83-I SUPPORTING STATEMENT
By Defense Security Service (DSS)
“Industry Cost Collection Report Survey”
OMB #(TBD)
Need for Information Collection
Executive Order 12829 required agency heads to account each year for intra-agency costs associated with the implantation of the NISP and to report these costs to the Director, Information Security Oversight Office (ISOO), who is responsible for including them in annual reports to the President. In furtherance of this requirement, and pursuant with 32 CFR, Subpart F, section 2001.61 (b); Classified National Security Information; Final Rule, the Secretary of Defense, acting as executive agent for the NISP, is obligated to collect cost estimates for classification-related activities of contractors, licensees, certificate holders, and grantees and report them to ISOO annually. The cost collection methodology employed by this Department since 1996 was validated with the ISOO in December, 2007.
Use of the Information
Department of Defense Directive, 5105.42, “Subject: Defense Security Service”, delineates the mission, functions and responsibilities of DSS. In accordance with this Directive DSS was an Agency of the Department of Defense under the authority, direction, and control of the Assistant Secretary of Defense (Command, Control, Communication and Intelligence) (ASD(C3I)). Subsequently, Deputy Secretary of Defense Memorandum, Subject: Implementation Guidance on Restructuring Defense Intelligence – and Related Matters, dated, May 8, 2003, created and transferred the Industrial Security and Personnel Security responsibilities of ASD(C3I) to the Office of the Undersecretary of Defense for Intelligence (OUSD(I)). As such DSS was also transferred under the management and control of OUSD (I). In February 2005, DSS transferred the conduct of personnel security investigations to the Office of Personnel Management (OPM). As it pertains to this request for authority to collect information, DSS is currently responsible for the following:
Administer and implement the Defense portion of the National Industrial Security Program (NISP) for DoD and 23 other Non-DoD agencies pursuant to EO 12829 (reference (e).
Exercise authority delegated to the Secretary of Defense for issuance of security clearances to contractor employees, pursuant to EO 12829.
Executive Order 12829, “National Industrial Security Program” requires the Department of Defense to account each year for the costs associated with implementation of the National Industrial Security Program and report those costs to the Director of the ISOO. EO 12829 also authorizes the Executive Agent to issue, after consultation with affected agencies, standard forms that will promote the implementation of the NISP.
Information Technology
The use of information technology has been considered appropriate for the purposes of this collection. DSS sends an email invitation to complete the “Industry Cost Collection Report” directly to a designated point of contact at the contractor facility. The email invitation includes a secure link to access and complete the online survey.
Efforts to Identify Duplication
The joint-government-industry Industrial Security Cost Task Force was formed in early 1995 to develop an acceptable model to fulfill 32 CFR, Subpart F obligations of the Secretary of Defense under the NISP. The objective of the Task Force was to formulate a cost collection and reporting methodology that would not be prohibitively expensive, but would take into account “lessons learned” from previous related studies, and responsibly address newly articulated problematic aspects expressed by its industry members. The draft methodology was supported by the joint-government-industry NISP Policy Advisory Committee during its meeting of September 27, 1995 and was accepted for implementation on February 9, 1996 by the six industry group signatories to the memorandum of understanding established to convey consensus positions to appropriate government security authorities relative to NISP policies, procedures, and practices.
Since this data collection’s implementation in 1995 no other duplicative efforts have been undertaken to estimate Industry cost associated with implementation of the National Industrial Security Program. Government organizations and industry representatives within the Industrial Security Cost Task Force are aware that this is an annual request, slated to occur in the spring of each calendar year to align with the budget cycle.
Methods to Minimize Burden on Small Entities
DSS is only asking for the minimum amount of information necessary for reporting needs. Due to the unique facility categories of contractors participating in the NISP, DSS can employ a random sampling technique to minimize the amount of respondents required. DSS conducts an annual survey of 1,613 of the 4,738 cleared contractor facilities eligible protect classified information participating within the NISP.
Consequences of Not Collecting the Data
If this data is not collected, DSS and the Department will not have the ability to accurately report Industry Security Cost estimates as outlined in Executive Order (EO) 12829, “National Industrial Security Program (NISP)”, dated January 7, 1993.
Special Circumstances
There are no special circumstances affecting this collection.
8. Agency 60-Day Federal Register Notice and Consultations Outside the Agency
The 60-day notice was posted to the Federal Register on November 26, 2008 (73 FR 72030) with consideration for comments from the public. No comments were received.
9. Payments to Respondents
No payments or gifts will be provided to respondents.
10. Assurance of Confidentiality
The response to questions on the “Industry Cost Collection Report” may be considered by the respondent to be company proprietary. Information provided by the contractor will be kept private to the extent permitted by law. Information collected is complied to create an aggregate estimated cost of NISP classification-related activities. Only the aggregate data is reported and all individual company information is kept in DSS records.
There are no sensitive questions asked in this collection as defined by the OMB 83-I Inst., 10/95.
12. Estimates of Response Burden and Annual Cost to Respondent
(a) Estimated Average Annual Respondent Burden:
(1) Responses per Respondent: 1
(2) Number of Respondents: 1,613
(3) Hours per Response: 30 minutes
(4) Total Annual Burden Hours: 806.50
(b) Respondent Cost
Total Annual Cost to Respondents: $33,582.66 (1,613 x $20.82)
Cost to Individual Respondent: $20.82 ($.694 per minute x 30 minutes)
The cost to respondent is based on the approximate salary of a GS-13 Step 1
(FY09 basic pay): $41.65 (rate per hour)/60 (minutes) = $.694 per minute.
