AGENCY:

General Services Administration (GSA).

ACTION:

Notice of request for public comments regarding a new OMB information clearance.

SUMMARY:

Under the provisions of the Paperwork Reduction Act, the Regulatory Secretariat will be submitting to the Office of Management and Budget (OMB) a request to review and approve a new information collection requirement regarding Implementation of Information Technology Security Provision.

Public comments are particularly invited on: Whether this collection of information is necessary for the proper performance of functions of the GSAR, and whether it will have practical utility; whether our estimate of the public burden of this collection of information is accurate, and based on valid assumptions and methodology; ways to enhance the quality, utility, and clarity of the information to be collected; and ways in which we can Start Printed Page 78010minimize the burden of the collection of information on those who are to respond, through the use of appropriate technological collection techniques or other forms of information technology.

DATES:

Submit comments on or before February 13, 2012.

ADDRESSES:

Submit comments identified by Information Collection 3090-0294, Implementation of Information Technology Security Provision, by any of the following methods:

• Regulations.gov: http://www.regulations.gov. Submit comments via the Federal eRulemaking portal by inputting “Information Collection 3090-0294, Implementation of Information Technology Security Provision,” under the heading “Enter Keyword or ID” and selecting “Search”. Select the link “Submit a Comment” that corresponds with “Information Collection 3090-0294, Implementation of Information Technology Security Provision”. Follow the instructions provided at the “Submit a Comment” screen. Please include your name, company name (if any), and “Information Collection 3090-0294, Implementation of Information Technology Security Provision” on your attached document.
• Fax: (202) 501-4067.
• Mail: General Services Administration, Regulatory Secretariat (MVCB), 1275 First Street NE., Washington, DC 20417. Attn: Hada Flowers/IC 3090-0294, Implementation of Information Technology Security Provision.

Instructions: Please submit comments only and cite Information Collection 3090-0294, Implementation of Information Technology Security Provision, in all correspondence related to this collection. All comments received will be posted without change to http://www.regulations.gov,, including any personal and/or business confidential information provided.

FOR FURTHER INFORMATION CONTACT:

Ms. Deborah Lague, Procurement Analyst, Office of Acquisition Policy, at (202) 694-8149 or via email at deborah.lague@gsa.gov.

SUPPLEMENTARY INFORMATION:

A. Purpose

The General Services Administration (GSA) issued a interim rule (76 FR 34886) to implement a recommendation from the Office of the Inspector General (OIG) based on an internal audit of the security of GSA's information technology data and systems. The audit recommended that GSA develop standard requirements and deliverables for IT service contracts and task orders that promote compliance with GSA IT Security Policy and Procedures.

The rule requires contracting officers to insert the clause at 552.239-71, Security Requirements for Unclassified Information Technology Resources, in solicitations and contracts containing the provision at 552.239-70, Information Technology Security Plan and Accreditation. As such, the provision and clause will be inserted in solicitations that include information technology supplies, services or systems in which the contractor will have physical or electronic access to government information that directly supports the mission of GSA. The rule requires contractors, within 30 days after contract award to submit an IT Security Plan to the Contracting Officer and Contacting Officer's Representative that describes the processes and procedures that will be followed to ensure appropriate security of IT resources that are developed, processes, or used under the contract. The rule will also require that contractors submit written proof of IT security authorization six months after contract award, and verify that the IT Security Plan remains valid annually.

B. Annual Reporting Burden

Respondents: 147.

Responses per Respondent: 2.

Hours per Response: 5.

Total Burden Hours: 1,470.

Obtaining Copies of Proposals: Requesters may obtain a copy of the information collection documents from the General Services Administration, Regulatory Secretariat (MVCB), 1275 First Street NE., Washington, DC 20417, telephone (202) 501-4755. Please cite OMB Control No. 3090-0294, Implementation of Information Technology Security Provision, in all correspondence.