View RCF  - OIRA Conclusion

202404-2030-004CF
Active 03/31/2027
EPA/OMS
1670-0052 202311-1670-001
Cybersecurity and Infrastructure Security Agency (CISA) Secure Software Development Attestation Form Instructions
RCF New
 Approved without change   04/16/2024
Retrieve Notice of Action (NOA) 04/15/2024
The Federal Information Security Modernization Act of 2014 (FISMA) requires each Federal agency to provide security protections for both “information collected or maintained by or on behalf of an agency” and for “information systems used or operated by an agency or by a contractor of an agency or other organization on behalf of an agency.” FISMA and other provisions of Federal law authorize the Director of the Office of Management and Budget (OMB) to promulgate information security standards for information security systems, including to ensure compliance with standards promulgated by the National Institute of Standards and Technology (NIST).
None
 
David Stepp 202 566-1711 stepp.david@epa.gov

IC Title Status Responses Hours Dollars Document Type Form No. Form Name
Secure Software Development Attestation Form 5,500 13,327 0 Form and Instruction N/A Secure Software Sefl-Attestation Common Form

  Total Approved Previously Approved Change Due to New Statute Change Due to Agency Discretion Change Due to Adjustment in Estimate Change Due to Potential Violation of the PRA
Annual Number of Responses 5,500 0 0 5,500 0 0
Annual Time Burden (Hours) 13,327 0 0 13,327 0 0
Annual Cost Burden (Dollars) 0 0 0 0 0 0

Yes
Miscellaneous Actions
No
The Federal Information Security Modernization Act of 2014 (FISMA) requires each Federal agency to provide security protections for both “information collected or maintained by or on behalf of an agency” and for “information systems used or operated by an agency or by a contractor of an agency or other organization on behalf of an agency.” FISMA and other provisions of Federal law authorize the Director of the Office of Management and Budget (OMB) to promulgate information security standards for information security systems, including to ensure compliance with standards promulgated by the National Institute of Standards and Technology (NIST).