FEDRAMP JUNE 2018
FEDRAMP AT A GLANCE FedRAMP was created out of the U.S. Government’s Federal Cloud Computing Initiative to remove the barriers to cloud adoption 175 Cloud Service Providers pursuing or have achieved an FedRAMP’s Goals authorization 138 44 o Ensure the use of cloud Agencies Unique 3rd services protects federal authorizing a Party Assessors information FedRAMP service o Enable reuse across the In 6 Years, FedRAMP Enabled Government To Avoid Federal government wherever possible to >$170 MILLION IN COSTS & save money and time 1/3 of the world’s internet traffic pass through our vendors 2
FEDRAMP IMPACTS POINTS OF CONNECTION 750+ 3,500+ 9000+ 9400+ Annual meetings with Questions answered Followers on Twitter Stakeholders on listserv agencies and vendors through info@fedramp.gov COMMUNITY ENGAGEMENT CSPs AGENCIES 3
THE YEAR OF REFINEMENT MORE CLOUD TO CHOOSE FROM • Increase Authorized Cloud Services • Increase Re-used Authorizations • Convert FedRAMP-Ready CSPs to In-Process or Authorized CSPs 2018 is “The Year of TRANSFORM SECURITY AUTHORIZATIONS • Automate the Authorization Process Refinement” for • Continue to push FedRAMP Tailored Authorizations FedRAMP STRONGER FEDRAMP COMMUNITY • Connect the Community Through Industry and Agency Days • Enhance 3PAO Resources with Updated 3PAO Requirements • Promote Better Understanding of FedRAMP and the Authorization Process 4
FEDRAMP JUNE HAPPENINGS New FedRAMP Training Platform and 300-Level Course: We’re launching a new Training Platform, which will provide a cohesive view of the FedRAMP curriculum and provide a quality user experience. 3PAO Requirements Release: We received feedback on the draft R311 requirements. We’re reviewing the feedback, and will release the finalized R311 requirements sometime in the coming weeks. June is a busy month Authorization Boundary Guidance and Feedback: We for the FedRAMP released guidance on authorization boundaries to educate CSPs, Agencies, and 3PAOs and inform their creation and review of these boundaries. Program! Readiness Assessment Report (RAR) Template Update and Webinar: We will be releasing an updated RAR template that provides guidance on describing and assessing risk associated with system interconnections, Application Programming Interfaces (APIs), and external services. We will be hosting a webinar on the update this summer that will include time for Q&A. FedRAMP Connect: The next round of FedRAMP Connect, where we prioritize CSPs to work with the JAB toward a Provisional Authority to Operate (P-ATO) will begin within the next couple of weeks. 5
QUESTIONS? Learn more at FedRAMP.gov Contact us at info@fedramp.gov @ FedRAMP 6
Recommend
More recommend