AGENCY:

Transportation Security Administration, DHS.

ACTION:

Notice.

SUMMARY:

The Transportation Security Administration (TSA) invites public comment on a new information collection requirement abstracted below that we will submit to the Office of Management and Budget (OMB) for approval in compliance with the Paperwork Reduction Act.

DATES:

Send your comments by April 2, 2007.

ADDRESSES:

Comments may be mailed or delivered to Katrina Kletzly, Attorney-Advisor, Office of the Chief Counsel, TSA-2, Transportation Security Administration, 601 South 12th Street, Arlington, VA 22202-4220.

FOR FURTHER INFORMATION CONTACT:

Katrina Kletzly at the above address, or by telephone (571) 227-1995 or facsimile (571) 227-1381.

SUPPLEMENTARY INFORMATION:

Comments Invited

In accordance with the Paperwork Reduction Act of 1995 (44 U.S.C. 3501 et seq.), an agency may not conduct or sponsor, and a person is not required to respond to, a collection of information unless it displays a valid OMB control number. Therefore, in preparation for OMB review and approval of the following information collection, TSA is soliciting comments to—

(1) Evaluate whether the proposed information requirement is necessary for the proper performance of the functions of the agency, including whether the information will have practical utility;

(2) Evaluate the accuracy of the agency's estimate of the burden;

(3) Enhance the quality, utility, and clarity of the information to be collected; and

(4) Minimize the burden of the collection of information on those who are to respond, including using appropriate automated, electronic, mechanical, or other technological collection techniques or other forms of information technology.

Information Collection Requirement

Purpose of Data Collection

As prescribed by the President in Homeland Security Presidential Directive 7 (HSPD-7), the Department of Homeland Security (DHS) was tasked to protect our nation's critical infrastructure and key resources (CI/KR). Through the National Infrastructure Protection Plan (NIPP), DHS gives a guidance and direction as to how the Nation will secure its infrastructure. Furthermore, HSPD-7 and the NIPP assigned the responsibility for infrastructure security in the transportation sector to TSA. To this effect, the NIPP further tasks each sector to build security partnerships, set security goals and to measure their effectiveness. Through its Corporate Security Review Program, TSA has conducted reviews of numerous pipeline systems in which various aspects of each company's security program are analyzed. Through this review process, TSA has determined that improved security awareness training for pipeline company employees would be useful. The OMB control number assigned to the Corporate Security Review Program is 1652-0036. To increase the security awareness levels across the pipeline industry, TSA plans to develop and distribute a Security Awareness Training compact disk (CD-1) to interested pipeline companies. In order to measure the effectiveness of CD-1 on raising company security awareness, TSA will solicit voluntary feedback from pipeline companies seeking to utilize the CD-1.

In order to participate, interested companies may respond to TSA's announcements regarding the CD-1 availability and ordering instructions through all applicable pipeline industry Web sites. The CD-1 training will be available to all pipeline companies upon request to TSA. Participation in the feedback survey will also be voluntary to those pipeline companies that requested and received the CD.

TSA will collect the feedback regarding CD-1 performance via online survey, which will be managed by a contracted third-party survey company. The survey results will be used to guide TSA on future pipeline transportation security initiatives. TSA plans to conduct the data collection over a two- to three-year period in order to allow for Start Printed Page 4527maximum distribution and use of CD-1 throughout the industry, and for participating companies to complete full training cycles.

Description of Data Collection

TSA will ask participating companies that complete the Security Awareness Training CD-1, to log on to a TSA-managed secure Web site to provide feedback on the effectiveness of the training.

Respondent companies may respond with feedback in one of two ways: (1) They may choose to submit one subjective, corporate response as to the employee participation levels or effectiveness of the CD-1 (i.e., the CD-1 significantly increased the security awareness levels for a majority of Company X's employees); or (2) they may provide objective information based on their company's own survey of its employees. For metrics purposes, TSA will also request that participating companies provide the total number of company employees, the number of employees who have completed the CD-1 training, and the numbers of projected employees that will complete the training in the future. In many cases, a single company may own more than one pipeline transmission or local distribution system, thus, a single CD-1 and corresponding effectiveness survey responses may represent more than one individual pipeline system. In order to discern the total number of pipeline companies utilizing the CD-1, TSA will inquire as to the number of individual pipeline systems that will be using the CD-1, in the event a parent company is requesting the CD. However, because participation in the CD-1 training and providing feedback in voluntary (that is, some companies that may utilize the CD-1 may not provide feedback), the TSA metrics will be based solely on companies that provide feedback.

In order for interested companies to submit information, TSA will set up a separate file for each company on the secure Web site into which each company can provide feedback. TSA will provide each company or individual pipeline system with a password in order to access their individual company or system file. Companies/individual systems may access and update the information contained within their file at any time. The name of the participation company or point or contact information will be collected only for the purpose of setting up the company feedback file and for identify verification when companies log onto the Web site.

Use of Results

The primary use of this information is to allow TSA to assess the effect of the CD-1 project on raising the baseline level of security awareness within the pipeline industry. The secondary purpose of this information is for TSA to obtain, based on individual company input, an indication of CD-1 user participation and employee participation levels throughout the pipeline industry.

Frequency

Most companies administer their security awareness training curriculum on an annual or biannual cycle. Therefore, a company would provide TSA sufficient feedback approximately every two years. Typically, companies will generate quarterly or annual reports on employee training progress. Thus, companies may submit updated feedback between one and four times per year, which TSA equates to an average frequency for this collection of two times per year. The time companies expend to respond to this collection will vary slightly depending on whether a company chooses to submit an overall company subjective opinion response provided by a knowledgeable corporate official, or an objective response based on results of its own training feedback survey. However, if a company chooses to submit one overall company opinion, it is likely that a person with some familiarity with the company's security posture will be responsible for providing the feedback survey. Regardless of whether a company submits an objective response based on the results of its own training course survey, or an opinion of one corporate official, the only time expenditure required would result from electronically entering the requested information on the TSA survey Web site. This is because the information gathered will already be in the possession of the company and therefore, impart no additional burden on the respondent.

Out of approximately 2,200 individual pipeline companies, TSA estimates that on an annual basis an average of 300 companies will provide feedback on the CD-1. TSA estimates the average hour burden per response per pipeline company or system will be approximately 20 minutes. Assuming that, on average, a company will update their feedback twice per year, TSA estimates the total annual hour burden will be 40 minutes per pipeline company or system. Therefore, TSA estimates the total annual hour burden will be approximately 200 hours per year for all pipeline industry participants [300 companies × 40 minutes = 200 hours].