FedRAMP Authorization Act 2022-09-29 Passed House FedRAMP Authorization Act

This bill provides statutory authority for the Federal Risk and Authorization Management Program (FedRAMP) within the General Services Administration (GSA).

The GSA must establish a government-wide program that provides the authoritative standardized approach to security assessment and authorization for cloud computing products and services that process unclassified information used by agencies. Agencies must ensure that their cloud computing services meet GSA requirements.

The Government Accountability Office must report to Congress assessing

  • the costs incurred by agencies and cloud service providers relating to the issuance of FedRAMP authorizations,
  • the extent to which agencies have processes in place to continuously monitor the implementation of cloud computing products and services operating as federal information systems,
  • how often and for which categories of products and services agencies use FedRAMP authorizations, and
  • the unique costs and potential burdens incurred by cloud computing companies that are small business concerns as a part of the FedRAMP authorization process.

The bill establishes the Federal Secure Cloud Advisory Committee.

]]> 2022-09-22 Introduced in House FedRAMP Authorization Act

This bill provides statutory authority for the Federal Risk and Authorization Management Program (FedRAMP) within the General Services Administration (GSA).

The GSA must establish a government-wide program that provides the authoritative standardized approach to security assessment and authorization for cloud computing products and services that process unclassified information used by agencies. Agencies must ensure that their cloud computing services meet GSA requirements.

The Government Accountability Office must report to Congress assessing

  • the costs incurred by agencies and cloud service providers relating to the issuance of FedRAMP authorizations,
  • the extent to which agencies have processes in place to continuously monitor the implementation of cloud computing products and services operating as federal information systems,
  • how often and for which categories of products and services agencies use FedRAMP authorizations, and
  • the unique costs and potential burdens incurred by cloud computing companies that are small business concerns as a part of the FedRAMP authorization process.

The bill establishes the Federal Secure Cloud Advisory Committee.

]]> text/xml EN Pursuant to Title 17 Section 105 of the United States Code, this file is not subject to copyright protection and is in the public domain. Congressional Research Service, Library of Congress This file contains bill summaries for federal legislation. A bill summary describes the most significant provisions of a piece of legislation and details the effects the legislative text may have on current law and federal programs. Bill summaries are authored by the Congressional Research Service (CRS) of the Library of Congress. As stated in Public Law 91-510 (2 USC 166 (d)(6)), one of the duties of CRS is "to prepare summaries and digests of bills and resolutions of a public general nature introduced in the Senate or House of Representatives". For more information, refer to the User Guide that accompanies this file.