Tech

GSA floats training program to get ‘FedRAMP way out there’

The concept bears some resemblance to existing federal knowledge-sharing programs, like DIU's HACQer bootcamp.

May 8, 2019

(FedScoop)

The Federal Risk and Authorization Management Program (FedRAMP) office may begin offering hands-on training for federal security officials.

Leaders from the General Services Administration-based office, which is in charge of governmentwide cloud security compliance, floated the idea during a panel appearance at the Cloud Security Alliance’s federal summit Tuesday afternoon.

“We’re going to start bringing security officers into our office, give them some training on FedRAMP, radicalize them to our methodologies…” Zach Baldwin, program manager at FedRAMP, said to laughter in the room. “My wife is a terrorism analyst,” he responded, explaining his “inappropriate” word choice.

Selected security officers would “work through a FedRAMP [authority to operate] project” and then be sent back to their respective agencies, he went on. The initiative would be a “grassroots effort” to “get the FedRAMP way out there.”

The concept bears some resemblance to existing federal training and knowledge-sharing programs.

At the Defense Innovation Unit in Silicon Valley, there’s HACQer, an immersive bootcamp that gives acquisition officials from across the Department of Defense a crash course in the way DIU uses its other transaction agreement (OTA) authority to do iterative contracting. The program, which was first launched in Spring 2018, recently chose its 2019 cohort.

It’s unclear how developed the idea for a FedRAMP training program is. FedScoop has reached out to GSA for further details.

FedRAMP currently offers a number of DIY online training opportunities that aim to “provide all stakeholders with a deeper understanding of FedRAMP and the level of effort that is required to successfully complete a FedRAMP assessment.” These trainings are targeted at cloud service providers and Third Party Assessment Organizations.

A recent report by GSA’s inspector general found that FedRAMP’s program office “has not established an adequate structure comprising its mission, goals, and objectives for assisting the federal government with the adoption of secure cloud services.” This lack of a clear and concise mission, the IG argues, means the office can’t really assess its own effectiveness.

GSA floats training program to get ‘FedRAMP way out there’

More Like This

ICE pursuing privacy approvals related to controversial phone location data

House Modernization panel advances bill to improve CRS’s data access in first-ever markup

GSA taps Login.gov deputy director to take top role next month

Top Stories

DOJ seeks public input on AI use in criminal justice system

CISA’s chief data officer: Bias in AI models won’t be the same for every agency

Scientists must be empowered — not replaced — by AI, report to White House argues

404 page: the error sites of federal agencies

White House hopeful ‘more maturity’ of data collection will improve AI inventories

Generative AI could raise questions for federal records laws

Oracle approved to handle government secret-level data

More Scoops

GSA administrator: Generative AI tools will be ‘a giant help’ for government services

New FedRAMP roadmap details imminent plans for modernization

On some basic metadata practices, US government gets an ‘F,’ per new online tracker

How risky is ChatGPT? Depends which federal agency you ask

Agency FedRAMP usage increased but challenges persist, watchdog finds

Former GSA official Sonny Hashmi tapped by software company Unqork to head public sector

Ex-White House adviser to oversee cloud strategy for GSA’s Technology Transformation Services

Latest Podcasts

GSA floats training program to get ‘FedRAMP way out there’

GSA’s Login.gov platform gets a new director

DOD’s Ashley Elizabeth Evans on effectively implementing AI

DHS’ Chris Kraft on emerging trends in AI and automation

Tech

Defense

Cyber

Acquisition