March 28, 2024
Daily News
Stakeholders: OMB approach to self-attestation for securing software offers good initial method to create requirements
The Office of Management and Budget’s decision to require self-attestation from companies against NIST secure software standards is the right approach to start raising the bar for federal procurement practices, according to stakeholders, who say requirements will evolve over time.
The policy is laid out in a recent OMB memorandum that sets requirements for procurement at the agency level using NIST’s Secure Software Development Framework and guidance on how to use the publication from a software purchaser viewpoint. The...