What is FedRAMP? Compliance and certification explained

This blog was written by a third party author
The Federal Risk and Authorization Management Program (FedRAMP) is a compliance program established by the US government that sets a baseline for cloud products and services regarding their approach to authorization, security assessment, and continuous monitoring.
The program’s governing bodies include the Office of Management and Budget (OMB), US Department of Homeland Security (DHS), National Institutes of Standards & Technology (NIST), US General Services Administration (GSA), US Department of Defense (DoD), and the Federal Chief Information Officers (CIO) Council.
Any cloud service providers that wish to offer products and services to the US government must establish FedRAMP compliance. Applying the NIST Special Publication 800 series as a baseline, FedRAMP requires cloud service providers to undergo an independent security assessment conducted by a third-party assessment organization (3PAO) to ensure authorizations comply with the Federal Information Security Management Act (FISMA).
Note: The…

Posted by: Mark Stone

Read full post

      

The post What is FedRAMP? Compliance and certification explained appeared first on Cybersecurity Insiders.

October 31, 2020 at 09:10AM

Posted in: Cyber Security, Cybersecurity Insiders, Hacking, Hacking Articles, Hacking News, Security