Hi All,
The purpose of the FedRAMP program is to increase Federal agencies' adoption of and
secure use of the commercial cloud while focusing cloud service providers and agencies on the
highest value work and eliminating redundant effort.
To do this, FedRAMP provides a standardized, reusable approach to security assessment
and authorization for cloud computing products and services. The FedRAMP program supports
broader efforts to reduce the nation's cybersecurity risks, contributing to a more stable
technology ecosystem by incentivizing CSPs to make security improvements that protect all of
their Federal customers.
The goal of this guidance is to strengthen and enhance the FedRAMP program.
FedRAMP has provided significant value to date, but the program must change to meet the needs
of Federal agencies and address the scope of the cloud marketplace. The FedRAMP marketplace
must scale dramatically to enable Federal agencies to work with many thousands of different
cloud-based services can accelerate key agency operations while allowing agencies to
directly manage a smaller IT footprint.
OMB is soliciting public comment on the draft guidance until December 22, 2023. To submit a public comment, visit https://www.regulations.gov/document/OMB-2023-0021-0001
------------------------------
Michael Roza CPA, CISA, CIA, CC, MBA, Exec MBA, CSA Research Fe
------------------------------