FedRAMP Issues a New Challenge: Help Us Improve

Abstract

“No idea is too small!” according to the challenge issued Wednesday.

If you have issues with the Federal Risk and Authorization Management Program process—and ideas to make it better—now is the time to speak up through the Ideation Challengerunning for the next four weeks.

FedRAMP was created to provide a central certifying body to validate the security of cloud products being sold to federal agencies. However, while it was established to streamline the process, it has instead become marked as a primary bottleneck to adopting cloud technologies in government.

Any system—infrastructure, platforms, software applications—running on or being used by federal agencies must go through a rigorous process and be certified with an authority to operate, or ATO. While agencies can—and most often do—complete the certifications internally, the FedRAMP program is meant to offer provisional ATOs that can then be reused throughout government.

The problem: The FedRAMP ATO process is often long and expensive for the companies seeking authorization, and once received agencies are reticent to rely on others’ work when it’s their data on the line.

Document Date
Author (organization)
GovExec/NextGov
Document type
News Article
Interests
Cloud Computing
Interests
Cloud Computing