The Federal Risk and Authorization Management Program office has outlined its approach to incorporate the National Institute of Standards and Technology's federal information system security and privacy controls into the government's cloud computing initiative.
The FedRAMP program management office plans to create a draft of baselines, control guidelines and parameters based on the NIST Special Publication 800-53 Revision 5 and produce an implementation guide for cloud service providers, according to a Nov. 24 blog post.
PMO will then collect and use public feedback on the proposed revisions to finalize baseline updates including the open security controls assessment language.
The office created a video about Rev5 transition efforts and intends to host training and other forums to educate participants on that process.