View RCF - OIRA Conclusion

Title: Secure Software Self-Attestation Common Form

Type of RCF: RCF New
OIRA Conclusion Action: Approved without change	Conclusion Date: 05/16/2024
Retrieve Notice of Action (NOA)	Date Received in OIRA: 05/16/2024
Terms of Clearance:

Description of Agency Usage: The attestation form information will be used by the Federal Housing Finance Agency (FHFA) to provide great assurances that help understand whether the software provider performed due diligence followed secure code practices which align with NIST 800-216 Secure Software Development Practices (SSDF). OMB circular M-22-18 requires CISA in consultation with OMB to develop a secure software attestation common form for all federal departments and agencies. FHFA will collect software attestation information from software suppliers.

Authorizing Statute(s): EO: EO 14028 Name/Subject of EO: Improving the Nation’s Cybersecurity

Annual Cost to Federal Government:
Agency Contact: Angella Supervielle 202 649-3973 angella.supervielle@fhfa.gov

Common Form Information Collections (IC) in this RCF:

IC Title	Status	Responses	Hours	Dollars	Document Type	Form No.	Form Name
Secure Software Development Attestation Form		62	150	0	Form and Instruction	N/A	Secure Software Sefl-Attestation Common Form

RCF Summary of Burden:

	Total Approved	Change Due to Adjustment in Estimate
Annual Number of Responses	62	62
Annual Time Burden (Hours)	150	150
Annual Cost Burden (Dollars)	0	0

Burden increases because of Program Change due to Agency Discretion: No

Burden Increase Due to:

Burden decreases because of Program Change due to Agency Discretion: No

Burden Reduction Due to:

Short Statement: