Agency Information Collection Activities; Submission to the Office of Management and Budget for Review and Approval; Comment Request; Guaranty Agencies Security Self-Assessment and Attestation

AGENCY:

Federal Student Aid (FSA), Department of Education (ED).

ACTION:

Notice.

SUMMARY:

In accordance with the Paperwork Reduction Act of 1995 (44 U.S.C. chapter 3501 et seq.), ED is proposing an extension of an existing information collection.

DATES:

Interested persons are invited to submit comments on or before December 17, 2015

ADDRESSES:

To access and review all the documents related to the information collection listed in this notice, please use http://www.regulations.gov by searching the Docket ID number ED-2015-ICCD-0093. Comments submitted in response to this notice should be submitted electronically through the Federal eRulemaking Portal at http://www.regulations.gov by selecting the Docket ID number or via postal mail, commercial delivery, or hand delivery. Please note that comments submitted by fax or email and those submitted after the comment period will not be accepted. Written requests for information or comments submitted by postal mail or delivery should be addressed to the Director of the Information Collection Clearance Division, U.S. Department of Education, 400 Maryland Avenue SW., LBJ, Room 2E105, Washington, DC 20202-4537.

FOR FURTHER INFORMATION CONTACT:

For specific questions related to collection activities, please contact Beth Grebeldinger, 202-377-4018.

SUPPLEMENTARY INFORMATION:

The Department of Education (ED), in accordance with the Paperwork Reduction Act of 1995 (PRA) (44 U.S.C. 3506(c)(2)(A)), provides the general public and Federal agencies with an opportunity to comment on proposed, revised, and continuing collections of information. This helps the Department assess the impact of its information collection requirements and minimize the public's reporting burden. It also helps the public understand the Department's information collection requirements and provide the requested data in the desired format. ED is soliciting comments on the proposed information collection request (ICR) that is described below. The Department of Education is especially interested in public comment addressing the following issues: (1) Is this collection necessary to the proper functions of the Department; (2) will this information be processed and used in a timely manner; (3) is the estimate of burden accurate; (4) how might the Department enhance the quality, utility, and clarity of the information to be collected; and (5) how might the Department minimize the burden of this collection on the respondents, including through the use of information technology. Please note that written comments received in response to this notice will be considered public records.

Title of Collection: Guaranty Agencies Security Self-Assessment and Attestation.

OMB Control Number: 1845-0134.

Type of Review: An extension of an existing information collection.

Respondents/Affected Public: Private Sector.

Total Estimated Number of Annual Responses: 28.

Total Estimated Number of Annual Burden Hours: 8,848.

Abstract: The E-Government Act (Pub. L. 107-347) passed by the 107th Congress and signed into law by the President in December 2002 recognized the importance of information security to the economic and national security interests of the United States. Title III of the E-Government Act, entitled the Federal Information Security Management Act (FISMA) requires each federal agency to develop, document, and implement an agency-wide program to provide information security for the information and information systems that support the operations and assets of the agency, including those provided or managed by another agency, contractor, or other source. FISMA, along with the Paperwork Reduction Act of 1995 and the Information Technology Management Reform Act of 1996 (Clinger-Cohen Act), explicitly emphasizes a risk-based policy for cost-effective security.

FSA is initiating a formal assessment program of the Guaranty Agencies that will ensure the continued confidentiality and integrity of data entrusted to FSA by students and families. The assessment will identify security deficiencies based on the Federal standards described in the National Institute of Standards and Technology (NIST) publications. The comprehensive self-assessment links all questions with a NIST control. This collection of information impacts 28 independently owned Guaranty Agencies (GAs) dispersed throughout the U.S. Each agency is under signed agreement with the Department of Education to service Federal Family Education Loans that have been turned over from the lending institutions to the GAs for the purpose of student loan collections.