Through its Federal Risk and Authorization Management Program (FedRAMP®), GSA is launching FedRAMP 20x—a bold, cloud-native approach aimed at accelerating cloud adoption while maintaining rigorous cybersecurity standards.
FedRAMP 20x responds to longstanding challenges in the cloud approval process by focusing on automation, clarity, and collaboration—ultimately supporting the federal government’s goal to deliver seamless, digital-first services to American taxpayers.
Historically, cloud service providers (CSPs) seeking to serve federal agencies have faced long and complex FedRAMP authorization processes. These have involved excessive documentation, slow manual reviews, and a lack of flexibility, often taking months—or even years—for services to become available to agencies.
GSA Acting Administrator Stephen Ehikian underscored the urgency of modernizing this process. “Our partnership with the commercial cloud industry needs serious improvement,” said Ehikian. “Strengthening this relationship will help us fulfill our commitment to cutting waste and adopting the best available technologies to modernize the government’s aging IT infrastructure.”
FedRAMP 20x is said to address these issues head-on with an agile, modernized approach focused on speed, security, and innovation.
FedRAMP 20x is built upon several guiding principles aimed at reimagining how federal agencies and cloud providers work together:
1. Laying the Foundation for Innovation
FedRAMP will encourage innovation by making it easier for CSPs to demonstrate compliance with modern security practices. The program will create public working groups, open channels for industry input, and offer technical guidance early in the process—before formal rollout. This collaborative environment promotes transparency, equal access to information, and supports the rapid development of secure cloud offerings.
2. Eliminating Bureaucracy Through Automation
The days of manual paperwork and redundant documentation are numbered. FedRAMP 20x aims to replace time-consuming tasks with automated tools that streamline the authorization process. This will reduce costs for vendors and speed up approvals significantly, without compromising on cybersecurity.
3. Accelerating Cloud Adoption
With clearer, streamlined security requirements, FedRAMP 20x will allow agencies to adopt modern cloud solutions in weeks instead of years. This helps federal teams stay ahead of technological advancements and ensures they have timely access to cutting-edge services that improve operations and service delivery.
4. Fostering Direct Collaboration
Traditionally, FedRAMP acted as an intermediary between agencies and providers. Under the 20x model, the program will empower direct collaboration, allowing agencies and vendors to engage more efficiently and tailor solutions to mission needs.
To bring its vision to life, FedRAMP 20x will implement a series of concrete changes:
-
No federal sponsor needed for simple, low-impact services
-
Elimination of redundant or unnecessary documentation
-
“Turn-key” adoption for cloud-native, low-complexity environments
-
Simplified, engineer-friendly security requirements
-
Most cloud solutions authorized in weeks rather than months or years
Thomas Shedd, Director of the Technology Transformation Services and Deputy Commissioner of the Federal Acquisition Service, emphasized the broader implications: “FedRAMP 20x represents our commitment to cutting through complexity, empowering innovation, and ensuring that security keeps pace with technological advancement.”
FedRAMP 20x has already gained significant support from government leaders and private sector stakeholders. Carrie Lee, Chief Product Officer and Deputy CIO at the Department of Veterans Affairs, hailed the initiative as “a game-changer.” She stated, “By reducing authorization times from years to weeks and enhancing security postures, we are setting a new standard for efficiency and innovation.”
As agencies look to modernize their IT environments and provide better digital experiences for Americans, FedRAMP 20x will play a critical role in ensuring that cloud services are not only secure but also accessible, affordable, and fast to implement.
GSA Proposal Maven Inc. is a government contract firm that has helped thousands of businesses increase their bottom line with the GSA MAS contract program, 8(a) Certification Program, VOSB Certification, SDVOSB Certification, and other federal agency contracts. Contact us at (877) 302-3773 or click here to schedule your FREE fifteen-minute consultation by clicking here.
Get your FREE report, “5 Tips To Master The GSA Schedule Application Process” or schedule your fifteen-minute consultation by clicking here.