up:: The Mandates MOC

OMB M-26-15

OMB M-26-15, “Execution of the Migration to Post-Quantum Cryptography,” is the June 24, 2026 memorandum from the White House Office of Management and Budget that directs every federal civilian agency to execute a prioritized, phased migration to post-quantum cryptography and to submit a PQC Migration Plan to OMB and the Office of the National Cyber Director within 120 days. It implements Executive Order 14412, “Securing the Nation Against Advanced Cryptographic Attacks,” and it fulfills OMB’s statutory duty under the Quantum Computing Cybersecurity Preparedness Act to direct agencies to prioritize and plan their PQC migration. It was signed by OMB Director Russell T. Vought, it excludes national security systems, and it is the execution layer on top of the inventory OMB M-23-02 started.

The short version:

  • M-26-15 is an OMB memorandum, issued June 24, 2026, that turns the federal civilian post-quantum program from “inventory your cryptography” into “execute the migration on a dated, phased schedule.”
  • Its two required actions are executing a prioritized migration with the goal of mitigating as much quantum risk as feasible by December 31, 2030, and submitting a PQC Migration Plan to OMB and ONCD no later than 120 days after the memo (October 22, 2026).
  • It lays out a five-phase migration running from 2026 through 2035, with post-quantum key establishment for priority systems by 2030 and post-quantum digital signatures by 2031.
  • It binds federal civilian executive branch agencies and reaches their vendors and cloud providers through procurement; national security systems are carved out and follow CNSA 2.0 instead.
  • It implements Executive Order 14412 and directly succeeds OMB M-23-02, carrying that memo’s inventory forward into a funded, sequenced program of work.

If OMB M-23-02 was the order to survey which pipes in the city are lead, M-26-15 is the construction schedule that follows. It names which streets get dug up in which years, assigns a general contractor and a crew for each part of the job, sets the day the whole project has to be finished, and asks each district to hand in its build plan within four months. A survey tells you the size of the problem. A dated construction schedule with an owner is what actually gets the pipes replaced.

What is OMB M-26-15?

OMB M-26-15 is a memorandum from the Office of Management and Budget, part of the Executive Office of the President, addressed to the heads of executive departments and agencies. Its subject is the execution of the federal migration to post-quantum cryptography, and it opens by stating three things about its own authority that are worth keeping straight when you cite it.

  1. It implements an executive order. The memo carries out Executive Order 14412, “Securing the Nation Against Advanced Cryptographic Attacks” (signed June 22, 2026), which accelerates the migration of federal systems to post-quantum cryptography. M-26-15 is OMB operationalizing that order for the civilian side of government.
  2. It fulfills a statutory duty. The memo states that it fulfills OMB’s responsibility under the Quantum Computing Cybersecurity Preparedness Act (Pub. L. No. 117-260, § 4(c)) to issue guidance directing each agency to prioritize critical IT for migration to PQC and to develop a plan for that migration. That statutory anchor is what gives the PQC Migration Plan its legal spine.
  3. It excludes national security systems. The memo says plainly that it does not apply to national security systems, using the definition at 44 U.S.C. § 3552(b)(6). Those systems migrate under CNSA 2.0 on a separate track.

The memo is signed by Russell T. Vought, Director of OMB. Its body sets the required agency actions and the phased plan, and two technical appendices give implementation guidance (Appendix A) and a sample allocation of responsibilities plus the required plan sections (Appendix B).

Source: OMB, “Execution of the Migration to Post-Quantum Cryptography,” M-26-15, June 24, 2026, M-26-15 PDF, §1 and footnotes 1, 3, and 4.

Source: Executive Order 14412, “Securing the Nation Against Advanced Cryptographic Attacks,” June 22, 2026, 91 FR 38483, Federal Register.

Who does M-26-15 apply to?

M-26-15 binds federal civilian executive branch agencies, and its migration and planning obligations reach the systems those agencies own or operate. The edges of the scope are the part people get wrong.

