Article
Infographic: secure software development self-attestations on the horizon
Guidance issued by the Office of Management and Budget
Oct 31, 2022 · Authored by
The importance of enhancing the security of the software supply chain through secure software development practices is top of mind for the federal government.
Per a memo issued by the Office of Management and Budget the requirement of U.S. federal agencies to ensure that producers of software they procure follow a risk-based approach for secure software development is addressed. This applies to software developed or modified after Sept. 14, 2022.
Following is a set of practices provided by NIST Software Supply Chain Security Guidance that create the foundation for developing secure software:
- NIST SP 800-218 Secure Software Development Framework (SSDF)
- NIST Software Supply Chain Security Guidance
For more information on this topic, or to learn how Baker Tilly specialists can help, contact our team.