The Federal Risk and Authorization Management Program has unveiled a new website designed to serve as a technical documentation hub for cloud service providers as they develop, validate and submit digital authorization packages.
According to a blog post published Thursday FedRAMP’s automation website will also serve as guidance for governance, risk and compliance application developers that produce and use digital authorization package data.
The open source-based site provides detailed technical documentation, guidance and best practices for developing and managing digital authorization packages with the Open Security Controls Assessment Language, or OSCAL.
According to FedRAMP, the site will help improve the user experience for stakeholders that are implementing OSCAL-based packages and tools and establish a collaborative workflow that supports community contributions for enhancements to the documentation.
“We plan to expand the website over time as we bring new capabilities online, and it will eventually include details of how to integrate with FedRAMP’s package repository and submission processes,” the blog post reads.