  1. Federal civilian agencies directly. The memo addresses the heads of executive departments and agencies and directs them to execute the migration and file a plan. This is a binding directive for the agencies it covers, not optional guidance.
  2. National security systems are excluded. NSS, as defined at 44 U.S.C. § 3552(b)(6), sit outside M-26-15 and migrate under CNSA 2.0. An agency that runs both civilian and national-security systems answers to both regimes on different clocks.
  3. Vendors and cloud providers are pulled in through the shared-responsibility model. Agencies are told to engage their FedRAMP-authorized cloud service providers to delineate PQC migration responsibilities, and CISA and the Department of War, coordinating with GSA, will lead the migration for FedRAMP-authorized cloud providers and for SaaS, PaaS, and IaaS solutions used at more than one agency. A vendor selling to federal civilian agencies inherits PQC-readiness expectations through this channel.
  4. Procurement requirements reference the CISA product categories. Agencies are directed to consult CISA’s “Product Categories for Technologies That Use Post-Quantum Cryptography Standards” and to build PQC integration into their requirements for products in those categories. That is how the mandate reaches product makers who never see the memo.
  5. Commercial organizations are not directly covered. M-26-15 creates no direct private-sector obligation. Its value to a bank, a hospital, or a utility is as the federal template that sector regulators, insurers, and procurement offices tend to model, and as the clearest public statement of how a serious PQC program is sequenced.

Source: OMB M-26-15, M-26-15 PDF, §1, §3.A, §3.C.4, and footnote 4.

What does M-26-15 require?

The memo sets two required agency actions, wraps them in five areas of further guidance, and pins everything to a phased plan. The plan is the center of gravity; the rest tells agencies how to build and run it.

  1. Action One, execute a prioritized migration (§3.A). Agencies must execute a prioritized migration of the cryptographic systems in the information systems they own or operate, with the objective of mitigating as much quantum risk as feasible by December 31, 2030. They must integrate PQC readiness and implementation into their existing cybersecurity governance rather than standing it up as a side project.
  2. Action Two, submit a PQC Migration Plan (§3.B and §3.D). Each agency develops and submits a PQC Migration Plan to OMB and ONCD no later than 120 days from the date of the memo, which resolves to October 22, 2026. The plan is treated as a living document that matures over time, and it is submitted to PQC@omb.eop.gov.
  3. Prioritize by risk (§3.C.2). Agencies must prioritize high impact systems (a FIPS 199 “high” in confidentiality, integrity, or availability), High Value Assets, and any other system with highly sensitive data or one an agency judges particularly vulnerable to a CRQC. That last group explicitly includes asymmetric-key logical access control systems such as public key infrastructure that use the algorithms in Appendix A, and systems whose data will still be mission-sensitive in 2030.
  4. Spread accountability across leadership (§3.C.1). The memo places responsibility for the migration across the whole agency leadership team rather than resting it on the CIO and CISO alone, and it requires clearly defined roles. Appendix B gives a sample allocation across the CIO and CISO, the program or requirement owner, the CFO, a migration program manager, a technical lead, a security architect, and application and system owners.
  5. Fold migration into modernization (§3.C.3). Agencies must build PQC upgrades into planned cloud migrations, software development lifecycles, and hardware-refresh schedules, and must give systems incapable of supporting PQC or hybrid cryptography priority for replacement or decommissioning. Within 60 days (August 23, 2026), GSA establishes an inter-agency working group on modernizing Federal Identity, Credential, and Access Management to support PQC.
  6. Use automation, and align to the standards (§3.C.5 and §3.D). Agencies should use automated discovery and monitoring to keep a continuously updated view of their cryptographic posture, feeding a central Cryptographic Bill of Materials. Every plan must align with NIST IR 8547, the NIST transition schedule, or its successor.

Source: OMB M-26-15, M-26-15 PDF, §3.A, §3.B, §3.C, and §3.D.

What are the five migration phases?

M-26-15 tells agencies to treat migration as a multi-year effort executed in phases, and it names five of them with target windows. This phased schedule is the piece of the memo that most directly maps onto a program plan.

