Ashley Mahan, director of the General Services Administration’s (GSA) Federal Risk and Authorization Management Program (FedRAMP), said that FedRAMP saw a 50 percent rise in government agencies reusing certified cloud services in fiscal year 2020 as those organizations continue to work to meet the telework requirements during the COVID-19 pandemic.
Read More »NIST, FedRAMP Developing Programming Language to Help Automate Cloud Security Assessments
The Federal Risk Authorization Management Program (FedRAMP) is working with the National Institute of Standards and Technology (NIST) to implement a universal programming language that can help accelerate cloud certification and drive automation in government operations. “What normally would take an assessor weeks to do, an OSCAL tool can perform in seconds,” said David Waltermire.
Read More »NIST Releases Update for Draft FedRAMP Controls Baseline Guide
The National Institute of Standards and Technology (NIST) has issued an updated version of its Open Security Controls Assessment Language (OSCAL) milestone that includes guidelines for control baselines and system security plans (SSP) for various hardware and software.
Read More »FedRAMP Announces Milestone in Authorization Process Automation
The Federal Risk and Authorization Management Program has worked with industry and the National Institute of Standards and Technology to develop the Open Security Controls Assessment Language to help automate the authorization process.
Read More »