Agency IT managers welcome FedRAMP changes

Cloud computing icon

"I'm excited about FedRAMP Ready, NASA's Roopangi Kadakia said, referring to the just-announced changes to the Federal Risk and Authorization Management Program.

Kadakia's excitement -- about plans to move away from the slow, documentation-driven current approach and put cloud services through a readiness capabilities assessment at the front end of the process -- was shared by several other federal IT managers FCW asked about the new processes unveiled by the General Services Administration on March 28.

At that March 28 announcement, FedRAMP Director Matt Goodrich said cloud services providers should be able to complete that initial assessment in less than a month. Final approvals by FedRAMP's Joint Authorization Board are expected to come much faster as well, but Goodrich said this improved FedRAMP Ready designation would give CSPs and federal agencies alike a clear signal that a given cloud service is on the path for FedRAMP authorization.

Kadakia, the web services executive in NASA's CIO office, spoke at a March 30 FCW event on the barriers to cloud adoption that agencies must overcome. She said the new review process, and especially the preliminary security assessment, would be an important improvement for implementing software-as-a-service, cloud-based systems federal agencies are increasingly implementing.

"An SaaS company may come in and you have no idea of their security posture, which is a very important piece of their service," she said. Under the new review process, Kodakia said, her agency would have more immediate proof with the up-front assessment, rather than having to slog through thousands of pages of documentation that may or may not accurately describe the actual controls.

"From an agency perspective, I don't need to re-do a deep dive on their security plan," she said.

Other federal IT executives at the same event agreed. "GSA gets it," said Securities and Exchange Commission Branch Chief Michael Fairless. The proposed review process that is now out for public comment "ultimately allows us to get [cloud] to our customers faster."

"Better, faster is the key," said Robert Vietmeyer, the Defense Department's associate director for cloud computing and agile development in the Office of the CIO. The new process, he said, shows cloud service providers are maturing in their offerings and federal government agencies are getting better at cloud services.

About the Author

Mark Rockwell is a senior staff writer at FCW, whose beat focuses on acquisition, the Department of Homeland Security and the Department of Energy.

Before joining FCW, Rockwell was Washington correspondent for Government Security News, where he covered all aspects of homeland security from IT to detection dogs and border security. Over the last 25 years in Washington as a reporter, editor and correspondent, he has covered an increasingly wide array of high-tech issues for publications like Communications Week, Internet Week, Fiber Optics News, magazine and Wireless Week.

Rockwell received a Jesse H. Neal Award for his work covering telecommunications issues, and is a graduate of James Madison University.

Click here for previous articles by Rockwell. Contact him at or follow him on Twitter at @MRockwell4.


  • Comment
    Pilot Class. The author and Barbie Flowers are first row third and second from right, respectively.

    How VA is disrupting tech delivery

    A former Digital Service specialist at the Department of Veterans Affairs explains efforts to transition government from a legacy "project" approach to a more user-centered "product" method.

  • Cloud
    cloud migration

    DHS cloud push comes with complications

    A pressing data center closure schedule and an ensuing scramble to move applications means that some Homeland Security components might need more than one hop to get to the cloud.

  • Comment
    Blue Signage and logo of the U.S. Department of Veterans Affairs

    Doing digital differently at VA

    The Department of Veterans Affairs CIO explains why digital transformation is not optional.

Stay Connected


Sign up for our newsletter.

I agree to this site's Privacy Policy.