PhaseFocusWindow
Phase 1Strategy, planning, and discovery: inventory, assessment, strategy, training, governance frameworks, accountable officials, and risk assessment2026 to 2027
Phase 2Pilots and early migration: pilots, early migration of prioritized systems, and refining the plan2027 to 2028
Phase 3Prioritized migration: move priority systems to PQC for key establishment, and make all systems cryptographically agile2028 to 2030
Phase 4Signature migration: move priority systems to PQC for digital signatures, and keep all systems cryptographically agile2031
Phase 5Full migration: complete the remaining systems based on risk and the availability of commercial offerings2035

The priority population in Phases 3 and 4 is the same one from the risk-prioritization rule: High Value Assets, high impact systems, systems with highly sensitive data, and systems an agency judges particularly vulnerable to a CRQC. Phase 3 targets ML-KEM for key establishment; Phase 4 targets post-quantum digital signatures under FIPS 186-5, meaning ML-DSA and SLH-DSA.

Source: OMB M-26-15, M-26-15 PDF, §3.D and Appendix A footnotes 10 and 11.

What has to be in an agency’s PQC Migration Plan?

Appendix B lists the sections every initial plan must contain, at a minimum. This is the practical checklist an agency is graded against, and it reads as a compact statement of what a credible migration program looks like anywhere.

  1. A system prioritization strategy with risk-based justification.
  2. Timelines and milestones to achieve the migration phases.
  3. Timelines and milestones for testing and deploying to meet the TLS 1.3 support deadline.
  4. The methodologies and automated tools used for the cryptographic inventory.
  5. A plan for implementing a cryptographically agile architecture.
  6. A third-party coordination plan.
  7. An estimate of the funding and personnel resources required.
  8. A risk management strategy for the migration period.
  9. A section defining governance roles and responsibilities.

Source: OMB M-26-15, M-26-15 PDF, Appendix B §2.

Which algorithms is the migration replacing?

Appendix A names the quantum-vulnerable algorithms the migration is meant to retire, the same asymmetric family OMB M-23-02 had agencies inventory. It lists Elliptic Curve Diffie-Hellman and Diffie-Hellman key exchange, Menezes-Qu-Vanstone key exchange, ECDSA, RSA signatures and RSA key establishment, and the Digital Signature Algorithm, plus a catch-all row for any other non-PQC asymmetric algorithm. The memo also tells agencies to treat as quantum-vulnerable any asymmetric algorithm not definitively known to be quantum-resistant, and it notes that symmetric-key-based protocols should be avoided where they carry the same exposure. The approved replacements are the FIPS PQC standards, ML-KEM for key establishment and ML-DSA and SLH-DSA for signatures, with FN-DSA and HQC flagged as future additions.

Source: OMB M-26-15, M-26-15 PDF, Appendix A §1 and §2 and footnote 13.

What is the M-26-15 timeline?

The memo attaches dated taskings to its actions, anchored to the June 24, 2026 publication date. Here is the schedule, with the calendar dates the day-counts resolve to.

TaskingDeadlineResponsible bodySource
Memorandum issuedJune 24, 2026OMBMemo header
GSA establishes FICAM modernization working groupWithin 60 days (August 23, 2026)GSA§3.C.3
Submit PQC Migration Plan to OMB and ONCDWithin 120 days (October 22, 2026)All covered agencies§3.B, §3.D
Support TLS 1.3 or a successorBy January 2, 2030All covered agenciesAppendix A §4; Executive Order 14306
Mitigate as much quantum risk as feasibleBy December 31, 2030All covered agencies§3.A
Phase 3, PQC for key establishment on priority systems2028 to 2030All covered agencies§3.D
Phase 4, PQC for digital signatures on priority systems2031All covered agencies§3.D
Phase 5, full migration of remaining systems2035All covered agencies§3.D

Source: OMB M-26-15, M-26-15 PDF, §3 and Appendices A and B.

