Legal Status This site displays a prototype of a “Web 2.0” version of the daily
Federal Register. It is not an official legal edition of the Federal
Register, and does not replace the official print version or the official
electronic version on GPO’s govinfo.gov.

The documents posted on this site are XML renditions of published Federal
Register documents. Each document posted on the site includes a link to the
corresponding official PDF file on govinfo.gov. This prototype edition of the
daily Federal Register on FederalRegister.gov will remain an unofficial
informational resource until the Administrative Committee of the Federal
Register (ACFR) issues a regulation granting it official legal status.
For complete information about, and access to, our official publications
and services, go to About the Federal Register on NARA's archives.gov.

The OFR/GPO partnership is committed to presenting accurate and reliable
regulatory information on FederalRegister.gov with the objective of
establishing the XML-based Federal Register as an ACFR-sanctioned
publication in the future. While every effort has been made to ensure that
the material on FederalRegister.gov is accurately displayed, consistent with
the official SGML-based PDF version on govinfo.gov, those relying on it for
legal research should verify their results against an official edition of
the Federal Register. Until the ACFR grants it official status, the XML
rendition of the daily Federal Register on FederalRegister.gov does not
provide legal notice to the public or judicial notice to the courts.

Legal Status

Notice

Information Collection Requirements; Defense Federal Acquisition Regulation Supplement (DFARS); Cyber Incident Reporting and Cloud Computing

A Notice by the Defense Acquisition Regulations System on 01/14/2026

• 1.

1.

• Document Details Published Content - Document Details Agencies Department of Defense Defense Acquisition Regulations System Agency/Docket Numbers Docket Number DARS-2025-0006 OMB Control Number 0704-0478 Document Citation 91 FR 1511 Document Number 2026-00544 Document Type Notice Pages 1511-1512
  (2 pages) Publication Date 01/14/2026 Published Content - Document Details

• PDF Official Content

  • View printed version (PDF) Official Content

• Document Details Published Content - Document Details Agencies Department of Defense Defense Acquisition Regulations System Agency/Docket Numbers Docket Number DARS-2025-0006 OMB Control Number 0704-0478 Document Citation 91 FR 1511 Document Number 2026-00544 Document Type Notice Pages 1511-1512
  (2 pages) Publication Date 01/14/2026 Published Content - Document Details

• Document Dates Published Content - Document Dates Comments Close 01/14/2026 Dates Text DoD will consider all comments received by January 14, 2026. Published Content - Document Dates

• Table of Contents Enhanced Content - Table of Contents This table of contents is a navigational tool, processed from the
  headings within the legal text of Federal Register documents.
  This repetition of headings to form internal navigation links
  has no substantive legal effect.

  • AGENCY:
  • ACTION:
  • SUMMARY:
  • DATES:
  • ADDRESSES:
  • FOR FURTHER INFORMATION CONTACT:
  • SUPPLEMENTARY INFORMATION: Enhanced Content - Table of Contents

• Related Documents Enhanced Content - Related Documents FederalRegister.gov uses the agency dockets published with the document to display related documents.

| Docket Number DARS-2025-0006
(3 Documents) | | | |
| --- | | | |
| Date | | Action | Title |
| | 2026-01-14 | Supplemental notice. | Information Collection Requirements; Defense Federal Acquisition Regulation Supplement (DFARS); Cyber Incident Reporting and Cloud Computing |
| | 2026-01-05 | Notice. | Information Collection Requirements; Defense Federal Acquisition Regulation Supplement (DFARS); Cyber Incident Reporting and Cloud Computing |
| | 2025-06-06 | Notice and request for comments regarding a proposed extension of an approved information collection requirement. | Information Collection Requirements; Defense Federal Acquisition Regulation Supplement (DFARS); Cyber Incident Reporting and Cloud Computing |

