Collection of Information through CISA Reporting Forms

ICR 202501-1670-001

OMB:

Federal Form Document

Forms and Documents
Document
Name
Status
Form and Instruction
 New
Supplementary Document
2025-01-17
Supplementary Document
2025-01-16
Supporting Statement A
2025-01-17
Supplementary Document
2025-01-13
Supplementary Document
2025-01-13
Supplementary Document
2025-01-13
Supplementary Document
2025-01-13
Supplementary Document
2025-01-13
Supplementary Document
2025-01-13
Supplementary Document
2025-01-13
Supplementary Document
2025-01-13
Supplementary Document
2025-01-08
IC Document Collections
IC ID
Document
Title
Status
273618 New
ICR Details
202501-1670-001
Received in OIRA
DHS/CISA PRA-CSD-00002318
Collection of Information through CISA Reporting Forms
New collection (Request for a new OMB Control Number)   No
Regular 01/17/2025
  Requested Previously Approved
36 Months From Approved
45,500 0
198,250 0
0 0
CISA is responsible for performing, coordinating, and supporting response to information security incidents, which may originate outside the Federal community and affect users within it, or originate within the Federal community and affect users outside of it. Often, therefore, the effective handling of security incidents relies on information sharing among individual users, industry, and the Federal Government, which may be facilitated by and through CISA. This information collection collects cybersecurity incident reports related to federal agency information systems, mandatory reports on behalf of certain federal regulatory agencies, mandatory reports due to contractual requirements, and voluntary reports from members of the public. This ICR, which is authorized by the Federal Information Security Modernization Act of 2014 (FISMA) and the Homeland Security Act, is distinct from incident reporting under the This collection is intended to replace the current incident reporting form, prior to the effective date of the CIRCIA Final Rule, with a revised question set that will enrich the value and analytical capabilities on the data collected under these other incident reporting and information sharing authorities.
US Code: 6 USC 659 Name of Law: National cybersecurity and communications integration center
   US Code: 44 USC 3552 Name of Law: FISMA - Definitions
   US Code: 44 USC 3556 Name of Law: Federal information security incident center
   US Code: 44 USC 3554 Name of Law: Federal agency responsibilities
   US Code: 44 USC 3553 Name of Law: Authority and functions of the Director and the Secretary
  
None
Not associated with rulemaking
  89 FR 81097 10/07/2024
90 FR 5933 01/17/2025
Yes
1
IC Title Form No. Form Name
CISA Incident Reporting Form N/A N/A
  Total Request Previously Approved Change Due to New Statute Change Due to Agency Discretion Change Due to Adjustment in Estimate Change Due to Potential Violation of the PRA
Annual Number of Responses 45,500 0 0 45,500 0 0
Annual Time Burden (Hours) 198,250 0 0 198,250 0 0
Annual Cost Burden (Dollars) 0 0 0 0 0 0
Yes
Miscellaneous Actions
No
This is a new collection.
$4,351,162
No
    Yes
    Yes
No
No
No
No
Benjamin Thomsen 202 254-7179 [email protected]
  No
On behalf of this Federal agency, I certify that the collection of information encompassed by this request complies with 5 CFR 1320.9 and the related provisions of 5 CFR 1320.8(b)(3).
The following is a summary of the topics, regarding the proposed collection of information, that the certification covers:
 
 
 
 
 
 
 
    (i) Why the information is being collected;
    (ii) Use of information;
    (iii) Burden estimate;
    (iv) Nature of response (voluntary, required for a benefit, or mandatory);
    (v) Nature and extent of confidentiality; and
    (vi) Need to display currently valid OMB control number;
 
 
 
If you are unable to certify compliance with any of these provisions, identify the item by leaving the box unchecked and explain the reason in the Supporting Statement.
01/17/2025
© 2025 OMB.report | Privacy Policy