Document headings vary by document type but may contain the following:
See the Document Drafting Handbook for more details.
AGENCY:
Department of Homeland Security (DHS).
ACTION:
60-Day notice and request for comments.
SUMMARY:
The Department of Homeland Security will submit the following Information Collection Request (ICR) to the Office of Management and Budget (OMB) for review and clearance in accordance with the Paperwork Reduction Act of 1995.
DATES:
Comments are encouraged and will be accepted until November 8, 2024. This process is conducted in accordance with 5 CFR 1320.1
ADDRESSES:
You may submit comments, identified by docket number Docket # DHS-2024-0031, at:
○ Federal eRulemaking Portal: http://www.regulations.gov . Please follow the instructions for submitting comments.
Instructions: All submissions received must include the agency name and docket number Docket # DHS-2024-0031. All comments received will be posted without change to http://www.regulations.gov, including any personal information provided.
Docket: For access to the docket to read background documents or comments received, go to http://www.regulations.gov .
SUPPLEMENTARY INFORMATION:
The Department of Homeland Security (DHS) collects information, when necessary, in administering public contracts for supplies and services. The information is used to determine compliance with contract terms placed in the contract as authorized by the Federal Property and Administrative Services Act (41 U.S.C. 251 et seq.), the Federal Acquisition Regulation (FAR) (48 CFR chapter 1), and the Homeland Security Acquisition Regulation (HSAR) (48 CFR chapter 30).
Respondents submit information based on the terms of the contract; the instructions in the contract deliverables mandatory reporting requirements; and correspondence from acquisition personnel requesting post-award contract information. The least active contracts and the simplest contracts will have little to no data to report. The most active and complex contracts, however, will contain more reporting requirements. DHS believes that some of this information is already readily available as part of a company's business processes and that the largest businesses use computers to compile the data. However, a significant amount of time is spent correlating information to specific contract actions and gathering information for more complex contract actions.
The prior information collection request for Office of Management and Budget (OMB) Control No. 1600-0003 was approved through May 31, 2025, by OMB, and it includes the following:
3052.204-70 Security requirements for unclassified information technology resources. (Required in all solicitations and contracts that require submission of an IT Security Plan.) This clause applies to all contractor systems connected to a DHS network and those contracts where the Contractor must have physical or electronic access to sensitive information contained in DHS unclassified systems. The contractor is asked to prepare, provide and maintain an IT Security Plan.
3052.204-71 Contractor employee access. (Required when contractor employees require recurring access to Government facilities or access to sensitive info.) Contractors may be subject to background investigations and will have to provide information as required by the DHS Security Office. The information requested is in addition to the information requested through Standard Form (SF) 86.
3052.205-70 Advertisements, Publicizing Awards, and Releases. (Required for all contracts exceeding Simplified Acquisition Threshold.) Contractors may have to provide copies of information related to advertisements and release statements to receive approval for publication.
3052.209-72 Organizational Conflict of Interest, paragraphs (f) and (g) (Included in solicitations and contracts where a potential organizational conflict of interest exists and mitigation may be possible.) Contractors will have to provide information related to actual or potential conflicts of interest and a mitigation plan.
3052.209-75 Prohibited Financial Interests for Lead System Integrators. (Required in solicitations and contracts for the acquisition of a major system when the acquisition strategy envisions the use of a lead system integrator or when the contractor will be the lead system integrator.) Contractors will have to provide information related to changes in financial interests.
3052.209-76 Prohibition on Federal Protective Service Guard Services Contracts with Business Concerns Owned, Controlled, or Operated by an Individual Convicted of a Felony, paragraph (h). (Section 2 of the Federal Protective Service Guard Contracting Reform Act of 2008, Pub. L. 110-356, generally prohibits DHS from entering into a contract for guard services under the Federal Protective Service (FPS) guard services program with any business concern owned, controlled, or operated by an individual convicted of a serious felony.) The notification required by paragraph (h) applies to any contractual instrument that may result in the issuance of task orders. Contractors will have to provide information on any felony conviction of personnel who own, control or operate a business during the performance a contract.
