The new Federal Risk and Authorization Management Program certification process has authorized more than 75 cloud service providers that include 41 third-party assessment organizations with 50 more CSPs in line for approval, Federal News Radio reported Thursday.
David Thornton writes the program looks to streamline the time it will take a cloud service provider to secure a FedRAMP provisional authorization and a recent modification on the process focuses on “high-impact” systems.
“We have seen an 85 percent increase in FedRAMP authorization for new cloud services,” said Ashley Mahan, FedRAMP agency evangelist.
The report noted FedRAMP has issued a standards baseline for high impact systems in July with the addition of “stricter” controls designed to meet Defense Department needs.
“There weren’t major changes in terms of capabilities [as compared to the draft high baseline], but there were a few control additions and tighter implementations that are present in the final baseline that were not in the original baseline requirements,” said Matt Goodrich, FedRAMP director.