Software

Subscribe to Software
Photo of Alexandra Barbee-GarrettPhoto of Adelicia R. CliffePhoto of Stephanie CrawfordPhoto of Jana del-CerroPhoto of Christopher D. GarciaPhoto of Rina GashawPhoto of Lyndsay GortonPhoto of Michael G. Gruden, CIPP/GPhoto of Olivia LynchPhoto of John E. McCarthy Jr.Photo of Rachel SchumacherPhoto of Zachary SchroederPhoto of Rob SneckenbergPhoto of Anuj VohraPhoto of Per MidboePhoto of Alexis WardPhoto of Darianne Young

The National Defense Authorization Act (NDAA) for Fiscal Year (FY) 2023, signed into law on December 23, 2022, makes numerous changes to acquisition policy. Crowell & Moring’s Government Contracts Group discusses the most consequential changes for government contractors here. These include changes that provide new opportunities for contractors to recover inflation-related costs, authorize new programs for small businesses, impose new clauses or reporting requirements on government contractors, require government reporting to Congress on acquisition authorities and programs, and alter other processes and procedures to which government contractors are subject. The FY 2023 NDAA also includes the Advancing American AI Act, the Intelligence Authorization Act for FY 2023, and the Water Resources Development Act of 2022, all of which include provisions relevant for government contractors.

Continue Reading FY 2023 National Defense Authorization Act: Key Provisions Government Contractors Should Know

Photo of Michael G. Gruden, CIPP/GPhoto of Evan D. WolffPhoto of Alexander UrbelisPhoto of Maida Oringher Lerner

Yesterday, the Office of Management and Budget (OMB) released Memorandum M-22-18, implementing software supply chain security requirements that will have a significant impact on software companies and vendors in accordance with Executive Order 14028, Improving the Nation’s Cybersecurity.  The Memorandum requires all federal agencies and their software suppliers to comply with the NIST Secure Software Development Framework (SSDF)NIST SP 800-­218, and the NIST Software Supply Chain Security Guidance whenever third-party software is used on government information systems or otherwise affects government information.  The term “software” includes firmware, operating systems, applications, and application services (e.g., cloud-based software), as well as products containing software.  It is critical to note that these requirements will apply whenever there is a major version update or new software that the government will be using. 

Continue Reading Going Hard on Software: OMB Unveils Mandatory Software Supply Chain Security Compliance Requirements

Photo of John E. McCarthy Jr.Photo of Nicole Owren-Wiest

On March 21, 2019, the Department of Defense (DoD) Defense Innovation Board (“DIB”) released a report, Software is Never Done: Refactoring the Acquisition Code for Competitive Advantage (“the Report”), summarizing DIB’s Software Acquisition and Practices (SWAP) study, which was mandated by the National Defense Authorization Act of Fiscal Year (FY) 2018. The two-year study involved