FedRAMP still has some hurdles to clear, GSA's McClure says

The path toward full operational status of the Federal Risk Authorization and Management Program in 2014 won’t be without roadblocks, reports Camille Tuutti in Federal Computer Week, a sister publication to GCN.

The process of standardizing and implementing security controls for federal cloud services doesn’t come without hiccups, and the only way for agencies to move forward is through a “quick learning, slow implementation” approach, said David McClure, associate administrator in the General Services Administration’s Office of Citizen Services and Innovative Technologies.

McClure moderated an April 13 breakfast panel on FedRAMP organized by the Association for Federal Information Resources Management

“We know that throughout government, security officers will have varying interpretations of what controls are acceptable and whether you can leverage a total package or not,” McClure said. “We know that we’ll have to demonstrate the foundational element of solid evaluation, high degree of trust, and the ability to leverage."

Read the full article here.

About the Author

Connect with the GCN staff on Twitter @GCNtech.


  • automated processes (Nikolay Klimenko/Shutterstock.com)

    How the Army’s DORA bot cuts manual work for contracting professionals

    Thanks to robotic process automation, the time it takes Army contracting professionals to determine whether prospective vendors should receive a contract has been cut from an hour to just five minutes.

  • Russia prying into state, local networks

    A Russian state-sponsored advanced persistent threat actor targeting state, local, territorial and tribal government networks exfiltrated data from at least two victims.

Stay Connected