The program management office for the Federal Risk and Authorization Management Program has developed a set of steps to advance FedRAMP modernization as part of efforts to enhance federal cloud cybersecurity.
FedRAMP said Thursday the modernization approach is built on the three pillars of technology, people and processes.
The technology aspect of the plan includes FedRAMP’s creation of a systems architecture that sets standards for tools that will automate continuous monitoring and documentation submission for stakeholders.
For the process pillar, the program is working on a cooperative initiative to assess and streamline the flow of security packages to help accelerate the authorization timeline and address potential backlog areas.
To address the people aspect, FedRAMP will strengthen engagement, collaboration and adoption across agencies and commercial partners to meet their needs while growing the FedRAMP Marketplace, promoting knowledge sharing and training and transforming processes.
The Office of Management and Budget is soliciting comments on its updated guidance for modernizing FedRAMP. Responses are due Dec. 22.