From: FedScoop
Agency officials are concerned that proposed revisions to Circular A-130 could make obtaining a federal cloud authorization an even lengthier and more costly process.
By Dan Verton
The Office of Management and Budget has circulated draft revisions to the governmentwide policy governing information resources management that some agency executives say will add unnecessary layers of bureaucracy to an already lengthy and costly cloud certification process, FedScoop has learned.
The proposed revision to Circular A-130 — Management of Federal Information Resources — would give agency privacy offices separate and independent authority over the Federal Risk and Authorization Management Program, or FedRAMP, the government’s standard approach to cloud security assessment and authorization. Privacy officer approval would be separate from the current security assessment process and could force the final authorization request to be taken to the agency head, according to several officials who have reviewed the document.
Leave a Reply