The General Services Administration (GSA) on Tuesday released the FedRAMP Readiness Assessment Report (RAR), a template that allows cloud service providers (CSP) to quickly determine whether they are ready to pursue FedRAMP authorization.
“CSPs whose RAR is approved by the FedRAMP PMO are deemed ‘FedRAMP Ready’ in the FedRAMP marketplace. A FedRAMP Ready designation indicates that a CSP is likely to attain a Provisional Authorization to Operate (P-ATO) via the Joint Authorization Board (JAB) or an Authorization to Operate (ATO) by an Agency,” Matt Goodrich, FedRAMP director, wrote in the press release. “The RAR focuses on key capabilities rather than documentation, enabling 3PAOs [third-party assessment organizations] to assess a CSP’s system in a shorter amount of time and giving the government a clearer understanding of a provider’s technical capabilities up-front in the assessment process.”
This version of the RAR is said to reflect industry feedback, which was received in a vetting period in March 2016.
“The RAR is one of several changes introduced by FedRAMP Accelerated to reduce the cost and effort for both CSPs and the Federal government,” Goodrich wrote.