Two members of a government operations subcommittee have introduced legislation that would revamp the Federal Risk and Authorization Management Program process and make it easier for agencies to refresh their outdated IT systems and processes.
Reps. Gerry Connolly, chairman of the Subcommittee on Government Operations, and Mark Meadows, ranking member of the same subcommittee, introduced the Federal Risk and Authorization Management Program Authorization Act. The legislation highlights seven actions, including codifying FedRAMP, addressing agency compliance challenges, providing funding for the FedRAMP Project Management Office and Joint Authorization Board, and creating new metrics for implementation.
Established in 2011 to standardize security requirements of cloud services used by the government, FedRAMP leaves much to be desired, according to the congressmen. It “continues to suffer from a lack of agency buy in, a lack of metrics, and duplicative processes that have resulted in a lengthy and costly authorization process for cloud service providers,” Connolly said in a release.
“Our bipartisan bill will streamline the FedRAMP process and reduce the redundancies in federal cloud migration, so federal agencies can modernize their IT and realize cost-efficiencies,” he added.