H.R. 5255 would require the Office of Management and Budget (OMB) to assess federal practices for requiring contractors to disclose cybersecurity vulnerabilities in their information technology systems. The bill also would require the Federal Acquisition Council to incorporate recommendations for disclosing such vulnerabilities into acquisition regulations.