The General Services Administration (GSA) recently issued notification to all contract holders that are producers and resellers. According to the Office of Management and Budget Guidance federal agencies are required to use software that comply with government specified secure software development practices. This directive requires software producers and resellers to attest that software offered conforms to the National Institute Of Science & Technology guidance (NIST). MAS holders in this category will be required to complete a form of attestation. To view the form click here
Further guidance provided by the agency states:
- If the software producer has already publicly posted or provided a software attestation form to the CISA repository, the software producer does not need to submit an attestation form for the same version of software to the ordering activity.
- If the software producer has not submitted an attestation form to the CISA repository or posted one publicly, the software producer or MAS contractor should upload a completed attestation form to the CISA repository for all versions of software awarded to their MAS contract. If the software producer cannot attest to one or more practices or cannot complete the form, the ordering activity will require submission of a Plan of Action & Milestones (POA&M) regarding any deficiencies.
Any additional questions can be directed to MASPMO@gsa.gov
GSA Proposal Maven Inc. is a government contract firm that has helped thousands of businesses increase their bottom line with the GSA MAS contract program, 8(a) Certification Program, VOSB Certification, SDVOSB Certification, and other federal agency contracts. Contact us at (877) 302-3773 or click here to schedule your FREE fifteen-minute consultation by clicking here.
Get your FREE report, “5 Tips To Master The GSA Schedule Application Process” or schedule your fifteen-minute consultation by clicking here.