# Agency Information Collection Activities: Program Analysis and Evaluation (PA&E) Office, Stakeholder Engagement Division (SED) Convenings Evaluation
**AGENCY:**
Cybersecurity and Infrastructure Security Agency (CISA), Department of Homeland Security (DHS).
**ACTION:**
30-Day notice and request for comments; New collection (request for a new OMB control number, 1670-NEW).
**SUMMARY:**
The Office of the Chief Financial Officer (OCFO)/Program Analysis & Evaluation (PA&E) within Cybersecurity and Infrastructure Security Agency (CISA) submits the following information collection request (ICR) to the Office of Management and Budget (OMB) for review and clearance. CISA previously published this information collection request (ICR) in the *Federal Register* on September 5, 2024 for a 60-day public comment period. No comments were received by CISA. The purpose of this notice is to allow additional 30-days for public comments.
**DATES:**
Comments are encouraged and will be accepted until *January 21, 2026.* Submissions received after the deadline for receiving comments may not be considered.
**ADDRESSES:**
Written comments and recommendations for the proposed information collection should be sent within 30 days of publication of this notice to *www.reginfo.gov/public/do/PRAMain.* Find this particular information collection by selecting “Currently under 30-day Review—Open for Public Comments” or by using the search function.
The Office of Management and Budget is particularly interested in comments which:
1. Evaluate whether the proposed collection of information is necessary for the proper performance of the functions of the agency, including whether the information will have practical utility;
2. Evaluate the accuracy of the agency's estimate of the burden of the proposed collection of information, including the validity of the methodology and assumptions used;
3. Enhance the quality, utility, and clarity of the information to be collected; and
4. Minimize the burden of the collection of information on those who are to respond, including through the use of appropriate automated, electronic, mechanical, or other technological collection techniques or other forms of information technology, *e.g.,* permitting electronic submissions of responses.
**FOR FURTHER INFORMATION CONTACT:**
Yunsoo Park, 202-766-0098, *[email protected].*
**SUPPLEMENTARY INFORMATION:**
The Foundations for Evidence-Based Policymaking Act of 2018 ( *Pub. L. 115-435* ), or the Evidence Act, promotes the use of evidence to inform decision-making and requires federal agencies to undertake activities toward this end. Specifically, the Evidence Act requires agencies to develop Learning Agendas and Annual Evaluation Plans.
CISA's Learning Agenda questions are documented in the Department of Homeland Security FY 2022-2026 Learning Agenda. In addition, its evaluations are included in the Department's Annual Evaluation Plans, indicating that the Department has recognized those evaluations as “significant.” The Stakeholder Engagement Division (SED) Convenings Evaluation is one such significant evaluation and was included in the Department of Homeland Security FY 2023 Annual Evaluation Plan. CISA's PA&E Division (and any contractors, as applicable) is conducting this study.
**SED Convenings Evaluation**
CISA SED leads CISA's national and international voluntary partnerships and engagements with critical infrastructure stakeholders while serving as the agency's hub for the shared stakeholder information that unifies CISA's approach to whole-of-nation operational collaboration and information sharing. CISA's voluntary partnership model relies on constant feedback and collaboration with critical infrastructure partners. One mechanism to seek this input is through the various convening activities, including Councils, Boards, and Committees, that CISA manages through SED. These convening mechanisms provide structure and an iterative process for bringing government, industry, and academic partners together to drive whole-of-nation operational collaboration. Other products and services offered to partners include analysis, reports, guidance, trainings, and scenario-based drills developed to help the entire community do their part to raise the security baseline of critical infrastructure's assets, systems, and networks.
This SED Convenings Evaluation will assess the extent to which CISA's convening activities, products, and services (1) provide timely, accurate, and useful information about security and risk resilience, including opportunities for meaningful information exchange between CISA and sector stakeholders; and (2) are accessed and used by stakeholders to enhance their abilities to respond to critical threats and improve strategic decision-making and risk reduction. This study also aims to increase understanding of the best practices for getting stakeholders engaged and building trusted relationships.
