The Presidential Policy Directive-21
(PPD-21) (2013) and the National Infrastructure Protection Plan
(NIPP) (2013) (Public Law 107-296) highlight the need for a
centrally managed repository of infrastructure attributes capable
of assessing risks and facilitating data sharing. To support this
mission need, the Department of Homeland Security’s (DHS)
Cybersecurity and Infrastructure Security Agency (CISA) has
developed the IP Gateway. The IP Gateway contains several
capabilities which support the homeland security mission in the
area of critical infrastructure (CI) protection. The purpose of
this collection is to gather the details pertaining to the users of
the IP Gateway for the purpose of creating accounts to access the
IP Gateway. This information is also used to verify a need to know
to access the IP Gateway. After being vetted and granted access,
users are prompted and required to take an online training course
upon first logging into the system. After completing the training,
users are permitted full access to the system. In addition, this
collection will gather feedback from the users of the IP Gateway to
determine any future system improvements.
1. Essential to the
Agency: The Presidential Policy Directive-21 (PPD-21) (2013) and
the National Infrastructure Protection Plan (NIPP) (2013) (Public
Law 107-296) highlight the need for a centrally managed repository
of infrastructure attributes capable of assessing risks and
facilitating data sharing. To support this mission need, the
Department of Homeland Security’s (DHS) Cybersecurity and
Infrastructure Security Agency (CISA) has developed the CISA
Gateway. The CISA Gateway contains several capabilities which
support the homeland security mission in the area of critical
infrastructure (CI) protection. This collection is leveraged by the
Critical Infrastructure community, CISA Protective Security
Advisors, State Fusion Centers, State, Local, Tribal, and
Territorial Governing Coordinating Council (SLTTGCC), Facility
owners/operators, and many other government and private partners
and sectors. The collection of information uses automated
electronic forms. During the online registration process, there is
an electronic form used to create a user account and an online
training course required to grant access. 2. The use of normal
clearance procedures is reasonably likely to cause a statutory
deadline to be missed: This request for review and approval is
vital to continue the mission of the CISA Gateway and support to
the Gateway user community. By not collecting this information, the
CISA Gateway program is not able to vet and verify a users need to
know and cannot not grant access to the system. It is vital that
CISA regains this essential capability as soon as possible to
support immediate needs in response to delivering and supporting
the many SLTT communities that rely on this CISA capability. 3.
Public harm is reasonably likely to result if normal clearance
procedures are followed: This request for review and approval is
vital to continue the mission of the CISA Gateway and support to
the Gateway user community. Without this information collection,
the CISA Gateway program will be unable to vet and verify a user’s
need to know sensitive information and cannot grant access to the
system. The CISA Gateway provides users with some of the most
sensitive data available on critical infrastructure, so such an
outcome poses a sufficient threat to national security that the
system itself might need to be taken offline. This scenario
presents a reasonable likelihood that public harm could result. If
a potential threat presents itself to CISA, other government
agencies, and/or SLTT partners, CISA would not have the ability to
provide the Critical Infrastructure data necessary for those
private and public partners to effectively respond to a potential
threat or event. It is vital that CISA retains this essential
capability to support immediate needs in response to delivering and
supporting the many SLTT communities that rely on this CISA
capability should a Critical Infrastructure event occur to protect
the homeland. Since such events can and do occur at random, normal
clearance procedures must be stopgrapped by an emergency
clearance.
The change in burden hours is
attributed to the removal of the the "IP Gateway Utilization
Survey".
$5,723
No
Yes
Yes
No
No
No
No
Benjamin Thomsen 202 254-7179
benjamin.thomsen@cisa.dhs.gov
No
On behalf of this Federal agency, I certify that
the collection of information encompassed by this request complies
with 5 CFR 1320.9 and the related provisions of 5 CFR
1320.8(b)(3).
The following is a summary of the topics, regarding
the proposed collection of information, that the certification
covers:
(i) Why the information is being collected;
(ii) Use of information;
(iii) Burden estimate;
(iv) Nature of response (voluntary, required for a
benefit, or mandatory);
(v) Nature and extent of confidentiality; and
(vi) Need to display currently valid OMB control
number;
If you are unable to certify compliance with any of
these provisions, identify the item by leaving the box unchecked
and explain the reason in the Supporting Statement.
IP Gateway Utilization Survey
CISA_OCIO_PRA_1670-0009[51].pdf
1670-0009_CISA Gateway_SSA (2).docx
IP Gateway Registration Training