David McClure, Associate Administrator at GSA’s Office of Citizen Services and Innovative Technologies, announced at the AFFIRM event on April 13th that the third party assessment organizations (3PAOs) will be announced in May 2012.
This is a major step for FedRAMP, which will start the process for cloud service providers to obtain the provisional authorizations. These 3PAOs are an important part of the FedRAMP process, because they will be validating the cyber security control requirements for service providers. While the review is being handled mainly by DHS and GSA, the entire Joint Authorization Board (JAB) will have the final say on who will be a 3PAO. The JAB consists of the Chief Information Officers from GSA, DHS, and DOD. Department of Homeland Security Chief Information Officer, Richard Spires, said that once the 3PAO’s are picked in May, he expects the program to take-off in June of this year.
While FedRAMP will mandate the minimum level of security requirements, Casey Coleman, GSA Chief Information Officer, wanted to clarify that even with the FedRAMP program, meeting FISMA security requirements is still mandatory. With the FedRAMP program starting to pick-up speed, this is a good sign that the government cloud computing era is upon us.
About Kevin Lancaster
Kevin Lancaster leads Winvale’s corporate growth strategies in both the commercial and government markets. He develops and drives solutions to meet Winvale’s business goals while enabling an operating model to help staff identify and respond to emerging trends that affect both Winvale and the clients it serves. He is integrally involved in all aspects of managing the firm’s operations and workforce, leading efforts to improve productivity, profitability, and customer satisfaction.
Connect with Kevin Lancaster
1110 Vermont Avenue, NW, Suite 930
Washington, DC 20005