The Office of Management and Budget (OMB) mandates that all government agencies report on "Enhancing the Security of the Software Supply Chain through Secure Software Development Practices," as amended by OMB Memorandum M-23-16, "Update to Memorandum M-22-18, Enhancing the Security of the Software Supply Chain through Secure Software Development Practices." This requirement authorizes the collection of specified information. The self-attestation form outlines the essential software development standards that a software producer must fulfill and confirm compliance with. Federal agencies can only use software that meets the requirements outlined in M-22-18 and M-23-16. Software producers utilize this form to certify that their software adheres to specified secure software development methods.
Burden increase in response to changing regulations for reporting the agency's critical software. It is required by the Office of Management and Budget (OMB) that all government agencies declare the current state of their software at all times.