Skip to main content

Focus on FedRAMP

Annual Assessment Guidance

The FedRAMP PMO recently encountered a question from a Cloud Service Provider (CSP) as to whether they are required to perform a re-authorization every three years. We wanted to take this opportunity to clarify FedRAMP’s Annual Assessment requirements. First, FedRAMP does not require CSPs to perform a full reassessment every three years. This is consistent with the July 28, 2016...

Read More

FedRAMP Hosts its First 3PAO Workshop!

On Friday, March 30th, the FedRAMP PMO held a workshop with our accredited 3PAO vendors. The workshop consisted of a morning plenary session, which shared reasons for the updating the 3PAO requirements, insight into new FedRAMP policy updates, and an overview of common pitfalls of current assessments and how to avoid them. Following the morning briefing, the FedRAMP PMO met...

Read More

FedRAMP Five Awards - Accepting Nominations!

FedRAMP turns six this year! As a way to celebrate, we’re introducing awards to recognize government partners who have helped FedRAMP grow, develop, and improve over time. The first ever awards - which we’re calling the “FedRAMP Five” - will give recognition to some of the Agency partners to whom we owe our success. The FedRAMP Five Awards will be...

Read More

Introducing the New CSP Authorization Playbook

The FedRAMP PMO is pleased to release the first volume of the Cloud Service Provider (CSP) Authorization Playbook: Getting Started with FedRAMP! Many CSPs are interested in pursuing a FedRAMP authorization for their cloud offering(s), but often have questions on the process and how to get started. The CSP Authorization Playbook is designed to be a comprehensive guide for CSPs...

Read More

How FedRAMP Transformed JAB Authorizations to take 75% Less Time

We’re excited to announce the release of our whitepaper on our initiative: FedRAMP Accelerated! As you probably know, last year we worked with the Joint Authorization Board (JAB) to revamp the provisional authorization process. We’d been hearing from Cloud Service Providers (CSPs), Agencies, and Third Party Assessment Organizations (3PAOs) that the process took too long and the expectations were unclear....

Read More

Page 1 of 25