February 16, 2025
Daily News
General Services Administration issues guidance for FedRAMP participants to comply with CISA software self-attestation requirements
The General Services Administration is providing guidance to cloud services providers under its FedRAMP program on fulfilling secure software development attestation requirements based on a common form developed by CISA and the Office of Management and Budget.
The common form, released on March 11, is derived from the NIST Secure Software Development Framework, which was updated as part of NIST’s work to carry out the 2021 cyber executive order. While the common form is based on self-attestation, it also...