Close X
Attorney Spotlight

How did Brianna Powell's work as a law clerk prepare her for practicing law? Read more>

Search

Close X

Experience

Search our Experience

Experience Spotlight

The M&A Advisor Winner 2017The M&A Advisor announced the winners of the 16th Annual M&A Advisor Awards on Monday, November 13 at the 2017 M&A Advisor Awards. Bass, Berry & Sims was named a winner in the two categories related to the following deals:

M&A Deal of the Year (from $1B-$5B) – Acquisition of CLARCOR Inc. by Parker Hannifin Corporation

Corporate/Strategic Deal of the Year (over $1B) – Acquisition of BNC Bancorp by Pinnacle Financial Partners

Close X

Thought Leadership

Enter your search terms in the relevant box(es) below to search for specific Thought Leadership.
To see a recent listing of Thought Leadership, click the blue Search button below.

Thought Leadership Spotlight

Regulation A+

It seems that lately there has been a noticeable uptick in Regulation A+ activity, including several recent Reg A+ securities offerings where the stock now successfully trades on national exchanges. In light of this activity, we have published a set of FAQs about Regulation A+ securities offerings to help companies better understand this "mini-IPO" offering process, as well as pros and cons compared to a traditional underwritten IPO.

Read now

GovCon Blog: GSA Announces New FedRAMP Category to Speed Up Approval Process

Publications

October 27, 2014

If a cloud services provider (CSP) wishes to provide their services to a federal agency they must obtain authorization and approval from the Federal Risk and Authorization Management Program (FedRAMP). As more and more CSPs have entered the FedRAMP assessment process, there has been a push to help agencies and CSPs achieve FedRAMP authorization faster. Moreover, the Office of Management and Budget mandated starting June 5, 2014, that all CSPs must be FedRAMP approved or at least in the process of getting an authority to operate prior to contracting with federal agencies. In order to assist with these efforts, GSA recently unveiled a new category to its program for cloud systems proven "FedRAMP Ready."

FedRAMP, administered by the General Services Administration (GSA), is a government-wide screening program that provides a standardized approach for assessing and monitoring the security of contractor cloud products and services. FedRAMP was first launched back in 2012 as a follow-on to the government's "Cloud First" strategy, which sought to save money by consolidating agencies' servers and mandating data storage to the cloud. The goal of FedRAMP is to reduce time and money that individual agencies would otherwise have to spend on assessing a cloud provider's security. Prior to FedRAMP, each agency conducted its own risk assessment for each procured cloud service, which led to multiple and redundant security assessments for identical services. The lead agencies for FedRAMP are the GSA, Department of Defense, and Department of Homeland Security. Representatives from those three agencies make up the FedRAMP Joint Authorization Board, which performs risk authorizations and grants the provisional FedRAMP authorization for specific cloud services and products. Once a vendor has demonstrated compliance with FedRAMP standards, they can provide their cloud services to any federal government agency. Upon receipt of a provisional authorization to operate, the FedRAMP Project Management Office will add the vendor to the list of authorized cloud service providers on www.FedRAMP.gov.

GSA recently unveiled its newest category for FedRAMP showcasing CSPs ready to perform assessments and authorizations with potential agency customers. This new category was created to enable contractors to get their security systems certified and for federal agencies to achieve FedRAMP compliancy more quickly. "FedRAMP Ready" designations will be granted to systems that have had their documentation reviewed by the FedRAMP program management office and at a minimum have gone through the PMO readiness review process. According to the cloud.cio.gov website, "FedRAMP Ready systems allow potential agency customers and authorizing officials a starting point to initiate an authorization. Systems with more complete documentation or assessments by an accredited 3PAO will allow potential agency customers and authorizing officials to go through the assessment and authorization process more rapidly to become FedRAMP compliant." Not all systems in this category will be a CSP, the FedRAMP Ready system will also accommodate open source code agencies deploy for their cloud solutions.

For more Government Contracts information, visit www.BassBerryGovCon.com.


Related Professionals

Related Services

Notice

Visiting, or interacting with, this website does not constitute an attorney-client relationship. Although we are always interested in hearing from visitors to our website, we cannot accept representation on a new matter from either existing clients or new clients until we know that we do not have a conflict of interest that would prevent us from doing so. Therefore, please do not send us any information about any new matter that may involve a potential legal representation until we have confirmed that a conflict of interest does not exist and we have expressly agreed in writing to the representation. Until there is such an agreement, we will not be deemed to have given you any advice, any information you send may not be deemed privileged and confidential, and we may be able to represent adverse parties.