Software Bill of Materials (SBOM) FAQ & Myth Buster

Software Bill of Materials (SBOM) FAQ & Myth Buster: SBOM Guidance for the Acquisition Community
Developed by the Acquisition Community of Interest, C-SCRM Acquisition Working Group
Date Published: November 7, 2023

The Acquisition Community of Interest (COI)’s Cyber Supply Chain Risk Management (C-SCRM) Acquisition Working Group developed this guide in partnership with the C-SCRM Acquisition Community of Practice (ACOP).

This paper provides high level sample of frequently asked questions about Software Bill of Materials (SBOMs) to assist, guide, and inform acquisition teams in defining requirements for systems and applications.