Secure Software Self-Attestation Common Form

Revision Date

On November 16, 2023, CISA in accordance with Executive Order 14028 and the Office of Management and Budget’s (OMB) guide in OMB M-22-18, Enhancing the Security of the Software Supply Chain through Secure Software Development Practices, released through regulations.gov a 30-day Request for Comment on draft Secure Software Development Attestation Common Form.

In April, CISA published the initial version of the attestation common form in the Federal Register for a 60-day public comment period and received 110 comments.

As a result of these comments, CISA has changed the draft attestation common form and requests public comment on this revision.