Tag Archives: oscal

FedRAMP, NIST Release 1st Version of Open Security Controls Assessment Language

OSCAL Version 1.0.0

The Federal Risk and Authorization Management Program (FedRAMP) office and the National Institute of Standards and Technology (NIST) have introduced a machine-readable standard that works to automate the preparation, authorization and reuse of commercial cloud offerings for the government sector. The FedRAMP office expects OSCAL to help vendors prepare and review system security plans faster

Read More »

Dave Zvenyach: GSA Plans to Invest in FedRAMP Process Automation

Dave Zvenyac

Dave Zvenyach, director of the General Services Administration's (GSA) Technology Transformation Services (TTS) organization, said the agency is looking to modernize Federal Risk and Authorization Management Program (FedRAMP) processes with automation technology. Zvenyach noted that FedRAMP, which set a standardized assessment and certification approach for cloud offerings, generates nonlinear costs as the agency onboards more providers into the program.

Read More »

FedRAMP’s Ashley Mahan on Increase in Cloud Services Reuse

Ashley Mahan

Ashley Mahan, director of the General Services Administration’s (GSA) Federal Risk and Authorization Management Program (FedRAMP), said that FedRAMP saw a 50 percent rise in government agencies reusing certified cloud services in fiscal year 2020 as those organizations continue to work to meet the telework requirements during the COVID-19 pandemic.

Read More »

NIST, FedRAMP Developing Programming Language to Help Automate Cloud Security Assessments

Cloud Security

The Federal Risk Authorization Management Program (FedRAMP) is working with the National Institute of Standards and Technology (NIST) to implement a universal programming language that can help accelerate cloud certification and drive automation in government operations. “What normally would take an assessor weeks to do, an OSCAL tool can perform in seconds,” said David Waltermire

Read More »