Agency Information Collection Activities: Program Analysis and Evaluation (PA&E) Office, Stakeholder Engagement Division (SED) Convenings Evaluation

Issuing agencies

Abstract

The Office of the Chief Financial Officer (OCFO)/Program Analysis & Evaluation (PA&E) within Cybersecurity and Infrastructure Security Agency (CISA) submits the following information collection request (ICR) to the Office of Management and Budget (OMB) for review and clearance. CISA previously published this information collection request (ICR) in the Federal Register on September 5, 2024 for a 60-day public comment period. No comments were received by CISA. The purpose of this notice is to allow additional 30-days for public comments.

Full Text

<html>
<head>
<title>Federal Register, Volume 90 Issue 243 (Monday, December 22, 2025)</title>
</head>
<body><pre>
[Federal Register Volume 90, Number 243 (Monday, December 22, 2025)]
[Notices]
[Pages 59851-59852]
From the Federal Register Online via the Government Publishing Office [<a href="http://www.gpo.gov">www.gpo.gov</a>]
[FR Doc No: 2025-23504]



[[Page 59851]]

=======================================================================
-----------------------------------------------------------------------

DEPARTMENT OF HOMELAND SECURITY


Agency Information Collection Activities: Program Analysis and 
Evaluation (PA&E) Office, Stakeholder Engagement Division (SED) 
Convenings Evaluation

AGENCY: Cybersecurity and Infrastructure Security Agency (CISA), 
Department of Homeland Security (DHS).

ACTION: 30-Day notice and request for comments; New collection (request 
for a new OMB control number, 1670-NEW).

-----------------------------------------------------------------------

SUMMARY: The Office of the Chief Financial Officer (OCFO)/Program 
Analysis & Evaluation (PA&E) within Cybersecurity and Infrastructure 
Security Agency (CISA) submits the following information collection 
request (ICR) to the Office of Management and Budget (OMB) for review 
and clearance. CISA previously published this information collection 
request (ICR) in the Federal Register on September 5, 2024 for a 60-day 
public comment period. No comments were received by CISA. The purpose 
of this notice is to allow additional 30-days for public comments.

DATES: Comments are encouraged and will be accepted until January 21, 
2026. Submissions received after the deadline for receiving comments 
may not be considered.

ADDRESSES: Written comments and recommendations for the proposed 
information collection should be sent within 30 days of publication of 
this notice to <a href="http://www.reginfo.gov/public/do/PRAMain">www.reginfo.gov/public/do/PRAMain</a>. Find this particular 
information collection by selecting ``Currently under 30-day Review--
Open for Public Comments'' or by using the search function.
    The Office of Management and Budget is particularly interested in 
comments which:
    1. Evaluate whether the proposed collection of information is 
necessary for the proper performance of the functions of the agency, 
including whether the information will have practical utility;
    2. Evaluate the accuracy of the agency's estimate of the burden of 
the proposed collection of information, including the validity of the 
methodology and assumptions used;
    3. Enhance the quality, utility, and clarity of the information to 
be collected; and
    4. Minimize the burden of the collection of information on those 
who are to respond, including through the use of appropriate automated, 
electronic, mechanical, or other technological collection techniques or 
other forms of information technology, e.g., permitting electronic 
submissions of responses.

FOR FURTHER INFORMATION CONTACT: Yunsoo Park, 202-766-0098, 
<a href="/cdn-cgi/l/email-protection#0e577b607d6161205e6f7c654e6d677d6f206a667d20696178"><span class="__cf_email__" data-cfemail="bde4c8d3ced2d293eddccfd6fdded4cedc93d9d5ce93dad2cb">[email&#160;protected]</span></a>.

SUPPLEMENTARY INFORMATION: The Foundations for Evidence-Based 
Policymaking Act of 2018 (Pub. L. 115-435), or the Evidence Act, 
promotes the use of evidence to inform decision-making and requires 
federal agencies to undertake activities toward this end. Specifically, 
the Evidence Act requires agencies to develop Learning Agendas and 
Annual Evaluation Plans.
    CISA's Learning Agenda questions are documented in the Department 
of Homeland Security FY 2022-2026 Learning Agenda. In addition, its 
evaluations are included in the Department's Annual Evaluation Plans, 
indicating that the Department has recognized those evaluations as 
``significant.'' The Stakeholder Engagement Division (SED) Convenings 
Evaluation is one such significant evaluation and was included in the 
Department of Homeland Security FY 2023 Annual Evaluation Plan. CISA's 
PA&E Division (and any contractors, as applicable) is conducting this 
study.

