Home / News / GSA Issues FedRAMP Directions

GSA Issues FedRAMP Directions

Photo: GSA.gov

The General Services Administration released its step-by-step instruction guide on following FedRAMP procedures Tuesday.

The 47-page concept of operations outlines how agencies and contractors should proceed in certifying services so a service from one contractor could be used in multiple agencies.

GSA says products including infrastructure-as-a-service tools will be the first to go through the FedRAMP process.

Independent auditors that undergo an application process to be government-approved will evaluate products’ compliance.

Cloud providers that successfully go through the authorization process will be listed on the FedRAMP website.

After passing the audit phase, officials from the Department of Homeland Security and FedRAMP will evaluate and continue to re-evaluate services deployed in agencies.

Service providers may re-submit a product or service to the auditors for reconsideration and a panel of security experts will reassess whether the product will be used or not.

GSA’s guide designates the DHS as the lead body in coordinating recovery efforts in the event of a breach on the agency side.

DHS will also “assist government-wide and agency-specific efforts to provide adequate, risk-based and cost-effective cybersecurity” and develop guidance to implement trusted services and cybersecurity.

Check Also

Bindu Nair: Pentagon Aims to Accelerate Basic Research’s Impact on Capabilities Through Pilot Program

Bindu Nair, deputy director for basic research at the Defense Department, told Federal News Network in an interview published Thursday that DoD intends to speed up basic research’s impact on capabilities through the Defense Enterprise Science Initiative. The Pentagon selected five university-industry teams in August for the DESI pilot program that seeks to address technological gaps and support other basic research initiatives within the department.

Leave a Reply

Your email address will not be published. Required fields are marked *