[Owasp-leaders] Call for comments: US FedRAMP process

James McGovern JMcGovern at virtusa.com
Wed Dec 15 16:49:36 EST 2010


1. Always game to help the feds :-) Let us know the time (I love Outlook calendar invites).
2. Is there anything that would prevent non-US folk from providing guidance?

James McGovern
Insurance SBU 
Virtusa Corporation
100 Northfield Drive, Suite 305 | Windsor, CT | 06095
Phone:  860 688 9900 Ext:  1037 | Facsimile:  860 688 2890  

-----Original Message-----
From: owasp-leaders-bounces at lists.owasp.org [mailto:owasp-leaders-bounces at lists.owasp.org] On Behalf Of Rex Booth
Sent: Wednesday, December 15, 2010 4:26 PM
To: owasp-leaders at lists.owasp.org; owasp-washington at lists.owasp.org
Subject: [Owasp-leaders] Call for comments: US FedRAMP process


As you may know, the US Federal government is initiating a new 
certification and accreditation process called FedRAMP.  FedRAMP is a 
program that will allow cloud-oriented services and applications to 
undergo the certification and accreditation process (now called 
Assessment and Authorization) once for the entire Federal government 
instead of once per agency.  There's a lot of buzz about this among 
private sector companies and within the agencies.

OWASP can contribute by reviewing the draft plan which includes details 
of the process as well as descriptions of the additional controls 
expected for cloud services.  Comments are due January 17, so this is a 
relatively tight turn-around.

I'll be coordinating OWASP's reply to the request for comments.  Please 
let me know if you're interested in participating and I'll include you 
in the kick-off next week.

In the meantime, more information on FedRAMP can be found at the 
following link:

OWASP-Leaders mailing list
OWASP-Leaders at lists.owasp.org

Virtusa was recently ranked and featured in 2010 Deloitte Technology Fast 500, 2010 Global Services 100, IAOP's 2010 Global Outsourcing 100 sub-list and 2010 FinTech 100 among others.


This message, including any attachments, contains confidential information intended for a specific individual and purpose, and is intended for the addressee only. Any unauthorized disclosure, use, dissemination, copying, or distribution of this message or any of its attachments or the information contained in this e-mail, or the taking of any action based on it, is strictly prohibited. If you are not the intended recipient, please notify the sender immediately by return e-mail and delete this message.


More information about the OWASP-Leaders mailing list