The General Services Administration (GSA) said it will begin collecting attestation letters as part of pre- and post-award contract deliverables by June 12 for all software – regardless of whether the product is considered critical.
The agency said that collecting the letters of attestation from vendors they GSA works with will help implement an Office of Management and Budget (OMB) memo that requires Federal agencies to only use software that complies with government-specified secure software development practices.
GSA will use a common form provided by the Cybersecurity and Infrastructure Security Agency (CISA) to collect the letters, which it expects will be available before June… Read the full article here.