Frank Konkel writes the changes are based on the National Institute of Standards and Technologyâs fourth revision of its Special Publication 800-53 on security controls for federal information systems.
“This is a matter of communicating with providers, being transparent and letting people know what weâre doing,â said Maria Roat, FedRAMP director, according to the report.
GSA partnered with the Department of Homeland Security and Defense Department to communicate the updates.
Konkel reports the GSA plan provides guidance on the implementation of new baseline standards, assessment against current standards and testing of security controls depending on the CSP’s authorization or accreditation status.