Reposted from CISA

The Cybersecurity and Infrastructure Security Agency (CISA) launched the Software Acquisition Guide: Supplier Response Web Tool, a no-cost, interactive resource that enhances the use of the Software Acquisition Guide for Government Enterprise Consumers: Software Assurance in the Cyber-Supply Chain Risk Management (C-SCRM) Lifecycle.

This web tool helps IT public and private sector decision makers, software acquisition professionals and suppliers to streamline and incorporate the cybersecurity into the software procurement process. It transforms the original guide into a dynamic experience—breaking it into manageable sections and prompting users with relevant questions based on their previous responses. This adaptive approach helps users focus on the most critical aspects of their acquisition needs, saving time and improving clarity.

The web tool supports secure-by-design and secure-by-default principles by:

• Streamlining navigation through the Software Acquisition Guide
• Enabling users to export and print customized summaries of their responses
• Facilitating collaboration with CISOs, CIOs, and other decision-makers
• Supporting stronger due diligence and more secure procurement outcomes

Whether evaluating a single product or managing a complex acquisition, the web tool empowers users to make more informed, risk-aware decisions reinforcing CISA’s commitment to strengthening software supply chain resilience across government and industry.

See Original Post