House Government Operations Subcommittee Chairman Gerry Connolly, D-Va., said today he is looking for final congressional approval in the near term for legislation he has championed for the past several years that would codify into Federal law the General Services Administration’s Federal Risk and Authorization Management Program (FedRAMP). The program certifies the security of cloud technologies for Federal government use.
“Codifying this program into law has been a priority for me for more than five years and I look forward to its enactment soon,” the congressman said in remarks delivered at a virtual event organized by GovForward.
The House early last year voted to approve Rep. Connolly’s FedRAMP bill. The legislation would fund the program at $20 million annually and would create a “presumption of adequacy” for cloud technologies that have already received FedRAMP certification from one Federal agency so that other agencies can easily adopt them as well.
The bill also would require GSA to automate FedRAMP security assessments and reviews. And it would establish a Federal Secure Cloud Advisory Committee to coordinate the acquisition and adoption of cloud products by the Federal government.
The Senate earlier this year approved its version of FedRAMP legislation as part of a larger cybersecurity-themed package, but with differences from the House-approved FedRAMP bill.
Speaking today, Rep. Connolly said the House FedRAMP bill incorporates work “with the Office of Management and Budget, GSA, industry stakeholders, and my friends on the other side of the aisle to ensure that the bill makes needed improvements.”
“This bill is essential,” he continued. “It will demonstrate a universal commitment to FedRAMP and the accelerated adoption of secure cloud computing technologies across the Federal enterprise – a vital component of the broader federal IT modernization effort itself.”
“I look forward to the bill’s enactment finally, which I hope will happen very soon,” he said.