AGENCY:

Transportation Security Administration, DHS.

ACTION:

60-Day notice.

SUMMARY:

The Transportation Security Administration (TSA) invites public comment on an information collection requirement abstracted below that we will submit to the Office of Management and Budget (OMB) for approval in compliance with the Paperwork Reduction Act. The collection will assess the current security practices in the pipeline industry by way of its Pipeline Corporate Security Review (PCSR) program, which encompasses site visits and interviews, and is part of the larger domain awareness, prevention, and protection program supporting TSA's and the Department of Homeland Security's (DHS') missions.

DATES:

Send your comments by October 19, 2009.

ADDRESSES:

Comments may be mailed or delivered to Ginger LeMay, PRA Officer, Office of Information Technology, Transportation Security Administration, 601 South 12th Street, Arlington, VA 20598-6011.

FOR FURTHER INFORMATION CONTACT:

Ginger LeMay, PRA Officer, Office of Information Technology, TSA-11, Transportation Security Administration, 601 South 12th Street, Arlington, Virginia 20598-6011; telephone (571) 227-3616; e-mail: ginger.lemay@dhs.gov.

SUPPLEMENTARY INFORMATION:

Comments Invited

In accordance with the Paperwork Reduction Act of 1995 (44 U.S.C. 3501 et seq.), an agency may not conduct or sponsor, and a person is not required to respond to, a collection of information unless it displays a valid OMB control number. Therefore, in preparation for OMB review and approval of the following information collection, TSA is soliciting comments to—

(1) Evaluate whether the proposed information requirement is necessary for the proper performance of the functions of the agency, including whether the information will have practical utility;

(2) Evaluate the accuracy of the agency's estimate of the burden;

(3) Enhance the quality, utility, and clarity of the information to be collected; and

(4) Minimize the burden of the collection of information on those who are to respond, including using appropriate automated, electronic, mechanical, or other technological collection techniques or other forms of information technology.

Information Collection Requirement

The Pipeline Corporate Security Review is a new information collection request that will assess domain awareness, threat prevention, and security awareness at various pipeline sites across the nation. TSA's pipeline subject matter expert(s) will visit sites, interview pipeline operators and/or system owners, and use a pipeline security review form to gather information.

Under the Aviation and Transportation Security Act (ATSA) ^[1] and delegated authority from the Secretary of Homeland Security, TSA has broad responsibility and authority for “security in all modes of transportation * * * including security responsibilities * * * over modes of transportation that are exercised by the Department of Transportation.” ^[2] TSA has additional authorities as well. TSA is specifically empowered to develop policies, strategies, and plans for dealing with threats to transportation,^[3] oversees the implementation and ensures the adequacy of security measures at transportation facilities,^[4] and carries out other appropriate duties relating to transportation security.^[5]

Purpose and Description of Data Collection

One way TSA carries out these responsibilities in the pipeline mode is by assessing current industry security practices by way of its PCSR. The PCSR encompasses site visits and interviews and is one piece of a much larger domain awareness, prevention, and protection program in support of TSA's and DHS' missions. TSA is seeking OMB approval for this information collection so that TSA can ascertain minimum security standards and identify coverage gaps, activities that are critical to carrying out its transportation security mission.

The PCSR is an “instructive” review that provides TSA with an understanding of certain surface transportation owners'/operators' security programs, if they have voluntarily adopted such programs. In carrying out PCSRs, subject matter experts from TSA's Pipeline Security Division conduct site visits of pipeline operators throughout the nation that elected to adopt security plans. The TSA representatives analyze the owner's/operator's security plan and determine if the mitigation measures included in the plan are being properly implemented. In addition to examining the security plan document, TSA reviews one or more assets of the owner/operator. TSA conducts this collection of information on security measures to identify security gaps. The discussions also provide TSA with a method to encourage the pipeline owners/operators affected by the PCSRs to be diligent in implementing and maintaining security-related improvements.

During the pipeline site visits, TSA talks with the owner/operator and completes a PCSR form, which asks questions concerning the following topics: (1) Management and oversight of the security plan, (2) threat assessment, (3) criticality, (4) vulnerability assessment, (5) credentialing, (6) training, (7) physical security countermeasures, (8) information technology security, (9) security exercises and drills, and (10) incident management and communications. TSA conducts this collection through voluntary face-to-face visits, usually at the headquarters facility of the pipeline owners/operator. Typically, TSA sends one to three employees to conduct a three to four hour interview with representatives from the owner/operator. TSA then visits one or two of the owners/operators assets to further assess the implementation of the owner's/operator's security plan. TSA Start Printed Page 42087plans to collect information from pipeline operators of all sizes in the course of conducting these PCSRs.

Use of Results

This program provides TSA with real-time information on current security practices within the pipeline mode of the surface transportation sector. This information allows TSA to adapt programs to the changing security threat, while incorporating an understanding of the improvements owners/operators make in their security measures. Without this information, the ability of TSA to perform its security mission would be severely hindered.

Additionally, the relationships these face-to-face contacts foster are critical to the Federal government's ability to reach out to the pipeline stakeholders affected by the PCSRs. The relationships foster a sense of trust and a willingness to share information with the Federal government. TSA assures respondents that the portion of their responses that is deemed Sensitive Security Information (SSI) will be protected in accordance with procedures meeting the transmission, handling, and storage requirements of SSI set forth in 49 CFR parts 15 and 1520.

The annual hour burden for this information collection is estimated to be 100 hours. While TSA estimates a total of 2,200 potential respondents, this estimate is based on TSA conducting 12 visits per year and each visit lasting 8 hours. There is no cost burden to respondents.

Footnotes