AGENCY:

Transportation Security Administration, DHS.

ACTION:

60-Day notice.

SUMMARY:

The Transportation Security Administration (TSA) invites public comment on one currently approved Information Collection Request (ICR), Office of Management and Budget (OMB) control number 1652-0057, abstracted below that we will submit to the Office of Management and Budget (OMB) for a revision in compliance with the Paperwork Reduction Act (PRA). The ICR describes the nature of the information collection and its expected burden for the TSA Exercise Information System (EXIS). EXIS is a web portal designed to serve stakeholders in the transportation industry in regard to security training exercises. EXIS provides stakeholders with transportation security exercise scenarios and objectives, best practices and lessons learned, and a repository of the user's own historical exercise data for use in future exercises. It also allows stakeholders to design and evaluate their own security exercises based on the unique needs of their specific transportation mode or method of operation. Utilizing and inputting information into EXIS is completely voluntary.

DATES:

Send your comments by October 23, 2017.

ADDRESSES:

Comments may be emailed to TSAPRA@dhs.gov or delivered to the TSA PRA Officer, Office of Information Technology (OIT), TSA-11, Transportation Security Administration, 601 South 12th Street, Arlington, VA 20598-6011.

FOR FURTHER INFORMATION CONTACT:

Christina A. Walsh at the above address, or by telephone 571-227-2062.

SUPPLEMENTARY INFORMATION:

Comments Invited

In accordance with the Paperwork Reduction Act of 1995 (44 U.S.C. 3501 et seq.), an agency may not conduct or sponsor, and a person is not required to respond to, a collection of information unless it displays a valid OMB control number. The ICR documentation will be made available at http://www.reginfo.gov upon its submission to OMB. Therefore, in preparation for OMB review and approval of the following information collection, TSA is soliciting comments to—

(1) Evaluate whether the proposed information requirement is necessary for the proper performance of the functions of the agency, including whether the information will have practical utility;

(2) Evaluate the accuracy of the agency's estimate of the burden;

(3) Enhance the quality, utility, and clarity of the information to be collected; and

(4) Minimize the burden of the collection of information on those who are to respond, including using appropriate automated, electronic, mechanical, or other technological collection techniques or other forms of information technology.

Consistent with the requirements of Executive Orders (EO) 13771, Reducing Regulation and Controlling Regulatory Costs, and 13777, Enforcing the Regulatory Reform Agenda, TSA is also requesting comments on the extent to which this request for information could be modified to reduce the burden on respondents.

Information Collection Requirement

OMB Control Number 1652-0057; Exercise Information System. The Exercise Information System (EXIS) is an internet-accessible knowledge-management system developed by TSA to serve its relevant stakeholders (such as members of the transportation industry, port authorities, Federal agencies, and State and local governments). EXIS integrates security-related training and exercise components constituting Sensitive Security Information.^[1] It gives stakeholders valuable security exercise scenarios and objectives, best practices and lessons learned, and a repository of the users' own historical exercise data for use in future exercises. Transportation industry stakeholders can choose scenarios and objectives based on their vulnerabilities, mode of transportation, and the size of their operation.

TSA will collect five types of information through EXIS. The collection is voluntary. While EXIS users are not required to provide all information requested, if users choose to withhold information, they may not receive the benefits of EXIS associated with that information collection.

1. User registration information. Because EXIS includes SSI information, TSA must collect information upon registration to ensure only those members of the transportation community with a relevant interest in conducting security training exercises, and with an appropriate level of need to access security training information, are provided access to EXIS.

In this revision, TSA is modifying the type of user registration information collected. TSA previously collected the User's name, Professional Contact Information, Agency/Company, Job Title, Supervisor's Name, and Employment Verification Contact Information. In the revised collection, TSA will collect: The User's Name, Agency/Organization Name and Type, Job Title, Supervisor or other Sponsor's Name, Professional Phone Number, Professional Email Address, Employment Verification Contact Name, Employment Verification Contact Information, and the Reason for Needing an EXIS account. In addition, the following optional registration information can be added by the user: Professional (business), Country, City, State, Zip Code, Mobile Phone Number, Alternate Email, and Preferred Transportation Sector.

2. Desired nature and scope of the exercise. TSA collects this information to generate an EXIS training exercise appropriate for the particular user. Users are asked to submit their desired transportation mode, exercise properties, objectives, scenario events, and participating agencies/attendees.

3. Corrective actions/lessons learned/best practices. TSA collects this information to document and share the users' ideas and methods for improving transportation security with other transportation stakeholders in the wider EXIS user base. The TSA Intermodal Security Training and Exercise Program (I-STEP) office may send lessons learned and best practices to subject matter experts within TSA for review. Once the information is reviewed, any company or user identifying information is removed and the content is published to the site for all users to access.

4. Evaluation feedback. TSA collects this information for the purpose of evaluating the usefulness of EXIS in facilitating security training exercises for the users. TSA can then modify EXIS to better suit its users' needs.

5. After-Action Reports (AARs). The EXIS automatically summarizes information from items (2) and (3) mentioned above in order to create formal AARs for users. These AARs include an exercise overview, goals and objectives, scenario event synopsis, analysis of critical issues, exercise Start Printed Page 39901design characteristics, conclusions, and the executive summary. The AAR is the output of the exercise process. Stakeholders use the report to identify strengths or areas in which they can assign resources to mitigate risk and enhance the security posture within their organization.

Based on industry population estimates and growth rates, and interest generated amongst the transportation modes during the years following EXIS' release to the public, TSA estimates that there will be approximately 7,885 primary and secondary access users in Year 1, 9,447 users in Year 2, and 11,320 users in Year 3, for an average annual respondents estimate of 9,551. TSA estimates a proportion of primary access users and secondary users will spend approximately 3.5 hours per EXIS user inputting the information described above. TSA estimates secondary users will also spend approximately 0.25 hours completing a survey. Given this information, the total annual hourly burden for EXIS's collection of information is 4,820 hours.

Footnotes