What is FedRAMP?
The Federal Risk and Authorization Management Program (FedRAMP) is a government-wide program that provides a standardized approach to security assessment, authorization, and continuous monitoring for cloud products and services. This is a process by which government agencies can determine if services provided by a Cloud Services Provider (CSP) are secure enough to be used by the federal government. FedRAMP is mandatory for federal agency cloud deployments.
The Federal Government provides in-depth materials to companies and a process by which they may get FedRAMP authorized. The FedRAMP site is a good resource for companies looking to get certified. So is our own blog post on the subject - FedRAMP 101: Becoming a FedRAMP Authorized CSP (Cloud Service Provider).
Our services for FedRAMP
We can assist you in getting ready for authorization by conducting an assessment of current controls in place for your cloud environment and assisting with putting in controls to meet NIST SP800-53 requirements.
Our services for FedRAMP readiness include:
- Review and scope of systems and processes, including systems, infrastructure and applications.
- Findings report including feedback and recommendations for improvements.
- Creation of Policies and Procedures.
- Assisting with reports to be be submitted.