The FedRAMP Authorization Act sponsored by Rep. Gerry Connolly, D-Va., has been nearly four years in the making without crossing the goal line. But after the House approved the bill earlier this year, Rep. Connolly said today that the House is “working in lockstep” with Senate colleagues to hopefully pass the bill in 2021.
“While this has been a long journey, I’m happy to say that with new leadership in the Senate, we’re now working in lockstep with our colleagues over there to try and finally get this bill on a markup in the Senate or attached to this year’s National Defense Authorization Act,” Rep. Connolly said today during a GovForward event.
The FedRAMP Authorization Act was the first bill on the floor of the House of Representatives in the 117th Congress, and it passed unanimously. However, the measure has yet to gain much traction in the Senate. The House-approved bill was sent to the Senate in early January, and referred to the Senate Homeland Security and Governmental Affairs Committee.
Rep. Connolly noted the legislation is the product of years of working with the General Services Administration (GSA), Office of Management and Budget, industry stakeholders, and his colleagues on the other side of the aisle to ensure the bill “makes needed improvements to the FedRAMP program, and gives the program flexibility to grow and adapt to myriad future changes in cloud technologies.”
“This bill is essential, and will demonstrate a universal commitment to FedRAMP and the accelerated adoption of secure cloud computing technologies – a vital component of the broader Federal IT modernization effort,” Rep. Connolly said during the event.
Specifically, the bill would reduce duplication of security assessments and avoid unnecessary costs by establishing a “presumption of adequacy for cloud technologies that have already received FedRAMP certification,” Rep. Connolly said.
“Service providers will no longer have to start from scratch at each and every Federal agency to demonstrate the viability of their products and services,” he explained. “The bill would also facilitate agency reuse of cloud technologies that have already received an authorization to operate by requiring agencies to check a centralized and secure repository and to the extent practicable, reuse any existing assessment before conducting an independent one of their own.”
Additionally, the bill would require GSA to automate security assessments and reviews. It would also establish a Federal Secure Cloud Advisory Committee “for effective and ongoing coordination in acquisition and adoption of cloud products by the Federal government.”
Finally, Connolly said the bill would authorize $20 million annually for the FedRAMP program, which would go towards resources to increase the number of secure cloud technologies.
“This bill supports a critical need to keep our nation’s information secure in cloud environments,” Rep. Connolly said. “It’s an improvement for agencies, for our private sector partners, and for taxpayers.”