SED Convenings Evaluation

    CISA SED leads CISA's national and international voluntary 
partnerships and engagements with critical infrastructure stakeholders 
while serving as the agency's hub for the shared stakeholder 
information that unifies CISA's approach to whole-of-nation operational 
collaboration and information sharing. CISA's voluntary partnership 
model relies on constant feedback and collaboration with critical 
infrastructure partners. One mechanism to seek this input is through 
the various convening activities, including Councils, Boards, and 
Committees, that CISA manages through SED. These convening mechanisms 
provide structure and an iterative process for bringing government, 
industry, and academic partners together to drive whole-of-nation 
operational collaboration. Other products and services offered to 
partners include analysis, reports, guidance, trainings, and scenario-
based drills developed to help the entire community do their part to 
raise the security baseline of critical infrastructure's assets, 
systems, and networks.
    This SED Convenings Evaluation will assess the extent to which 
CISA's convening activities, products, and services (1) provide timely, 
accurate, and useful information about security and risk resilience, 
including opportunities for meaningful information exchange between 
CISA and sector stakeholders; and (2) are accessed and used by 
stakeholders to enhance their abilities to respond to critical threats 
and improve strategic decision-making and risk reduction. This study 
also aims to increase understanding of the best practices for getting 
stakeholders engaged and building trusted relationships.
    This is a new information collection. Information will be collected 
by CISA PA&E (and any contractors, as applicable). The potential 
respondent universe for this evaluation includes individual 
representatives (approximately 1,000 cyber and physical security, 
emergency, and business continuity managers) of approximately 300 
member organizations from three critical infrastructure sectors 
[Critical Manufacturing, Commercial Facilities, and Nuclear Reactors, 
Materials, and Waste (herein referred to as ``Nuclear'')]. Those who 
have served as a representative for less than 3 months will be 
excluded.
    The burden for respondents will be minimized by restricting the 
survey and interview length, by conducting interviews at times 
convenient for respondents, and by not requiring record-keeping or 
written responses on the part of the respondents. Some member 
organizations may be small businesses. The evaluation team will only 
request information required for the purposes of the evaluation.
    Surveys. The survey will be created and sent using Qualtrics, a 
professional-grade survey software, in order to minimize burden. Using 
the email addresses of the representatives provided by the SED sector 
chiefs, the study team will send a link that participants can use to 
access and complete the survey using a tablet, smartphone, or laptop. 
Electronic submission will ensure the maximum response rate while also 
permitting respondents to complete the survey at a time of their own 
choosing.
    The survey will ask questions about the representatives' member 
organization (size and type); their satisfaction with CISA's convening 
activities, products, and services; the types of organizational changes 
made as a result of CISA's convening activities, products, and 
services; representatives' suggestions for improvement of CISA's 
convening activities, products, and services; and perceived quality of

[[Page 59852]]

relationships and engagements with CISA. The survey is designed so that 
each sector has a customized link with specific questions for that 
sector to account for some minor differences in the convenings, 
products, and services that each sector provides. This will help ensure 
that the members of each sector are asked questions that are most 
relevant to them.
    Interviews. The study team will also conduct a series of virtual 
interviews with up to 75 participants who complete the online survey 
and agree to participate in the interview. The study team plans to 
conduct the in-depth interviews by telephone or via a web-based 
conference call platform, such as Microsoft Teams. This format should 
be less burdensome to study participants than in-person interviews 
since they do not have to host study team members.
    The interviews will ask more in-depth information about 
representatives' reasons for satisfaction or dissatisfaction with 
CISA's convening activities, products, and services; types of 
organizational changes made as a result of CISA's convening activities, 
products, and services; and the quality of relationships with CISA.
    Without collecting this information, CISA will not meet the 
requirements of the Evidence Act to conduct program evaluations--
particularly, this SED Convenings Evaluation, which was included in the 
Department of Homeland Security FY 2023 Annual Evaluation Plan as a 
``significant'' evaluation. In addition, without collecting this 
information, SED, other CISA stakeholder engagement programs, and CISA-
at-large will not be able to understand whether and how CISA's 
convening activities, products, and services provide value and utility 
for stakeholders to enhance their decision-making and risk reduction. 
Thus, CISA will not have the information needed to learn how to improve 
the planning, execution, and delivery of the convenings, products, and 
services so that they are more meaningful, relevant, timely, and 
actionable for stakeholders. Without collecting this information, CISA 
will also not be able to assess how to best engage and build trusted 
relationships with stakeholders, which is needed to identify areas for 
improvement in how CISA collaborates and interacts with stakeholders to 
support information exchange within and across sectors.

Analysis

    Agency: Cybersecurity and Infrastructure Security Agency (CISA), 
Department of Homeland Security (DHS).
    Title: Program Analysis and Evaluation (PA&E) Office, Stakeholder 
Engagement Division (SED) Convenings Evaluation.
    OMB Number: 1670-NEW.
    Frequency: Once.
    Affected Public: General and operations managers of public and 
private sectors (e.g., cyber and physical security, emergency, and 
business continuity managers).
    Number of Respondents: 1,000.
    Estimated Time per Respondent: 0.17 hrs for 925 respondents (survey 
only); 1.17 hrs. for 75 respondents (survey and interview).
    Total Burden Hours: 242.
    Total Annual Burden Cost: $21,858.07.
    Total Government Burden Cost: $327,510.00.

Robert J. Costello,
Chief Information Officer, Department of Homeland Security, 
Cybersecurity and Infrastructure Security Agency.
[FR Doc. 2025-23504 Filed 12-19-25; 8:45 am]
BILLING CODE 4410-10-P


</pre><script data-cfasync="false" src="/cdn-cgi/scripts/5c5dd728/cloudflare-static/email-decode.min.js"></script></body>
</html>