Agency Information Collection Activities: National Initiative for Cybersecurity Careers and Studies (NICCS) Cybersecurity Training and Education Catalog (Training/Workforce Development Catalog) Collection

Download PDF
Federal RegisterNov 13, 2015
80 Fed. Reg. 70246 (Nov. 13, 2015)

AGENCY:

Cybersecurity Education & Awareness Office (CE&A), DHS.

ACTION:

30-Day notice and request for comments; reinstatement with change, 1601-0016.

SUMMARY:

The Department of Homeland Security, Cybersecurity Education & Awareness Office (CE&A), will submit the following Information Collection Request (ICR) to the Office of Management and Budget (OMB) for review and clearance in accordance with the Paperwork Reduction Act of 1995 (Pub. L. 104-13, 44 U.S.C. Chapter 35). DHS previously published this information collection request (ICR) in the Federal Register on Wednesday, September 2, 2015 at 80 FR 53180 for a 60-day public comment period. No comments were received by DHS. The purpose of this notice is to allow additional 30-days for public comments.

DATES:

Comments are encouraged and will be accepted until January 12, 2016. This process is conducted in accordance with 5 CFR 1320.1.

ADDRESSES:

Interested persons are invited to submit written comments on the proposed information collection to the Office of Information and Regulatory Affairs, Office of Management and Budget. Comments should be addressed to OMB Desk Officer, Department of Homeland Security and sent via electronic mail to oira_submission@omb.eop.gov or faxed to (202) 395-5806.

SUPPLEMENTARY INFORMATION:

Title II, Homeland Security Act, 6 U.S.C. 121(d)(1) To access, receive, and analyze laws enforcement information, intelligence information and other information from agencies of the Federal Government, State and local government agencies . . . and Private sector entities and to integrate such information in support of the mission responsibilities of the Department. The following authorities also permit DHS to collect information of the type contemplated: Federal Information Security Management Act of 2002 (FISMA), 44 U.S.C. 3546; Homeland Security Presidential Directive (HSPD) 7, “Critical Infrastructure Identification, Prioritization, and Protection” (2003); and NSPD-54/HSPD-23, “Cybersecurity Policy” (2009).

In May 2009, the President ordered a Cyberspace Policy Review to develop a comprehensive approach to secure and defend America's infrastructure. The review built upon the Comprehensive National Cybersecurity Initiative (CNCI).

In response to increased cyber threats across the Nation, the National Initiative for Cybersecurity Education (NICE) expanded from a previous effort, the CNCI #8. NICE formed in March 2011, and is a nationally coordinated effort comprised of over 20 federal departments and agencies, and numerous partners in academia and industry. NICE focuses on cybersecurity awareness, education, training and professional development. NICE seeks to encourage and build cybersecurity awareness and competency across the Nation and to develop an agile, highly skilled cybersecurity workforce.

The NICCS Portal is a national online resource for cybersecurity awareness, education, talent management, and professional development and training. NICCS Portal is an implementation tool for NICE. Its mission is to provide comprehensive cybersecurity resources to the public.

To promote cybersecurity education, and to provide a comprehensive resource for the Nation, NICE developed the Cybersecurity Training and Education Catalog. The Cybersecurity Training and Education Catalog will be hosted on the NICCS Portal. Training Course and certification information will be included in the Training/Workforce Development Catalog. Note: Any information received from the public in support of the NICCS Portal and Cybersecurity Training and Education Catalog is completely voluntary. Organizations and individuals who do not provide information can still utilize the NICCS Portal and Cybersecurity Training and Education Catalog without restriction or penalty. An organization or individual who wants their information removed from the NICCS Portal and/or Cybersecurity Training and Education Catalog can email the NICCS Supervisory Office. There are no requirements for a provider to fill out a specific form for their information to be removed; standard email requests will be honored. Department of Homeland Security (DHS) Cybersecurity Education & Awareness Office (CE&A) intends for the collected information from the NICCS Cybersecurity Training Course Form and the NICCS Cybersecurity Certification Form to be displayed on a publicly accessible Web site called the National Initiative for Cybersecurity Careers and Studies (NICCS) Portal ( http://niccs.us-cert.gov/ ). Collected information from these two forms will be included in the Cybersecurity Training and Education Catalog that is hosted on the NICCS Portal.

