Consultants review software development code

Article

Infographic: secure software development self-attestations on the horizon

Guidance issued by the Office of Management and Budget

Oct. 31, 2022

The importance of enhancing the security of the software supply chain through secure software development practices is top of mind for the federal government.

Per a memo issued by the Office of Management and Budget the requirement of U.S. federal agencies to ensure that producers of software they procure follow a risk-based approach for secure software development is addressed. This applies to software developed or modified after Sept. 14, 2022.

Following is a set of practices provided by NIST Software Supply Chain Security Guidance that create the foundation for developing secure software:

NIST SP 800-218 Secure Software Development Framework (SSDF)
NIST Software Supply Chain Security Guidance

View infographic to access key takeaways of the requirements, as well as a timeline.

Access now

For more information on this topic, or to learn how Baker Tilly specialists can help, contact our team.

Related sections

Government Contractor Supply Chain Risk Management

Article Tags

SBOM supply chain risk management