FedRAMP
FedRAMP
Gerry Connolly

After being excluded from the final version of the National Defense Authorization Act (NDAA), the 117th Congress made the Federal Risk Assessment and Management Program (FedRAMP) Authorization Act one of the first bills passed in the House, passing by voice vote today. […]

The FedRAMP Program Management Office (PMO) recapped its efforts to gather feedback from Third Party Assessment Organizations (3PAOs) in a new blog post. […]

Build once, use many times is a foundational framework to accelerate IT modernization, drive innovation and maximize the value of investments. In Federal IT, standardizing security and compliance of cloud solutions is underway with the Federal Risk and Authorization Management Program (FedRAMP). But the process has historically been time consuming and expensive for vendors, preventing the rapid delivery of cloud-based solutions in support of agency missions. […]

FedRAMP released its plan to align with the National Institute of Standards and Technology’s (NIST) latest update to SP 800-53, Security and Privacy Controls for Information Systems and Organizations, Revision 5 (Rev5). […]

Federal agencies are leveraging past work on authorizations to operate (ATO) to bring in more cloud tools covered by the Federal Risk Authorization Management Program (FedRAMP) during the COVID-19 pandemic, said Brian Conrad, FedRAMP Cybersecurity Program Manager. […]

The Federal Risk Assessment and Management Program (FedRAMP) is poised to take a major step forward as the House and Senate take up of the National Defense Authorization Act (NDAA) of 2021 – a high priority post election. This must-pass legislation authorizes appropriations and establishes policies for the Defense Department. […]

cybersecurity

CenturyLink said on Sept. 1 that the company has attained FISMA (Federal Information Security Management Act) High certification for its federal network operations centers and security operations centers.  […]

FedRAMP

Cloud security provider Zscaler said it is making progress in efforts to obtain “High Impact” level classification under the Federal Risk and Authorization Management Program (FedRAMP) for its Zscaler Internet Access (ZIA) service – a secure internet and web gateway  solution that was the first product of its kind to receive to earn FedRAMP certification earlier this year. […]

Congress Capitol Senate House

The House voted late on July 20 to include in the Fiscal Year 2021 National Defense Authorization Act (NDAA) legislation that would codify into law the FedRAMP program – giving the program a statutory foundation and formal standing for congressional review. […]

The General Services Administration (GSA) attributes the FedRAMP program’s success to building a culture that prioritizes continuous improvement, and aims to continue program growth through its recently launched FedRAMP Agency Liaison Program. […]

Federal money spending government

A collection of trade groups representing the nation’s biggest tech firms is urging Senate leadership to match or exceed the $1 billion in funding for the Technology Modernization Fund (TMF) approved by the House last month as part of the HEROES Act pandemic-relief legislation. […]

FedRAMP

FedRAMP announced that it has kicked off a new initiative – the Agency Liaison Program – that the FedRAMP Project Management Office (PMO) said is “designed to transform the way FedRAMP informs and collaborates with Federal agencies,” and “help agencies and industry be more efficient in their cloud adoption efforts.” […]

NIST

The National Institute of Standards and Technology (NIST) released Open Security Controls Assessment Language (OSCAL) 1.0.0 Milestone 3, a key step toward finalizing the full initial release of OSCAL v1. […]

DoD

Katie Arrington, Cybersecurity Maturity Model Certification (CMMC) lead and CISO for acquisition at the Department of Defense’s (DoD) Undersecretary of Defense, confirmed that the CMMC and FedRAMP (Federal Risk and Authorization Management Program) offices are working on a way to grant reciprocity between the two certifications. […]

Department of Education logo

Fresh off notching an A+ grade on the latest FITARA Scorecard, the Department of Education knows it has a handle on good IT, and agency CISO Steven Hernandez said today he credits a measure of that success to an important mindset change on data. […]

A senior General Services Administration (GSA) official said today the agency is supportive of the primary aims of a new report recommending steps to modernize the Federal Risk and Authorization Management Program (FedRAMP), which provides a standardized approach to security assessment, authorization, and continuous monitoring for cloud products and services. […]

The Federal Risk and Authorization Management Program (FedRAMP) and the National Institute of Standards and Technology (NIST) released the Open Security Controls Assessment Language (OSCAL) Milestone 2 for public comment. […]

The Federal Risk and Authorization Management Program (FedRAMP) saw a spike in authorizations from 2017 to 2019, but the program is still not used in all cloud acquisitions and agencies have gaps in implementing controls, according to a report from the Government Accountability Office (GAO) released December 12. […]

The General Services Administration’s (GSA) Federal Risk and Authorization Management Program (FedRAMP) will focus on administering simplicity, automation, marketplace growth, and learning opportunities in Fiscal Year 2020, according to Director Ashley Mahan. […]

SEC

The Securities and Exchange Commission (SEC) has taken an ad-hoc approach to cloud adoption instead of following its cloud strategy, and did not fully implement security measures, according to a report from the SEC’s inspector general released November 7. […]

The General Services Administration is taking its FedRAMP Program to cloud service providers, start-ups, and entrepreneurs in San Francisco on Sept. 25 to showcase opportunities to work with the program that speeds the authorization process to provide products and services in the Federal government’s $90 billion per year IT market. […]

A project under development at the National Institute of Standards and Technology (NIST) is aiming to fully automate FedRAMP (Federal Risk and Authorization Management Program) and enable interoperable automation for cloud service providers (CSPs). […]

cloud computing concept -min

The Defense Information Systems Agency (DISA) issued an Aug. 15 provisional authorization that would enable Defense Department (DoD) components and mission partners to streamline cloud authorizations. […]

Categories