Program investments
GSA Official Announces New FedRAMP Investments
The Technology Transformation Services within the General Services Administration is making significant investments under the Federal Risk and Authorization Management Program.
Speaking at an ACT-IAC event, TTS Director Dave Zvenyach said investments in automation, process improvements and additional resources will fill in gaps in the program and inform agencies of existing authorities to operate.
ATOs issued under FedRAMP can be reused by agencies, generating savings that would otherwise be spent onboarding new cloud service providers, FedScoop reported.
“As we add cloud service providers to FedRAMP, it ends up having a nonlinear cost,” Zvenyach said.
These investments come months after GSA launched the revamped version of the FedRAMP website. The modifications made to the site clearly points visitors to where they are within the FedRAMP authorization process, unlike the previously content-heavy website, which made it difficult to find pertinent information.
Some key features of the new website include an interactive graphic on the homepage and new pages that help users understand the different steps involved in securing FedRAMP authorization.
In addition to these developments, TTS is working with the Department of Defense to work out reciprocity between FedRAMP and the Cybersecurity Maturity Model Certification. The goal is to align the requirements, methodologies and levels of the two programs.
According to Zvenyach, the DOD’s Office of the Chief Information Officer is already represented on FedRAMP’s Joint Authorization Board.
Established in 2011, FedRAMP is a government-wide program that standardizes the approach to security assessment authorization and continuous monitoring of cloud-based services.
Category: Federal Civilian