Lawmakers Propose Bill to Codify FedRAMP Cloud Security Assessment Program
Lawmakers have proposed legislation seeking to update and codify the Federal Risk and Authorization Management Program, a government-wide regime for assessing the security of cloud-based products and services.
The Federal Secure Cloud Improvement and Jobs Act would direct the General Services Administration to automate FedRAMP assessments and continuously monitor cloud-based products and services, FedScoop reported Tuesday.
Sen. Gary Peters, chairman of the Senate Committee on Homeland Security and Governmental Affairs, said that cloud technology is a proven way of improving government efficiency that must be protected from cyberattacks.
The legislation would introduce changes to FedRAMP to ensure that federal government agencies can quickly adopt secure cloud-based information technology.
The bill would establish metrics and authorize $20 million in investment to ensure the proper implementation of the security program.
Lastly, the bill would require the creation of a Federal Secure Cloud Advisory Committee tasked with improving the communication between federal agencies and companies offering cloud technology.
The legislation has similarities to the proposed FedRAMP Authorization Act, which seeks to automate the FedRAMP process to promote reciprocity for security validations from one agency to another.
The FedRAMP Authorization Act would also authorize a $20 million annual budget for the FedRAMP program office and establish a committee tasked with improving dialogue among stakeholders.
The House version of the bill was passed for the fourth time in January but has since sat in the Senate Homeland Security Committee, FedScoop reported.
Category: Digital Modernization
Tags: cloud cybersecurity digital modernization FedRAMP FedScoop Gary Peters General Services Administration legislation