Hi All,
FedRAMP just published an updated 3PAO Obligations and Performance Standards document
The Federal Risk and Authorization Management Program (FedRAMP) created a conformity assessment
process to recognize third-party assessment organizations (3PAOs) through accreditation by the American
Association for Laboratory Accreditation (A2LA). This process ensures 3PAOs meet the necessary quality,
independence, and FedRAMP knowledge requirements to perform independent security assessments
required by FedRAMP. To maintain recognition, 3PAOs must continue to demonstrate independence, quality,
and FedRAMP knowledge as they perform security assessments on cloud systems.
------------------------------
Michael Roza CPA, CISA, CIA, MBA, Exec MBA
------------------------------