Today the Transportation Security Administration published a
60-day information collection request (ICR) renewal notice in the Federal
Register (78 FR
50077-50078) supporting the information reporting guidelines outlined in
the Pipeline
Security Guidelines. The information collections supported here are all
voluntary in nature.
There are two specific types of information requests covered
in this ICR renewal; security manager contact information and incident
reporting information. TSA is requesting the contact information so that they
might be able to contact the security manager in a timely manner if they
develop security information that might be of interest to the pipeline
owner/operator. The ICR notice does not explain why TSA wants to be notified of
pipeline security incidents, but it is presumably so that they may share incident information with other
owner/operators as necessary to prevent attacks on other pipelines.
Incident Reporting
The types of incident information that TSA suggest should be
reported to the Transportation Security Operation Center (TSOC; 866-615-5150 or
TSOC.ST@dhs.gov) includes:
• Explosions or fires of a
suspicious nature affecting pipeline systems, facilities, or assets;
• Actual or suspected attacks on
pipeline systems, facilities, or assets;
• Bomb threats or weapons of mass
destruction (WMD) threats to pipeline systems, facilities, or assets;
• Theft of pipeline company
vehicles, uniforms, or employee credentials;
• Suspicious persons or vehicles
around pipeline systems, facilities, assets, or right-of-way;
• Suspicious photography or
possible surveillance of pipeline systems, facilities, or assets;
• Suspicious phone calls from
people asking about the vulnerabilities or security practices of a pipeline
system, facility, or asset operation;
• Suspicious individuals applying
for security-sensitive positions in the pipeline company;
• Theft or loss of Sensitive
Security Information (SSI) (detailed pipeline maps, security plans, etc.); andShow
citation box
• Actual or suspected cyber-attacks
that could impact pipeline Supervisory Control and Data Acquisition (SCADA) or
enterprise associated IT systems.
Burden Estimate
The table below shows the burden estimate for this renewal
notice and the previously
approved ICR.
|
|
This Notice
|
Previous
|
|
Reports
|
3,340
|
3,440
|
|
Burden Hours
|
845
|
895
|
|
Burden Cost
|
0
|
0
|
The changes in burden reporting reflects a change in the
number of estimated incidents, 140 incidents were estimated in the earlier ICR
Notice but only 40 incidents in this
notice. I would assume that the change is based on the actual number of
incidents reported to date to TSA, but that is not specifically stated in this
notice.
Public Comments
The TSA is soliciting public comments on this ICR renewal.
They request that such comments be sent to the TSA PRA Officer (TSAPRA@dhs.gov). There is no explanation
given as to why TSA is not using the Federal eRulemaking Portal for taking
these comment submissions. It will certainly make it more difficult to
determine if the TSA has responded to any such comments when they submit the
30-day notice sometime in the indeterminate future.
Posts
No comments:
Post a Comment