Pipeline Cyber Checks Updated by TSA: Comments Welcome
Published Date: 1/2/2026
Notice
Summary
The TSA is updating how it collects info from pipeline companies to keep security strong, especially around cybersecurity rules. This affects pipeline businesses who must keep up with these security checks and rules. Comments on these changes are open until February 2, 2026, and the update helps TSA make sure pipelines stay safe without adding extra hassle or costs.
Analyzed Economic Effects
6 provisions identified: 1 benefits, 4 costs, 1 mixed.
Mandatory Cybersecurity Implementation Plan
If TSA designates your pipeline company as critical, you must submit a Cybersecurity Implementation Plan to TSA for approval (there is no designated form or format). Once TSA approves it, you must implement and maintain all measures and submit any changes to the plan for TSA approval under the TSA Security Directive Pipeline-2021-02 series.
Incident Response Plan and Annual Testing
Designated critical pipeline owner/operators must develop and keep an up-to-date Cybersecurity Incident Response Plan for critical cyber systems and must test the plan at least once every year. The testing requirement is explicitly stated as "no less than annually."
Annual Cybersecurity Assessment Plan Submission
Pipeline owner/operators designated critical must submit a Cybersecurity Assessment Plan to TSA for approval on an annual basis (there is no designated form or format). This is a recurring, yearly submission requirement tied to the Security Directive Pipeline-2021-02 series.
Information Collection Renewal and Burden Estimate
TSA is revising the collection title and seeking renewal of this information collection (OMB Control Number 1652-0056) for a 3-year approval period. TSA estimates 100 annual respondents and 80,231 estimated annual burden hours for the collection; comments are due by February 2, 2026.
Recordkeeping and Sensitive Security Information Protection
Pipeline owner/operators must maintain records that show compliance with the SD Pipeline-2021-02 series and make them available to TSA on request for inspection or copying. Submissions made under the voluntary PCSR or mandatory SD Pipelines-2021-02 series are treated as Sensitive Security Information (SSI) and protected under 49 CFR part 1520.
Voluntary Pipeline Corporate Security Reviews Continue
TSA continues to conduct Pipeline Corporate Security Reviews (CSRs) as a voluntary, face-to-face program, usually at pipeline headquarters, using a structured CSR Question Set to assess physical security practices. Participation in CSRs remains voluntary rather than mandatory.
Your PRIA Score
Personalized for You
How does this regulation affect your finances?
Sign up for a PRIA Policy Scan to see your personalized alignment score for this federal register document and every other regulation we track. We analyze your financial profile against policy provisions to show you exactly what matters to your wallet.
Key Dates
Department and Agencies
Related Federal Register Documents
2026-11784 — New Agency Information Collection Activity Under OMB Review: Real-Time Wait-Time Dashboarding
The TSA is asking for approval to collect real-time wait-time data from airports to help passengers know how long security lines are. This info won’t include any personal details and will be gathered electronically. If you want to share your thoughts, you have until July 13, 2026, to comment before the plan moves forward.
2026-11552 — Temporary Exemption for Certain Over-the-Road Bus Owner/Operators That Provide Fixed-Route Service to the Public
The TSA is giving certain bus owner/operators a temporary break from some security training rules so they can run fixed-route services during the FIFA World Cup 2026. This exemption covers buses traveling through or starting/ending in key U.S. cities hosting the event, from June 10 to July 31, 2026. It helps buses get fans where they need to go without extra paperwork, making the big soccer event smoother and more fun!
2026-11136 — Revision of Agency Information Collection Activity Under OMB Review: TSA PreCheck® Application Program
TSA is updating how they collect info for the TSA PreCheck® application to make the process smoother for travelers. If you apply for TSA PreCheck® or are part of Trusted Traveler programs, you’ll share some personal and biometric details through TSA’s online systems. Comments on these changes are open until July 6, 2026, and there’s no new fee—just a smarter way to apply!
2026-08578 — Intent To Request Extension From OMB of One Current Public Collection of Information: Law Enforcement/Federal Air Marshal Service Physical and Mental Health Certification
The TSA is asking to keep collecting health info from Federal Air Marshal applicants and current marshals to make sure they’re fit for duty. This paperwork helps keep our skies safe without adding new costs or big changes. If you want to share your thoughts, you’ve got until July 6, 2026, to speak up!
2026-08532 — Extension of Agency Information Collection Activity Under OMB Review: TSA Reimbursable Screening Services Program (RSSP) Pilot Request
TSA is asking to keep collecting info for its Reimbursable Screening Services Program (RSSP), which lets businesses and groups get TSA security checks outside regular airport screening areas. This extension means the program can keep running smoothly without extra costs or delays. If you have thoughts, you’ve got until June 1, 2026, to share them!
2026-07857 — Intent To Request Approval From OMB of One New Public Collection of Information: Insider Threat Incident Reporting Tool
The TSA is planning to launch a new tool where the public can report insider threats—people who might cause security problems from the inside. This helps TSA keep transportation safe and requires folks to share some details about suspicious events. Comments on this plan are open until June 22, 2026, and TSA wants to make sure this process is easy and useful without costing too much time or money.
Previous / Next Documents
Previous: 2025-24197 — Prestressed Concrete Steel Wire Strand From Argentina, Colombia, Egypt, Indonesia, Italy, Malaysia, Netherlands, Saudi Arabia, South Africa, Spain, Taiwan, Tunisia, Turkey, Ukraine, and the United Arab Emirates; Institution of Five-Year Reviews
The U.S. International Trade Commission is checking if ending special taxes on prestressed concrete steel wire strand from 16 countries, including Turkey, Argentina, and Italy, would hurt American businesses. They want input from companies and the public by early 2026 to decide if these taxes should stay. This review could impact prices and jobs in the steel and construction industries.
Next: 2025-24199 — Passenger Vehicle and Light Truck Tires From China; Institution of a Five-Year Reviews
The U.S. is checking if special taxes on tires from China should stay to protect American tire makers. If these taxes are removed, it might hurt local businesses. People have until February 2, 2026, to share their thoughts, so this review could impact tire prices and jobs soon.