Posts Tagged ‘Policy’
The Office of Management and Budget this morning posted a new memo [PDF or below] by Federal CIO Steven VanRoekel laying out the administration’s initiative for cloud computing security.
Known as FedRAMP — Federal Risk and Authorization Management Program— it is a government-wide program that provides a standardized approach to security assessment, authorization, and continuous monitoring for cloud products and services. This approach uses a “do once, use many times” framework that will save cost, time, and staff required to conduct redundant agency security assessments.
The memo, titled Security Authorization of Information Systems in Cloud Computing Environments, has been widely anticipated and lays out the administration’s steps toward securing cloud computing.
Earlier this year, at a speech in California, VanRoekel suggested that FedRAMP could become mandatory.
Cloud computing is at the heart of the Obama administration’s key technology initiatives and is a prominent part of the White House 25 point IT reform plan [PDF].
We’ve been telling you about the memo — due out any time now — that will outline the role of the CIO. You first read about the memo on the DorobekInsider a few weeks ago… and then we got OMB’s Karen Evans to give us some details… and you can hear Evans talk about it yourself…
The official memo isn’t out yet, but… we’ve obtained a draft of that memo.
Read more… and find a link to the full draft after the break…