Federal IT managers working with high-impact secure systems are being asked to join a Tiger Team to assess and refine the Federal Risk Authorization Management Program (FedRAMP) proposed high baseline.
The FedRAMP program office has been hard at work on the high security baseline — standards for securing sensitive data on commercial cloud systems — expected to be finalized before the end of the year.
Before the standards are set, the program office is asking for a group of federal employees that manage high-impact systems to spend a few days looking through comments received on the second draft document.
The Tiger Team will work out of General Services Administration headquarters from Sept. 14-18, using the public comments to suggest revisions to the high baseline before another around of commenting.
"This is not an insignificant time commitment but the input provided into this process will dramatically shape the FedRAMP program," the PMO wrote in a blog post asking for Tiger Team applicants. "It will also ensure high system owners across the USG will have input into this baseline."
Cloud service providers that obtain high impact certification will be cleared to host sensitive information like law enforcement data and health records, though the baseline will not extend to classified or national security information.
"The high impact systems are about 50/50 between civilian agencies and DOD and VA, making the high baseline incredibly important," FedRAMP Director Matt Goodrich told Federal Times when the first draft was being released. "There has been significant teaming and communications among the key federal players with high impact systems in order to align needs, ensure there is demand and realize the benefits of cloud and FedRAMP."
The Tiger Team is the next step in that engagement.
Those who are interested should email the PMO at info@FedRAMP.gov.