Loren Data's SAM Daily™

 fbodaily.com
Home Today's SAM Search Archives Numbered Notes CBD Archives Subscribe
FBO DAILY ISSUE OF JUNE 06, 2012 FBO #3847
SOURCES SOUGHT

D -- Federal Risk and Authorization Management Program (FedRAMP) application invitation

Notice Date
6/4/2012
 
Notice Type
Sources Sought
 
NAICS
541519 — Other Computer Related Services
 
Contracting Office
General Services Administration, Federal Acquisition Service (FAS), ITS Office of Acquisition Operations (QTA), 10304 Eaton Place, 4B19, Fairfax, Virginia, 22030, United States
 
ZIP Code
22030
 
Solicitation Number
QTABR001
 
Point of Contact
Matt Goodrich, Phone: Matt Goodrich 202-208-1303
 
E-Mail Address
matt.goodrich@gsa.gov
(matt.goodrich@gsa.gov)
 
Small Business Set-Aside
N/A
 
Description
The purpose of this announcement is to invite cloud service providers (CSP), both commercial and government, to apply to the Federal Risk and Authorization Management Program (FedRAMP), starting June 6, 2012. The Federal Risk and Authorization Management Program (FedRAMP) will begin to accept applications from Cloud Service Providers for the security assessment process on an on-going basis starting June 6, 2012. FedRAMP is a unified government-wide risk management program focused on security for cloud-based systems. FedRAMP provides a standard approach for conducting security assessments of cloud systems based on an accepted set of security controls and consistent processes. Per OMB policy, agencies acquiring cloud services are required to use FedRAMP. The FedRAMP controls and processes create a standardized approach for agencies to leverage security assessments for cloud services. This "approve once, and use many" approach will benefit CSPs by speeding the adoption of cloud services by agencies and reducing the cost and time required to conduct redundant, individual agency security assessments. How to Apply: The FedRAMP application form will be posted on fedramp.gov on June 6, 2012. To apply, complete the FedRAMP application form at http://www.FedRAMP.gov. To access the form, click the CSP icon or select Cloud Service Providers from the left-hand navigation, then click on the "Apply" icon. Questions about applying to FedRAMP should be sent to info@fedramp.gov. In preparation for applying to FedRAMP, gather the following information before completing the request form: • Points of contact (Primary, secondary, back-up) •· System name and owner •· Brief description of the service proved by the system •· Cloud service model (IaaS, PaaS, SaaS) •· Cloud Deployment Model (public, private, hybrid, community) •· Expected Security Impact Level (Low, Moderate) •· The desired level of authorization: •o CSP Supplied: A CSP supplies an assessment package without an agency ATO, the assessment must have used a FedRAMP-accredited 3PAO •o Agency ATO: A CSP or Agency supplies an assessment package that has an Agency ATO but did not use a FedRAMP-accredited 3PAO •o Agency ATO with FedRAMP 3PAO: A CSP or Agency supplies an assessment package that has an Agency ATO and used a FedRAMP-accredited 3PAO •o FedRAMP JAB Provisional Authorization: A CSP or Agency is requesting FedRAMP to begin the assessment and authorization process for a provisional authorization from the JAB •· If the system previously received an Agency ATO: •o Provide issuing agency name, agency POC, and date ATO was issued •· If a FedRAMP accredited 3PAO previously assessed the system: •o Provide the 3PAO name and 3PAO POC information Before applying to FedRAMP, CSPs should review the FedRAMP process, requirements and templates and research selecting a FedRAMP accredited Third Party Assessment Organization (3PAO). To download templates, access information about FedRAMP, and view a list of FedRAMP accredited 3PAOs, go to http://www.FedRAMP.gov and select Cloud Service Provider. After receiving the initial applications, the FedRAMP program management office (PMO) will develop a queue order in which FedRAMP resources will review authorization packages. Applications will be placed in the queue based on meeting the objective to assess and authorize cloud systems that can be leveraged government-wide. In order to accomplish this, FedRAMP will follow the priority queue requirements as identified by the Joint Authorization Board. FedRAMP will prioritize secure Infrastructure as a Service (IaaS) solutions, contract vehicles for commodity services, and shared services in alignment with the Administration's 'Cloud First' policy as discussed in the '25 Point Implementation Plan to Reform Federal Information Technology Management'. CSPs should send questions about FedRAMP and the application process to info@fedramp.gov. DO NOT CALL THE CONTRACTING OFFICER (Ben Reed) LISTED AT THE BOTTOM OF THIS NOTICE. The above email address and contact personnel will constitute your contact point for this effort. FAQs are posted at www.FedRAMP.gov
 
Web Link
FBO.gov Permalink
(https://www.fbo.gov/notices/16bb843b947c3586d25407ca0e599507)
 
Record
SN02765771-W 20120606/120604235648-16bb843b947c3586d25407ca0e599507 (fbodaily.com)
 
Source
FedBizOpps Link to This Notice
(may not be valid after Archive Date)
FSG Index  |  This Issue's Index  |  Today's FBO Daily Index Page |
ECGrid: EDI VAN Interconnect ECGridOS: EDI Web Services Interconnect API Government Data Publications CBDDisk Subscribers
 Privacy Policy  Jenny in Wanderland!  © 1994-2024, Loren Data Corp.