« All Events

FedRAMP Updates 3PAO Requirements

Wednesday, November 14, 2018 2:00 PM – 3:00 PM ET

YouTube LIVE

Register 2018-11-14 02:00 PM 2018-11-14 03:00 PM America/New_York FedRAMP Updates 3PAO Requirements Live FedRAMP webinar to discuss changes to R311 - Specific Requirements: FedRAMP Event Page: https:/event/2018/11/14/fedramp-updates-3pao-requirements/ YouTube LIVE: https://www.youtube.com/watch?v=Z6LgUEShll0 DigitalGov digitalgov@gsa.gov

FedRAMP, in partnership with the American Association for Laboratory Accreditation (A2LA), updated the “R311 -Specific Requirements: FedRAMP,” which includes new and strengthened qualifications for existing and new 3PAOs.

Key updates:

  • Incorporation of the R346 – Specific Requirements: Baltimore Cyber Range (BCR) Cybersecurity Technical Proficiency Activity Information, which requires all 3PAO assessors to take a hands-on proficiency exercise, conducted by the Baltimore Cyber Range (BCR), at initial accreditation and annually thereafter
  • Accreditation to ISO/IEC 17020, under the A2LA Cybersecurity Inspection Body Program, for a period of one year as evidence of implementation of a 3PAO’s quality management system
  • Forty hours of Continuing Professional Education (CPE) or equivalent for each 3PAO assessment team member
  • Regular FedRAMP PMO touch-points with 3PAOs and CSPs for feedback on deliverables and customer experience
  • Guidance for non U.S. based 3PAO personnel and/or OCONUS operations

Questions about this event or future FedRAMP events? Send them to info@fedramp.gov

File name


File path


Link Shortcode

{{< link "events/2018/11/2018-11-14-fedramp-updates-3pao-requirements.md" >}}