Brian Conrad, acting director of the General Services Administration’s (GSA) Federal Risk and Authorization Management Program (FedRAMP), pointed to the program’s service re-use progress over the past year at an Oct. 20 ATARC event, including a 60 percent jump in re-use by Federal agencies of approved cloud services over the past year.
The 11-year-old FedRAMP program is administered by GSA and provides a standardized, government-wide approach to security assessment, authorization, and continuous monitoring for cloud products and services used by Federal government agencies.
Conrad, who has run the program for the past two years, focused on growth metrics during his remarks, particularly on the re-use front. In previous talks about FedRAMP’s progress, Conrad has emphasized that the value proposition of the program is “authorize once, and use many times.”
The year-over-year figure on Federal agency re-uses of FedRAMP-approved services was eye-catching.
“The big number that I want to stick with you today is the number 4,607,” Conrad said. “That is the total number of reuses, or total number of instances of reuse, that our cloud products have had in total since the beginning of the program.”
“Just to give you a little context, that’s 60 percent higher than the number of last year,” he said. “So you can see the value of FedRAMP paid off through the amount of reuse that we’re getting across the board.”
Conrad said that the program has authorized a total of 282 cloud service offerings in the FedRAMP marketplace, up from a figure of 276 that he stated in August. He added that there are “several dozen” additional service authorizations that are in process.