AGENCY:

Transportation Security Administration, DHS.

ACTION:

60-day Notice.

SUMMARY:

The Transportation Security Administration (TSA) invites public comment on a new Information Collection Request (ICR) abstracted below that we will submit to the Office of Management and Budget (OMB) for approval in compliance with the Paperwork Reduction Act (PRA). The ICR describes the nature of the information collection and its expected burden for the TSA Exercise Information System (EXIS). EXIS is a Web portal designed to serve stakeholders in the transportation industry in regard to security training exercises. It provides stakeholders with exercise information tailored to the transportation industry, best practices, and previous work for use in future exercises. It also allows stakeholders to design their own security exercises based on the unique needs of their specific transportation mode or method of operation. Utilizing and inputting information into EXIS is completely voluntary.

DATES:

Send your comments by March 7, 2011.

ADDRESSES:

Comments may be e-mailed to TSAPRA@dhs.gov or delivered to the TSA PRA Officer, Office of Information Technology (OIT), TSA-11, Transportation Security Administration, 601 South 12th Street, Arlington, VA 20598-6011.

FOR FURTHER INFORMATION CONTACT:

Joanna Johnson at the above address, or by telephone (571) 227-3651.

SUPPLEMENTARY INFORMATION:

Comments Invited

In accordance with the Paperwork Reduction Act of 1995 (44 U.S.C. 3501 et seq.), an agency may not conduct or sponsor, and a person is not required to respond to, a collection of information unless it displays a valid OMB control number. The ICR documentation is available at http://www.reginfo.gov. Therefore, in preparation for OMB review and approval of the following information collection, TSA is soliciting comments to—

(1) Evaluate whether the proposed information requirement is necessary for the proper performance of the functions of the agency, including whether the information will have practical utility;

(2) Evaluate the accuracy of the agency's estimate of the burden;

(3) Enhance the quality, utility, and clarity of the information to be collected; and

(4) Minimize the burden of the collection of information on those who are to respond, including using appropriate automated, electronic, mechanical, or other technological collection techniques or other forms of information technology.

Information Collection Requirement

Purpose of Data Collection

The Exercise Information System (EXIS) is an Internet-accessible knowledge-management system developed by TSA serving stakeholders—industry, port authorities, Federal agencies, and State and local governments—and integrating other security-related training and exercise components at the sensitive security information level. It gives stakeholders valuable exercise information tailored to the transportation industry, best practices, and previous work for use in future exercises. With EXIS, transportation industry stakeholders can choose scenarios and objectives based on their particular needs, such as their transportation modes, or their regulated areas of operation.

EXIS is a data management system that provides end-to-end security exercise support, from the initial planning meeting, through exercise design, implementation, evaluation, and reporting. Working in a secure online environment, EXIS users can easily:

• Customize exercise design—develop objectives, scenarios, Master Scenario Events List (MSEL) items, contingency injects, evaluation metrics, and other data sets.
• Conduct robust analyses—sort evaluation data by exercise objectives, transportation modes, scenario types, or functional areas.
• Create analytical reports—identify and sort lessons learned, corrective actions, and best practices from past exercises or from those of other jurisdictions.
• Collaborate and share information—build relationships with partners.

EXIS was developed by TSA as part of its broad responsibilities and authorities under the Aviation and Transportation Security Act (ATSA),^[1] and delegated authority from the Secretary of Homeland Security, for “security in all modes of transportation * * * including security responsibilities * * * over modes of transportation that are exercised by the Department of Transportation.” ^[2] It is a component of TSA's Intermodal Security Training Exercise Program (I-STEP), which works with surface transportation stakeholders in developing and conducting security exercises. The I-STEP also fulfills requirements of the Implementing Recommendations of the 9/11 Commission Act of 2007 (9/11 Act) ^[3] regarding the establishment of security training exercises for surface modes of transportation that can assess and improve the capabilities of these modes in preventing, preparing for, mitigating against, responding to, and recovering from acts of terrorism.^[4]

EXIS helps users design an exercise through the use of a “wizard.” The wizard walks the user through a step-by-step process allowing them to build a profile for their exercise. EXIS provides users with suggested scenarios and Master Scenario Events List (MSEL) items based on the area of focus and objectives selected by the user. Users also have the ability to create custom MSEL items or modify a Generic EXIS Community Scenario. Exercise Administrators may suggest modified scenarios and custom MSEL items for the MSEL and scenario libraries.