Estimates of Cost Burden for Collection of Information
There is no cost associated with these tools for the survey submission. Completion and submission of the Survey questionnaire online requires an email address and Internet access, tools which cleared contractor facilities already have in place or can access through a local library.
Annual Cost to Government:
(a) There are no administrative (printing, mailing, distributing and reviewing) since all action is taken through email and online survey tool.
Explanation of Administrative Costs: not applicable.
Survey Development and Maintenance Costs: $62,502.00
Explanation of Survey Development and Maintenance Costs:
Annual contract with Survey vendor for web-based survey tool, technical services and hosting of survey and submitted respondents’ data: $50,000
(2) Personnel:
Number Average Average Salary/hr Average Cost
Grade/Rank (DC area FY08) Hours
1 GS-15 Step 5 $62.62 20 $1,252 = $62.62 X 20
2 GS-13 Step 1 $39.75 120 $ 9,540 = ($39.75 X 120)X 2
1 GS-14 $61.06 28 $1,710 = $61.06 X 28
Total Cost to the Government: $62, 502.00
15. Explanation of program change / adjustment reported in Item 13, OMB 83-I
This is the initial submission of the collection.
Plan for Tabulation or Publication
The data is analyzed and reported by DSS to the Director of the Information Security Oversight Office (ISOO) in order to comply with Executive Order 12829, “National Industrial Security Program” which requires the Department of Defense to account each year for the costs associated with implementation of the National Industrial Security Program and report those costs.
Approval to Avoid Display of the Expiration Date of OMB Approval.
Approval is not sought for avoiding display of the expiration date for OMB approval of the information collection.
Exception to Certification Statement
None
1. Describe the potential respondent universe and any sampling or other respondent selection method to be used. Data on the number of entities in the universe and the corresponding sample are to be provided in tabular form. The tabulation must also include expected response rates for the collection as a whole. If the collection has been conducted before, provide the actual response rate achieved.
The respondent universe is the 4,738 active, cleared industry facilities under the NISP who are approved for classified storage. The survey is deployed to one central point of contact for a facility.
These facilities are stratified using multiple quantifiable identifiers to create a scale of facility complexity with facility labels of A, B, C, and D. These categories are taken from the DSS Industrial Security Facility Database (ISFD) and reflect the size, scope, and complexity of a facility’s security program with A being the largest and D being the smallest.
Facility breakdown within the stratification is as follows:
A 113
B 169
C 363
D 4,093
Expected response rate to the collection is 85%+ for each stratum.
2. Describe the procedures for the collection, including: the statistical methodology for stratification and sample selection; the estimation procedure; the degree of accuracy needed for the purpose described in the justification; any unusual problems requiring specialized sampling procedures; and any use of periodic (less frequent than annual) data collection cycles to reduce burden.
As described above, the population is prime for stratified sampling. Facilities are set into the stratum by multiple factors directly related to this collection effort. Historical trends have resulted in sample size being based on a 95% Confidence Level with a 2.58 Confidence Interval (95%). Resulting samples sizes of the four stratified sample groups are then as follows:
A 105
B 151
C 290
D 1,067
Participants will be randomly selected from each stratum using a random sample generator.
ISFD maintains many data elements pertaining to a facility’s size, scope, and complexity and by using that data DSS can further stratify most to least complex facilities within each stratum. From this, DSS will apply a K-nearest-neighbor approach to impute missing values based on neighboring data points of a similar nature.
When missing values are counted for, DSS will calculate the mean average and standard deviation for each stratum. Removing outlying data points outside of 1.96 times the standard deviation, DSS will re-calculate the mean having a concise average for the strata meeting agency needs. Using the average per stratum and multiplying it out by the total amount of facilities within the stratum DSS then has an accurate estimate for the total cost of the category. Taking the sum of total estimated cost for each of the four stratum DSS will have the total estimated cost for the population as a whole. This final number is what is reported to the Information Security Oversight Office.
3. Describe the methods used to maximize response rates and to deal with nonresponse. The accuracy and reliability of the information collected must be shown to be adequate for the intended uses. For collections based on sampling, a special justification must be provided if they will not yield "reliable" data that can be generalized to the universe studied.
DSS will pre-notify selected survey participants prior to deployment of the collection effort. During the data collection period, non-respondents will be sent e-mail reminders weekly to ensure timely completion of the survey.
As the Survey itself only consists of two clear questions, the simplicity of the form will encourage a high response rate.
DSS maintains a high working relationship with the respondent field and has consistently experienced high response rates on data collection efforts.
4. Describe any tests of procedures or methods to be undertaken. Tests are encouraged as effective means to refine collections, but if ten or more test respondents are involved OMB must give prior approval under the Paperwork Reduction Act.
This process has been tested over 11 years of deployment of this action. Sample size resulting from confidence levels and intervals have been adjusted to ensure maximum accuracy.
5. Provide the name and telephone number of individuals consulted on the statistical aspects of the design, and the name of the agency unit, contractor(s), grantee(s), or other person(s) who will actually collect and/or analyze the information for the agency.
Primary POC: Ryan Deloney 703 325 1317
Defense Security Service, Industrial Security Programs & Policy
File Type | application/msword |
File Title | SUPPORTING STATEMENT |
Author | janice savoy_mccormick |
Last Modified By | Patricia Toppings |
File Modified | 2009-04-08 |
File Created | 2009-04-08 |