The current federal security authorization process can be a time-consuming, complicated procedure prone to manual activity errors, so the government is identifying ways automation could help.
In a recent
request for information
the General Services Administration has asked the private sector for already existing commercially available products and practices that could improve any portion of the Authority to Operate process and other security authorization processes governmentwide, as well as support federal priorities such as the Department of Homeland Security's Continuous Diagnostics and Mitigation and Ongoing Authorization programs.
The effort — a collaboration between GSA, the Federal Risk and Authorization Management Program, the Office of American Innovation and the American Technology Council — seeks to reduce the toils of the security authorization process, decrease the risk for human error, increase processing speed, and increase value-add of machine-readable data for improving risk management.
Information feed to the OAI by the RFI could be incorporated into white papers on process streamlining and risk mitigation distributed to agencies, or could result in vendors with available tools being asked for demonstrations by GSA and the Office of Management and Budget.
Responses are due July 25 by 5 p.m. EST.