Federal Risk and Authorization Management Program (FedRAMP) officials are espousing the benefits of the FedRAMP Authorization Act being enacted as part of the FY23 National Defense Authorization Act (NDAA).
The Act organizes the FedRAMP program as the authoritative standardized approach to security assessment and authorization for cloud computing products and services processing unclassified federal information/ The measure recognizes the work FedRAMP and its stakeholders have achieved over the last 10 years.
Provisions highlighted by FedRAMP include improving the speed at which new cloud computing products and services can be authorized by implementing automation techniques; continued enhancement of agencies’ ability to effectively evaluate FedRAMP-authorized cloud products for reuse; and more transparency and dialogue between industry and the federal government to initiate stronger adoption of secure cloud capabilities.
FedRAMP was established in 2011 to provide a cost-effective approach to the adoption and use of cloud services by the federal government. It empowers the use of modern cloud technologies, emphasizing security and federal information protection.
According to FedRamp, the agency enables the federal government to accelerate the adoption of cloud computing by creating transparent standards and processes for security authorizations while also allowing agencies to leverage security authorizations on a government-wide scale.