The General Services Administration’s Dave McClure told an AFCEA crowd this week that GSA-led “tiger teams” are working to improve the cloud-computing security guidelines FedRAMP, short for Federal Risk and Authorization Management Program.
But McClure said they aren’t interested in reinventing the wheel.
Speculation has swirled that creating FedRamp is essentially “blowing up [the Federal Information Security Management Act] and completely redesigning the security approach to the federal government,” McClure said. But that is only a myth.
As Government Computer News reported, the cloud-security guidelines are instead focused on the “security accreditation process by using an approach that can be vetted and reused across the government,” McClure said.
There have been a few hiccups. When GSA released a draft of the regulations, it garnered significant public comments — enough so that federal Chief Information Officer Vivek Kundra decided to extend the comment period and push back implementation, GCN reports.
In the meantime, GSA has launched so-called “tiger teams,” made up of officials from across the government, McClure said, to address those concerns.
Click here to read the full Government Computer News report along with the seven steps the tiger teams are taking to improve FedRAMP regulations.