Skip to main content

Focus on FedRAMP

Find Resources Easier with New Updates to FedRAMP.gov

The FedRAMP PMO is excited to share some new updates to the website. In response to customer feedback and website analytics, we’ve updated the side bars on the Partners We Serve pages to include “action boxes” that bring visitors to specific resource pages. These new pages provide information about the FedRAMP related action and consolidates all the relevant resources in...

Read More

Profiles in Cybersecurity - Steve Hunt, NASA

In June 2018, FedRAMP launched the inaugural FedRAMP 5 Awards, recognizing the members of the FedRAMP community that have contributed to the program’s success over the years. To honor their contributions, FedRAMP is spotlighting some of the winners for their impact on the program. Steve Hunt, IT Governance Lead of NASA’s Enterprise Managed Cloud Computing office, has championed FedRAMP since...

Read More

FedRAMP Launches New 300-C Training for 3PAOs

We’ve launched the next course in the Third Party Assessment Organization (3PAO) Training Series. This new training course focuses on the development of the Security Assessment Report (SAR) which details the 3PAO’s findings after testing is complete for a Cloud Service Offering (CSO). The SAR must clearly outline a CSO system’s residual risk and be an adequate reflection of the...

Read More

FedRAMP Connect Results and Due Date for Next Round

The FedRAMP PMO just completed the latest round of FedRAMP Connect where Cloud Service Providers (CSPs) are prioritized to work with the Joint Authorization Board (JAB). In order to prioritize the right CSPs, the FedRAMP PMO reviews each business case submitted by CSPs interested in pursuing a JAB authorization and analyzes their current and potential demand. The focus of this...

Read More

FedRAMP Documentation Release

As mentioned last week, we’ve updated ten documents/templates and added one new document to our Templates and Documents pages. This is in service of: Making continuous monitoring processes more efficient and providing additional specific guidance on them Clarifying language in the Readiness Assessment Report (RAR) templates, and Incorporating new requirements and guidance in the System Security Plan (SSP) templates and...

Read More

Page 1 of 21