Brian Conrad, acting director of the General Services Administration’s (GSA) Federal Risk and Authorization Management Program (FedRAMP), is stepping down from his position. […]

As the White House’s Office of Management and Budget (OMB) works to modernize the General Services Administration’s (GSA) Federal Risk and Authorization Management Program (FedRAMP), top officials from OMB this week previewed coming changes for the program. […]

While the Office of Management and Budget (OMB) proposed new guidance to overhaul the General Services Administration’s (GSA) FedRAMP (Federal Risk and Authorization Management Program) program in October 2023, a new watchdog report is pushing both agencies to move quickly to finalize new program rules. […]

The Federal Secure Cloud Advisory Committee (FSCAC) is looking to fill four open seats on its 15-member board that advises and provides recommendations to the General Services Administration (GSA) administrator, the Federal Risk and Authorization Management Program (FedRAMP) Board, and Federal agencies.  […]

The Office of Management and Budget (OMB) today released proposed new guidance to modernize the General Services Administration’s (GSA) FedRAMP (Federal Risk and Authorization Management Program) program. […]

The Office of Management and Budget (OMB) will be unveiling proposed new guidance for the General Services Administration’s (GSA) FedRAMP (Federal Risk and Authorization Management Program) program on Friday morning. […]

The General Services Administration (GSA) has set four public meetings of the Federal Secure Cloud Advisory Committee (FSCAC) to develop recommendations on the secure adoption of cloud computing products under the Federal Risk and Authorization Management Program (FedRAMP). […]

Rep. Gerry Connolly, D-Va., long a prime mover on Federal technology policy issues in Congress, said today that he is committed to encouraging further adoption of cloud services by the Federal government “through continued FITARA (Federal Information Technology Acquisition Reform Act) oversight hearings” by the House Oversight and Accountability Committee. […]

The General Services Administration (GSA) is seeking a new lead for the Federal Risk and Authorization Management Program (FedRAMP) to oversee vulnerability management and continuous monitoring for the program. […]

The new members of the Federal Secure Cloud Advisory Committee (FSCAC) held their first meeting last week, centered around the Office of Management and Budget’s (OMB) request for the committee to address specific challenges and opportunities related to the Federal Risk and Authorization Management Program (FedRAMP). […]

Making the General Services Administration’s (GSA) FedRAMP (Federal Risk and Authorization Management Program) process more efficient for cloud service providers appears to be on the radar of the Office of the National Cyber Director (ONCD) as the ONCD moves toward the implementation planning phase of the National Cybersecurity Strategy released last month. […]

Good things can come both to those who wait – and never stop trying – in Washington. That’s one of the top-line takeaways after talking with Stephen Kovac, Chief Compliance Officer at cloud security provider Zscaler, following the successful conclusion late last month of a multi-year campaign to codify into law the Federal Risk and Authorization Management Program (FedRAMP). […]

The General Services Administration (GSA) is looking for nominees to staff up its new Federal Security Cloud Advisory Committee (FSCAC) created by legislation approved late last year that codified the Federal Risk and Authorization Management Program (FedRAMP) into law. […]

Illumio, a provider of zero trust segmentation (ZTS) technologies, said today that its Illumio Government Cloud offering has received FedRAMP (Federal Risk and Authorization Management Program) In Process designation at a Moderate Impact Level, under the sponsorship of the Department of Health and Human Services (HHS) Office of Inspector General. […]

The Fiscal Year (FY) 2023 National Defense Authorization Act (NDAA) bill released by the House Rules Committee late Tuesday evening features legislation approved by the House in September to codify into law and update the Federal Risk and Authorization Management Program (FedRAMP). […]

Cloud security provider Zscaler said today that its Zscaler Private Access service – a cloud-delivered, zero trust network access (ZTNA) service that provides secure access to all private applications, without the need for a remote access VPN – has achieved FedRAMP Moderate Authorization from the General Services Administration’s Federal Risk and Authorization Management Program. […]

Brian Conrad, acting director of the General Services Administration’s (GSA) Federal Risk and Authorization Management Program (FedRAMP), pointed to the program’s service re-use progress over the past year at an Oct. 20 ATARC event, including a 60 percent jump in re-use by Federal agencies of approved cloud services over the past year. […]

The House last week voted to approve an updated version of legislation that would codify into law and update the Federal Risk and Authorization Management Program (FedRAMP). […]

Both vendors and Federal officials said today they want more visibility into the Federal Risk and Authorization Management Program (FedRAMP) process, which certifies the security of cloud technologies for Federal government use and is operated by the General Services Administration (GSA). […]

Brian Conrad, acting director of the General Services Administration’s (GSA) Federal Risk and Authorization Management Program (FedRAMP), explained at an FCW event today how ongoing improvement efforts are charting a path for the program over the next five to ten years. […]

Cloud security provider Zscaler said this week that its Zscaler Internet Access (ZIA) service received Federal Risk and Authorization Management Program (FedRAMP) High Authority to Operate (ATO) from the FedRAMP Joint Authorization Board (JAB). […]

The Alliance for Digital Innovation (ADI) is pressing congressional appropriators to provide more money in Fiscal Year 2023 budget legislation for primary sources of Federal agency IT modernization funding, including the Technology Modernization Fund (TMF), along with the General Services Administration’s (GSA) Federal Citizen Services Fund (FCSF). […]

Cloud security provider Zscaler said this week that it has two additional Federal Risk and Authorization Program (FedRAMP) authorizations in process, and expects to receive certifications in the coming weeks. […]

As Acting Director of FedRAMP Brian Conrad looks ahead to the program’s fiscal year (FY) 2022 goals, he said gathering feedback from stakeholders will play a “critical” role in improving the program going forward. […]

As the General Service Administration’s (GSA) Federal Risk and Authorization Management Program (FedRAMP) program looks to transition to Revision 5 (Rev. 5) baselines – in accordance with the National Institute of Standards and Technology’s (NIST) Rev. 5 security and privacy controls – Acting Director of FedRAMP Brian Conrad said the agency has been  able to decrease the number of controls for improved usability. […]

House Government Operations Subcommittee Chairman Gerry Connolly, D-Va., said today he is looking for final congressional approval in the near term for legislation he has championed for the past several years that would codify into Federal law the General Services Administration’s Federal Risk and Authorization Management Program (FedRAMP). The program certifies the security of cloud technologies for Federal government use. […]

After a few failed attempts, cyber incident reporting legislation made it over the finish line as part of the fiscal year (FY) 2022 appropriations bill – a victory hailed by Cybersecurity and Infrastructure Security Agency (CISA) Director Jen Easterly and lawmakers as a necessary step for more visibility to protect critical infrastructure. […]

The Senate on March 1 approved by unanimous consent the Strengthening American Cybersecurity Act of 2022. The bill is a sweeping legislative package introduced last month that aims to update the Federal Information Security Management Act (FISMA), codify the General Services Administration’s Federal Risk and Authorization Management Program (FedRAMP), and require timely cyber incident reporting by critical infrastructure providers. […]

Leadership of the Senate Homeland Security and Governmental Affairs Committee has introduced a package bill in the Senate that would update both the Federal Information Security Management Act (FISMA), which sets cybersecurity requirements for Federal agencies, and codify the Federal Risk and Authorization Management Program (FedRAMP) that certifies cloud services as secure to use for Federal government agencies. […]