DorobekInsider

Focusing on six words: Helping government do its job better

Posts Tagged ‘Policy

DorobekINSIDER: OMB memo lays out the policies to secure cloud computing using FedRAMP

leave a comment »

The Office of Management and Budget this morning posted a new memo [PDF or below] by Federal CIO Steven VanRoekel laying out the administration’s initiative for cloud computing security.

FedRAMP logoKnown as FedRAMP — Federal Risk and Authorization Management Program— it is a government-wide program that provides a standardized approach to security assessment, authorization, and continuous monitoring for cloud products and services. This approach uses a “do once, use many times” framework that will save cost, time, and staff required to conduct redundant agency security assessments.

The memo, titled Security Authorization of Information Systems in Cloud Computing Environments, has been widely anticipated and lays out the administration’s steps toward securing cloud computing.

Earlier this year, at a speech in California, VanRoekel suggested that FedRAMP could become mandatory.

Cloud computing is at the heart of the Obama administration’s key technology initiatives and is a prominent part of the White House 25 point IT reform plan [PDF].

View this document on Scribd

Written by cdorobek

December 8, 2011 at 11:06 AM

Read a draft of the much discussed OMB CIO memo

with 4 comments

We’ve been telling you about the memo — due out any time now — that will outline the role of the CIO. You first read about the memo on the DorobekInsider a few weeks ago… and then we got OMB’s Karen Evans to give us some details… and you can hear Evans talk about it yourself

The official memo isn’t out yet, but… we’ve obtained a draft of that memo.

After meeting with the departments and agencies regarding their Information Technology (IT) portfolio, I want to reaffirm and clarify the organizational, functional and operational governance framework required within the Executive Branch for managing and optimizing the effective use of IT. The IT governance framework addresses management structure, responsibilities and authorities of Heads of Departments and Agencies and their Chief Information Officers (CIOs) in planning, acquiring, securing, and operating and managing IT systems and assets within the agency. Please note the IT governance framework is not inclusive of all duties and responsibilities of CIOs.

Read more… and find a link to the full draft after the break…

Read the rest of this entry »

Written by cdorobek

October 20, 2008 at 5:42 PM

Posted in CIOs, Executives, OMB

Tagged with , ,