Two things about the timeline are easy to misread. The January 2, 2030 TLS 1.3 date is carried in from Executive Order 14306 and is a transport-readiness milestone, the on-ramp that lets agency traffic carry ML-KEM through a hybrid key exchange, rather than a completed migration. And the December 31, 2030 objective is phrased as “mitigating as much quantum risk as feasible,” a risk-weighted target aimed at the priority population, rather than a switch that turns off all classical cryptography government-wide that day.

How does M-26-15 relate to the other mandates?

M-26-15 is one layer in a stack, and its job is execution. Seeing where it sits keeps the citations straight.

  1. Executive Order 14412 is the order above it. EO 14412 accelerated the federal migration and set the outer deadlines; M-26-15 is OMB translating that order into required actions, a plan, and a schedule for civilian agencies.
  2. OMB M-23-02 is the memo it succeeds. M-23-02 built the annual algorithm-level inventory. M-26-15 assumes that inventory exists and turns it into a migration, noting that agencies have already identified through their inventories the legacy systems that would be too difficult or costly to migrate.
  3. NIST IR 8547 supplies the algorithm clock. M-26-15 requires every plan to align with IR 8547, which sets when specific classical algorithms are deprecated and disallowed. The memo sequences the work; IR 8547 dates the algorithms.
  4. CNSA 2.0 governs what M-26-15 excludes. National security systems follow CNSA 2.0 on a separate, generally more aggressive track.
  5. Executive Order 14306 carries the TLS 1.3 date. M-26-15 restates EO 14306’s requirement that agencies support TLS 1.3 by January 2, 2030, and frames TLS 1.3 as foundational for deploying PQC at the network layer.
  6. The Quantum Computing Cybersecurity Preparedness Act is the statute underneath. The law directs OMB to issue this kind of prioritization-and-planning guidance, and M-26-15 is OMB discharging that duty.

Source: OMB M-26-15, M-26-15 PDF, §1, §3.C.3, §3.D, and Appendix A §4.

How is M-26-15 different from OMB M-23-02?

The two memos are one program in two acts, and knowing which one governs a given obligation avoids citing the wrong document.

DimensionOMB M-23-02 (Nov 2022)OMB M-26-15 (June 2026)
Core verbInventory: find and characterize quantum-vulnerable cryptographyExecute: migrate the prioritized systems on a schedule
Central deliverableAnnual prioritized cryptographic inventory to ONCD and CISAA PQC Migration Plan to OMB and ONCD within 120 days
Time shapeRecurring annual submission through 2035A living plan driving a five-phase migration to 2035
Anchor authorityNSM-10Executive Order 14412
End state it sets upKnowing what you runReplacing it, key establishment by 2030 and signatures by 2031

Source: OMB M-23-02, M-23-02 PDF; OMB M-26-15, M-26-15 PDF.

What does the mandate actually force?

A dated execution requirement is what turns an inventory into a funded program, and that is the real work M-26-15 does. OMB M-23-02 answered “what cryptography are we running,” which is the question you have to answer before you can plan anything, and it left “so when do we replace it, in what order, and who owns each piece” open. M-26-15 closes that gap with named recipients (OMB and ONCD), a 120-day plan deadline, a five-phase schedule with 2030 and 2031 gates, and a required funding-and-personnel estimate inside every plan. That combination is how a migration acquires an owner, a sequence, and a budget line.

It also sets an order of operations that a private organization can borrow even though the memo does not bind one. Inventory comes first, because you cannot sequence or price the replacement of systems you have not mapped. Priority goes to the systems that matter most and that hold data still sensitive in 2030, which is the same population most exposed to harvest-now-decrypt-later collection. Key establishment migrates before signatures, because harvested-and-decrypted confidentiality is the loss that is already accruing while a signature forged in the future is not. And crypto-agility is required across every phase, because the honest lesson of past algorithm transitions is that the next one comes too, and a system that can swap algorithms by configuration survives it cheaply.

The defensibility bar is worth naming plainly. The plan is a directive with a statutory anchor and a due date, so an agency’s exposure is not a fine but the plain fact of a missed federal deadline, visible to oversight and to the reasonable-organization baseline that regulators and insurers reach for. A plan that lists intentions without the required risk-based prioritization, the inventory methodology, the funding estimate, and the governance roles is the most common way a submission reads as incomplete.

