The General Services Administration’s Federal Risk and Authorization Management Program (FedRAMP) opened job applications for its FedRAMP Cybersecurity Service (FRCS) and is offering the first look into its consolidated rules, which are set to release next month.  […]

The General Services Administration’s Federal Risk and Authorization Management Program (FedRAMP) has officially announced its new FedRAMP Cybersecurity Service (FRCS), which is looking to hire 15 employees for two-year terms of service. […]

The Federal Risk and Authorization Management Program (FedRAMP) has authorized more than 500 cloud service offerings, marking a big milestone as the program pushes forward with its FedRAMP 20x modernization effort. […]

The General Services Administration’s (GSA) Federal Risk and Authorization Management Program (FedRAMP) is planning to publish by the end of June a “clean set” of consolidated rules for 2026. […]

Pete Waterman, the director of the Federal Risk and Authorization Management Program (FedRAMP), previewed on Thursday a new initiative he called the “FedRAMP Cybersecurity Service” as part of the federal cloud security program’s broader plans for 2026. […]

The Federal Risk and Authorization Management Program (FedRAMP) has made it mandatory for every FedRAMP-authorized cloud service provider (CSP) to maintain a working “FedRAMP Security Inbox” – a dedicated email address designed to ensure CSPs receive and quickly respond to urgent governmentwide cybersecurity communications. […]

The General Services Administration’s (GSA) Federal Risk and Authorization Management Program (FedRAMP) has named three cloud services that will be participating in the first cohort of the Phase Two pilot recently launched as part of the FedRAMP 20x initiative. […]

Two Virginia lawmakers are pushing to revive the government’s most influential IT oversight tools, warning that meaningful federal tech modernization won’t happen without a modernized FITARA Scorecard and a fully funded FedRAMP program. […]

The Federal Risk and Authorization Management Program (FedRAMP) is requiring FedRAMP authorized cloud service providers (CSPs) to identify and report all Cisco Adaptive Security Appliances (ASA) platforms, following the issuance of an emergency directive by the Cybersecurity and Infrastructure Security Agency (CISA) last week. […]

Federal Chief Information Officer (CIO) Greg Barbaccia said on Wednesday afternoon that the White House Office of Management and Budget (OMB) is “fully committed” to the General Services Administration’s (GSA) FedRAMP 20x revamp. […]

The General Services Administration (GSA) officially unveiled the Federal Risk and Authorization Management Program (FedRAMP) 20x Phase Two pilot on Wednesday afternoon, following the successful completion of Phase One last month. […]

As the Federal Risk and Authorization Management Program (FedRAMP) gears up for its 20x Phase Two pilot, it released this week two new requests for comment (RFC) and a new Vulnerability Detection and Response (VDR) Standard. […]

The General Services Administration (GSA) announced today that its Federal Risk and Authorization Management Program (FedRAMP) has already approved more than twice as many cloud security authorizations in fiscal year (FY) 2025 as it did in all of FY 2024. […]

The General Services Administration’s (GSA) FedRAMP 20x initiative has announced its first four authorizations since the 20x revamp effort was unveiled on March 24. […]

Officials with the General Services Administration’s (GSA) Federal Risk and Authorization Management Program (FedRAMP) said on June 11 that they envision rapid progress through the rest of this year on several pilots that are aiming to harness automation to speed FedRAMP’s ability to approve cloud-based service offerings for government agency use. […]

The Federal Risk and Authorization Management Program (FedRAMP) said today it has received the first draft versions from industry organizations of the submissions they plan to make by later this month in response to the program’s FedRAMP 20x Phase One pilot. […]

Officials with the Federal Risk and Authorization Management Program (FedRAMP) are asking industry to submit draft versions of their planned submissions for the FedRAMP 20x Phase One pilot between May 19 and May 26. […]

The Federal Risk and Authorization Management Program (FedRAMP) issued a call on May 9 for public comments on a proposed update to its continuous monitoring reporting rules. […]

Officials with the Federal Risk and Authorization Management Program (FedRAMP) are urging industry players to move quickly in preparing their submissions for the FedRAMP 20x Phase One pilot that the program detailed in a blog post last week. […]

The Federal Risk and Authorization Management Program (FedRAMP) is working on proposed changes to current continuous monitoring reporting standards and data repository standards and expects to release draft versions of those proposed changes in the May-July time frame. […]

The Federal Risk and Authorization Management Program (FedRAMP) issued calls for comment today on three significant program changes as part of the FedRAMP 20x program revamp announced last month by the General Services Administration (GSA), which runs the program. […]

The Federal Risk and Authorization Management Program’s (FedRAMP) Applying Existing Frameworks Working Group reported on April 22 that it has been gathering initial input on ways to maximize the program’s use of existing commercial security frameworks, and is drilling further down into that topic by posing questions about machine-readable formats and shared commercial-Federal framework environments. […]

The Federal Risk and Authorization Management Program’s (FedRAMP) Program Management Office (PMO) is in the process of drafting a standard for low-impact key security indicators (KSIs) as part of ongoing work on the program’s “20x” revamp unveiled on March 24. […]

The Federal Risk and Authorization Management Program (FedRAMP) held a kick-off meeting on Thursday for its new Continuous Reporting Community Working Group, which will look to leverage automation to support a future state where ongoing risk monitoring is enforced, validated, and reported continuously. […]

The Federal Risk and Authorization Management Program (FedRAMP) is aiming to maximize its use of existing commercial security frameworks and reduce redundant documentation requirements as part of its “20x” program revamp, program officials said today. […]

The Federal Risk and Authorization Management Program (FedRAMP) today kicked off a public working group that will explore the possibility of creating key security indicators (KSIs) that could help the program more rapidly evaluate the security of cloud services. […]

Officials with the Federal Risk and Authorization Management Program (FedRAMP) explained today that the program plans to unwind its historical role of providing continuous monitoring for cloud services authorized by FedRAMP following sharp cuts to the program’s workforce. […]

The General Services Administration’s (GSA) Federal Risk and Authorization Management Program (FedRAMP) plans to clear its agency authorization backlog by the end of April and launch new community working groups to speed the program into its next chapter. […]

The General Services Administration (GSA) today unveiled its plans to revamp the Federal Risk and Authorization Management Program (FedRAMP) with a heavy focus on automation to speed the approval process for secure cloud services used by the Federal government. […]

The General Services Administration (GSA) is set on Monday to unveil its plan to revamp how the Federal Risk and Authorization Management Program (FedRAMP) operates with a goal of increasing the pace of authorizations, leaving sources familiar with the program wondering how that end will be achieved with recent cuts to the FedRAMP workforce.    […]