Mary-Louise Hoffman
A MeriTalk-formed industry advocacy group has developed a six-step plan that it believes the U.S. government should adopt to increase transparency and efficiency in the Federal Risk and Authorization Management Program.
FedRAMP Fast Forward said Monday it crafted the proposal in a move to encourage the federal government to implement a “do-once-use-many” approach to assess and authorize cloud service providers.
“For Uncle Sam to break with the expensive and dysfunctional legacy addiction, we need a FedRAMP Fix,” noted Steve O’Keeffe, founder of MeriTalk.
FedRAMP Fast Forward recommended that the government coordinate the program’s security standards and lessen continuous monitoring costs for CSPs that have obtained authorization-to-operate certifications.
The government should also allow CSPs to modernize their cloud computing environments under FedRAMP as well as guide providers in their efforts to comply with security requirements at the Defense Department, the advocacy group added.
The Fix FedRAMP plan culminates seven months of the group’s collaboration with several CSPs, third-party assessment organizations, federal agencies and members of Congress.
A congressional cloud computing caucus will discuss FedRAMP Fast Forward’s recommendations at a meeting scheduled for March 3 at Capitol Hill.
