AGENCY:

Office of Acquisition Policy, General Services Administration (GSA).

ACTION:

Notice of request for comments regarding an extension to an existing OMB information collection.

SUMMARY:

Under the provisions of the Paperwork Reduction Act of 1995, the Regulatory Secretariat Division will be submitting to the Office of Management and Budget (OMB) a request to review and approve a renewal of the currently approved information collection requirement regarding Implementation of Information Technology Security Provision. A notice was published in the Federal Register at 82 FR 43021 on September 13, 2017. No comments were received.

DATES:

Submit comments on or before December 27, 2017.

ADDRESSES:

Submit comments regarding this burden estimate or any other aspect of this collection of information, including suggestions for reducing this burden to: Office of Information and Regulatory Affairs of OMB, Attention: Desk Officer for GSA, Room 10236, NEOB, Washington, DC 20503. Additionally submit a copy to GSA by any of the following methods:

• Regulations.gov: http://www.regulations.gov. Submit comments via the Federal eRulemaking portal by searching the OMB control number 3090-0300. Select the link “Comment Now” that corresponds with “Information Collection 3090-0300, Implementation of Information Technology Security Provision”. Follow the instructions provided on the screen. Please include your name, company name (if any), and “Information Collection 3090-0300, Implementation of Information Technology Security Provision” on your attached document.
• Mail: General Services Administration, Regulatory Secretariat Division (MVCB), 1800 F Street NW., Washington, DC 20405. ATTN: Ms. Mandell/IC 3090-0300.

Instructions: Please submit comments only and cite Information Collection 3090-0300, Implementation of Information Technology Security Provision, in all correspondence related to this collection. Comments received generally will be posted without change to http://www.regulations.gov,, including any personal and/or business confidential information provided. To confirm receipt of your comment(s), please check www.regulations.gov,, approximately two to three days after submission to verify posting (except allow 30 days for posting of comments submitted by mail).

FOR FURTHER INFORMATION CONTACT:

Mr. Kevin Funk, Program Analyst, Office of Acquisition Policy, at 202-357-5805 or via email at kevin.funk@gsa.gov.

SUPPLEMENTARY INFORMATION:

A. Purpose

Clause 552.239-71 requires contractors, within 30 days after contract award, to submit an IT Security Plan to the Contracting Officer and Contacting Officer's Representative that describes the processes and procedures that will be followed to ensure appropriate security of IT resources that are developed, processed, or used under the contract. The clause will also require that contractors submit written proof of IT security authorization six months after contract award, and verify that the IT Security Plan remains valid annually.

B. Annual Reporting Burden

Respondents: 160.

Responses per Respondent: 2.

Total Annual Responses: 320.

Hours per Response: 5.

Total Burden Hours: 1600.

C. Public Comments

Public comments are particularly invited on: Whether this collection of information is necessary for the proper performance of functions of the GSAR, and whether it will have practical utility; whether our estimate of the public burden of this collection of information is accurate, and based on valid assumptions and methodology; ways to enhance the quality, utility, and clarity of the information to be collected; and ways in which we can minimize the burden of the collection of information on those who are to respond, through the use of appropriate technological collection techniques or other forms of information technology.

Obtaining Copies of Proposals: Requesters may obtain a copy of the information collection documents from the General Services Administration, Regulatory Secretariat Division (MVCB), 1800 F Street NW., Washington, DC 20405, telephone 202-501-4755.

Please cite OMB Control No. 3090-0300, Implementation of Information Technology Security Provision, in all correspondence.