FedRAMP Authorization Act
Software Technology Trade Group Encourages OMB, GSA to Reduce FedRAMP Entry Barriers
The Alliance for Digital Innovation, a software technology trade group, has urged the Office of Management and Budget and the General Services Administration to make policy changes to reduce the barriers preventing commercial cloud providers from entering the Federal Risk and Authorization Management Program Marketplace.
In a letter to OMB Director Shalanda Young and GSA Administrator Robin Carnahan, the group encouraged the agencies to use the opportunity provided under the recently passed FedRAMP Authorization Act to make the changes aimed at speeding up the technological innovation at federal agencies, FCW reported.
The FedRAMP Authorization Act was approved as part of the fiscal 2023 National Defense Authorization Act. Under the law, the OMB will issue FedRAMP guidance while the GSA will create a new public-private FedRAMP cloud advisory committee.
The GSA has begun accepting nominations for the Federal Secure Cloud Advisory Committee, which will consist of 15 members. Responsibilities of the group include exploring methods to improve FedRAMP authorization processes and providing recommendations to increase federal agency adoption of FedRAMP-authorized products.
The Alliance for Digital Innovation provided the GSA and the OMB recommendations to eliminate barriers to FedRAMP Marketplace entry, including providing agencies incentives for sponsoring companies seeking FedRAMP authorization, appointing a FedRAMP coordinator at each agency to support the onboarding of a new cloud product, providing grants to small cloud businesses to cover expenses for third-party assessments and encouraging agencies to adopt a risk-based approach instead of automatically choosing a cloud platform with higher levels of security controls.
According to a 2019 Government Accountability Office report, 15 out of the 24 agencies that the GAO surveyed did not always rely on FedRAMP for cloud services authorization because of confusing guidance and the challenges in complying with the program’s standards.
Category: Digital Modernization