For the past six months, the CIO Council's Cloud TIC Interagency Working Group has been working with cloud service providers to determine how to best meet the FedRAMP TIC overlay capability requirements.
In September 2014, the Government Accountability Office found that seven major agencies collectively doubled the percentage of their IT budgets for cloud computing services from 1 to 2 percent from fiscal years 2012 to 2014.
The government solutions company is leading the integration effort that will help the agency take advantage of cloud computing services.
The General Service Administration reports that 82 percent of cloud implementations in the federal government are now covered by a security authorization through the Federal Risk and Authorization Management Program, or FedRAMP.
A resource library full of information technology reporting and action requirements for federal agencies is now available to federal chief information officers.
"Vastly, what we're seeing across the government is the realization that they've had a chance to input into those baselines – and it is a lot of controls, I won't deny that either – but you are actually going through and doing all of those controls versus agencies haven't been going through and doing those controls themselves," said Matt Goodrich, FedRAMP director.
Despite the General Services Administration's efforts to provide agencies with tools that support the acquisition of cloud computing technologies, there's a growing demand for neutral facilitators, or "cloud brokers," to walk agencies through the selection of a cloud vendor.
While the report said that most agencies are "fence sitters," there are those who are unwilling or hesitant to move to the cloud because these "box huggers...fear loss of control and getting blamed for failure."
The National Institute of Standards and Technology is working on new guidance that will address the distribution and placement of security controls for cloud computing environments.
The Federal Risk and Authorization Management Program aims to accelerate the authorization of cloud computing technologies across the federal government, but instead of one more federal IT security mandate agencies must comply with, FedRAMP Director Matt Goodrich says the program has a unique role to streamline security processes across several initiatives.