Congressional lawmakers have bundled legislation to reform the FedRAMP cybersecurity authorization program for cloud vendors into the National Defense Authorization Act.
The previously drafted bill was included in section 5921 of the NDAA, which was released Tuesday evening by the House and Senate Armed Services Committees.
It comes after the legislation was hotlined in the Senate as part of an effort led by Sen. Peter, D-MI. The latest iteration of the Federal Risk and Authorization Management Program (FedRAMP) bill passed the House in September after being an uphill battle for almost six years led by Rep. Gerry Connolly, D-Va.
Late last month, FedScoop reported that the legislation had gained momentum in Congress and was likely to pass the upper chamber in the coming weeks.
One of the most consequential aspects of the FedRAMP reform bill is a “presumption of adequacy” clause, which would allow FedRAMP-authorized tools to be used in an agency without additional oversight or verification.
FedRAMP is a crucial cybersecurity certification that cloud service providers must obtain prior to working with U.S. government data.
The House is first expected to vote and p ..
Support the originator by clicking the read the rest link below.
