Secure Software Self-Attestation Common Form

ICR 202311-1670-001

OMB: 1670-0052

Federal Form Document

Forms and Documents
Document
Name
Status
Form and Instruction
 New
Supplementary Document
2023-11-16
Supplementary Document
2023-11-16
Supplementary Document
2023-11-07
Supplementary Document
2023-11-07
Supplementary Document
2023-11-07
Supporting Statement A
2023-11-16
IC Document Collections
IC ID
Document
Title
Status
263256 New
ICR Details
202311-1670-001
Received in OIRA
DHS/CISA PRA-CSD-00001389
Secure Software Self-Attestation Common Form
New collection (Request for a new OMB Control Number)   Yes
Regular 11/16/2023
  Requested Previously Approved
36 Months From Approved
72,513 0
175,709 0
0 0
The attestation form information will be used by the department or agency to provide great assurances that help understand whether the software provider performed due diligence followed secure code practices which align with NIST 800-216 Secure Software Development Practices (SSDF). OMB circular M-22-18 requires CISA in consultation with OMB to develop a secure software attestation common form for all federal departments and agencies. Agencies will collect software attestation information from software suppliers.
EO: EO 14028 Name/Subject of EO: Improving the Nation’s Cybersecurity
  
None
Not associated with rulemaking
  88 FR 25670 04/27/2023
88 FR 78759 11/16/2023
Yes
1
IC Title Form No. Form Name
Secure Software Development Attestation Form N/A Secure Software Development Attestation Form
  Total Request Previously Approved Change Due to New Statute Change Due to Agency Discretion Change Due to Adjustment in Estimate Change Due to Potential Violation of the PRA
Annual Number of Responses 72,513 0 0 72,513 0 0
Annual Time Burden (Hours) 175,709 0 0 175,709 0 0
Annual Cost Burden (Dollars) 0 0 0 0 0 0
Yes
Miscellaneous Actions
No
Initial Submission Request for IC
$12,399,660
No
    Yes
    Yes
No
No
No
No
Benjamin Thomsen 202 254-7179 [email protected]
  Yes
 
Agency/Sub Agency RCF ID RCF Title RCF Status IC Title
On behalf of this Federal agency, I certify that the collection of information encompassed by this request complies with 5 CFR 1320.9 and the related provisions of 5 CFR 1320.8(b)(3).
The following is a summary of the topics, regarding the proposed collection of information, that the certification covers:
 
 
 
 
 
 
 
    (i) Why the information is being collected;
    (ii) Use of information;
    (iii) Burden estimate;
    (iv) Nature of response (voluntary, required for a benefit, or mandatory);
    (v) Nature and extent of confidentiality; and
    (vi) Need to display currently valid OMB control number;
 
 
 
If you are unable to certify compliance with any of these provisions, identify the item by leaving the box unchecked and explain the reason in the Supporting Statement.
11/16/2023
© 2024 OMB.report | Privacy Policy