Executive Order (EO) 14028 on Improving the Nation’s Cybersecurity, May 12, 2021, directs the National Institute of Standards and Technology (NIST) to publish guidance on practices for software supply chain security.
This document starts by explaining NIST’s approach for addressing Section 4e. Next, it defines guidelines for federal agency staff who have software procurement-related responsibilities (e.g., acquisition and procurement officials, technology professionals). These guidelines are intended to help federal agency staff know what information to request from software producers regarding their secure software development practices. This document concludes with Frequently Asked Questions (FAQ) offering additional information.
Executive Order (EO) 14028 on Improving the Nation’s Cybersecurity, May 12, 2021, directs the National Institute of Standards and Technology (NIST) to publish guidance on practices for software supply chain security. This document starts by explaining NIST’s approach for addressing Section 4e....
See full abstract
Executive Order (EO) 14028 on Improving the Nation’s Cybersecurity, May 12, 2021, directs the National Institute of Standards and Technology (NIST) to publish guidance on practices for software supply chain security.
This document starts by explaining NIST’s approach for addressing Section 4e. Next, it defines guidelines for federal agency staff who have software procurement-related responsibilities (e.g., acquisition and procurement officials, technology professionals). These guidelines are intended to help federal agency staff know what information to request from software producers regarding their secure software development practices. This document concludes with Frequently Asked Questions (FAQ) offering additional information.
Hide full abstract