3052.215-70 Key personnel or facilities. (Required in solicitations and contracts when the selection for award is substantially based on the offeror's possession of special capabilities regarding personnel or facilities.) Contractors will have to provide notice of and documentation related to changes in key personnel for evaluation, including, resumes; description of the duties the replacement will assume; description of any change in duties and confirmation that such change will not negatively impact contract performance.
3052.216-71 Determination of Award Fee. (Required in solicitations and contracts that include an award fee.) Contractor may submit a performance self-evaluation for each evaluation period.
3052.217-91 Performance (USCG). (Required in sealed bid fixed-price solicitations and contracts for vessel repair, alteration, or conversion which are to be performed within the United States, its possessions, or Puerto Rico. Also required in negotiated solicitations and contracts to be performed outside the United States.) Contractor must request prior approval to conduct dock and sea trials.
3052.217-92 Inspection and Manner of Doing Work (USCG). (Required in sealed bid fixed-price solicitations and contracts for vessel repair, alteration, or conversion which are to be performed within the United States, its possessions, or Puerto Rico. Also required in negotiated solicitations and contracts to be performed outside the United States.) Contractor must maintain complete records of all inspection work and shall make them available to the Government during performance of the contract and for 90 days after the completion of all work required.
3052.217-95 Liability and Insurance (USCG). (Required in sealed bid fixed-price solicitations and contracts for vessel repair, alteration, or conversion which are to be performed within the United States, its possessions, or Puerto Rico. Also required in negotiated solicitations and contracts to be performed outside the United States.) Contractor shall provide evidence of the insurance and give the Contracting Officer written notice after the occurrence of a loss or damage for which the Government has assumed the risk. If any loss or damage will result in a claim against the Government, the contractor shall provide notice.
3052.219-70 Small Business subcontracting plan reporting. (Generally included in solicitations and contracts that offer subcontracting possibilities and are expected to exceed $700,000) Contractors must use Electronic Subcontracting Reporting System (eSRS) to submit subcontracting reporting data.
3052.219-71 DHS Mentor-Protégé Program. (Included in solicitations where subcontracting plans are anticipated) The amount of credit given to a contractor mentor firm for protégé developmental assistance costs must be calculated on a dollar-for-dollar basis and reported in the Summary Subcontract Report via the Electronic Subcontracting Reporting System (eSRS) at www.esrs.gov.
3052.222-70 Strikes or Picketing Affecting Timely Completion of the Contract Work. (Generally included in solicitations and contracts) Contractor must take all reasonable and appropriate action to end a strike or picketing. Delay caused by a strike or by picketing which constitutes an unfair labor practice is not excusable unless the Contractor takes all reasonable and appropriate action to end such a strike or picketing, such as the filing of a charge with the National Labor Relations Board, the use of other available Government procedures, and the use of private boards or organizations for the settlement of disputes. The contractor may be required to submit information to the contracting officer.
3052.222-71 Strikes or Picketing Affecting Access to a DHS Facility. (Generally included in solicitations and contracts) Contractor is responsible if strike or picketing is directed at the Contractor and impedes access by any person to a DHS facility. Contractor must take all reasonable and appropriate action to end a strike or picketing. The contractor may be required to submit information to the contracting officer.
3052.223-70 Removal or disposal of hazardous substances—applicable licenses and permits. (Required in solicitations and contracts involving the removal or disposal of hazardous waste material) Contractors will have to provide evidence of licenses and permits to perform hazardous substance removal.
3052.223-90 Accident and Fire Reporting (USCG). (Included in solicitations and contracts involving the removal of hazardous waste material) Contractor must report incidents involving fire or accidents at a worksite. Contractors may provide this information using a state, private insurance carrier, or Contractor accident report form.
