S. Rept. 117-115: Federal Secure Cloud Improvement and Jobs Act of 2021, Report of the Committee on Homeland Security and Governmental Affairs, United States Senate, to Accompany S. 3099 , Including Cost Estimate of the Congressional Budget Office, May 24, 2022 [open pdf - 515KB]
From the Document: "S. 3099, the 'Federal Secure Cloud Improvement and Jobs Act of 2021,' provides a statutory framework for the Federal Risk and Authorization Management Program (FedRAMP) to make the program more accountable and transparent and help ensure that agencies' processes of moving safely to the cloud are streamlined and efficient. As cloud computing technology continues its growth in our society and economy, it is important that federal agencies quickly, securely, and effectively adopt these capabilities to improve digital service delivery and protect against malicious foreign threats. S. 3099 would codify and reform the FedRAMP program at the General Services Administration (GSA) to ensure continuous growth in the number of cloud service providers (CSP) securely authorized in government, empower greater reuse of CSPs across agencies, and strengthen transparency measures to promote engagement and consensus recommendations from leaders in both industry and government that will accelerate cloud adoption. This bill would also ensure that CSPs and independent assessment services are protected from foreign threats by requiring additional steps to mitigate any malicious activity and increase reporting transparency to the government. S. 3099 also creates new requirements for agencies to affirmatively leverage high-quality security authorization packages rather than forcing CSPs to perform duplicative and costly work that slows agency efforts to modernize their information technology (IT). Finally, S. 3099 provides for stronger oversight authorities of agency cloud computing processes and protocols by the Office of Management and Budget (OMB) and creates a Federal Secure Cloud Advisory Committee, comprising IT and cybersecurity leaders from both industry and the public sector, to provide recommendations to the GSA Administrator for improving the FedRAMP program and the government's adoption of cloud capabilities."
S. Rept. 117-115; Senate Report 117-115
U.S. Government Publishing Office: http://www.gpo.gov/