Threatpost | The first stop for security news

The First Stop For Security News

Read More News


Ensuring Secure Cloud Computing for the Federal Government
  • REMINDER – RFI for Cloud, FedRAMP, and Security Contract Language due December 15th
    Have insights on cloud acquisitions language? FedRAMP is interested in hearing your thoughts! In service of helping agencies adopt secure cloud technologies, the FedRAMP PMO has been working to create standard contract language for agencies to use as they acquire secure cloud-based products. We’re seeking your feedback on how agencies can include cloud, FedRAMP, and […]
  • Introducing the New Agency Authorization Playbook
    The FedRAMP PMO is proud to release the Agency Authorization Playbook! Through our work revamping the Joint Authorization Board (JAB) Provisional Authority to Operate (P-ATO) process, we identified a number of best practices and tips that will help Agencies as they work with Cloud Service Providers (CSPs) to grant initial Agency authorizations. We developed the […]
  • Understanding Baselines and Impact Levels in FedRAMP
    The FedRAMP PMO fields a number of questions about impact levels and the security categorization of cloud services. Federal Information Processing Standard (FIPS) 199 provides the standards for categorizing information and information systems, which is the process CSPs use to ensure their services meet the minimum security requirements for the data processed, stored, and transmitted […]
  • RFI for Cloud, FedRAMP, and Security Contract Language Due December 15th
    In an effort to help agencies continue to adopt secure cloud technologies, FedRAMP has been identifying ways to create standard contract language that agencies can use in their acquisition process as they procure cloud-based products. FedRAMP, along with the GSA Secure Cloud Portfolio, is requesting industry feedback regarding the acquisition process and how agencies include […]
  • Common Challenges with the Readiness Assessment Report
    Thank you to all our vendors who have participated in our FedRAMP Ready process by using the Readiness Assessment Report (RAR). The RAR is intended to help vendors, the Joint Authorization Board, and Agencies have a snapshot of the security posture and capabilities  of a cloud service without the full investment of going through the […]
  • Why Become FedRAMP Ready?
    When the FedRAMP PMO introduced FedRAMP Accelerated last year, it also introduced an evolution of the readiness designation for Cloud Service Providers (CSPs): FedRAMP Ready. This designation now indicates that a Third Party Assessment Organization (3PAO) attests to a CSP’s readiness for the authorization process, and that a Readiness Assessment Report (RAR) has been reviewed […]
  • FedRAMP Agency Authorization Process – Tips, Tricks, and Best Practices
    Continuing our efforts to enable transparency for Agencies and Cloud Service Providers (CSPs) alike, the FedRAMP PMO is excited to now provide materials on proven best practices for completion of the FedRAMP Agency Authorization process. The goal of these materials is to provide CSPs and Agencies with guidance that aligns their roles and responsibilities in […]
  • New Third Party Assessment Organizations (3PAOs) Training Series
    The FedRAMP PMO is pleased to announce the Third Party Assessment Organization (3PAO) Training Series. The training series provides 3PAOs and other interested stakeholders with a deeper understanding of the FedRAMP program requirements and the level of effort (LOE) required to satisfactorily plan and perform a FedRAMP security assessment. The goal of this new 300 […]
  • FedRAMP Tailored Available for Use
    We are excited to announce our release of the FedRAMP Tailored Baseline for Cloud Service Providers (CSPs) with Low-Impact Software- as-a-Service (LI-SaaS) Systems!  FedRAMP Tailored was developed to support industry solutions that are low risk and low cost for agencies to deploy and use. Additionally, FedRAMP Tailored: Creates a faster, streamlined process for systems that […]
  • FedRAMP Acquisition FAQs
    In an effort to help agencies continue to adopt secure cloud technologies, FedRAMP has been identifying ways to ensure that agencies appropriately require FedRAMP in their acquisition process as they procure cloud-based products. In support of this effort, the FedRAMP PMO worked with the Office of Management and Budget (OMB) and the Office of Federal […]

Read More FedRamp News

Read More News