FedRAMP PMO to Revamp Program’s Cloud Tech Assessment Process

CloudFederal Risk and Authorization Management Program office plans to add a “readiness capabilities assessment” to the FedRAMP process in an effort to help vendors demonstrate their cloud technology and service offerings early on.

The revamped process will require cloud service providers who seek a FedRAMP Ready status to complete a system evaluation with a third-party assessment organization rather than going through documentation reviews by the FedRAMP’s program management office, according to an announcement published Monday.

The program aims to help “CSPs and agencies to achieve FedRAMP authorizations faster without negatively impacting risk and quality of security packages.”

The FedRAMP PMO has also started to gather industry comments on draft versions of the FedRAMP Readiness Assessment Report Template and the FedRAMP Readiness Assessment Guidance.

CSPs and 3PAOs can submit their input for those documents through April 29.

Check Also

Cybersecurity Strategy

Updated CISA Federal Cybersecurity Strategy Directs Improved CDM Scores Through FY 2021

The Cybersecurity and Infrastructure Security Agency (CISA) has released an update to its action plan for strengthening federal cybersecurity in fiscal years 2020 through 2021. The initiative was led by Matthew Travis, the deputy director of CISA. CISA also cited evolving threat landscapes and limitations in cloud, network and encryption capabilities as challenges.

Leave a Reply

Your email address will not be published. Required fields are marked *