Workshop to Inform Implementation Guidance for Federal Procurement of Secure Software

On March 23, 2022, the National Institute of Standards and Technology (NIST) will host a virtual workshop on behalf of the Office of Management and Budget (OMB). OMB is interested in obtaining feedback from stakeholders to inform future implementation guidance for federal procurement of secure software.

The Executive Order (EO) on Improving the Nation’s Cybersecurity exemplifies the importance of secure software purchased by the Federal Government by directing the National Institute of Standards and Technology (NIST) to “issue guidance identifying practices that enhance the security of the software supply chain.” On February 4, 2022 NIST issued this Secure Software Development Framework (SSDF) Version 1.1 and additional guidance to meet the requirement. The EO also directs the Office of Management and Budget (OMB) to “take appropriate steps to require that agencies comply with such guidelines with respect to software procured.”

The purpose of this workshop is to inform future implementation guidance. OMB is requesting a maximum of five-page responses to a set of questions attached to this announcement. Responses should be sent to [email protected] no later than 5:00pm ET on March 18, 2022.