There are a number of ways the FedRAMP team works with Agencies at various stages of the authorization process, as well as during continuous monitoring
(post ATO) to ensure they have the information they need to make the appropriate risk-based decisions for their organizations.
Here are a few of the ways that the FedRAMP team works with Agencies:
Awareness of the FedRAMP Process – We regularly meet with Agencies as well as Cloud Service Providers (CSPs) and Third Party Assessment Organizations (3PAOs) to ensure that all involved in the FedRAMP Authorization process understand what is involved, resource commitment, anticipated timelines and the necessary roles and responsibilities to achieve an authorization. We often help facilitate kickoffs with Agencies and their chosen CSP to make sure their authorization process is set up for success.READ MORE