Yesterday, CISA published a 30-day information collection request (ICR) notice in the Federal Register (88 FR 78759-78761) for “Request for Comment on the Secure Software Development Attestation”. The 60-day notice for this ICR was published on April 27th, 2023. CISA reports that 110 comments were received on that notice. This attestation form is required by EO 14028 to be used by vendors providing software federal agencies. Changes have been made to the form and in the burden estimates.
Comments
CISA is soliciting comments on the 30-day ICR notice.
Comments should be submitted via the Reginfo.gov page
for this ICR by clicking on the comment link. Comments should be submitted
by December 18th, 2023.
For more details about the changes made to the form and burden
estimate, see my article at CFSN Detailed Analysis - https://patrickcoyle.substack.com/p/cisa-publishes-software-development
- subscription required.
Posts
No comments:
Post a Comment