The Wrap: Connolly’s FedRAMP Hurry-Up; Marketplace Blooming; Next FITARA Scorecard
Welcome to The Wrap for Thursday, July 11!
From the newsroom at MeriTalk, it’s the quickest read in Federal tech news. Here’s what you need to know today:
FedRAMP Hurry-Up
Rep. Gerry Connolly, D.-Va., who shepherded through Congress the FedRAMP Authorization Act approved in late 2022, said today he he’s itching to see more progress from the Office of Management and Budget (OMB) and the General Services Administration (GSA) on implementing program changes mandated by the law. To their credit, OMB has been hard at work on finalizing new program guidance, and GSA has been changing the program’s structure toward a new governing board and away from the old Joint Authorization Board (JAB). Rep. Connolly used a keynote speech at a Carahsoft FedRAMP event in D.C. today to spur quicker action. “So where are we? Well, there’s been an advisory board, there’s been a draft OMB set of guidance, but we don’t have a director of FedRAMP,” he said. “GSA wants to abolish the JAB,” he continued, adding, “Now, I’m agnostic about whether you need JAB or not, but if you abolish it, what happens to our gold standard [formerly set by the JAB], what happens to the presumption of adequacy and what replaces it, if anything, and we still don’t know that, and we don’t have final guidance from OMB.” The congressman’s bottom line: “We’re kind of in limbo right now on FedRAMP, and I think that’s not a good place to be … we want to get on with the implementation of the law we passed.”
Marketplace Blooming
On the other side of the FedRAMP coin, deputy Federal CIO Drew Myklegard offered up a compelling list of reasons to feel better about the program’s recent progress, chief among them rapid growth in the number of products offered via the FedRAMP Marketplace. That figure is approaching 400 product or service offerings, up from around 300 in April, he said, and has been driven by increased throughput of authorizations following in line with the FedRAMP codification law that Congress approved. “As far as FedRAMP, I think we’re in a really good spot,” Myklegard offered at the Carahsoft event. He said that OMB’s final guidance memo is “coming, but in a unique way of OMB working, we really tried to get out ahead of it [and] figure out what was going to work, more like the way that we build software – which is like come up with a hypothesis, build it, and then we’ll put it in a policy.” And Myklegard teased some coming good news on the FedRAMP leadership front by saying GSA has received 400 applications for the job. “We’re super excited about who they got to apply … [and] I’m super excited for when they name the next FedRAMP director,” he said.
Recommended by LinkedIn
Next FITARA Scorecard Tracking for September
If you’re a fan of the congressional FITARA Scorecard that grades major Federal agencies on progress across a range of IT categories, keep September in mind for release of the 18th edition of the scorecard. That was the planning heads-up today from Rep. Connolly, who told MeriTalk after his Carahsoft keynote that “we are planning for the September timeframe.” The congressman would not say whether the upcoming scorecard will feature any new or changed grading categories but did reiterate his aim to add to the scorecard a category related to compliance with the revamped FedRAMP program. Stay tuned…
DoD Taking More Time on NBIS Tech
The Pentagon needs another month to determine the future development strategy for its IT systems that support background investigations performed across the entire Federal government by the agency’s Defense Counterintelligence and Security Agency (DCSA) through its National Background Investigation Service (NBIS), a top Defense Department (DoD) official told lawmakers on Wednesday. NBIS and its underlying tech systems popped back into the news last month when the Government Accountability Office (GAO) flagged the need for improved cybersecurity oversight processes to mitigate security risks posed by NBIS’ outdated and developing IT systems. During a Senate Intelligence Committee hearing on Wednesday, Milancy Harris, Under Secretary of Defense for Intelligence and Security, told lawmakers that the department needs another month to “re-baseline the requirements and re-do the funding model and oversight” of the NBIS modernization effort. “We are looking to make sure we can use what has been built. We are exploring exactly what needs to happen going forward to ensure we meet the full level of capability that is expected from this system,” Harris said, emphasizing that this pause does not mark a restart of the program.
Once again, let’s “call IT a day,” but we'll bring you more tomorrow. Until then please check the MeriTalk breaking news website throughout the day for the latest on government IT people, process, and policy. And finally, please hit the news tip jar [with leads, breaking news, or simply your two cents] at news@meritalk.com.