Shutdown stalled FedRAMP authorizations, GAO IT reports

Almost a week after it ended, the partial government shutdown continues to affect the federal IT community.

Companies seeking authorization under the government's standardized approach to security assessments for cloud services -- known as the Federal Risk and Authorization Management Program (FedRAMP) -- were delayed by the 16-day shutdown.

At least one company, IBM, had the date of its official FedRAMP compliance pushed back from mid-October by the shutdown, according to a company official. IBM still expects its SmartCloud for Government offering to achieve compliance, but it might take until early November.

Seven cloud providers have been granted provisional authority to operate by the FedRAMP Joint Authorization Board: Akamai, AT&T, Autonomic Resources, CGI Federal, Hewlett-Packard, Lockheed Martin and Microsoft. Amazon Web Services' GovCloud and US East/West offerings as well as the Department of Agriculture's National Information Technology Center have been granted agency authority to operate under FedRAMP by the departments of Health and Human Services and Agriculture, respectively.

The shutdown stifled a series of oversight reports by the Government Accountability Office as well, according to a GAO official.

An extensive report on PortfolioStat that had been scheduled to finish Oct. 10 has been delayed until late October. The delay was largely a product of GAO not being to gather final pieces of information and agency comments for the report because of the shutdown.

Other IT-related reports by GAO slated for October and early November have also been pushed back, including a report on the IT Dashboard and a study on the top 10 federal IT Operations and Maintenance investments. All the reports should be completed prior to Thanksgiving.