Tag Archives: Federal Risk and Authorization Management Program

FITARA 18 Sees Agencies Move to the Head of the Class

Posted on by

FITARA

The latest Federal Information Technology Acquisition Reform Act (FITARA) scorecard, released in September, showed dramatic improvements in the progress agencies have made towards meeting IT modernization goals. The overall grades of 18 of the 24 tracked agencies increased, while grades for the remaining six agencies were unchanged. Per the scorecard,13 agencies now have an overall 'A,' 10 have a 'B,' and only one agency--the Energy Department--has a grade of 'C.' The Department of Health and Human Services and the Department of State showed the greatest improvements, with both agencies' grades moving from 'D's to 'A's.

The grading categories, unchanged from the previous report, measured agency CIO authority enhancements; CIO investment evaluation; cloud computing; modernizing government technology; cybersecurity; and progress transitioning from legacy contracts to the GSA's newer Enterprise Information Solutions (EIS) contract. Improvements in the categories of cloud computing, cybersecurity, and EIS transition contributed to higher scores. Continue reading

Next Gen Tech Needs Next Gen Acquisition

Posted on by

The speed at which technology evolves presents many challenges for the federal government, the first being the actual acquisition of solutions. Government procurement processes and policies have had to adjust and evolve to enable agencies to buy and implement the emerging technologies that support their mission.

Utilizing Existing Platforms

The Federal Risk and Authorization Management Program (FedRAMP) may be the largest and most visible example of this evolution, allowing agencies to securely acquire cloud solutions. The program is being used as a platform to ensure that other transformative technologies, like the cloud, can securely make their way into government systems. The Emerging Technology Prioritization Framework provides guidance on how cloud service providers can request their emerging tech-powered products be prioritized and then implemented. The initial focus will be on artificial intelligence (AI) solutions, focusing on chat interfaces, code generators and debugging tools, image generators, and associated application program interfaces. Continue reading

FedRAMP’s Ongoing Evolution

Posted on by

The Federal Risk and Authorization Management Program (FedRAMP) is entering its teen years, having been established in 2011. Just as age 13 brings a host of changes for humans, it's also proving to be just as momentous for the program that provides a standardized, government-wide approach to security assessment, authorization, and continuous monitoring for cloud products.

FedRAMP has evolved to meet the growing importance of cloud services to the daily operations of the government. However, the speed at which FedRAMP grants cloud service status has consistently been an issue. In 2022, Congress enacted the FedRAMP Authorization Act, making FedRAMP law. The bill included a laundry list of modernization steps for the program to speed up its work and expand its capacity, including through the use of more automation technologies. There have been a number of modernization efforts this year, implemented to help FedRAMP meet the demands of agencies and live up to its promise as a secure way to deploy cloud in government. Continue reading

Cloudy Days are Here to Stay

Posted on by

Cloud services have allowed federal agencies to meet the demands of quickly scaling digital government initiatives while maintaining a high level of security. It's also been a huge money-saver. The government has yielded $4.7 billion in savings by closing data centers and relying more and more on cloud. The federal government spent a total of $12.3 billion in FY22 on cloud goods and services, a 30 percent increase from the previous year.

To ensure agencies continue to see savings amidst increased spending, there are several initiatives in place to modernize how government procures and pays for cloud services. Continue reading