GSA to privatize 3PAO accreditation process in FedRAMP


The General Services Administration says it will turn over to the private sector the process of certifying new organizations that certify private sector cloud computer offerings for federal use.

In a Feb. 15 request for information, GSA says the change occurs as FedRAMP, the GSA-run program that checks whether company cloud offerings meet minimal federal security requirements, reaches full operational capability.

Under FedRAMP, companies gain a provisional authorization to operate on federal networks from a third party assessment organization, known in GSA-speak as a 3PAO. GSA itself has certified 3PAOs, but says it now plans to privatize the 3PAO accreditation process, too.

For more:
- go to the GSA 3PAO privatization RFI

Related Articles:
First FedRAMP provisional cloud security authorization goes to N.C. small business
GSA officials discuss nuts and bolts of FedRAMP implementation
FedRAMP begins application process