The General Services Administration plans to release an updated list of governmentwide cybersecurity requirements under its Federal Risk Authorization and Management Program, Federal News Radio reported Feb. 28.
Jason Miller writes the revision to the baseline security standards comes ahead of a June deadline for agencies to use only FedRAMP approved cloud computing services.
Maria Roat, GSA director of FedRAMP, said the Office of Management and Budget’s PortfolioStat federal IT dashboard has helped her office gain some new insights on agency-side progress on compliance efforts, according to the report.
GSA.gov lists Lockheed Martin, CGI Federal, Hewlett Packard, IBM, Oracle, Microsoft and AT&T as among the 10 vendors the FedRAMP program management office has already approved as compliant cloud service providers.
Roat said the Joint Authorization Board of chief information officers from GSA and the departments of Defense and Homeland Security has been expanded to include the Defense Information Systems Agency.
“When the packages are being reviewed, it has DISA’s viewpoint on it, so then when one of the vendors comes through, DISA has already seen the package and they know exactly what’s in it and they don’t have to do the work twice,” Roat said.