Jason Miller writes that FedRAMP 2.0 will include baseline controls based on the National Institute of Standards and Technology‘s new guidance for federal information systems privacy and security.
Matt Goodrich, GSA’s FedRAMP program manager, said the updates could be ready within the next two or three months, according to Miller’s article.
Goodrich added that the goal is to make the authorization process consistent and transparent, the station reports.
Agencies and cloud service providers have until June 30 to fulfill the program’s current requirements.
The FedRAMP Joint Authorization Board and the DHS have been working to get FedRAMP and the Continuous Diagnostics and Monitoring Program moving in the same direction, Miller writes.