Secure Software Self-Attestation Common Form

Publish Date

On April 27, 2023, CISA in accordance with Executive Order 14028 and the Office of Management and Budget’s (OMB) guide in OMB M-22-18, Enhancing the Security of the Software Supply Chain through Secure Software Development Practices, released through regulations.gov a 60-day Request for Comment to solicit public feedback on a self-attestation form to be used by software producers. While OMB is responsible for setting the minimum secure software development practices, CISA is responsible for developing and maintaining the common form.