TSA Pipeline Security ICR

The TSA published a 60-day advance notice of intent to file a new information collection request (ICR) with the Office of Management and Budget (OMB) to allow TSA to collect information during planned Pipeline Corporate Security Reviews (PCSR). According to the ICR the “The Pipeline Corporate Security Review is a new information collection request that will assess domain awareness, threat prevention, and security awareness at various pipeline sites across the nation” (74 FR 42086). Comments on the proposed ICR are requested by October 19th. TSA is not handling the request for comments through the Regulations.gov web site that DHS normally uses for such ICR’s and no docket number is provided in the Federal Register Notice. Comments can be mailed to:

Ginger LeMay PRA Officer Office of Information Technology Transportation Security Administration 601 South 12th Street Arlington, VA 20598-6011

TSA plans to establish the PCSR program to allow TSA ‘subject matter experts) to conduct pipeline site visits and collect information on ten subject areas from the owner/operator of the pipeline. Those subject areas would be:

(1) Management and oversight of the security plan, (2) Threat assessment, (3) Criticality, (4) Vulnerability assessment, (5) Credentialing, (6) Training, (7) Physical security countermeasures, (8) Information technology security, (9) Security exercises and drills, and (10) Incident management and communications.

TSA maintains that the information collection would only take place in face-to-face meetings at the owner/operator’s location. TSA plans on conducting twelve of these 8 hour meetings per year at a potential 2,200 locations. Based on this count they expect the collection to take 100 hours/year of agency time and be done at no cost to the owner/operators (eight hours of owner/operator time costs nothing?).