Cloud Service Providers - Advisory Board
Where leading Cloud Service Providers come together to inform, engage, and collaborate with FedRAMP stakeholders.
About the CSP-AB
The Cloud Service Providers - Advisory Board (CSP-AB) represents the world’s leading cloud companies and supports standards and policies that promote and enable secure cloud adoption in the public and private sectors. Our member companies are global leaders in the drive to provide safe, scalable, and accredited digital government services, with a focus on both the civil servants delivering those services and the end-users receiving them.
Latest News
CSP-AB welcomes finalized OMB Guidance
The Cloud Service Providers-Advisory Board (CSP-AB) welcomes the finalized Guidance from the Office of Management and Budget (OMB) regarding the vision, scope, and structure of the Federal Risk Authorization Management Program (FedRAMP).
The CSP-AB represents the world’s leading cloud companies and supports standards and policies that promote and enable secure cloud adoption in the public and private sectors. Our member companies are global leaders in the drive to provide safe, scalable, and accredited digital government services, with a focus on both the civil servants delivering those services and the end-users receiving them.
Collectively, our members hold over 700 authorizations to operate across all service models and impact levels. As such, we recognize the considerable change that industry and cloud service technology has undergone since the inception of FedRAMP in 2011. Updating the operation of FedRAMP is crucial to ensuring that the Federal government develops more agile, effective, and innovative standards which reflect the realities of the cloud ecosystem and we are excited about what this first step means for CSPs navigating the FedRAMP landscape. CSP-AB urges OMB to continue to emphasize the importance of developing a program to establish an automated process for intaking, using, and reusing security assessments and reviews to reduce the burden on participants and speed up the implementation process for cloud solutions. We look forward to updated guidance from GSA on continuous monitoring processes, as well as further work to ensure that governance, risk and compliance, and system-inventory tools can “ingest and produce” artifacts using Open Secure Control Assessment Language (OSCAL).