GSA launches new FedRAMP category
- By Colby Hochmuth
- Oct 17, 2014
Editor's Note: This article originally appeared on FCW.com.
The General Services Administration released on Friday its newest category for the Federal Risk and Authorization Management Program, showcasing cloud service providers ready to perform assessments and authorizations with potential agency customers.
"FedRAMP Ready" systems have had their documentation reviewed by the FedRAMP program management office and -- at a minimum -- have gone through the PMO readiness review process.
"As more and more cloud services enter the FedRAMP assessment process, FedRAMP is providing a new way to help agencies and cloud service providers achieve a FedRAMP authorization faster," said Matthew Goodrich, GSA's acting FedRAMP director.
According to the cloud.cio.gov website, "FedRAMP Ready systems allow potential agency customers and authorizing officials a starting point to initiate an authorization. Systems with more complete documentation or assessments by an accredited 3PAO will allow potential agency customers and authorizing officials to go through the assessment and authorization process more rapidly to become FedRAMP compliant."
There are varying degrees of demonstrated readiness in the system, from initial documentation to all required documentation and completed assessments from FedRAMP-accredited third-party assessment organizations (3PAOs) -- independent organizations that verify that evaluated cloud service providers meet FedRAMP requirements.
FedRAMP Ready will provide specifics of the services available from each approved vendor.
"Agencies can use this documentation to initiate an assessment and authorize these systems in a faster time than starting from scratch," Goodrich said.
The FedRAMP Ready system will also use open-source build documentation to help agencies speed the process of deploying cloud solutions.
Colby Hochmuth is a former staff writer for FCW.