This is a new information collection. Information will be collected by CISA PA&E (and any contractors, as applicable). The potential respondent universe for this evaluation includes individual representatives (approximately 1,000 cyber and physical security, emergency, and business continuity managers) of approximately 300 member organizations from three critical infrastructure sectors [Critical Manufacturing, Commercial Facilities, and Nuclear Reactors, Materials, and Waste (herein referred to as “Nuclear”)]. Those who have served as a representative for less than 3 months will be excluded.
The burden for respondents will be minimized by restricting the survey and interview length, by conducting interviews at times convenient for respondents, and by not requiring record-keeping or written responses on the part of the respondents. Some member organizations may be small businesses. The evaluation team will only request information required for the purposes of the evaluation.
*Surveys.* The survey will be created and sent using Qualtrics, a professional-grade survey software, in order to minimize burden. Using the email addresses of the representatives provided by the SED sector chiefs, the study team will send a link that participants can use to access and complete the survey using a tablet, smartphone, or laptop. Electronic submission will ensure the maximum response rate while also permitting respondents to complete the survey at a time of their own choosing.
The survey will ask questions about the representatives' member organization (size and type); their satisfaction with CISA's convening activities, products, and services; the types of organizational changes made as a result of CISA's convening activities, products, and services; representatives' suggestions for improvement of CISA's convening activities, products, and services; and perceived quality of relationships and engagements with CISA. The survey is designed so that each sector has a customized link with specific questions for that sector to account for some minor differences in the convenings, products, and services that each sector provides. This will help ensure that the members of each sector are asked questions that are most relevant to them.
*Interviews.* The study team will also conduct a series of virtual interviews with up to 75 participants who complete the online survey and agree to participate in the interview. The study team plans to conduct the in-depth interviews by telephone or via a web-based conference call platform, such as Microsoft Teams. This format should be less burdensome to study participants than in-person interviews since they do not have to host study team members.
The interviews will ask more in-depth information about representatives' reasons for satisfaction or dissatisfaction with CISA's convening activities, products, and services; types of organizational changes made as a result of CISA's convening activities, products, and services; and the quality of relationships with CISA.
Without collecting this information, CISA will not meet the requirements of the Evidence Act to conduct program evaluations—particularly, this SED Convenings Evaluation, which was included in the Department of Homeland Security FY 2023 Annual Evaluation Plan as a “significant” evaluation. In addition, without collecting this information, SED, other CISA stakeholder engagement programs, and CISA-at-large will not be able to understand whether and how CISA's convening activities, products, and services provide value and utility for stakeholders to enhance their decision-making and risk reduction. Thus, CISA will not have the information needed to learn how to improve the planning, execution, and delivery of the convenings, products, and services so that they are more meaningful, relevant, timely, and actionable for stakeholders. Without collecting this information, CISA will also not be able to assess how to best engage and build trusted relationships with stakeholders, which is needed to identify areas for improvement in how CISA collaborates and interacts with stakeholders to support information exchange within and across sectors.
**Analysis**
*Agency:* Cybersecurity and Infrastructure Security Agency (CISA), Department of Homeland Security (DHS).
*Title:* Program Analysis and Evaluation (PA&E) Office, Stakeholder Engagement Division (SED) Convenings Evaluation.
*OMB Number:* 1670-NEW.
*Frequency:* Once.
*Affected Public:* General and operations managers of public and private sectors ( *e.g.,* cyber and physical security, emergency, and business continuity managers).
*Number of Respondents:* 1,000.
*Estimated Time per Respondent:* 0.17 hrs for 925 respondents (survey only); 1.17 hrs. for 75 respondents (survey and interview).
*Total Burden Hours:* 242.
*Total Annual Burden Cost:* $21,858.07.
*Total Government Burden Cost:* $327,510.00.
Robert J. Costello,
Chief Information Officer, Department of Homeland Security, Cybersecurity and Infrastructure Security Agency.