The Federal Risk and Authorization Management Program has added two new columns to the Plan of Actions and Milestones template to help agency partners track findings related to the Cybersecurity and Infrastructure
MoreThe Federal Risk and Authorization Management Program has received from a cloud service provider the first system security plan in a machine-readable format called Open Security Controls Assessment Language. FedRAMP expects the
MoreThe Federal Risk and Authorization Management Program is soliciting comments on an updated white paper that reflects changes to threat-based scoring methodology and informs stakeholders of its potential applications. FedRAMP said Tuesday
MoreSharon Woods, director of the hosting and compute center at the Defense Information Systems Agency, said systems integrators will continue to play a key role in DISA’s hosting and computing journey, particularly
MoreThe Federal Risk and Authorization Management Program (FedRAMP) has announced the release of updated Readiness Assessment Report (RAR) templates and guide for third-party assessment organizations. The updated RAR guide and templates seek
MoreThe Federal Risk and Authorization Management Program (FedRAMP) recently teamed up with the Cybersecurity and Infrastructure Security Agency (CISA) to apply CISA’s .govCAR methodology to score security controls of cloud service providers
MoreThe General Services Administration (GSA) will soon issue XML-automated validations to enable cloud services providers seeking an authority to operate to check whether all the required data is included in their security
MoreThe Federal Risk and Authorization Management Program is seeking public feedback on initial draft guidance meant to help cloud service providers develop the authorization boundary associated with their cloud offerings. The guidance
MoreThe Federal Risk and Authorization Program (FedRAMP) is permitting remote testing of certain data centers run by cloud service providers. “All remote testing must be explicitly detailed in the Security Assessment Plan
MoreThe Federal Risk and Authorization Management Program (FedRAMP) has updated a document that details the roles and responsibilities of each stakeholder in the cyber incident communication process. “Additionally, CSPs are responsible for
More