Following the 11th hour exclusion of his bill to codify the Federal Risk Assessment and Management Program (FedRAMP) into law from must-pass defense legislation, Rep. Gerry Connolly, D-Va., said he’s interested in giving the measure another push after the 117th Congress begins in January 2021.
The FedRAMP Authorization Act was introduced in 2019 by Rep. Connolly and then-Rep. Mark Meadows, R-N.C. to codify the FedRAMP program into law, giving it a statutory foundation and formal standing for congressional review. The program, administered by the General Services Administration (GSA), provides a Federal government-wide standardized approach to security assessment, authorization, and continuous monitoring for cloud products and services.
Late last month, the bill was included in the NDAA that is set to be voted on by the House and Senate this week – giving its chances of becoming law a strong boost. The final NDAA bill agreed to by negotiators, however, omitted the FedRAMP legislation.
“This will remain a priority as we head into the new Congress,” Rep. Connolly said in a statement provided to MeriTalk.
“It is critical that we streamline the FedRAMP process and reduce the redundancies in federal cloud migration, so federal agencies can modernize their IT and realize cost-efficiencies,” the congressman said.