Shows & Panels
- The 2014 Big Picture on Cyber Security
- AFCEA Answers
- Ask the CIO
- Connected Government
- Consolidating Mission-critical Systems
- Constituent Servicing
- Continuous Monitoring: Tools and Techniques for Trustworthy Government IT
- The Data Privacy Imperative: Safeguarding Sensitive Data
- Eliminating the Pitfalls: Steps to Virtualization in Government
- Federal Executive Forum
- Federal Tech Talk
- Government Cloud Brokerage: Who, What, When, Where, Why?
- Government Mobility
- Mission-critical Apps in the Cloud
- Mobile Device Management
- The Modern Federal Threat Landscape
- The Path from Legacy Systems
- Understanding the Intersection of Customer Service and Security in the Cloud
Shows & Panels
FedRAMP, Data.gov revamp just part of GSA office's caseload
Tuesday - 3/6/2012, 5:38pm EST
But even with fewer than 100 employees, the office, which officials likened to an idea-generator for the government, carries out an extensive array of programs dealing with technology and customer service.
Last year, the office released its annual report — its first — which featured progress updates on everything from GSA's online app marketplace to its mobile initiatives.
Dave McClure, the associate administrator in the OCSIT, and Kathy Conrad, the principal deputy associate administrator joined In Depth with Francis Rose to discuss the work the office does and the progress on cloud-computing security standards in particular.
Dave McClure and Kathy Conrad in the Federal News Radio studio.
McClure said the need for accountability and transparency — as well as a desire to show return on investment — helped drive the release of the first annual report.
"The feedback has been:' I didn't your office did all these things,'" McClure said. "So, in many ways it really educates both inside and outside of government what this office really does."
Data.gov aims for 'vibrant' sets
Given its governmentwide focus, office is particularly interested in initiatives that impact across agencies. Conrad cited the launch of BusinessUSA.gov, an online portal developed with the Commerce Department and Small Business Administration and designed to be a "one-stop shop" for businesses to navigate the federal sphere.
Conrad also touted Data.gov "communities" — federal datasets organized by topic, such as education or energy, which she likened to a "treasury trove" of federal data.
"You have the mechanism to not only make data available, but then give people a mechanism to find impact from it," Conrad said. "So, we're seeing that community concept really taking off in a broad sense because it's a way to bring together both the people who have the data with those who could use it."
McClure said that fits with the agency's goal of shifting from thinking of Data.gov as a simple repository of information to a "vibrant, active set of information and data that customers can come in — whether it's an organization, a citizen, a business, academics, software developers — and actually mine it very fast."
Agency taking its time on FedRAMP
Also high on the list of the agency's accomplishments is the Federal Risk and Authorization Management Program, or FedRAMP, the effort to create a governmentwide process for securing and cloud-computing solutions.
McClure said the office has been working on the guidelines for about two years. It took a while, he acknowledged to develop consensus for the security standards and a baseline set of controls from all government stakeholders — civilian, defense and intelligence.
"It took us, probably, longer than we wanted, but rather than rush, you better get it right," McClure said, "so we have taken some extra time to do that."
The last six months has been consumed with creating the actual infrastructure to eventually run FedRAMP as a program, McClure said. And that slow launch will continue over the next couple of years.
Between now and fiscal-year 2014, GSA will "gradually roll FedRAMP out," McClure said. "It's not a turn the spigot on, let the water flow freely (process)."
GSA plans to release its first list of third-party assessors that have been accredited by FedRAMP in April, Conrad added. Following that, GSA will make awards for governmentwide email solutions.
By the second quarter of 2013, GSA will open up the process to more "prioritized solutions that have governmentwide impact," McClure said. By 2014, GSA aims for FedRAMP to be a "fully operational, sustainable set of activities"
But there's still a long process ahead and GSA "won't get there overnight," McClure added. "We're going to take our time in getting there."