âIf agencies have cloud providers that have not been accredited they should contact my office and ask if they are in the pipeline,â Maria Roat, FedRAMP director with the General Services Administration, said at the Federal Cloud Computing Summit last month in Washington, according to the report.
According to Roat, an agency-led FedRAMP review takes more than four months to complete and the process could stretch up to two additional months if company-initiated.
The FedRAMP security cloud program has close to 300 security controls based on guidelines set forth by the National Institute of Standards and Technology.