The Federal Risk and Authorization Management Program (FedRAMP) office has updated materials that educate companies about the requirements for developing a cloud security package.
A FedRAMP blog post published Tuesday says the revision of the System Security Plan Required Documentation training program aimed to equip and prepare stakeholders in handling package access requests.
The 200A course offers the CSPs with “a deeper understanding of the detail and rigor” needed to accomplish SSP, the primary document of a security package where the company’s information system security controls are outlined.
The program management office also seeks to acquaint providers with the documentation needed for the submission of the initial package, and provide an overview of FedRAMP’s SSP template.
FedRAMP PMO noted that the update follows the program’s mission of developing a training initiative under the Executive Order on Improving the Nation’s Cybersecurity.