CISA Reporting Forms

US-CERT is responsible for performing, coordinating, and supporting response to information security incidents, which may originate outside the Federal community and affect users within it, or originate within the Federal community and affect users outside of it. Often, therefore, the effective handling of security incidents relies on information sharing among individual users, industry, and the Federal Government, which may be facilitated by and through US-CERT. US-CERT fulfills the role of the Federal information security incident center for the United States federal government as defined in the Federal Information Security Modernization Act of 2014. Each federal agency is required to notify and consult with US-CERT regarding information security incidents involving the information and information systems (managed by a federal agency, contractor, or other source) that support the operations and assets of the agency. Additional entities report incident information to US-CERT voluntarily. The US-CERT website is a primary tool used by constituents to report incident information, access information sharing products and services, and interact with US-CERT and its partners within the NCCIC. Constituents, which may include anyone or any entity in the public, use forms located on the website to complete these activities.

The latest form for CISA Reporting Forms expires 2021-12-31 and can be found here.

Incident Reporting Form

Federal Enterprise Architecture: Homeland Security - Key Asset and Critical Infrastructure Protection

Review document collections for all forms, instructions, and supporting documents - including paper/printable forms.