The General Services Administration has updated the Federal Risk and Authorization Management Program‘s security controls and templates for implementation by government agencies and cloud service providers, Nextgov reported Friday.
Matt Goodrich, FedRAMP program manager, told a forum Thursday in Washington that the update is based on the National Institute of Standards and Technology’s revised security control baseline implemented in 2013, Frank Konkel reports.
Goodrich said there are 16 government offerings that comply with FedRAMP and an additional 25 FedRAMP-compliant offerings are underway, according to the report.
Nextgov reports the government worked to increase savings through the FedRAMP cloud security assessments approach.
“Our estimate for any authorization is $250,000 – that’s over $40 million in cost avoidance for those 16 authorizations,” Goodrich told the forum.