As part of the FedRAMP modernization project we are planning to begin requiring all Rev5-based cloud services to provide only machine-readable materials (as required by the law and M-24-15). This is currently slated for Phase 4 but will need a considerable amount of runway for providers.
This RFC will propose the anticipated requirements and timelines for government-wide (and thus industry-wide) adoption of machine-readable system security packages for FedRAMP Rev5.
As part of the FedRAMP modernization project we are planning to begin requiring all Rev5-based cloud services to provide only machine-readable materials (as required by the law and M-24-15). This is currently slated for Phase 4 but will need a considerable amount of runway for providers.
This RFC will propose the anticipated requirements and timelines for government-wide (and thus industry-wide) adoption of machine-readable system security packages for FedRAMP Rev5.