H.R. 21 · 117th Congress · House

FedRAMP Authorization Act

In Congress· Received in the Senate and Read twice and referred to the Committee on Homeland Security and Governmental Affairs.
Introduced
Jan 4, 21
Passed House
Jan 5, 21
Passed Senate
Pending
Sent to President
Pending
Signed into Law
Pending

Executive Summary

Federal Risk and Authorization Management Program Authorization Act of 2021 or the FedRAMP Authorization Act

This bill provides statutory authority for the Federal Risk and Authorization Management Program (FedRAMP) within the General Services Administration (GSA).

The GSA must establish a government-wide program that provides the authoritative standardized approach to security assessment and authorization for cloud computing products and services that process unclassified information used by agencies. Agencies must ensure that their cloud computing services meet GSA requirements.

The bill establishes the Joint Authorization Board to conduct security assessments of cloud computing services and issue provisional authorizations to operate to cloud service providers that meet FedRAMP security guidelines.

The GSA shall (1) publish a report that includes an assessment of the cost incurred by agencies and cloud service providers related to the issuance of FedRAMP authorizations and provisional authorizations, (2) determine the requirements for certification of independent assessment organizations, and (3) establish the Federal Secure Cloud Advisory Committee.

Previous Versions

00Jan 4, 2021

Federal Risk and Authorization Management Program Authorization Act of 2021 or the FedRAMP Authorization Act

This bill provides statutory authority for the Federal Risk and Authorization Management Program (FedRAMP) within the General Services Administration (GSA).

The GSA must establish a government-wide program that provides the authoritative standardized approach to security assessment and authorization for cloud computing products and services that process unclassified information used by agencies. Agencies must ensure that their cloud computing services meet GSA requirements.

The bill establishes the Joint Authorization Board to conduct security assessments of cloud computing services and issue provisional authorizations to operate to cloud service providers that meet FedRAMP security guidelines.

The GSA shall (1) publish a report that includes an assessment of the cost incurred by agencies and cloud service providers related to the issuance of FedRAMP authorizations and provisional authorizations, (2) determine the requirements for certification of independent assessment organizations, and (3) establish the Federal Secure Cloud Advisory Committee.

Action Timeline

10
  1. JAN 06, 2021IntroReferral

    Received in the Senate and Read twice and referred to the Committee on Homeland Security and Governmental Affairs.

  2. JAN 05, 2021Floor

    Mrs

    Maloney, Carolyn B. moved to suspend the rules and pass the bill.

  3. JAN 05, 2021Floor

    Considered under suspension of the rules

    (consideration: CR H58-62)

    58Yea
    62Nay
    0NV
  4. JAN 05, 2021Floor

    DEBATE - The House proceeded with forty minutes of debate on H.R. 21.

  5. JAN 05, 2021Floor

    Passed/agreed to in House

    On motion to suspend the rules and pass the bill Agreed to by voice vote.(text: CR H58-60)

    58Yea
    60Nay
    0NV
  6. JAN 05, 2021Floor

    On motion to suspend the rules and pass the bill Agreed to by voice vote. (text: CR H58-60)

    58Yea
    60Nay
    0NV
  7. JAN 05, 2021Floor

    Motion to reconsider laid on the table Agreed to without objection.

  8. JAN 04, 2021IntroReferral

    Introduced in House

  9. JAN 04, 2021IntroReferral

    Introduced in House

  10. JAN 04, 2021IntroReferral

    Referred to the House Committee on Oversight and Reform.

Committees

2

Homeland Security and Governmental Affairs Committee

ssga00

Referred: Jan 7, 2021

Active

Oversight and Government Reform Committee

hsgo00

Referred: Jan 4, 2021

Active