On August 22, 2025, the Cybersecurity and Infrastructure Security Agency (CISA) published a Minimum Elements for a Software Bill of Materials (SBOM) draft and has encouraged the public to offer comments. 

The Minimum Elements for a Software Bill of Materials (SBOM) is intended to be a guide incorporating "lessons learned from increased SBOM generation and usage," offering an updated baseline for the manner of documentation and sharing software component information. CISA seeks to advance the adoption and practical use of SBOMs by promoting community-driven work. The focus of this work will be on: 

• Scaling and operationalization
• Tools and new technologies 
• New use cases 

CISA Acting Executive Assistant Director for Cybersecurity Chris Butera comments, “This voluntary guidance will empower federal agencies and other organizations to make risk-informed decisions, strengthen their cybersecurity posture, and support scalable, machine-readable solutions. We encourage members of the public to review this guidance and provide comment on how we can improve this list of minimum elements.”    

Transparency of software composition is essential, as software supports many critical systems and services. SBOMs offer insights into the the software supply chain through data on the software’s makeup.