To adhere to the requirements outlined in M-22-18, as per Executive Order 14028 and NIST Guidance, USDA is obligated to ensure that the software utilized complies with secure software development practices. The Department of Agriculture’s Cybersecurity and Privacy Operations Center (CPOC) is collaborating with the Department’s Mission Areas to compile a comprehensive list of critical and non-critical software titles. Subsequently, this list will be transferred to the Office of Contracting and Procurement (OCP), which will coordinate with Mission Area Contracting Officers (COs) to obtain attestations from vendors regarding their adherence to secure software development practices.
A requirement from the Information Resource Management Center (IRMC) office stipulates that the burden statement for the CISA/DHS Vendor Attestation Common Form must be based on the actual number of respondents (vendors) before submission to the OMB for review and approval.
EO: EO 14028 Name/Subject of EO: Executive Order on Improving the Nations Cybersecurity
To adhere to the requirements outlined in M-22-18, as per Executive Order 14028 and NIST Guidance, USDA is obligated to ensure that the software utilized complies with secure software development practices. T