United States of America: Office of Management and Budget Security Rules for Federal Government Software Suppliers outlining cybersecurity standards

Progress

Current status
in force
11 Jun 2023 in force
11 Feb 2023 in force
14 Sep 2022 adopted

Scope

Implementers
United States of America
Policy Area
Public procurement
Policy Instrument
Public procurement access
Regulated Economic Activity
software provider: app stores
Government Branch
executive
Government Body
central government
Implementation Level
national

Timeline of events

11 Jun 2023
in force

Entry into force of OMB order requiring Federal agencies to collect in a centralised system cybersecurity attestation from software vendors

On 11 June 2023, the requirement obliging federal agencies to collect in a centralised system cybersecurity attestation letters outlined in the Office of Management and Budget (OMB) Memorandum "Enhancing the Security of the Software Supply Chain th…

Source
Event type order
Action type implementation
Government branch executive
Government body central government
11 Feb 2023
in force

Entry into force of OMB order requiring Federal agencies to issue cybersecurity guidelines for software vendors

On 11 February 2023, the requirement for federal agencies to develop guidelines for software vendors outlined in the Office of Management and Budget (OMB) Memorandum “Enhancing the Security of the Software Supply Chain through Secure Software Develo…

Source
Event type order
Action type implementation
Government branch executive
Government body central government
14 Sep 2022
adopted

Issued OMB New Security Requirements for Federal Government Software Suppliers

On 14 September 2022, the Office of Management and Budget (OMB) issued new security requirements that all federal agencies have to ensure are met when procuring "critical software" from third parties. The Memorandum requires every federal agency to …

Source
Event type order
Action type adoption
Government branch executive
Government body central government