“Executive Order 14028, issued last May in response to the ‘SolarWinds’ hack that compromised at least nine federal agencies, instructed OMB to issue policy guidance to agencies and to—within a year—recommend relevant changes to federal acquisition regulations.
‘Our policy memo is in clearance now, we moved it into the formal clearance process, that is something that I can share, that just happened so that’s an exciting development,’ Chris DeRusha, the federal chief information security officer told Nextgov. ‘I’m hopeful that that works its way through the OMB process so we can get it out before too long. We feel pretty good about where we’re at with it and getting it right.’…
The policy memo is likely to track with guidance the National Institute of Standards and Technology recently released, incorporating comments from industry. And, De Rusha said, “there’s also new contract clause recommendations that just went to the FAR Council.”
‘Those went in on time,’ he said. ‘They will eventually go into contracts, but they’ve got to go through the whole process now, and eventually, [the FAR Council] will put that out for public comment.’…” Read the full article here.
Source: Federal CISO: Recommendations In to Acquisition Council for Software Procurement – By Mariam Baksh, May 24, 2022. Nextgov.