View RCF - OIRA Conclusion

RCF ID: 202405-0503-001CF	Previous RCF ID:
Status: Active	Expiration Date: 03/31/2027
Agency/Subagency: USDA/AgSEC	Agency Tracking No: USDA/OCIO
Host OMB Control No: 1670-0052	Host ICR Reference No: 202311-1670-001

Title: USDA Critical Software Attestation

Type of RCF: RCF New
OIRA Conclusion Action: Approved without change	Conclusion Date: 05/16/2024
Retrieve Notice of Action (NOA)	Date Received in OIRA: 05/13/2024
Terms of Clearance:

Description of Agency Usage: To adhere to the requirements outlined in M-22-18, as per Executive Order 14028 and NIST Guidance, USDA is obligated to ensure that the software utilized complies with secure software development practices. The Department of Agriculture’s Cybersecurity and Privacy Operations Center (CPOC) is collaborating with the Department’s Mission Areas to compile a comprehensive list of critical and non-critical software titles. Subsequently, this list will be transferred to the Office of Contracting and Procurement (OCP), which will coordinate with Mission Area Contracting Officers (COs) to obtain attestations from vendors regarding their adherence to secure software development practices. A requirement from the Information Resource Management Center (IRMC) office stipulates that the burden statement for the CISA/DHS Vendor Attestation Common Form must be based on the actual number of respondents (vendors) before submission to the OMB for review and approval.

Authorizing Statute(s): EO: EO 14028 Name/Subject of EO: Executive Order on Improving the Nations Cybersecurity

Annual Cost to Federal Government:
Agency Contact: Rachelle Ragland-Greene 703 605-0038 Rachelle.Greene@fns.usda.gov

Common Form Information Collections (IC) in this RCF:

IC Title	Status	Responses	Hours	Dollars	Document Type	Form No.	Form Name
Secure Software Development Attestation Form		3,750	9,087	0	Form and Instruction	N/A	Secure Software Sefl-Attestation Common Form

RCF Summary of Burden:

	Total Approved	Change Due to Agency Discretion
Annual Number of Responses	3,750	3,750
Annual Time Burden (Hours)	9,087	9,087
Annual Cost Burden (Dollars)	0	0

Burden increases because of Program Change due to Agency Discretion: Yes

Burden Increase Due to: Changing Regulations

Burden decreases because of Program Change due to Agency Discretion: No

Burden Reduction Due to:

Short Statement: To adhere to the requirements outlined in M-22-18, as per Executive Order 14028 and NIST Guidance, USDA is obligated to ensure that the software utilized complies with secure software development practices. T