FedRAMP, in partnership with the American Association for Laboratory Accreditation (A2LA), updated the “R311 -Specific Requirements: FedRAMP,” which includes new and strengthened qualifications for existing and new 3PAOs.
- Incorporation of the R346 – Specific Requirements: Baltimore Cyber Range (BCR) Cybersecurity Technical Proficiency Activity Information, which requires all 3PAO assessors to take a hands-on proficiency exercise, conducted by the Baltimore Cyber Range (BCR), at initial accreditation and annually thereafter
- Accreditation to ISO/IEC 17020, under the A2LA Cybersecurity Inspection Body Program, for a period of one year as evidence of implementation of a 3PAO’s quality management system
- Forty hours of Continuing Professional Education (CPE) or equivalent for each 3PAO assessment team member
- Regular FedRAMP PMO touch-points with 3PAOs and CSPs for feedback on deliverables and customer experience
- Guidance for non U.S. based 3PAO personnel and/or OCONUS operations
Questions about this event or future FedRAMP events? Send them to firstname.lastname@example.org
Have questions about this event or future events? Send us an email »