| OMB Control Number 0704-0478
(7 Documents) | | | |
| --- | | | |
| Date | | Action | Title |
| | 2026-01-14 | Supplemental notice. | Information Collection Requirements; Defense Federal Acquisition Regulation Supplement (DFARS); Cyber Incident Reporting and Cloud Computing |
| | 2026-01-05 | Notice. | Information Collection Requirements; Defense Federal Acquisition Regulation Supplement (DFARS); Cyber Incident Reporting and Cloud Computing |
| | 2025-06-06 | Notice and request for comments regarding a proposed extension of an approved information collection requirement. | Information Collection Requirements; Defense Federal Acquisition Regulation Supplement (DFARS); Cyber Incident Reporting and Cloud Computing |
| | 2022-08-31 | Notice. | Information Collection Requirements; Defense Federal Acquisition Regulation Supplement (DFARS); Cyber Incident Reporting and Cloud Computing |
| | 2022-06-21 | Notice and request for comments regarding a proposed extension of an approved information collection requirement. | Information Collection Requirements; Defense Federal Acquisition Regulation Supplement (DFARS); Cyber Incident Reporting and Cloud Computing |
| | 2019-07-30 | Notice. | Information Collection Requirement; Defense Federal Acquisition Regulation Supplement (DFARS); Cyber Incident Reporting and Cloud Computing; Submission for OMB Review; Comment Request |
| | 2019-05-22 | Notice and request for comments regarding a proposed extension of an approved information collection requirement. | Information Collection Requirement; Defense Federal Acquisition Regulation Supplement (DFARS); Cyber Incident Reporting and Cloud Computing |

Enhanced Content - Related Documents

• Public Comments Enhanced Content - Public Comments Comments are no longer being accepted. See DATES for details.

Enhanced Content - Public Comments
- Regulations.gov Data Enhanced Content - Regulations.gov Data Additional information is not currently available for this document.

Enhanced Content - Regulations.gov Data

- Sharing Enhanced Content - Sharing Shorter Document URL https://www.federalregister.gov/d/2026-00544 Email Email this document to a friend Enhanced Content - Sharing

• Print Enhanced Content - Print
  • Print this document Enhanced Content - Print
• Document Statistics Enhanced Content - Document Statistics Document page views are updated periodically throughout the day and are cumulative counts for this document. Counts are subject to sampling, reprocessing and revision (up or down) throughout the day.

Page views 154
as of
03/14/2026 at 2:15 pm EDT Enhanced Content - Document Statistics
- Other Formats Enhanced Content - Other Formats This document is also available in the following formats:

JSON Normalized attributes and metadata XML Original full text XML MODS Government Publishing Office metadata More information and documentation can be found in our developer tools pages.

Enhanced Content - Other Formats
- Public Inspection Public Inspection This PDF is FR Doc. 2026-00544 as it appeared on Public Inspection on
01/13/2026 at 8:45 am.

It was viewed
12
times while on Public Inspection.

If you are using public inspection listings for legal research, you
should verify the contents of the documents against a final, official
edition of the Federal Register. Only official editions of the
Federal Register provide legal notice of publication to the public and judicial notice
to the courts under 44 U.S.C. 1503 & 1507. Learn more here.

Public Inspection
Published Document: 2026-00544 (91 FR 1511) This document has been published in the Federal Register. Use the PDF linked in the document sidebar for the official electronic format.

Document Headings Document headings vary by document type but may contain
the following:

1. the agency or agencies that issued and signed a document
2. the number of the CFR title and the number of each part the document amends, proposes to amend, or is directly related to
3. the agency docket number / agency internal file number
4. the RIN which identifies each regulatory action listed in the Unified Agenda of Federal Regulatory and Deregulatory Actions See the Document Drafting Handbook for more details.

Department of Defense

Defense Acquisition Regulations System

1. [Docket Number DARS-2025-0006; OMB Control Number 0704-0478]

AGENCY:

Defense Acquisition Regulations System; Department of Defense (DoD).

ACTION:

Supplemental notice.

( printed page 1512)

SUMMARY:

The Defense Acquisition Regulations System has submitted to OMB for clearance the following proposal for collection of information under the provisions of the Paperwork Reduction Act. This document updates the instructions for submission of comments.

