Dave Zvenyach: GSA Plans to Invest in FedRAMP Process Automation

Dave Zvenyach: GSA Plans to Invest in FedRAMP Process Automation
Dave Zvenyac Director TSS

Dave Zvenyach, director of the General Services Administration's (GSA) Technology Transformation Services (TTS) organization, said the agency is looking to modernize Federal Risk and Authorization Management Program (FedRAMP) processes with automation technology. 

Zvenyach noted that FedRAMP, which set a standardized assessment and certification approach for cloud offerings, generates nonlinear costs as the agency onboards more providers into the program.

Zvenyach added that automating the cloud security authorization process will serve as one way to drive the reuse of authorized cloud products.

In Dec. 2019, the FedRAMP management office reached a milestone with the development of an Open Security Controls Assessment Language (OSCAL) in collaboration with the National Institute of Standards and Technology (NIST) and industry partners.

The OSCAL standard is designed to automatically publish, implement and assess security controls.

You may also be interested in...

Federal Cybersecurity

Senate Committee Releases Federal Cybersecurity Report

The Senate Homeland Security and Governmental Affairs Committee has issued a 47-page report outlining a list of recommendations to improve the cybersecurity posture of federal agencies. The Senate panel’s Federal Cybersecurity report recommends that the Office of Management and Budget (OMB) direct agencies to adopt a risk-based budgeting framework for information technology investments.