FedRAMP is coming. Soon.
Chief Information Officer Council Vice Chairman and Department of Homeland Security CIO Richard Spires said this morning that FedRAMP, the Federal Risk and Authorization Management Program that was announced nearly a year and a half ago, is gaining momentum and could become a reality in the near future.
Spires said low and moderate FISMA controls and is still working on policy.
“We’ve got people lined up and we’re poised to go,” Spires said at the The American Council for Technology – Industry Advisory Council Executive Leadership Conference in Williamsburg, Va. “We need to get through some policy stuff, obviously, but we’ve made real progress.”
Spires spoke on a panel with Federal Deputy CIO Lisa Schlosser and Department of Defense Assistant Deputy Chief Management Officer Dave Wennergren.
FedRAMP would provide joint authorizations and continuous security monitoring of shared IT services for federal departments and agencies that enter contracts with outside providers, including those offering cloud computing solutions. It is widely believed it would greatly increase the government’s use of cloud-computing solutions.
Notes from the panel discussion:
- Schlosser: “The one word I’d use to describe [Federal CIO] Steve VanRoekel is ‘collaborative.'” She continued, “He is very interested to hear your thoughts on where government can go.”
- Spires added that the CIO Council wants to take the next step in collaboration to create a collaborative capability that will allow IT professionals to form groups and post thoughts on different subject areas that overtime can really bubble up the best practices.
- Spires said the CIO Council is going to resume doing off-site conferences this December to more deeply discuss ideas and “get to know one another again.”
- Wennergren said DoD has iPads that employees can’t connect to anything within the agency, earning them to the title of WhyPads.
- Schlosser said the government is always looking to maximize return on investment and that cuts should be made smartly with efficiencies in mind. One area is using interagency commodity IT services to save money that can be used for innovation. “How can we overcome these stovepipes to better invest?” she said.
- Former Department of Transportation CIO Dan Matthews suggested starting a CIO Council should have a sub council of agencies with a large information technology spend like the IRS and the FBI.
- Wennergren: “We pay a huge cost in money and time every time we enter into a low trust relationship.”