Significant cloud and security landscape changes have prompted the Office of Management and Budget to release new draft guidance modernizing the Federal Risk and Authorization Management Program first issued in 2011, reports FedScoop.
Aside from establishing a technical information security program with risk management in mind and providing various authorization structures to promote marketplace growth, the updated FedRAMP also seeks to advance automation to streamline processes and facilitate shared infrastructure utilization between the federal government and the private sector.
Utilization of existing commercial cloud services has also been urged under FedRAMP modernization. Such a move to update FedRAMP has been hailed by Rep. Gerry Connolly, D-Va., who wrote the FedRAMP Authorization Act.
"Today, OMB took the first step toward updating its decade-old guidance for the FedRAMP Program... Recognizing reciprocity is smart for vendors and smart for agencies. If you are approved at one window of government, that approval should carry with you to others," Connolly added.
FedRAMP modernization sought by new draft guidance
Significant cloud and security landscape changes have prompted the Office of Management and Budget to release new draft guidance modernizing the Federal Risk and Authorization Management Program first issued in 2011, reports FedScoop.
Widespread adoption of artificial intelligence could substantially change U.S. law, several experts said at the InfoSec World 2024 security conference.
Such a bill, which comes months after the widespread breach of Change Healthcare stemming from the absence of multi-factor authentication, would not only mandate data security audits from the Department of Health and Human Services but also impose jail times for healthcare executives making false cybersecurity claims.