Governance, Risk and Compliance, Security Staff Acquisition & Development, Cloud Security

FedRAMP modernization sought by new draft guidance

Significant cloud and security landscape changes have prompted the Office of Management and Budget to release new draft guidance modernizing the Federal Risk and Authorization Management Program first issued in 2011, reports FedScoop. Aside from establishing a technical information security program with risk management in mind and providing various authorization structures to promote marketplace growth, the updated FedRAMP also seeks to advance automation to streamline processes and facilitate shared infrastructure utilization between the federal government and the private sector. Utilization of existing commercial cloud services has also been urged under FedRAMP modernization. Such a move to update FedRAMP has been hailed by Rep. Gerry Connolly, D-Va., who wrote the FedRAMP Authorization Act. "Today, OMB took the first step toward updating its decade-old guidance for the FedRAMP Program... Recognizing reciprocity is smart for vendors and smart for agencies. If you are approved at one window of government, that approval should carry with you to others," Connolly added.

Get daily email updates

SC Media's daily must-read of the most current and pressing daily news

By clicking the Subscribe button below, you agree to SC Media Terms and Conditions and Privacy Policy.