Source: OMB M-26-15, M-26-15 PDF, §3.A, §3.D, and Appendix B.

Common misconceptions

  1. “M-26-15 replaces M-23-02.” It builds on it. The annual inventory work M-23-02 established is the input M-26-15’s migration prioritizes against, and the memo assumes that inventory already exists.
  2. “2035 is the deadline, so there’s a decade.” The gates that bite first are earlier: the 120-day plan deadline of October 22, 2026, the December 31, 2030 objective for priority systems, and the 2031 signature phase. Any system holding long-lived secrets is on a faster clock still because of harvest-now-decrypt-later.
  3. “It’s the same executive order as the 2025 one.” M-26-15 implements Executive Order 14412 (June 22, 2026). The earlier Executive Order 14306 (June 2025) is a different order, and M-26-15 references it only for the January 2, 2030 TLS 1.3 date.
  4. “Only the CIO and CISO are on the hook.” The memo spreads accountability across the entire agency leadership team and requires defined roles for the CFO, program owners, application owners, and a migration program manager, per Appendix B.
  5. “It only touches systems the agency runs itself.” The memo reaches vendor-operated and cloud-hosted systems through the FedRAMP shared-responsibility model and through procurement requirements tied to the CISA product categories.
  6. “Hybrid cryptography is mandatory.” The memo describes hybrid as a useful risk-management option that agencies may choose based on their own assessment, and it calls it an intricate, resource-intensive stopgap rather than a requirement.

Questions people ask

Does M-26-15 apply to my organization? Directly, only if you’re a federal civilian executive branch agency, or a vendor or cloud provider serving one. If you sell to the federal government, hold a FedRAMP authorization, or operate in a regulated sector, treat the memo as the template your customers’ and regulators’ requirements are converging on.

What’s the first real deadline? The PQC Migration Plan is due to OMB and ONCD no later than October 22, 2026, which is 120 days after the June 24, 2026 memo. GSA’s FICAM working group stands up 60 days out, on August 23, 2026.

Which executive order does it implement? Executive Order 14412, “Securing the Nation Against Advanced Cryptographic Attacks,” signed June 22, 2026 and published at 91 FR 38483. That order set the accelerated migration; M-26-15 is OMB executing it for civilian agencies.

Is it a law or guidance? It’s an OMB memorandum, which is binding executive-branch policy for the agencies it addresses, backed by OMB’s statutory duty under the Quantum Computing Cybersecurity Preparedness Act and by Executive Order 14412. It is a directive, not a statute.

What happens if an agency misses the plan deadline? There’s no separate fine, but a missed federal deadline with a statutory anchor is visible to oversight and to the annual reporting cycle, and it undercuts the reasonable-organization posture that regulators, auditors, and insurers use as a baseline.

Does it tell me which post-quantum algorithms to deploy? Yes. Appendix A points agencies at ML-KEM for key establishment and ML-DSA and SLH-DSA for signatures, and flags FN-DSA and HQC as future additions. It requires plans to align with NIST IR 8547 for the transition schedule.

What’s the difference between the 2030 and 2031 dates? The memo’s overall objective is to mitigate as much quantum risk as feasible by December 31, 2030, and its Phase 3 moves priority systems to post-quantum key establishment in the 2028-to-2030 window. Phase 4, moving those systems to post-quantum digital signatures, targets 2031. Confidentiality migrates first, authentication second.

How does the timeline relate to Mosca’s Theorem? The phased dates encode the same inequality: if the time your data must stay secret plus the time to migrate exceeds the time until a CRQC arrives, you’re already late. Front-loading key establishment for long-lived-secret systems is Mosca’s logic applied to a federal schedule.


Everything here is the map, given freely. When your team needs M-26-15’s phased migration and its plan requirements translated into a program sequenced against your own systems, vendors, and deadlines, that’s the work I do, and there’s an alignment briefing for it.

Last verified 2026-07-09 · Maintained by Addie LaMarr, LaMarr Labs.