[Federal Register Volume 77, Number 108 (Tuesday, June 5, 2012)]
[Pages 33227-33228]
From the Federal Register Online via the Government Publishing Office [www.gpo.gov]
[FR Doc No: 2012-13597]



[Docket No. DHS-2011-0069]

Assessment Questionnaire--IP Sector Specific Agency Risk Self 
Assessment Tool (IP-SSARSAT)

AGENCY: National Protection and Programs Directorate, DHS.

ACTION: 30-day Notice and request for comments; New Information 
Collection Request, 1670-NEW.


SUMMARY: The Department of Homeland Security (DHS), National Protection 
and Programs Directorate (NPPD), Office of Infrastructure Protection 
(IP), Sector Outreach and Programs Division (SOPD), previously named 
the Sector Specific Agency Executive Management Office, will submit the 
following information collection request (ICR) to the Office of 
Management and Budget (OMB) for review and clearance in accordance with 
the Paperwork Reduction Act of 1995 (Pub. L. 104-13, 44 U.S.C. chapter 
35). NPPD is soliciting comments concerning new Information Collection 
Request--Assessment Questionnaire--IP Sector Specific Agency Risk Self 
Assessment Tool (IP-SSARSAT). DHS previously published this ICR in the 
Federal Register on December 29, 2011, for a 60-day public comment 
period. DHS received no comments. The purpose of this notice is to 
allow an additional 30 days for public comments.

DATES: Comments are encouraged and will be accepted until July 5, 2012. 
This process is conducted in accordance with 5 CFR 1320.10.

ADDRESSES: Interested persons are invited to submit written comments on 
the proposed information collection to the Office of Information and 
Regulatory Affairs, OMB. Comments should be addressed to OMB Desk 
Officer, DHS, Office of Civil Rights and Civil Liberties. Comments must 
be identified by DHS-2011-0069 and may be submitted by one of the 
following methods:
     Federal e-Rulemaking Portal: http://www.regulations.gov.
     Email: oira_submission@omb.eop.gov. Include the docket 
number in the subject line of the message.
     Fax: (202) 395-5806.
    Instructions: All submissions received must include the words 
``Department of Homeland Security'' and the docket number for this 
action. Comments received will be posted without alteration at http://www.regulations.gov, including any personal information provided.
    OMB is particularly interested in comments that:
    1. Evaluate whether the proposed collection of information is 
necessary for the proper performance of the functions of the agency, 
including whether the information will have practical utility;
    2. Evaluate the accuracy of the agency's estimate of the burden of 
the proposed collection of information, including the validity of the 
methodology and assumptions used;
    3. Enhance the quality, utility, and clarity of the information to 
be collected; and
    4. Minimize the burden of the collection of information on those 
who are to respond, including through the

[[Page 33228]]

use of appropriate automated, electronic, mechanical, or other 
technological collection techniques or other forms of information 
technology, e.g., permitting electronic submissions of responses.


SUPPLEMENTARY INFORMATION: To assist SOPD in identifying and assessing 
the vulnerabilities and risks pertaining to the critical 
infrastructures, owner-operators and/or security managers often 
volunteer to conduct an automated self risk assessment. The requested 
questionnaire information is necessary to facilitate electronic 
execution of SOPD's risk assessment to focus protection resources and 
activities on those assets, systems, networks, and functions with the 
highest risk profiles. Currently, there is no known data collection 
that includes multiple critical nodes with sector-specific related 
criteria. When the user logs into the system, the user will be prompted 
with the assessment questionnaire. Once the user begins the assessment, 
the only information required to be submitted to (and shared with) DHS 
before completing the assessment is venue identification information 
(e.g., contact information, address, latitude/longitude, venue type, or 
capacity). A user can elect to share the entire completed assessment 
with DHS. The assessment information is protected as Protected Critical 
Infrastructure Information. The information from the assessment will be 
used to assess the risk to the evaluated entity (e.g., calculate a 
vulnerability score by threat, evaluate protective/mitigation measures 
relative to vulnerability, calculate a risk score, or report threats 
presenting highest risks). The information will also be combined with 
data from other respondents to provide an overall sector perspective 
(e.g., report additional relevant protective/mitigation measures for 


    Agency: Department of Homeland Security, National Protection and 
Programs Directorate, Office of Infrastructure Protection, Sector 
Outreach and Programs Division.
    Title: Assessment Questionnaire--IP Sector Specific Agency Risk 
Self Assessment Tool (IP-SSARSAT).
    OMB Number: 1670-NEW.
    Frequency: On occasion.
    Affected Public: Private Sector.
    Number of Respondents: 4,000 respondents.
    Estimated Time per Respondent: 8 hours.
    Total Burden Hours: 32,000 annual burden hours.
    Total Burden Cost (capital/startup): $0.
    Total Burden Cost (operating/maintaining): $14,440.00.

    Dated: May 24, 2012.
Scott Libby,
Acting Chief Information Officer, National Protection and Programs 
Directorate, Department of Homeland Security.
[FR Doc. 2012-13597 Filed 6-4-12; 8:45 am]