VA requests to use this form. The attestation form will be used by VA to help understand whether the software provider followed secure code practices which align with NIST 800-216 Secure Software Development Practices. OMB M-22-18 requires CISA in consultation with OMB to develop a secure software development attestation common form for use by all agencies. VA will collect software attestation information from software suppliers by using this form.