The FedRAMP PMO has added two new training courses to our library, including the first video training option.
“How to Write a Control” (201B) is FedRAMP’s first online, on-demand video training course. The PMO has received many questions about how to properly write a control that will satisfy the program’s requirements. This training video is tailored to CSPs that are documenting the security of their Cloud System and will assist with writing compliant control implementation descriptions for the System Security Plan (SSP).
The second course now available is titled “Continuous Monitoring (ConMon) Overview” (200D). The purpose of the ConMon Overview training module is to provide guidance on continuous monitoring and ongoing authorization in support of maintaining a security authorization that meets the FedRAMP requirements. This training module is structured for a CSP going through the JAB path and a Third Party Assessment Organization, or 3PAO, conducting an assessment of the Cloud System.
The PMO recommends that anyone interested in submitting an authorization package, or anyone currently going through an authorization, to take all of the FedRAMP training courses to better understand the process and reporting requirements. Both courses are available on on-demand and online through Blackboard.