Cloud security

Senate Committee Approves Bill Seeking to Codify FedRAMP

The Senate Homeland Security Committee has approved legislation seeking to codify the Federal Risk and Authorization Management Program, a government-wide regime for assessing the security of cloud-based products and services.

The Federal Secure Cloud Improvement and Jobs Act would direct the General Services Administration to automate FedRAMP assessments within a year, in addition to the continuous monitoring cloud offerings. The bill will now go to the Senate floor, FedScoop reported Thursday.

Introduced in early November by a bipartisan group of senators, the bill is aimed at ensuring that federal agencies can quickly and securely adopt cloud technologies to improve their operations.

Sen. Maggie Hassan, one of the legislation’s sponsors, said that the bill would streamline the approval process for cloud offerings, effectively accelerating agencies’ modernization efforts and enhancing their cybersecurity.

According to its authors, the bill will make the FedRAMP program more accountable to the public and create more jobs in the cloud services industry.

The legislation would establish performance metrics and authorize $20 million in annual funding to ensure proper implementation of FedRAMP.

If passed into law, the bill would also set up a FedRAMP board of technical experts tasked with prioritizing security assessments.

Similar legislation was passed by the House of Representatives in the past but was not picked up by the Senate Homeland Security Committee.

The House’s FedRAMP Authorization Act sought to automate the FedRAMP process to promote reciprocity for security validations from one agency to another.

The bill also sought to authorize a $20 million annual budget for the FedRAMP program office and establish a committee tasked with improving dialogue among stakeholders.