The Cybersecurity and Infrastructure Security Agency is seeking public input regarding the draft version of the Secure Software Development Attestation Form.
CISA said Thursday that the form will be used by federal agencies to obtain from software developers attestation regarding the security of their products.
The form covers requirements that software developers must meet before their products could be used by government agencies.
A Federal Register notice posted Nov. 16 indicates that the current solicitation marks the second information collection request issued by CISA for the attestation form.
The agency had launched an initial 60-day commenting period in April, resulting in 110 comments received. The new collection request, meanwhile, gives the public another 30 days to provide feedback, with the submission period ending on Dec. 18.
Of particular interest to the government are comments that evaluate the necessity and utility of the information to be provided by software developers in accomplishing the attestation form, comments that help make the provision of such information less burdensome and comments that improve the quality and clarity of the required information.
