Skip to main content

December 2016 FedRAMP PMO Newsletter

New Compliant CSPs!

  [Collab 9]( earned FedRAMP Ready status in December 2015. Collab9 offers cloud-based unified communications services that are “Powered by Cisco.” Collab9’s hosted solution delivers a full set of unified communications and collaboration services.

FedRamp now has 22 FedRAMP Compliant CSP systems! A complete list of all FedRAMP Compliant CSPs can be viewed here


FedRAMP-TIC Overlay Pilot

The FedRAMP PMO and the TIC PMO at DHS worked collaboratively over the past months to pilot the FedRAMP-TIC overlay. As expected, the pilot identified some gaps between the TIC requirements and the FedRAMP requirements that needs to be further explored before the overlay becomes operational. Both the TIC PMO and FedRAMP PMO will continue to work with OMB to make the FedRAMP TIC overlay have a more permanent outcome.

However, we wanted to thank the CSPs who worked diligently with our teams through the pilot effort. The Microsoft O365, Amazon Web Services, and teams were fantastic partners as we explored the realities of this overlay and their hard work has helped lay the groundwork for the way agencies can access CSP environments more securely.

Public Comment: High Baseline Re-Release

The FedRAMP PMO is releasing an updated draft high baseline for a second round of public comments. This baseline is being released for our industry and agency stakeholders to provide their final feedback and recommendations. The public comment period will end Friday, January 8, 2016.

Read the whole story

Continuous Monitoring Pilot

ConMon can be labor intensive and the data can be hard to analyze across vendors. At the FedRAMP PMO, we’ve normalized this data and have developed standardized reports and POA&Ms for the JAB P-ATOs we maintain. Since this information is in the same format for every provider, it makes it easier to consume.

Read the whole story

Now Available: SAP & SAR Training Modules!

The FedRAMP PMO is pleased to announce the addition of two new courses to the library of FedRAMP Online Training The Security Assessment Plan (SAP) and Security Assessment Report (SAR) course modules are designed to help FedRAMP Third Party Assessment Organizations (3PAOs) understand the how to write specific sections of these documents and the program’s reporting requirements.

Read the wholes story

New Way to Contact the PMO!

Are a Federal employee or contractor? Do you have a question about the FedRAMP process or your agency’s responsibilities? Send them to and our Agency Evangelist will personally respond!

FedRAMP in the News:

Page of