Protected Critical Infrastructure Information (PCII) Office Self-Assessment Questionnaire

AGENCY:

National Protection and Programs Directorate, DHS.

ACTION:

60-day notice and request for comments; New Information Collection Request: 1670—NEW.

SUMMARY:

The Department of Homeland Security (DHS), National Protection and Programs Directorate (NPPD), Office of Infrastructure Protection (IP), Infrastructure Information Collection Division (IICD), Protected Critical Infrastructure Information (PCII) Program will submit the following Information Collection Request to the Office of Management and Budget (OMB) for review and clearance in accordance with the Paperwork Reduction Act of 1995 (Pub. L. 104-13, 44 U.S.C. Chapter 35).

DATES:

Comments are encouraged and will be accepted until January 15, 2013. This process is conducted in accordance with 5 CFR 1320.10.

ADDRESSES:

Written comments and questions about this Information Collection Request should be forwarded to DHS/NPPD/IP/IICD, 245 Murray Lane, SW., Mail Stop 0602, Arlington,VA 20598-0602. Emailed requests should go to Joseph Maltby, joseph.maltby@dhs.gov. Written comments should reach the contact person listed no later than January 15, 2013. Comments must be identified by “DHS-2012-0046”and may be submitted by one of the following methods:

• Federal eRulemaking Portal: http://www.regulations.gov .
• Email: Include the docket number in the subject line of the message.

Instructions: All submissions received must include the words “Department of Homeland Security” and the docket number for this action. Comments received will be posted without alteration at http://www.regulations.gov,, including any personal information provided.

SUPPLEMENTARY INFORMATION:

Congress created the PCII Program under the Critical Infrastructure Information Act of 2002 for DHS to encourage voluntary information sharing by owners and operators of critical infrastructure and protected systems. IICD administers the PCII Program. The PCII Program is implemented by 6 CFR part 29, Procedures for Handling Critical Infrastructure Information; Final Rule (the Regulation), issued in 2006. PCII refers to critical infrastructure information not customarily in the public domain and related to the security of critical infrastructure or protected systems, which is voluntarily submitted to DHS for homeland security purposes and validated under the authority of the PCII Program Manager. The PCII Program provides a statutory exemption from release of information under the Freedom of Information Act and state and local sunshine laws, and prohibits the use of the information in civil litigation.

The PCII Program is responsible for ensuring compliance with the regulation's uniform procedures for the handling, use, dissemination, and safeguarding of PCII. In this capacity, the PCII Program oversees a community of stakeholders, including submitters of critical infrastructure information, authorized users of PCII and accredited Federal, state and local entities with homeland security duties. The PCII Program is required by its authorizing regulation to assist the PCII Officers in overseeing their own accredited PCII programs at the state and local level. See 6 CFR 29.4(d). This questionnaire is designed to gather information from PCII Officers that will be used by the NPPD/IP PCII Program to assess state and local programs, their compliance with PCII rules and requirements, and the specific needs of their accredited programs. These assessments are designed to help the DHS PCII Program and Officers to ensure that PCII is being properly protected and to limit the potential for mishandling and improper disclosures. OMB is particularly interested in comments that:

1. Evaluate whether the proposed collection of information is necessary for the proper performance of the functions of the agency, including whether the information will have practical utility;

2. Evaluate the accuracy of the agency's estimate of the burden of the proposed collection of information, including the validity of the methodology and assumptions used;

3. Enhance the quality, utility, and clarity of the information to be collected; and

4. Minimize the burden of the collection of information on those who are to respond, including through the use of appropriate automated, electronic, mechanical, or other technological collection techniques or other forms of information technology, e.g., permitting electronic submissions of responses.

Analysis

Agency: Department of Homeland Security, National Protection and Programs Directorate, Office of Infrastructure Protection, Infrastructure Information Collection Division, Protected Critical Infrastructure Information Program.

Title: Protected Critical Infrastructure Information (PCII) Office Self-Assessment Questionnaire.

OMB Number: 1670-NEW.

Frequency: Annually.

Affected Public: PCII Officers.

Number of Respondents: 80 (estimate).

Estimated Time per Respondent: 1 hour.

Total Burden Hours: 80 annual burden hours.

Total Burden Cost (capital/startup): $0.

Total Recordkeeping Burden: $0 (This assessment will reside on existing PCII information storage systems).

Total Burden Cost (operating/maintaining): $8,316.