[Federal Register Volume 88, Number 207 (Friday, October 27, 2023)]
[Notices]
[Page 73878]
From the Federal Register Online via the Government Publishing Office [www.gpo.gov]
[FR Doc No: 2023-23839]


=======================================================================
-----------------------------------------------------------------------

OFFICE OF MANAGEMENT AND BUDGET


Request for Comments on Updated Guidance for Modernizing the 
Federal Risk Authorization Management Program (FedRAMP)

AGENCY: Office of Management and Budget.

ACTION: Notice of public comment period.

-----------------------------------------------------------------------

SUMMARY: The Office of Management and Budget (OMB) is seeking public 
comment on a proposed memorandum titled, Modernizing the Federal Risk 
Authorization Management Program (FedRAMP).

DATES: The public comment period begins on October 27, 2023, and ends 
November 27, 2023.

ADDRESSES: The proposed memorandum is available at https://www.cio.gov/policies-and-priorities/FedRAMP/.
    Submission of comments is voluntary. Please submit comments via 
https://www.regulations.gov, a Federal website that allows the public 
to find, review, and submit comments on documents that agencies have 
published in the Federal Register and that are open for comment. Simply 
type ``OMB-2023-0021'' in the search box, click ``Search,'' click the 
``Comment'' button underneath ``Request for Comments on Proposed 
Guidance for Modernizing the Federal Risk Authorization Management 
Program (FedRAMP),'' and follow the instructions for submitting 
comments. All comments received will be posted to https://www.regulations.gov, so commenters should not include information they 
do not wish to be posted (e.g., personal or confidential business 
information). Additionally, the OMB System of Records Notice, OMB 
Public Input System of Records, OMB/INPUT/01 includes a list of routine 
uses associated with the collection of this information.

FOR FURTHER INFORMATION CONTACT: Carol Bales, OMB, at 202.395.9915 or 
[email protected] or Eric Mill, at 202.881.7182 or 
[email protected].

SUPPLEMENTARY INFORMATION: The Office of Management and Budget (OMB) 
proposes to issue updated guidance to Federal agencies on the Federal 
Risk Authorization Management Program (FedRAMP). In December 2011, OMB 
issued Security Authorization of Information Systems in Cloud Computing 
Environments, establishing the Federal Risk Authorization Management 
Program to accelerate the secure adoption of cloud services. In 2022, 
recognizing the value that FedRAMP has provided to Federal agencies and 
to industry, Congress established FedRAMP in statute through the 
FedRAMP Authorization Act (``the Act''), 44 U.S.C. 3607-3616, as a 
program of the General Services Administration (GSA) that is overseen 
by a Board consisting of technology leaders drawn from Federal 
agencies.
    The Act further provides for OMB to issue guidance to define the 
categories of cloud products and services within the scope of the 
FedRAMP program and to describe additional responsibilities of the 
FedRAMP Program Management Office (PMO) and Board beyond those assigned 
by the Act. OMB also has a general responsibility under the Act to 
oversee the effectiveness of FedRAMP and to encourage consistency in 
agencies' adoption and use of secure cloud services.
    The proposed memorandum would support the Biden-Harris 
Administration's goals for modernizing Federal information technology 
and has been prepared by the Office of Management and Budget in 
consultation with key stakeholders.

Clare Martorana,
Federal Chief Information Officer, Office of the Federal Chief 
Information Officer, Office of Management Budget.
[FR Doc. 2023-23839 Filed 10-26-23; 8:45 am]
BILLING CODE 3110-05-P