Brian Conrad: FedRAMP Team Aims to Move Forward With Automation

1 min read

Brian Conrad, acting director of the Federal Risk and Authorization Management Program, said his office will work to further simplify cloud security assessment and approval processes through automation while ensuring that vendors will continue to help protect federal data.

He told an audience at the FCW-hosted FedRAMP Summit that agencies have reused authorizations under the program more than 4,100 times to date.

Conrad added that 276 companies hold certification to offer cloud products and services to the federal government.

As part of its modernization efforts, the FedRAMP team worked with the National Institute of Standards and Technology in 2021 to implement a common programming format – called the Open Security Controls Assessment Language — for agencies, providers and third-party assessors.

The program management office received the first system security plan in OSCAL machine-readable format from a cloud service provider in May.

ExecutiveGov Logo

Sign Up Now! Executive Gov provides you with Free Daily Updates and News Briefings about Government Technology

The Ultimate Guide to Winning Government Contracts Let us show you how top executives are winning so you can replicate it