Skip to main content

Focus on FedRAMP

FedRAMP Updates 3PAO Requirements

Third Party Assessment Organizations (3PAOs) play a critical role within the Federal Risk and Authorization Management Program (FedRAMP). Their independent assessments serve as the basis for which the federal government can make authorization decisions regarding Cloud Service Offerings (CSOs). Ensuring 3PAO competency is essential to the program. FedRAMP, in partnership with the American Association for Laboratory Accreditation (A2LA), updated the...

Read More

FedRAMP Connect Business Cases Due November 9th

With the due date for FedRAMP Connect Business Cases quickly approaching on November 9th, we want to remind CSPs of the resources available to help you through the JAB prioritization process. As you may remember, FedRAMP Connect is part of the first step in pursuing a Provisional Authority to Operate (P-ATO) from the Joint Authorization Board (JAB). The FedRAMP PMO...

Read More

Find Resources Easier with New Updates to FedRAMP.gov

The FedRAMP PMO is excited to share some new updates to the website. In response to customer feedback and website analytics, we’ve updated the side bars on the Partners We Serve pages to include “action boxes” that bring visitors to specific resource pages. These new pages provide information about the FedRAMP related action and consolidates all the relevant resources in...

Read More

Profiles in Cybersecurity - Steve Hunt, NASA

In June 2018, FedRAMP launched the inaugural FedRAMP 5 Awards, recognizing the members of the FedRAMP community that have contributed to the program’s success over the years. To honor their contributions, FedRAMP is spotlighting some of the winners for their impact on the program. Steve Hunt, IT Governance Lead of NASA’s Enterprise Managed Cloud Computing office, has championed FedRAMP since...

Read More

FedRAMP Launches New 300-C Training for 3PAOs

We’ve launched the next course in the Third Party Assessment Organization (3PAO) Training Series. This new training course focuses on the development of the Security Assessment Report (SAR) which details the 3PAO’s findings after testing is complete for a Cloud Service Offering (CSO). The SAR must clearly outline a CSO system’s residual risk and be an adequate reflection of the...

Read More

Page 1 of 21