View RCF - OIRA Conclusion

Title: Secure Software Development Attestation Form

Type of RCF: RCF New
OIRA Conclusion Action: Approved without change	Conclusion Date: 04/12/2024
Retrieve Notice of Action (NOA)	Date Received in OIRA: 04/11/2024
Terms of Clearance:

Description of Agency Usage: NASA, as required by OMB memorandums M-22-18 and M-23-16, must begin to collect secure software development attestations from publishers of software products, in use, have been acquired, or is in the acquisition process that were developed, released, or underwent a major change after September 14, 2022. The Cybersecurity and Infrastructure Security Agency (CISA) developed the “common form” that all agencies are encouraged to use, and, NASA is leveraging.

Authorizing Statute(s): EO: EO 14028

Annual Cost to Federal Government:
Agency Contact: Stayce Hoult 256 544-7705 stayce.d.hoult@nasa.gov

Common Form Information Collections (IC) in this RCF:

IC Title	Status	Responses	Hours	Dollars	Document Type	Form No.	Form Name
Secure Software Development Attestation Form		500	1,212	0	Form and Instruction	N/A	Secure Software Sefl-Attestation Common Form

RCF Summary of Burden:

	Total Approved	Change Due to Agency Discretion
Annual Number of Responses	500	500
Annual Time Burden (Hours)	1,212	1,212
Annual Cost Burden (Dollars)	0	0

Burden increases because of Program Change due to Agency Discretion: Yes

Burden Increase Due to: Miscellaneous Actions

Burden decreases because of Program Change due to Agency Discretion: No

Burden Reduction Due to:

Short Statement: NASA use of form.