Fedramp Certification Requirements

The fedramp program management office pmo has outlined the following requirements for fedramp compliance.

Fedramp certification requirements. In 2011 the office of management and budget omb released a memorandum establishing. In order for a commercial cloud service offering cso to be used by a federal agency the cso must demonstrate fedramp compliance which is the ability to substantiate adherence to government security requirements outlined in nist 800 53 and supplemented by the fedramp program management office pmo. The fedramp program management office pmo mission is to promote the adoption of secure cloud services across the federal government by providing a standardized approach to security and risk assessment. The authoritative source for fedramp information.

Currently any cloud service provider csp working with the federal government needs to meet the security assessment authorization and continuous monitoring requirements to obtain a joint authorization board provisional authority to operate jabp ato. The federal risk and authorization management program fedramp is a government wide program that provides a standardized approach to security assessment authorization and continuous monitoring for cloud products and services. The federal risk and authorization management program fedramp is a government wide program that provides a standardized approach to security assessment authorization and continuous monitoring for cloud products and services. Fedramp facilitates the shift from insecure tethered tedious it to secure mobile nimble and quick it.

This approach uses a do once use many times framework that saves cost time.