Industry and federal agency stakeholders looking to submit their two cents on the Federal Risk and Authorization Management Program’s new cloud solution have a little time to collect their thoughts.
FedRAMP said on March 13 that it was extending the public comment period for the baseline of its proposed software-as-a-service cloud solution, FedRAMP Tailored, until April 24.
“By providing your thoughts and input on our new baseline, you are helping to ensure that FedRAMP Tailored meets the needs of both agencies and industry,” said FedRAMP’s program management office in an email.
The General Service Administration’s cloud program assessment and authorization office announced the baseline for its new strictly low-risk SaaS service on Feb. 16, providing stakeholders until March 17 to provide feedback on its baseline, which provided vendors with “the minimum set of security control requirements.”
FedRAMP Tailored has been anticipated since last fall, when officials signaled their plans to roll out the service in 2017 to make it easier for vendors to get their low-risk SaaS products authorized through the FedRAMP process.
Services provided on FedRAMP Tailored must meet the Federal Information Processing Standards 199 Publication requirement for a low-security-impact as well as provide services without collecting personally identifiable information and be authorized in an existing FedRAMP-authorized infrastructure.
FedRAMP officials said that industry and agency officials asked for the deadline extension, providing them with more than a month to submit additional feedback.
“Additionally, we hope this time will spark a deeper dialogue among comments on FedRAMP Tailored,” the PMO office said.
Stakeholders can comment on
the FedRAMP Tailored webpage
or email questions to