![]() ![]() ![]() As a federal initiative, FedRAMP compliance is an easier target for vendors to comply with than standards for individual states, which generally have less stringent A&A requirements than the Federal Information Security Management Act of 2002 ( FISMA). The FedRAMP website provides a standardized approach to A&A, and publishes a list of compliant and authorized vendors and services the vendors have undergone extensive technical and security reviews, completed audits conducted by accredited third-party assessors (3PAOs), and granted authorizations to operate (ATOs). Fortunately, a joint effort between the US Chief Information Officer and the US General Services Administration (GSA) have given government employees and decision makers FedRAMP (the Federal Risk and Authorization Management Program). ![]() This ebook, based on the latest ZDNet / TechRepublic special feature, looks at how the industry cloud has taken off and big businesses have been built by the likes of Veeva, Rootstock and others.Ĭloud utilization in the private sector is firmly entrenched - the first cloud computing provider, Amazon Web Services (AWS), launched thirteen years ago - yet government cloud adoption has lagged behind due to extensive requirements for vendor assessment and authorization (A&A) to ensure that vendors and products have adequate information security and risk management processes. Special Report: Industry Cloud (free PDF) White House: Brace for potential Russian cyberattacksĤ1 impressive questions to ask in a job interview ![]()
0 Comments
Leave a Reply. |
AuthorWrite something about yourself. No need to be fancy, just an overview. ArchivesCategories |