3052.228-91 Loss of or Damage to Leased Aircraft (USCG). (Included in any contract for the lease of an aircraft) In the event of loss of or damage to an aircraft, the Government shall be subrogated to all rights of recovery by the Contractor against third parties for such loss or damage and the Contractor must promptly assign such rights in writing to the Government.
3052.228-93 Risk and Indemnities (USCG). (Included in any contract for the lease of an aircraft) Requires the contractor to provide the Government with evidence of insurance.
3052.235.70 Dissemination of Information—Educational Institutions. (Included in contracts with educational institutions for research that are not sensitive or classified) Contractors must provide advanced electronic copies of articles to the Government covering the results of research it plans to publish.
Form 700-26, Other Transaction Agreement (Required for the purposes of entering into other transaction agreements pursuant to 6 U.S.C. 391, 6 U.S.C. 596(1), and 49 U.S.C. 106(l)(6)) The offeror submit an Employer Identification Number, as well as the business' name, address and title. Offerors must also identify the authorized business representative's personal name and must include a signature.
Form 700-23, Other Transaction Agreement Modification (Required for the purposes of modifying other transaction agreements entered into pursuant to 6 U.S.C. 391, 6 U.S.C. 596(1), and 49 U.S.C. 106(l)(6)) The respondent must submit an Employer Identification Number, as well as the business' name, address and title. Respondents must also identify the authorized business representative's personal name and must include a signature.
DHS is seeking to renew this collection, and revise it to:
(1) Remove HSAR Clause 3052.204-70, Security requirements for unclassified information technology resources, from this OMB Control Number. The clause was made obsolete by final rule, Homeland Security Acquisition Regulation; Safeguarding of Controlled Unclassified Information, issued on June 21, 2023.
(2) Add the provisions and contract clauses under previously approved OMB Control Number 1601-0023, Safeguarding of Controlled Unclassified Information and Notification and Credit Monitoring Requirements for Personally Identifiable Information Incidents, to this OMB Control Number, in order to consolidate the collections. The clauses that will be transferred to this OMB Control Number are as follows:
3052.204-72 Safeguarding of Controlled Unclassified Information. (Included in solicitations and contracts where contractor and/or subcontractor employees will have access to controlled unclassified information (CUI) or CUI will be collected or maintained on behalf of the agency. The basic clause with its alternate is included in solicitations and contracts when Federal information systems, which include contractor information systems operated on behalf of the agency, are used to collect, process, store, or transmit CUI.) Under the basic clause, contractors and subcontractors are required to:
Provide adequate security to protect CUI from unauthorized access and disclosure;
Report all known or suspected incidents to the Component Security Operations Center (SOC), or the DHS Enterprise SOC if the Component SOC is not available, in accordance with 4300A Sensitive Systems Handbook Attachment F Incident Response ( i.e., incidents involving personally identifiable information (PII) or sensitive PII (SPII) must be reported within 1 hour of discovery; all other incidents shall be reported within 8 hours of discovery).
Provide full access and cooperation for all activities determined by the Government to be required to ensure an effective incident response, including providing all requested images, log files, and event information to facilitate rapid resolution of incidents;
Certify and confirm the sanitization of Government and Government-Activity related files and information, and submit the certification to the Contracting Officer's Representative (COR) and Contracting Officer in accordance with the template provided in NIST Special Publication 800-88, Guidelines for Media Sanitization, Appendix G; and
Insert this clause in all subcontracts and require subcontractors to include this clause in all lower tier subcontracts when subcontractor employees will have access to CUI; CUI will be collected or maintained on behalf of the agency by a subcontractor; or a subcontractor information system(s) will be used to process, store, or transmit CUI.
Under the alternate, contractors and subcontractors are prohibited from collecting, processing, storing, or transmitting CUI within a Federal information system until an Authority to Operate (ATO) has been accepted and signed by the Component or Headquarters CIO, or designee.
