Safeguarding Covered Defense Information, Cyber Incident Reporting, and Cloud Computing

ICR 201603-0704-003

OMB: 0704-0478

Federal Form Document

⚠️ Notice: This information collection may be outdated. More recent filings for OMB 0704-0478 can be found here:

Forms and Documents

Document Name	Status
0704-0478_Supporting_Statement 2016-04-27.docx Supporting Statement A	2016-04-28

IC Document Collections

IC ID	Document Title	Status
197144	Safeguarding Covered Defense Information, Cyber Incident Reporting, and Cloud Computing Other-DFARS clause	Modified

ICR Details

OMB Control No: 0704-0478	ICR Reference No: 201603-0704-003
Status: Historical Active	Previous ICR Reference No: 201309-0704-004
Agency/Subagency: DOD/DODDEP	Agency Tracking No:
Title: Safeguarding Covered Defense Information, Cyber Incident Reporting, and Cloud Computing
Type of Information Collection: Revision of a currently approved collection	Common Form ICR: No
Type of Review Request: Regular
OIRA Conclusion Action: Approved with change	Conclusion Date: 07/07/2016
Retrieve Notice of Action (NOA)	Date Received in OIRA: 03/15/2016
Terms of Clearance: This collection is approved based on the revised materials provided by the Department.

	Inventory as of this Action	Requested	Previously Approved
Expiration Date	07/31/2019	36 Months From Approved	11/30/2016
Responses	60,493	0	32,775
Time Burden (Hours)	250,840	0	114,713
Cost Burden (Dollars)	16,053,494	0	0

Abstract: DoD is revising the Defense Federal Acquisition Regulation Supplement (DFARS) to implement mandatory cyber incident reporting on unclassified networks or information systems by DoD contractors or those contractors designated as providing operationally critical support.

Authorizing Statute(s): US Code: 41 USC 421 Name of Law: Federal Acquisition Regulatory Council

Citations for New Statutory Requirements: None

Associated Rulemaking Information
RIN:	Stage of Rulemaking:	Federal Register Citation:	Date:
	Not associated with rulemaking

Federal Register Notices & Comments
60-day Notice:	Federal Register Citation:	Citation Date:
	80 FR 51739	08/26/2015
30-day Notice:	Federal Register Citation:	Citation Date:
	81 FR 13779	03/15/2016
Did the Agency receive public comments on this ICR? No

Number of Information Collection (IC) in this ICR: 1

IC Title	Form No.	Form Name
Safeguarding Covered Defense Information, Cyber Incident Reporting, and Cloud Computing

ICR Summary of Burden

	Total Approved	Previously Approved	Change Due to Agency Discretion
Annual Number of Responses	60,493	32,775	27,718
Annual Time Burden (Hours)	250,840	114,713	136,127
Annual Cost Burden (Dollars)	16,053,494	0	16,053,494

Burden increases because of Program Change due to Agency Discretion: Yes

Burden Increase Due to: Changing Regulations

Burden decreases because of Program Change due to Agency Discretion: No

Burden Reduction Due to:

Short Statement: This information collection updates existing collection approval by increasing the number of DoD contractors reporting as well as the associated burden hours.

Annual Cost to Federal Government: $19,207,980

Does this IC contain surveys, censuses, or employ statistical methods? No

Is the Supporting Statement intended to be a Privacy Impact Assessment required by the E-Government Act of 2002? No

Is this ICR related to the Affordable Care Act [Pub. L. 111-148 & 111-152]? No

Is this ICR related to the Dodd-Frank Wall Street Reform and Consumer Protection Act, [Pub. L. 111-203]? No

Is this ICR related to the American Recovery and Reinvestment Act of 2009 (ARRA)? No

Is this ICR related to the Pandemic Response? Uncollected

Agency Contact: Karl Pabst 571 372-4527 karl.s.pabst.ctr@mail.mil

Common Form ICR: No