Cloud service providers vying for authorization through the Federal Risk and Authorization Management Program will now be able to demonstrate their capabilities to agencies sooner.
FedRAMP officials at the General services Administration said this week they added a new “FedRAMP in Process” designation on the FedRAMP Marketplace website. The move, officials said, allows agencies to see what services they can procure from a CSP that is in the process of securing an authority to operate from the federal cloud authorization program.
“The revised process will help ensure that both the CSP and the Agency are actively working on a FedRAMP authorization and are committed to making the authorization happen in a timely manner,” officials said.
“One of the many best practices we learned through FedRAMP Accelerated is that it is critical for all parties involved in the authorization to be on the same page about FedRAMP requirements right from the start,” they said. “This helps ensure that an authorization can be achieved in a reasonable timeframe — as efficiently as possible for both the CSP and the agency.”
Contractors seeking a FedRAMP in Process designation will have meet certain criteria, including correspondence between the FedRAMP Program Management Office and an authorizing official that states the provider has been actively working on an ATO within the last year.
The contractor must also demonstrate one additional step for “In Process” status, such as proof of a contract award for the use of the cloud offering, proof of active use within an agency and FedRAMP Ready designation.
The FedRAMP PMO will also monitor “In Process” CSPs every four months to ensure they are progressing toward an ATO. If a CSP fails to actively pursue ATO status, officials said they will lose the “In Process” status and be removed from the marketplace.
There are 66 CSPs listed as “In Process” as of Friday.