporting)
PTPR _ Accountable Executive Information Submission - Included in COIP (Reporting)
PTPR _ Annual Identification of Critical Cyber Systems - Included in COIP (Recordkeeping)
PTPR _ CAP Annual Report of Scheduled Testing of COIP - 30 % annually and 100% every 3 years – A part of CAP (Reporting)
PTPR _ CIRP Annual Exercise - Included in COIP (Record keeping)
PTPR _ Compliance Recordkeeping
PTPR _ Cybersecurity Assessment Plan (CAP) for TSA Approval (Reporting)
PTPR _ Cybersecurity Coordinator Information Submission - Included in COIP (Reporting)
PTPR _ Cybersecurity Evaluation (CSE) - Owner/operator holds for TSA inspection (Record keeping)
PTPR _ Cybersecurity Incident Response Plan (CIRP) - Included in COIP (Record keeping)
PTPR _ Cybersecurity Operational Implementation Plan (COIP) Submission - Submitted to TSA for review and approval (Reporting)
PTPR _ Cybersecurity Training Recordkeeping - Included in COIP (Record keeping)
PTPR _ Initial Identification of Critical Cyber Systems and Network Architecture - Included in COIP (Record keeping)
PTPR _ Modified Cybersecurity Training Plan Development and Submission - Included in COIP (Reporting)
PTPR_Initial Cybersecurity Training Plan Development and Submission - Included in COIP (Reporting)
Pipelines - Physical Security Coordinator Information Submission (Reporting)
Pipelines _ Accountable Executive Information Submission - Included in COIP (Reporting)
Pipelines _ Annual Identification of Critical Cyber Systems - Included in COIP (Recordkeeping)
Pipelines _ CAP Annual Report of Scheduled Testing of COIP - 30 % annually and 100% every 3 years – A part of CAP (Reporting)
Pipelines _ CIRP Annual Exercise - Included in COIP (Record keeping)
Pipelines _ Compliance Recordkeeping
Pipelines _ Cybersecurity Assessment Plan (CAP) for TSA Approval (Reporting)
Pipelines _ Cybersecurity Coordinator Information Submission - Included in COIP (Reporting)
Pipelines _ Cybersecurity Evaluation (CSE) - Owner/operator holds for TSA inspection (Record keeping)
Pipelines _ Cybersecurity Incident Response Plan (CIRP) - Included in COIP (Record keeping)
Pipelines _ Cybersecurity Operational Implementation Plan (COIP) Submission - Submitted to TSA for review and approval (Reporting)
Pipelines _ Cybersecurity Training Recordkeeping - Included in COIP (Record keeping)
Pipelines _ Initial Cybersecurity Training Plan Development and Submission - Included in COIP (Reporting)
Pipelines _ Initial Identification of Critical Cyber Systems and Network Architecture - Included in COIP (Record keeping)
Pipelines _ Modified Cybersecurity Training Plan Development and Submission - Included in COIP (Reporting)
Pipelines _ Report Significant Physical Security Concerns to TSA (Reporting)

table that charts list of burden
  Total Request Previously Approved Change Due to New Statute Change Due to Agency Discretion Change Due to Adjustment in Estimate Change Due to Potential Violation of the PRA
Annual Number of Responses 535,070 0 0 535,070 0 0
Annual Time Burden (Hours) 99,790 0 0 99,790 0 0
Annual Cost Burden (Dollars) 0 0 0 0 0 0


Reginfo record details
  No