Unofficial FedRAMP Community Collaboration

Home Forums Technology Unofficial FedRAMP Community Collaboration

This topic contains 1 reply, has 1 voice, and was last updated by  Steve Ressler 10 years, 1 month ago.

  • Author
  • #117230

    Matthew Metheny

    The FedRAMP comment submission period has recently been extended to January 17, 2011 which was extended twice – originally from December
    2, 2010 until December 17, 2010. Additionally, as noted on the site, the FedRAMP PMO expects the first pahse of FedRAMP to
    be operational by the end of the CY11 1Q (April 2011). This seems to
    suggest that the Federal Government is moving rapidly towards ratifying
    the first draft of the FedRAMP process (and requirements) for

    “Comments on the documents can be submitted using the FedRAMP online comment form. The comment period has been extended through the new year until 11:59 pm Eastern Time on Monday, January 17, 2011. Comments can be made either anonymously or by providing contact
    information, if attribution or follow up is requested. At the conclusion
    of the comment period, a joint tiger team of representatives from
    across government will review the comments for inclusion and update in
    the final documents. The first phase of FedRAMP is expected to be
    operational first quarter CY2011.”

    In the absence of a industry-based collaboration resource to address short- and long-term compliance with FedRAMP and the emerging cloud
    security standards supporting FedRAMP, One Enterprise Consulting, LLC (1ECG) has established a community-driven resource to support the adoption of the FedRAMP process and requirements.

    The Unofficial FedRAMP Community Collaboration ( offers a community-focused resource to support the Assessment and
    Authorization (A&A) of Cloud Services. In addition, you will find
    resources tailored to educating Cloud Service Providers (CSPs) on their
    roles and responsibilities and resources driven to enable CSPs to meet
    the multitude of requirements for receiving an
    authorization-to-operate (ATO) and maintaining compliance as part of
    the ongoing Continuous Monitoring Program.

  • #117232

    Steve Ressler

    Love the concept of Fedramp – any chance to do a C&A once…and count it for every agency is clutch

You must be logged in to reply to this topic.