The Federal Risk and Authorization Management Program has launched a new pilot program as part of efforts to enable agencies to quickly gain access to the latest security features to existing cloud service offerings and eliminate the challenges facing cloud service providers when it comes to bringing such improvements to market.
According to a blog post published Wednesday, FedRAMP will use the data from the Agile Delivery pilot program to help inform changes aimed at streamlining existing change management processes.
“Our long-term goal is to shift the FedRAMP process to one that is based on continuous assessment rather than assessing point-in-time snapshots,” the blog post reads.
Cloud providers that have new security features they plan to launch before Dec. 31 are encouraged to participate in the pilot. They should have change management and automated configuration management processes.
FedRAMP is interested in new opt-in features and is eyeing around 20 pilot participants, which should provide self-assessment artifacts and go through independent testing by the end of January.
“Additionally, changes to the fundamental underlying architecture, or new security control implementations that apply to the entire offering, will be excluded from the pilot,” the blog post states.
The program will accept applications through July 26 and select pilot participants by Aug. 16.