The Deparatment of Homeland Security is submitting an Information Collection Request (ICR) to OMB for review under the Paperwork Reduction Act (PRA). Under the PRA, DHS will not be allowed to collect the information without OMB approval.
According to DHS:
Per House Report 111-298 and Senate Report 111-31, Department of Homeland Security Appropriations Bill, NPPD, in cooperation with FEMA and relevant stakeholders, shall develop the necessary tools for all levels of government to complete a cyber network security assessment so that a full measure of gaps and capabilities can be completed. The NCSR will be conducted via the United States Computer Emergency Readiness Team (US-CERT) Secure Portal. The assessment stakeholders will be states and major urban areas. The NCSR is a voluntary self assessment designed to measure cybersecurity preparedness and resilience. Through the NCSR, CSEP will examine relationships, interactions, and processes governing IT management and the ability to effectively manage operational risk.
DHS estimates that there will be 750 respondents and it will take them 2 hours each to provide the information. DHS received no comments in response to their original announcement of the ICR. Interested parties who want to provide their comments to OMB on the utility of the information to be collected, burden estimates or other issues have 30 days to respond.
The DHS ICR is attached below.