Additionally, contractors and subcontractors are required to:
Complete and submit security authorization (SA) documentation in accordance with DHS Policy Directive 4300A Information Technology System Security Program, Sensitive Systems (Version 13.3, February 13, 2023), or any successor publication; and the Security Authorization Process Guide, including templates;
Have an independent third party validate the security and privacy controls in place for the information system;
Renew the ATO every three (3) years unless otherwise specified in the ATO letter;
Support random, periodic reviews by the Department to ensure that the security requirements contained in the contract are being implemented and enforced; and
Comply with Federal reporting and information system continuous monitoring requirements as defined in the Fiscal Year (FY) 2021 DHS Information Security Performance Plan, or successor publication.
3052.204-73 Notification and Credit Monitoring Requirements for Personally Identifiable Information Incidents. (Included in solicitations and contracts where contractor and/or subcontractor employees have access to personally identifiable information (PII)) Contractors must have in place procedures and the capability to notify any individual whose PII and/or sensitive PII (SPII) was under the control of the contractor or resided in the contractor information system at the time of the incident not later than 5 business days after being directed to notify individuals, unless otherwise approved by the Contracting Officer. Additionally, contractors are required to provide credit monitoring services to individuals whose PII or SPII was under the control of the contractor or resided in the information system at the time of the incident for a period beginning the date of the incident and extending not less than 18 months from the date the individual is notified.
The information requested is used by the Government's contracting officers and other acquisition personnel, including technical and legal staff, for various reasons such as (1) determining the suitability of contractor personnel accessing DHS facilities; (2) to ensure no organizational conflicts of interest exist during the performance of contracts; (3) to ensure the contractor maintains applicable licenses and permits for the removal and disposal of hazardous materials; (4) to implement adequate security measures to safeguard CUI and to facilitate improved incident reporting to DHS; (5) to provide DHS with an understanding of the contractor's plan to recruit, train, and develop a diverse, high-performing workforce from underserved communities; and (6) to otherwise ensure firms are performing in the Government's best interest. Failure to collect this information would adversely affect the quality of products and services DHS receives from contractors.
Many sources of the requested information use automated word processing systems, databases, spreadsheets, project management and other commercial software to facilitate preparation of material to be submitted. With Government-wide implementation of e-Government initiatives, it is commonplace within many of DHS's Components for submissions to be electronic.
As the information collection is governed by FAR, HSAR and certain procurement statutes, usability testing is limited to ensuring the use of plain language, no duplicate/superfluous collection and electronic submission. DHS found the following:
Plain language is used in the applicable clauses and the forms. DHS encourages DHS Components to require only the minimum post-award contract information essential to proper protection of the Government's interests and compliance with regulation, e.g., contractor performance evaluation. The information collected from the public under this request complements but does not duplicate vendor information available to the Government-wide acquisition community through Integrated Award Environment (IAE) systems, including the System for Award Management (SAM). The SAM is the official U.S. Government system that consolidated the capabilities of the Central Contractor Registration (CCR), the Online Representations and Certifications Application (ORCA), the Excluded Parties List System (EPLS) and the Past Performance Information Retrieval System (PPIRS). To ensure the information collected under this collection isn't duplicative, DHS Office of the Chief Procurement Officer: (1) monitors the acquisition processes and procedures of the various DHS Components; (2) reviews proposed and published changes to the FAR; and (3) provides one location for the final review and approval of all proposed acquisition regulations for DHS. Respondents may submit requested information electronically, through email or facsimile to the specified Government point of contact. Contractors will utilize their own computers to provide the required information to the Government point of contact.
Information collection may or may not involve small business contractors, depending on the particular transaction. The burden applied to small businesses is the minimum consistent with the objective of ensuring contract compliance and protecting the interest of the Government.
