From: FedScoop
FedRAMP will be aiming to reduce the timeline to earn FedRAMP Ready status by eight months. However, one of the three paths to an ATO will be ending.
By Greg Otto
Officials will unveil two big changes to the Federal Risk and Authorization Management Program Monday, aimed at drastically reducing the time it takes for cloud service providers to earn an authority to operate and begin selling to federal agencies.
Moving forward, cloud service providers who want to earn FedRAMP compliance will have to complete a capabilities assessment with a third-party assessment organization (3PAO) before the FedRAMP office considers them for the FedRAMP Ready list. Additionally, if a cloud service provider is to earn FedRAMP certification through the Joint Authorization Board, it must be considered FedRAMP Ready and have completed a full security authorization package with all testing finished.
Leave a Reply