The Federal Risk and Authorization Management Program (FedRAMP) office has been hard at work refining the draft for its high impact baseline — a set of standards to ensure cloud service providers meet minimum security requirements before housing highly sensitive data — and has released a final draft for public comment.

Download: Comment template for draft high impact baseline

The program office issued the first draft back in March and brought together a team of stakeholders from across the federal government this fall to break down the responses and tweak the controls. Now, officials are giving agencies and vendors one last chance to weigh in on the draft before moving forward.

Once the high baseline is finalized, CSPs will be able to get certified to handle sensitive data like personal health information and law enforcement data.

"The high impact systems are about 50/50 between civilian agencies and DoD and VA, making the high baseline incredibly important," FedRAMP Director Matt Goodrich explained after releasing the first draft. "There has been significant teaming and communications among the key federal players with high impact systems in order to align needs, ensure there is demand and realize the benefits of cloud and FedRAMP."

A post on FedRAMP.gov outlines the kind of responses the PMO is looking for and how they should be submitted.

About Aaron Boyd

Aaron Boyd is an awarding-winning journalist currently serving as editor of Federal Times — a Washington, D.C. institution covering federal workforce and contracting for more than 50 years — and Fifth Domain — a news and information hub focused on cybersecurity and cyberwar from a civilian, military and international perspective.

Share:
In Other News
Load More