Skip to main content

Focus on FedRAMP

FedRAMP Launches New 300-C Training for 3PAOs

We’ve launched the next course in the Third Party Assessment Organization (3PAO) Training Series. This new training course focuses on the development of the Security Assessment Report (SAR) which details the 3PAO’s findings after testing is complete for a Cloud Service Offering (CSO). The SAR must clearly outline a CSO system’s residual risk and be an adequate reflection of the...

Read More

FedRAMP Connect Results and Due Date for Next Round

The FedRAMP PMO just completed the latest round of FedRAMP Connect where Cloud Service Providers (CSPs) are prioritized to work with the Joint Authorization Board (JAB). In order to prioritize the right CSPs, the FedRAMP PMO reviews each business case submitted by CSPs interested in pursuing a JAB authorization and analyzes their current and potential demand. The focus of this...

Read More

FedRAMP Documentation Release

As mentioned last week, we’ve updated ten documents/templates and added one new document to our Templates and Documents pages. This is in service of: Making continuous monitoring processes more efficient and providing additional specific guidance on them Clarifying language in the Readiness Assessment Report (RAR) templates, and Incorporating new requirements and guidance in the System Security Plan (SSP) templates and...

Read More

Moving On Up - Leadership Changes within OPP and FedRAMP

The FedRAMP PMO is excited to announce some important leadership changes taking place within the program! As of today, Matt Goodrich, FedRAMP Director, will become the Acting Assistant Commissioner for the Office of Products and Programs (OPP) - the GSA organization within which FedRAMP resides. Additionally, our Evangelist, Ashley Mahan, will fill two roles: Acting FedRAMP Director and Acting Director...

Read More

Upcoming FedRAMP Documentation Release

The FedRAMP PMO is excited to announce that we have updated ten documents/templates and added one new document with the goal of: Making continuous monitoring processes more efficient and providing additional specific guidance on them Clarifying language in the Readiness Assessment Report (RAR) templates, and Incorporating new requirements and guidance in the System Security Plan (SSP) templates and baseline of...

Read More

Page 1 of 21