View RCF - OIRA Conclusion

RCF ID: 202404-0960-001CF	Previous RCF ID:
Status: Active	Expiration Date: 03/31/2027
Agency/Subagency: SSA	Agency Tracking No:
Host OMB Control No: 1670-0052	Host ICR Reference No: 202311-1670-001

Title: Secure Software Self-Attestation Common Form

Type of RCF: RCF New
OIRA Conclusion Action: Approved without change	Conclusion Date: 04/29/2024
Retrieve Notice of Action (NOA)	Date Received in OIRA: 04/29/2024
Terms of Clearance:

Description of Agency Usage: The Federal Information Security Modernization Act of 2014 (FISMA) requires each Federal agency to provide security protections for both “information collected or maintained by or on behalf of an agency” and for “information systems used or operated by an agency or by a contractor of an agency or other organization on behalf of an agency.” FISMA and other provisions of Federal law authorize the Director of the Office of Management and Budget (OMB) to promulgate information security standards for information security systems, including to ensure compliance with standards promulgated by the National Institute of Standards and Technology (NIST).

Authorizing Statute(s): EO: EO 14028 Name/Subject of EO: Improving the Nation’s Cybersecurity

Annual Cost to Federal Government:
Agency Contact: Faye Lipsky 410 965-8783 faye.lipsky@ssa.gov

Common Form Information Collections (IC) in this RCF:

IC Title	Status	Responses	Hours	Dollars	Document Type	Form No.	Form Name
Secure Software Development Attestation Form		400	969	0	Form and Instruction	N/A	Secure Software Sefl-Attestation Common Form

RCF Summary of Burden:

	Total Approved	Change Due to Agency Discretion
Annual Number of Responses	400	400
Annual Time Burden (Hours)	969	969
Annual Cost Burden (Dollars)	0	0

Burden increases because of Program Change due to Agency Discretion: Yes

Burden Increase Due to: Miscellaneous Actions

Burden decreases because of Program Change due to Agency Discretion: No

Burden Reduction Due to:

Short Statement: The Federal Information Security Modernization Act of 2014 (FISMA) requires each Federal agency to provide security protections for both “information collected or maintained by or on behalf of an agency” and for “information systems used or operated by an agency or by a contractor of an agency or other organization on behalf of an agency.” FISMA and other provisions of Federal law authorize the Director of the Office of Management and Budget (OMB) to promulgate information security standards for information security systems, including to ensure compliance with standards promulgated by the National Institute of Standards and Technology (NIST).