Allen Lum, Director of Information Technology Risk, will be speaking at New York Cloud Computing Alliance on February 23, 2012 regarding the Federal Risk and Authorization Management Program and Federal Cloud initiatives.
About the event:
Over the past two years the Federal Government has been looking for ways to reduce the cost of government. One of the solutions advocated is the adoption or the movement by the Federal Agencies of its computing processing and major applications to the cloud. The US General Services Administration has established the Federal Risk and Authorization Management Program (FedRAMP) which is a government-wide program that provides a standardized approach to security assessment, authorization, and continuous monitoring for cloud products and services.
This one hour presentation will focus in on the Federal Cloud Initiative and the use of FedRAMP to coordinate and accelerate the adoption of secure cloud solutions. We will cover the agency responsibilities and the integration of various security standards such as NIST into the overall cloud security requirements. In addition, we will discuss the Cloud Service Providers (CSPs) requirements in providing cloud services and the Third Party Assessment Organizations (3PA0) which has been established to certify that the CSP meet the FedRAMP Cloud security requirements.