Less frequent incidence of collecting such information as resumes indicating the level of contractor expertise, permits and licenses, and inspection reports will negatively affect the quality of products and services DHS receives from contractors. Potentially, contractors could perform on contracts without sufficient experience and expertise and could perform contracts with outdated licenses and negative inspection reports, placing the Department's operations in jeopardy. Additionally, less frequent collection of information related to organizational conflicts of interest inhibit DHS from determining the existence of true conflicts of interest during the performance of contracts.
Failure to collect this information would adversely affect the quality of products and services DHS receives from contractors. For example, potentially, contractors who are lead system integrators could acquire direct financial interests in major systems the contractors are contracted to procure, which would compromise the integrity of acquisitions for the Department. In addition, contractors who own, control or operate a business providing protective guard services could possess felony convictions during the performance of contracts, putting the Department at risk. Furthermore, contractors could change key personnel during the performance of contracts and use less experienced or less qualified personnel to reduce costs, which would adversely affect DHS's fulfillment of its mission requirements. Additionally, having an HSAR clause to address the safeguarding of CUI will greatly reduce the proliferation of Department, Component, or buying office-level requirements that offerors now respond to in a variety of different and non-standard ways. Failure to collect this information may result in the compromise of CUI hampering the Department's ability to carry out its mission.
Executive Order 13985, titled “Advancing Racial Equity and Support for Underserved Communities Through the Federal Government” requires federal agencies to assess equity throughout their organizations, including equity through procurements. As part of its assessment and action planning, DHS identified that equity in procurements could be enhanced by ensuring that DHS's contractors have in place DEIA Plans which demonstrates the contractor's commitment to fairness regarding DEIA. Failure to collect a DEIA Plan would prohibit DHS from understanding the contractor's plan to recruit, train, and develop a diverse, high-performing workforce from underserved communities. Disclosure/non-disclosure of information is handled in accordance with the Freedom of Information Act, other disclosure statutes, and Federal and agency acquisition regulations.
The burden estimates provided in response to Item 12 above are based upon definitive contract award data reported by DHS and its Components, as well as DHS FPDS data for FY 2022. No program changes occurred; however, the burden was adjusted to reflect an increase in the number of respondents within DHS for FY 2022 in the amount of 11,075, as well as an increase in the average hourly wage rate. The burden hours also decreased by a total of 14 hours with the removal of HSAR Clause 3052.204-70, “Security requirements for unclassified information technology resources”, that was made obsolete by the DHS rulemaking, “Homeland Security Acquisition Regulation; Safeguarding of Controlled Unclassified Information, issued on June 21, 2023”.
Finally, the burden has increased as a result of consolidating OMB Control Number 1601-0023 under this OMB Control Number, 1600-0003. The average burden per response for the clauses increased by 7.8 hours, from 6.2 hours to 14 hours; thereby increasing the total annual burden hours by 970,549 hours.
The Office of Management and Budget is particularly interested in comments which:
1. Evaluate whether the proposed collection of information is necessary for the proper performance of the functions of the agency, including whether the information will have practical utility;
2. Evaluate the accuracy of the agency's estimate of the burden of the proposed collection of information, including the validity of the methodology and assumptions used;
3. Enhance the quality, utility, and clarity of the information to be collected; and
4. Minimize the burden of the collection of information on those who are to respond, including through the use of appropriate automated, electronic, mechanical, or other technological collection techniques or other forms of information technology, e.g., permitting electronic submissions of responses.
Analysis
Agency: Department of Homeland Security (DHS).
Title: Post-Contract Award Information.
OMB Number: 1600-0003.
Frequency: Annually.
Affected Public: Contractor.
Number of Respondents: 26,726.
Estimated Time per Respondent: 77,196.
Total Burden Hours: 1,061,361.
Robert Dorr,
Executive Director, Business Management Directorate.
[FR Doc. 2024-20270 Filed 9-6-24; 8:45 am]
BILLING CODE 9112-FL-P