Review of Federal Risk and Authorization Management Program

Subject: Management
Pages: 2
Words: 677
Reading time:
3 min
Study level: Bachelor

Background Information

Digital government services are advanced systems aimed at delivering a wide range of services to members of the public. The relevant agencies and institutions rely on the power of superior communication, Internet, and information technologies to support the wider service delivery process (Koo et al., 2020). Some of the common services include drivers’ licenses renewal, tax returns filed, and issuance of permits. The use of the current model is making it possible for the government to provide timely services and personalized information to American citizens at any given time (Schmidt et al., 2016). With more people having access to different platforms and handheld devices, the process has become more streamlined, effective, convenient, and less costly.

FedRAMP is an acronym for Federal Risk and Authorization Management Program and it is intended to transform the experiences of citizens in need of digitalized government services. This term denotes a government-wide system or program developed with the aim of monitoring, securing, authorizing, and protecting cloud processes, services, and products (Schmidt et al., 2016). The model is founded or informed by the desire to develop a risk-based and cost-effective approach for digital services (Koo et al., 2020). FedRAMP is developed and promoted in accordance what the memorandum the Office of Management and Budget presented in 2011. The introduction of FedRAMP has led to improved procedures for providing convenient and secure digital services to more American citizens.


To deliver a wide range of digital services, agencies should get the relevant FedRAMP authorization. The agencies will go further to develop cloud services and digital products that are secure and acceptable. Institutions can identify some of the existing databases approved by FedRAMP and purchase them for providing the required services (Figliola & Fischer, 2015). Agencies should be keen to identify and implement all emerging guidelines. The ultimate aim is to ensure that the services are affordable, convenient, secure, and capable of meeting the changing demands of the targeted clients.

The primary aim of FedRAMP is to ensure that all agencies adopt and implement secure cloud systems and services that can transform the experiences of American citizens. It delivers improved security by providing a unique model for promoting security and reducing the overall level of risk. FedRAMP also outlines some of the critical security procedures and requirements that all agencies need to follow if they are to provide government services (Figliola & Fischer, 2015). Third party stakeholders or organizations are usually involved to monitor and verify whereby providers implement the outlined security measures. FedRAMP provides a model for continuous testing of security measures and guides key partners to implement additional improvements based on the collected evidence.

On one side of the divide, critical issues have emerged regarding the appropriateness and effectiveness of FedRAMP. Some of its supporters believe that the model involves other partners to protect the nature of services available to more citizens. These analysts indicate that such a system is safe and capable of transforming service delivery. However, some skeptics believe that FedRAMP is underdeveloped and has specific loopholes affecting service delivery (Figliola & Fischer, 2015). Others indicate that proper mechanisms are missing to prevent cases of cybercrime and phishing. Readers and stakeholders should, therefore, be prepared for the next course of action to maximize the security of FedRAMP and the wider process of government service delivery.

Next Steps

FedRAMP can consider additional approaches to improve the level of security and privacy for digital services:

  • The first approach could be to allow providers to collaborate and share resources to ensure that they keep risks as low as possible.
  • The second one is for all partners to combine their efforts to maximize the effectiveness and efficiency of their digital services delivery systems (Koo et al., 2020).
  • The third proposal is for all partners to engage in continuous experimentation and analysis to identify and present additional measures to maximize the level of security.
  • Finally, collaboration between government and private agencies could help improve the existing security systems and make it possible for more Americans citizens to receive secure, timely, and uninterrupted digital services.


Figliola, P. M., & Fischer, E. A. (2015). Overview and issues for implementation of the federal cloud computing initiative: Implications for federal information technology reform management. Congressional Research Service.

Koo, J., Oh, S., Lee, S. H., & Kim, Y. (2020). Security architecture for cloud-based command and control system in IoT environment. Applied Sciences, 10(3), 1035-1051. Web.

Schmidt, P. J., Wood, J. T., & Grabski, S. V. (2016). Business in the cloud: Research questions on governance, audit, and assurance. Journal of Information Systems, 30(3), 173-189. Web.