Home / News / GSA Issues FedRAMP Directions

GSA Issues FedRAMP Directions

Photo: GSA.gov

The General Services Administration released its step-by-step instruction guide on following FedRAMP procedures Tuesday.

The 47-page concept of operations outlines how agencies and contractors should proceed in certifying services so a service from one contractor could be used in multiple agencies.

GSA says products including infrastructure-as-a-service tools will be the first to go through the FedRAMP process.

Independent auditors that undergo an application process to be government-approved will evaluate products’ compliance.

Cloud providers that successfully go through the authorization process will be listed on the FedRAMP website.

After passing the audit phase, officials from the Department of Homeland Security and FedRAMP will evaluate and continue to re-evaluate services deployed in agencies.

Service providers may re-submit a product or service to the auditors for reconsideration and a panel of security experts will reassess whether the product will be used or not.

GSA’s guide designates the DHS as the lead body in coordinating recovery efforts in the event of a breach on the agency side.

DHS will also “assist government-wide and agency-specific efforts to provide adequate, risk-based and cost-effective cybersecurity” and develop guidance to implement trusted services and cybersecurity.

Check Also

New Laboratory at NSWC Crane Focuses on Electro-Optical Technology

Naval Surface Warfare Center Crane Division is investing in electro-optical technologies for the newly launched Naval Innovative Threat Exploitation and Optical Warfare Laboratory or NITE OWL. The new laboratory is meant to help warfighters address electro-optical threats, Naval Sea Systems Command said Tuesday.

Leave a Reply

Your email address will not be published. Required fields are marked *