Sales Ended

FedRAMP Updates 3PAO Requirements

Event Information

Share this event

Date and Time

Event description

Description

FedRAMP, in partnership with the American Association for Laboratory Accreditation (A2LA), updated the “R311 -Specific Requirements: FedRAMP,” which includes new and strengthened qualifications for existing and new 3PAOs.

The key updates are as follows:

  • Incorporation of the R346 – Specific Requirements: Baltimore Cyber Range (BCR) Cybersecurity Technical Proficiency Activity Information, which requires all 3PAO assessors to take a hands-on proficiency exercise, conducted by the Baltimore Cyber Range (BCR), at initial accreditation and annually thereafter

  • Accreditation to ISO/IEC 17020, under the A2LA Cybersecurity Inspection Body Program, for a period of one year as evidence of implementation of a 3PAO’s quality management system

  • Forty hours of Continuing Professional Education (CPE) or equivalent for each 3PAO assessment team member

  • Regular FedRAMP PMO touch-points with 3PAOs and CSPs for feedback on deliverables and customer experience

  • Guidance for non U.S. based 3PAO personnel and/or OCONUS operations



Date and Time

Save This Event

Event Saved