The DHS CE&A NICCS Supervisory Office will use information collected from the NICCS Vetting Criteria Form to primarily manage communications with the training/workforce development providers; this collected information will not be shared with the public and is intended for internal use only. Additionally, this information will be used to validate training providers before uploading their training and certification information to the Training Catalog.

The information will be collected via fully electronic or partially electronic means. Collection will be coordinated between the public and DHS CE&A via email (niccs@hq.dhs.gov). The following form is fully electronic: NICCS Vetting Criteria Web Form. The following forms are partially electronic: NICCS Cybersecurity Training Course Form and NICCS Certification Course Form. All partially electronic forms are created in excel. The NICCS SO is looking to develop and transition partially electronic forms to fully electronic web forms. This transition is dependent on contract requirements and available department funding. All information collected from the NICCS Cybersecurity Training Course Form, the NICCS Cybersecurity Training Course Web Form, and the NICCS Certification Course Form will be stored in the public accessible NICCS Cybersecurity Training and Education Catalog ( http://niccs.us-cert.gov/training/training-home ). The NICCS Supervisory Office will electronically store information collected via the NICCS Vetting Criteria Form. This information will not be publicly accessible.

There is no assurance of confidentiality provided to the respondents. This collection is covered by the existing Privacy Impact Assessment, DHS General Contact List (DHS/ALL/PIA-006) and the existing Systems of Records Notice, Department of Homeland Security (DHS) Mailing and other Lists Systems (DHS/ALL/SORN-002). DHS CE&A has revised the collection to reflect three changes. These changes include the addition of: Training/WFD Provider Logo, Organization URL and National Cybersecurity Workforce Framework Role collection. These changes were added based on input received from the public. Including provider logos and an organization URL allows users to more easily find organization information. The addition of Cybersecurity Workforce Framework Role information will allow users to better align their courses with specific cybersecurity roles found in the newest Workforce Framework. The adjustments reported in the estimates of burden were based on historical data and current training provider outreach. The estimate of annualized cost was updated based off of actual wage.

The prior information collection request for OMB No. 1601-0016 was approved through April 30, 2015 by OMB. This collection will be submitted to OMB for review to request reinstatement of the collection. DHS CE&A has revised the collection to reflect three changes. These changes include the addition of: Training/WFD Provider Logo, Organization URL, National Cybersecurity Workforce Framework Role collection. These changes were added based on input received from the public. Including provider logos and an organization URL allows users to more easily find organization information. The addition of Cybersecurity Workforce Framework Role information will allow users to better align their courses with specific cybersecurity roles found in the newest Workforce Framework. The adjustments reported in the estimates of burden were based on historical data and current training provider outreach. The estimate of annualized cost was updated based off of actual wage.

The Office of Management and Budget is particularly interested in comments which:

1. Evaluate whether the proposed collection of information is necessary for the proper performance of the functions of the agency, including whether the information will have practical utility;

2. Evaluate the accuracy of the agency's estimate of the burden of the proposed collection of information, including the validity of the methodology and assumptions used;

3. Enhance the quality, utility, and clarity of the information to be collected; and

4. Minimize the burden of the collection of information on those who are to respond, including through the use of appropriate automated, electronic, mechanical, or other technological collection techniques or other forms of information technology, e.g., permitting electronic submissions of responses.

Analysis

Agency: Cybersecurity Education & Awareness Office, DHS.

Title: Agency Information Collection Activities: National Initiative for Cybersecurity Careers and Studies (NICCS) Cybersecurity Training and Education Catalog (Training/Workforce Development Catalog) Collection.

OMB Number: 1601-0016.

Frequency: On occasion.

Affected Public: Private Sector.

Number of Respondents: 1,000.

Estimated Time per Respondent: 2.5 hours.

Total Burden Hours: 2,125 hours.

Dated: November 5, 2015.

Carlene C. Ileto,

Executive Director, Enterprise Business Management Office.

[FR Doc. 2015-28884 Filed 11-12-15; 8:45 am]

BILLING CODE 9110-9B-P