oscal

FedRAMP Reports Over 4K Reused Cloud Security Packages in FY 2022

The Federal Risk and Authorization Management Program saw the number of cloud security packages reused by agencies increase by 132 percent from fiscal year 2020 to FY 2022. FedRAMP reported a total

More

by Jane Edwards

October 31, 2022

Government Technology/News

Brian Conrad: FedRAMP Team Aims to Move Forward With Automation

Brian Conrad, acting director of the Federal Risk and Authorization Management Program, said his office will work to further simplify cloud security assessment and approval processes through automation while ensuring that vendors

More

by Mary-Louise Hoffman

August 25, 2022

Government Technology/News

FedRAMP Gets 1st System Security Plan in Machine-Readable OSCAL Format

The Federal Risk and Authorization Management Program has received from a cloud service provider the first system security plan in a machine-readable format called Open Security Controls Assessment Language. FedRAMP expects the

More

by Jane Edwards

May 20, 2022

Government Technology/News

GSA Seeks to Automate Validation of FedRAMP Security Authorization Packages

The General Services Administration (GSA) will soon issue XML-automated validations to enable cloud services providers seeking an authority to operate to check whether all the required data is included in their security

More

by Jane Edwards

August 4, 2021

Government Technology/News

FedRAMP Issues Updated Guides for Developing Machine-Readable Authorization Packages

The Federal Risk and Authorization Management Program (FedRAMP) has released updated resources and conversion tools meant to help vendors and other stakeholders advance the digitization of FedRAMP authorization packages for commercial cloud

More

by Jane Edwards

July 21, 2021

Government Technology/News

FedRAMP, NIST Release 1st Version of Open Security Controls Assessment Language

The Federal Risk and Authorization Management Program (FedRAMP) office and the National Institute of Standards and Technology (NIST) have introduced a machine-readable standard that works to automate the preparation, authorization and reuse

More

by Carol Collins

June 10, 2021

Government Technology/News

Dave Zvenyach: GSA Plans to Invest in FedRAMP Process Automation

Dave Zvenyach, director of the General Services Administration's (GSA) Technology Transformation Services (TTS) organization, said the agency is looking to modernize Federal Risk and Authorization Management Program (FedRAMP) processes with automation technology.

More

by Carol Collins

June 3, 2021

Government Technology/News

FedRAMP’s Ashley Mahan on Increase in Cloud Services Reuse

Ashley Mahan, director of the General Services Administration’s (GSA) Federal Risk and Authorization Management Program (FedRAMP), said that FedRAMP saw a 50 percent rise in government agencies reusing certified cloud services in

More

by Jane Edwards

October 20, 2020

Cybersecurity/Government Technology/News/Press Releases

NIST, FedRAMP Developing Programming Language to Help Automate Cloud Security Assessments

The Federal Risk Authorization Management Program (FedRAMP) is working with the National Institute of Standards and Technology (NIST) to implement a universal programming language that can help accelerate cloud certification and drive

More

by Brenda Marie Rivers

October 9, 2020

Government Technology/News

NIST Releases Update for Draft FedRAMP Controls Baseline Guide

The National Institute of Standards and Technology (NIST) has issued an updated version of its Open Security Controls Assessment Language (OSCAL) milestone that includes guidelines for control baselines and system security plans

More

by Brenda Marie Rivers

June 18, 2020