Easy access to all the Government news updates

Subscribe and receive personalized news articles straight in your inbox

*By clicking "Join us now" you agree to receive emails, promotions and general messages from ExecutiveGov. In addition, you also agree to ExecutiveGov's Privacy Policy and Terms & Conditions.


FedRAMP Seeks to Expedite Security Package Reviews With OSCAL Validation Rules

1 min read

The Federal Risk and Management Program (FedRAMP) has issued Open Security Controls Assessment Language (OSCAL) validation rules to help automate reviews of security packages and speed up authorizations.

The OSCAL validation rules will enable cloud service providers and third-party assessment organizations to perform self-testing to see whether all the required data is included in their security packages prior to submission to FedRAMP, the program said in a blog post-Thursday.

FedRAMP said its review teams will also use the automated validation rules to assess initial packages from CSPs.

“When both FedRAMP and industry utilize automated validation rules, FedRAMP reviewers will spend less time on packages that do not pass initial criteria, and therefore, are not ready for review,” the post reads.

The FedRAMP program management office worked with the General Services Administration’s 10x program on the automated validation rules.

ExecutiveGov Logo

Sign Up Now! Executive Gov provides you with Free Daily Updates and News Briefings about Government Technology