DATES:

DoD will consider all comments received by January 14, 2026.

ADDRESSES:

Written comments and recommendations for the proposed information collection should be sent within 30 days of publication of this notice to https://www.reginfo.gov/​public/​do/​PRAMain. Find this particular information collection by selecting “Currently under 30-day Review—Open for Public Comments” or by using the search function.

You may also submit comments, identified by docket number and title, by the following method: Federal eRulemaking Portal: https://www.regulations.gov. Follow the instructions for submitting comments.

FOR FURTHER INFORMATION CONTACT:

Mr. Reginald T. Lucas, 571-372-7574, or whs.mc-alex.esd.mbx.dd-dod-information-collections@mail.mil.

SUPPLEMENTARY INFORMATION:

In the Federal Register of January 5, 2026, in FR Doc. 2025-24248, on page 255, this supplemental notice adds an ADDRESSES caption to include public comment instructions.

Title and OMB Number: Safeguarding Covered Defense Information, Cyber Incident Reporting, and Cloud Computing; OMB Control Number 0704-0478.

Affected Public: Businesses or other for-profit and not-for-profit institutions.

Respondent's Obligation: Required to obtain or retain benefits.

Reporting Frequency: On occasion.

Number of Respondents: 1,971.

Responses per Respondent: 8.2, approximately.

Annual Responses: 16,223.

Average Burden per Response: 0.42 hours.

Annual Burden Hours: 6,770.

Needs and Uses: Offerors and contractors must report cyber incidents on unclassified networks or information systems, within cloud computing services, and when they affect contractors designated as providing operationally critical support, as required by statute.

a. The clause at DFARS 252.204-7012, Safeguarding Covered Defense Information and Cyber Incident Reporting, covers cyber incident reporting requirements for incidents that affect a covered contractor information system or the covered defense information residing therein, or that affects the contractor's ability to perform the requirements of the contract that are designated as operationally critical support and identified in the contract.

b. The provision at DFARS 252.204-7008, Compliance with Safeguarding Covered Defense Information Controls, requires an offeror that proposes to vary from any of the security controls of National Institute of Standards and Technology (NIST) Special Publication (SP) 800-171 in effect at the time the solicitation is issued to submit to the contracting officer a written explanation of how the specified security control is not applicable or an alternative control or protective measure is used to achieve equivalent protection.

c. The provision at DFARS 252.239-7009, Representation of Use of Cloud Computing, requires offerors to report that they “anticipate” or “do not anticipate” utilizing cloud computing service in performance of a contract resulting from a solicitation containing the provision. The representation will notify contracting officers of the applicability of the cloud computing requirements of the DFARS 252.239-7010 clause of the contract.

d. The clause at DFARS 252.239-7010, Cloud Computing Services, requires reporting of cyber incidents that occur when DoD is purchasing cloud computing services.

These DFARS provisions and clauses facilitate mandatory cyber incident reporting requirements in accordance with statutory regulations. When reports are submitted, DoD will analyze the reported information for cyber threats and vulnerabilities in order to develop response measures as well as improve U.S. Government understanding of advanced cyber threat activity. In addition, the security requirements in NIST SP 800-171 are specifically tailored for use in protecting sensitive information residing in contractor information systems and generally reduce the burden placed on contractors by eliminating Federal-centric processes and requirements. The information provided will inform DoD in assessing the overall risk to DoD covered defense information on unclassified contractor systems and networks.

DoD Clearance Officer: Mr. Reginald T. Lucas. Requests for copies of the information collection proposal should be sent to Mr. Lucas at whs.mc-alex.esd.mbx.dd-dod-information-collections@mail.mil.

Kimberly R. Ziegler,

Editor/Publisher, Defense Acquisition Regulations System.

[FR Doc. 2026-00544 Filed 1-13-26; 8:45 am]

BILLING CODE 6001-FR-P

Published Document: 2026-00544 (91 FR 1511)