The U.S. Office of Management and Budget (OMB) has been working with a number of other government agencies, including the Department of Defense and Department of Homeland Security, to develop the Federal Risk and Authorization Management Program (FedRAMP
), a program designed to standardize cloud security, controls, and policies across all government agencies. Now, the guidelines are written in proverbial stone with a memorandum from the Federal CIO to all agency CIOs.
A cio.gov press release on the memorandum said, “Currently the Federal government suffers from duplicative, inconsistent, time consuming, costly, and inefficient cloud security risk management approaches.”
Eisnehower Executive Office Building in Washington, D.C., home of the OMB
Although one could swap out “cloud security risk management” and swap in any number of governmental programs and tasks without altering the veracity of the statement, the federal government is getting things in order on the cloud front, at least. Over the coming months, agencies will receive all the necessary details and support.
FedRAMP is a good thing for the U.S. government. Whatever your views are on cloud computing in general, it’s here to stay, and extremely important government agencies are using it. Having a unified set of cloud standards, policies, rules, and other guidelines will make the government safer and more efficient than it is today.