3PAO revisions and fragmented satellites
News and notes from around the federal IT community.
FedRAMP seeks 3PAO accreditation input
The Federal Risk and Authorization Management Program is seeking feedback on revisions to the accreditation requirements for third-party assessment organizations.
After accrediting 40 3PAOs in the past four years, FedRAMP officials want to overhaul the process for vetting the firms that, in turn, vet cloud providers’ systems.
FedRAMP officials will host a webinar to discuss the new draft 3PAO accreditation requirements from 11 a.m. to noon on July 28.
Feedback is due by close of business on Aug. 20.
GAO warns DOD of 'fragmented' approach to commercial satellites
The Defense Department has become more reliant on commercial satellites to augment its communications capabilities, but the way it goes about acquiring those services is "fragmented and inefficient," according to the Government Accountability Office.
A new GAO report states that DOD's policy is to lease its commercial satcom through the Defense Information Systems Agency, but that policy is not always enforced. As reported in Defense Systems, that lack of enforcement leaves DOD without a solid knowledge of the satcom it has and potentially costs the department money in the form of lost bulk-purchase opportunities.
Despite that shortcoming, GAO notes that DOD has made some positive changes since a 2003 report in which auditors said the department did not know how much it was spending on commercial bandwidth services or whether customer needs were being met.