# Agency Information Collection Activities: CISA Gateway User Registration
**AGENCY:**
Cybersecurity and Infrastructure Security Agency (CISA), Department of Homeland Security (DHS).
**ACTION:**
60-Day notice and request for comments; reinstatement, 1670-0009.
**SUMMARY:**
DHS CISA ISD will submit the following information collection request (ICR) to the Office of Management and Budget (OMB) for review and clearance.
**DATES:**
Comments are due by February 5, 2024.
**ADDRESSES:**
You may submit comments, identified by docket number CISA-2023-0017 at:
*Federal eRulemaking Portal:**http://www.regulations.gov.* Please follow the instructions for submitting comments.
*Instructions:* All submissions received must include the words “Department of Homeland Security” and the docket number for this action. Comments received will be posted without alteration at *http://www.regulations.gov,* including any personal information provided.
*Docket:* For access to the docket and comments received, please go to *www.regulations.gov* and enter docket number CISA-2023-0017.
Comments submitted in response to this notice may be made available to the public through relevant websites. For this reason, please do not include in your comments information of a confidential nature, such as sensitive personal information or proprietary information. If you send an email comment, your email address will be automatically captured and included as part of the comment that is placed in the public docket and made available on the internet. Please note that responses to this public comment request containing any routine notice about the confidentiality of the communication will be treated as public comments that may be made available to the public notwithstanding the inclusion of the routine notice.
**FOR FURTHER INFORMATION CONTACT:**
Ricky Morgan, 703-235-9545, *[email protected].*
**SUPPLEMENTARY INFORMATION:**
The Homeland Security Presidential Directive-7, Presidential Policy Directive-21, and the National Infrastructure Protection Plan highlight the need for a centrally managed repository of infrastructure attributes capable of assessing risks and facilitating data sharing. To support this mission need, the DHS CISA ISD developed the CISA Gateway. The CISA Gateway contains several capabilities which support the homeland security mission in the area of critical infrastructure (CI) protection.
The purpose of this collection is to gather the details pertaining to the users of the CISA Gateway for the purpose of creating accounts to access the CISA Gateway. This information is also used to verify a need to know to access the CISA Gateway. After being vetted and granted access, users are prompted and required to take an online training course upon first logging into the system. After completing the training, users are permitted full access to the system. In addition, this collection will gather feedback from the users of the CISA Gateway to determine any future system improvements.
The information gathered will be used by the CISA Gateway Program Management Team to vet users for a need to know and grant access to the system. As part of the registration process, users are required to take a one-time online training course. When logging into the system for the first time, the system prompts users to take the training courses. Users cannot opt out of the training and are required to take the course in order to gain and maintain access to the system. When users complete the training, the system automatically logs that the training is complete and allows full access to the system.
The collection of information uses automated electronic forms. During the online registration process, there is an electronic form used to create a user account and an online training course required to grant access.
The collection was initially approved on October 9, 2007 and the most recent approval was on August 28, 2020 with an expiration date of August 31, 2023. The changes to the collection since the previous OMB approval include: updating the title of the collection, decrease in burden estimates and decrease in costs. The total annual burden cost for the collection has decreased by $1,193, from $5,321 to $4,128 due to the removal of the utilization survey. The total number of responses has decreased from 350 to 200 due to the removal of the utilization survey. The annual government cost for the collection has decreased by $6,945 from $12,668 to 5,723, due to the removal of the utilization survey.
This is a reinstatement with changes of an information collection. OMB is particularly interested in comments that:
1. Evaluate whether the proposed collection of information is necessary for the proper performance of the functions of the agency, including whether the information will have practical utility;
2. Evaluate the accuracy of the agency's estimate of the burden of the proposed collection of information, including the validity of the methodology and assumptions used;
3. Enhance the quality, utility, and clarity of the information to be collected; and
4. Minimize the burden of the collection of information on those who are to respond, including through the use of appropriate automated, electronic, mechanical, or other technological collection techniques or other forms of information technology, *e.g.,* permitting electronic submissions of responses.
**Analysis**
*Agency:* Cybersecurity and Infrastructure Security Agency (CISA), Department of Homeland Security (DHS).
*Title of Collection:* CISA Gateway User Registration.
*OMB Control Number:* 1670-0009.
*Frequency:* Annually.
*Affected Public:* State, Local, Tribal, and Territorial Governments and Private Sector Individuals.
*Number of Annualized Respondents:* 200.
*Estimated Time per Respondent:* 0.17 hours for Registration, 0.5 hours for Training.
*Total Annualized Burden Hours:* 67 hours.
*Total Annualized Respondent Opportunity Cost:* $4,128.
Total Annualized Respondent Out-of-Pocket Cost: $0.
*Total Annualized Government Cost:* $5,723.
Robert J. Costello,
Chief Information Officer, Department of Homeland Security, Cybersecurity and Infrastructure Security Agency.