Washington, D.C. -On Wednesday, July 17, 2019, Rep. Gerry Connolly, the Chairman of the Subcommittee on Government Operations, will hold a hearing on “To the Cloud! The Cloudy Role of FedRAMP in IT Modernization."
WHERE: 2154 Rayburn House Office Building
WHEN: Wednesday, July 17, 2019
TIME: 11:00 a.m.
The hearing will broadcast here.
PURPOSE
The hearing will examine the extent to which FedRAMP has reduced duplicative efforts, inconsistencies, and cost inefficiencies associated with cloud security authorization process.
BACKGROUND
The Office of Management and Budget (OMB) established FedRAMP in December 2011 to provide joint authorizations and continuous security monitoring services for cloud services for all federal agencies.
FedRAMP seeks to provide a cost-effective, risk-based approach for the adoption and use of cloud services by standardizing security requirements for the authorization and ongoing cybersecurity assessments of cloud services for information systems.
The federal government spends roughly 80 percent of its $90 billion in IT spending on operations and maintenance of existing systems, including many legacy systems. Programs like FedRAMP are critical to accelerating the government’s adoption of modern and improved IT solutions.
The 2019 Federal Cloud Computing Strategy, CloudSmart, reported on some of FedRAMP’s challenges and the continued need for process evolution and standardization. It stated that “a lack of reciprocity across agencies when adopting FedRAMP authorizations has led to significant duplication of effort when assessing security for product deployment. In addition, a large number of agency-specific processes has made it complicated for agencies to issue an Authorization to Operate (ATO) for solutions, even when using existing authorized cloud service providers."
WITNESS
Panel One
Anil Cheriyan
Director, Technology Transformation Services
General Services Administration
Jack Wilmer
Deputy Chief Information Officer for Cybersecurity
U.S. Department of Defense
Joseph Klimavicz
Deputy Assistant Attorney General and Chief Information Officer
U.S. Department of Justice
Jose Arrieta
Chief Information Officer
U.S. Department of Health and Human Services
Panel Two
Jonathan Berroya
Senior Vice President and General Counsel
Internet Association
Douglas Barbin
Principal
Schellman & Company, LLC
Will Ackerly
Chief Technology Officer
Virtru
Lynn Martin
Vice President of Government, Education, and Healthcare
VMware
