Department of Veterans Affairs Acquisition Regulation (VAAR) Contract Clause—Information and Information Systems Security

ICR 202511-2900-003

OMB: 2900-0900

Federal Form Document

Forms and Documents
Document
Name
Status
No forms / supporting documents in this ICR. Check IC Document Collections.
IC Document Collections
IC ID
Document
Title
Status
250436 Modified
ICR Details
2900-0900 202511-2900-003
Received in OIRA 202301-2900-014
VA PPS - 6
Department of Veterans Affairs Acquisition Regulation (VAAR) Contract Clause—Information and Information Systems Security
Revision of a currently approved collection   No
Regular 03/20/2026
  Requested Previously Approved
36 Months From Approved 03/31/2026
8,223 8,223
4,069 4,069
0 0
Under Public Law 113-283, Federal Information Security Modernization Act of 2014, each agency of the Federal Government must provide security for the information and information systems that support the operations and assets of the agency. To comply with Public Law 113-283, VA developed VAAR clause, 852.204-71, Information and Information System Security, and section 804.1970, Information security policy—contractor general responsibilities. The clause and the section apply to contractors with access to VA information or information systems. Among other things, the clause and section require a contractor to report a known or suspected security/privacy incident or data breach related to VA information or information systems. The clause also requires a contractor to notify VA when a contractor employee has been reassigned or terminated and no longer needs access to a VA information system.
PL: Pub.L. 113 - 283 2521 Name of Law: Federal Information Security Modernization Act of 2014
  
None
Not associated with rulemaking
  91 FR 330 01/05/2026
91 FR 13407 03/19/2026
No
1
IC Title Form No. Form Name
Department of Veterans Affairs Acquisition Regulation (VAAR) Contract Clause-Information and Information Systems Security
  Total Request Previously Approved Change Due to New Statute Change Due to Agency Discretion Change Due to Adjustment in Estimate Change Due to Potential Violation of the PRA
Annual Number of Responses 8,223 8,223 0 0 0 0
Annual Time Burden (Hours) 4,069 4,069 0 0 0 0
Annual Cost Burden (Dollars) 0 0 0 0 0 0
No
No
$192,057
No
    No
    No
No
No
No
No
Forrest Browne 202 714-6863 forrest.browne@va.gov
  No
On behalf of this Federal agency, I certify that the collection of information encompassed by this request complies with 5 CFR 1320.9 and the related provisions of 5 CFR 1320.8(b)(3).
The following is a summary of the topics, regarding the proposed collection of information, that the certification covers:
 
 
 
 
 
 
 
    (i) Why the information is being collected;
    (ii) Use of information;
    (iii) Burden estimate;
    (iv) Nature of response (voluntary, required for a benefit, or mandatory);
    (v) Nature and extent of confidentiality; and
    (vi) Need to display currently valid OMB control number;
 
 
 
If you are unable to certify compliance with any of these provisions, identify the item by leaving the box unchecked and explain the reason in the Supporting Statement.
03/20/2026
Something went wrong when downloading this file. If you have any questions, please send an email to risc@gsa.gov.
© 2026 OMB.report | Privacy Policy