The Inner Circle

FedRAMP 3PAO Obligations and Performance Standards Updated

  • 1.  FedRAMP 3PAO Obligations and Performance Standards Updated

    Posted 24 days ago
      |   view attached
    Hi All,

    FedRAMP just published an updated 3PAO Obligations and Performance Standards document

    The Federal Risk and Authorization Management Program (FedRAMP) created a conformity assessment
    process to recognize third-party assessment organizations (3PAOs) through accreditation by the American
    Association for Laboratory Accreditation (A2LA). This process ensures 3PAOs meet the necessary quality,
    independence, and FedRAMP knowledge requirements to perform independent security assessments
    required by FedRAMP. To maintain recognition, 3PAOs must continue to demonstrate independence, quality,
    and FedRAMP knowledge as they perform security assessments on cloud systems.

    ------------------------------
    Michael Roza CPA, CISA, CIA, MBA, Exec MBA
    ------------------------------