DoD's Defense Industrial Base (DIB) Cybersecurity (CS) Activities Cyber Incident Reporting

ICR 202407-0704-003

OMB: 0704-0489

Federal Form Document

Forms and Documents

Document Name	Status
0704-0489_SSA_11.22.24.docx Supporting Statement A	2024-11-22

IC Document Collections

IC ID	Document Title	Status
200868	DoD's Defense Industrial Base (DIB) Cybersecurity (CS) Activities Cyber Incident Reporting Other-Electronic form	Modified

ICR Details

OMB Control No: 0704-0489	ICR Reference No: 202407-0704-003
Status: Received in OIRA	Previous ICR Reference No: 202208-0704-002
Agency/Subagency: DOD/DODDEP	Agency Tracking No:
Title: DoD's Defense Industrial Base (DIB) Cybersecurity (CS) Activities Cyber Incident Reporting
Type of Information Collection: Revision of a currently approved collection	Common Form ICR: No
Type of Review Request: Regular	Date Submitted to OIRA: 11/25/2024

	Requested	Previously Approved
Expiration Date	36 Months From Approved	12/31/2024
Responses	555	42,500
Time Burden (Hours)	1,110	85,000
Cost Burden (Dollars)	133,133	4,629,100

Abstract: This information collection supports voluntary cyber incident reporting from DoD contractors to DoD in accordance with 32 Code of Federal Regulations (CFR) part 236, “Department of Defense (DoD)-Defense Industrial Base (DIB) Cybersecurity (CS) Activities,” which authorizes the DIB CS program.

Authorizing Statute(s): US Code: 10 USC 2224 Name of Law: 32 CFR 236 - DEPARTMENT OF DEFENSE (DOD)-DEFENSE INDUSTRIAL BASE (DIB) VOLUNTARY CYBER SECURITY AND

Citations for New Statutory Requirements: None

Associated Rulemaking Information
RIN:	Stage of Rulemaking:	Federal Register Citation:	Date:
	Not associated with rulemaking

Federal Register Notices & Comments
60-day Notice:	Federal Register Citation:	Citation Date:
	89 FR 63179	08/02/2024
30-day Notice:	Federal Register Citation:	Citation Date:
	89 FR 92667	11/22/2024
Did the Agency receive public comments on this ICR? No

Number of Information Collection (IC) in this ICR: 1

IC Title	Form No.	Form Name
DoD's Defense Industrial Base (DIB) Cybersecurity (CS) Activities Cyber Incident Reporting

ICR Summary of Burden

	Total Request	Previously Approved	Change Due to Agency Discretion
Annual Number of Responses	555	42,500	-41,945
Annual Time Burden (Hours)	1,110	85,000	-83,890
Annual Cost Burden (Dollars)	133,133	4,629,100	-4,495,967

Burden increases because of Program Change due to Agency Discretion: No

Burden Increase Due to:

Burden decreases because of Program Change due to Agency Discretion: Yes

Burden Reduction Due to: Miscellaneous Actions

Short Statement: Burden has significantly reduced to reflect actual burden figures from calendar years 2021, 2022, and 2023.

Annual Cost to Federal Government: $5,161,894

Does this IC contain surveys, censuses, or employ statistical methods? No

Does this ICR request any personally identifiable information (see OMB Circular No. A-130 for an explanation of this term)? Please consult with your agency's privacy program when making this determination. Yes

Does this ICR include a form that requires a Privacy Act Statement (see 5 U.S.C. §552a(e)(3))? Please consult with your agency's privacy program when making this determination. Yes

Is this ICR related to the Affordable Care Act [Pub. L. 111-148 & 111-152]? No

Is this ICR related to the Dodd-Frank Wall Street Reform and Consumer Protection Act, [Pub. L. 111-203]? No

Is this ICR related to the American Recovery and Reinvestment Act of 2009 (ARRA)? No

Is this ICR related to the Pandemic Response? No

Agency Contact: Joshua Kim 571 515-0234 joshua.t.kim4.civ@mail.mil

Common Form ICR: No