Cybersecurity continues to take center stage in the government contracts space. The rulemaking process has commenced on other related fronts, too. On April 27, 2023, the Cybersecurity and Infrastructure Security Agency (CISA) released a Request for Comment on a draft attestation form the government will request of software providers providing software developed or with major updates occurring after September 14, 2022. The comment period is in effect for 60 days, concluding on June 26, 2023.
In addition to getting familiar with the CISA Common Form, contractors can take at least six other steps if they are handling CUI in order to achieve CMMC and FedRAMP compliance while related FAR and DFARS rules are in flux.
/Passle/636bcb4ff636e91ef02c2604/SearchServiceImages/2024-02-26-14-32-24-545-65dca0f8175c9c7d14317224.jpg)
/Passle/636bcb4ff636e91ef02c2604/SearchServiceImages/2024-04-18-17-22-12-407-662156c404164acc73205a65.jpg)
/Passle/636bcb4ff636e91ef02c2604/SearchServiceImages/2024-04-16-15-03-29-465-661e9341631126c32d265a17.jpg)
/Passle/636bcb4ff636e91ef02c2604/SearchServiceImages/2024-03-28-13-12-59-150-66056cdb5458b881552e3a6f.jpg)
/Passle/636bcb4ff636e91ef02c2604/SearchServiceImages/2024-03-25-21-25-33-937-6601ebcd8a00d37796915079.jpg)