At the completion of the wizard, EXIS generates a collaborative workspace for exercise team members to work within. All exercise elements can be customized Start Printed Page 793and saved. Lessons learned, best management practices, and corrective actions are pre-populated into the workspace based on the scenario and objectives of the exercise determined during its creation. EXIS is adaptable to changing exercise, tracking, and reporting needs as they mature and can support the addition of future exercise elements.

The program tags exercise objectives, scenarios, and findings, in order to automatically populate the database with lessons learned from past exercises conducted in similar environments. Users cannot only call up their own past experiences, but identify lessons learned by other organizations in the industry. Recognizing the extent to which surface modes include thousands of geographically dispersed owner/operators, such a Web-based capability is invaluable for connecting and sharing information.

By linking “exercise communities,” users can also tackle cross-jurisdictional issues, such as interoperability. Users are able to focus on the underlying issues of transportation security and preparedness, and avoid repeating costly mistakes. Finally, users can also provide feedback on the usefulness of EXIS itself so that TSA may improve this system to better suit the stakeholders' future security needs.

TSA intends EXIS to be used primarily by individuals with security responsibilities, such as heads of security, for public and private owner/operators in the surface transportation community, including mass transit systems, freight/rail operators, highway/trucking companies, school bus operators, and pipeline systems. These individuals, and other stakeholders, can voluntarily contact TSA to request access to EXIS; TSA does not require participation in EXIS. Those seeking access or desiring more information about I-STEP products and services can contact a TSA modal representative or send their request by e-mail to ISTEP@dhs.gov.

Description of Data Collection

TSA will collect five types of information through EXIS. The collection is voluntary. EXIS users are not required to provide all information requested—however, if users choose to withhold information, they will not receive the benefits of EXIS associated with that information collection.

1. User registration information. TSA will collect this information to ensure only those members of the transportation community with a relevant interest in conducting security training exercises and with an appropriate level of need to access security training information can be allowed onto EXIS. Such registration information will include the user's name, professional contact information, agency/company, job title, employer, and employment verification contact information.

2. Desired nature and scope of the exercise. TSA will collect this information to generate an EXIS training exercise appropriate for the particular user. Users are asked to submit their desired transportation mode, exercise properties, objectives, scenario events, other participating agencies, and pre-exercise data (to assess the user's state of readiness for transportation security incidents prior to the exercise).

3. Corrective actions/lessons learned/best practices. TSA collects this information to document and share the users' ideas and methods for improving transportation security with other transportation stakeholders.

4. Evaluation feedback. TSA collects this information for the purpose of evaluating the usefulness of EXIS in facilitating security training exercises for the users. TSA can then modify EXIS to better suit its users' needs.

5. After-Action Reports. TSA collects reports that summarize information from items (2) and (3) mentioned above in order to create formal After-Action Reports. This includes reports on the exercise overview, goals and objectives, scenario event synopsis, analysis of critical issues, exercise design characteristics, conclusions, and the executive summary.

Use of Results

TSA will use this information to assess and improve the capabilities of all surface transportation modes to prevent, prepare for, mitigate against, respond to, and recover from transportation security incidents. A failure to collect this information will limit TSA's ability to effectively test security countermeasures, security plans, and the ability of a modal operator to respond to and quickly recover after a transportation security incident. Insufficient awareness, prevention, response, and recovery to a transportation security incident will result in increased vulnerability of the U.S. transportation network and a reduced ability of DHS to assess system readiness.

Based on industry population estimates and growth rates, and interest generated amongst the surface transportation modes prior to EXIS' release to the public, TSA estimates that there will be approximately 380,000 users within the first three years of the system's use. TSA estimates users will spend approximately 8 hours per EXIS user inputting the information described above. TSA estimates that an EXIS user will conduct one security training exercise per year. Given this information, the total annual hour burden for this information collection for all respondents within the first three years of EXIS' release is estimated to be approximately 3,000,000. There are no fees to use EXIS. The total annual cost burden to respondents is $0.00.

Footnotes