\n<\/div>\n
\nThe Federal Risk Authorization Management Program (FedRAMP) is
\na government-wide program that provides a standardized approach to security assessment,
\nauthorization, and continuous monitoring for Cloud Service Providers (CSP).
\nTesting security controls is an integral part of the FedRAMP security
\nauthorization requirements and enables Federal Agencies to use the findings
\nthat result from the tests to make risk-based decisions. Providing a plan for
\nsecurity control ensures that the process runs smoothly. This document has been designed for CSP Third-Party
\nIndependent Assessors (3PAOs) to use for planning security testing of CSPs.
\nOnce filled out, this document constitutes a plan for testing. Actual findings
\nfrom the tests are to be recorded in FedRAMP security test procedure workbooks
\nand a Security Assessment Report (SAR). <\/div>\n
\na government-wide program that provides a standardized approach to security assessment,
\nauthorization, and continuous monitoring for Cloud Service Providers (CSP).
\nTesting security controls is an integral part of the FedRAMP security
\nauthorization requirements and enables Federal Agencies to use the findings
\nthat result from the tests to make risk-based decisions. Providing a plan for
\nsecurity control ensures that the process runs smoothly. This document has been designed for CSP Third-Party
\nIndependent Assessors (3PAOs) to use for planning security testing of CSPs.
\nOnce filled out, this document constitutes a plan for testing. Actual findings
\nfrom the tests are to be recorded in FedRAMP security test procedure workbooks
\nand a Security Assessment Report (SAR). <\/div>\n
\nThis release also includes templates for:<\/p>\n
- \n
- Information Technology Contingency Plan <\/span><\/a><\/li>\n
- Control Implementation Summary (CIS) <\/span><\/a><\/li>\n
- eAuthentication <\/span><\/a><\/li>\n
- Plan of Action and Milestones (POA&M)<\/span><\/a><\/li>\n
- Rules of Behavior<\/span><\/a><\/li>\n
- Privacy Threshold Analysis and Privacy Impact Assessment<\/span><\/a><\/li>\n
- Security Assessment Plan<\/a>; and<\/span><\/li>\n
- FedRAMP System Security Plan<\/span><\/a><\/li>\n<\/ul>\n
\n![\"Bookmark](\"http:\/\/s7.addthis.com\/static\/btn\/v2\/lg-share-en.gif\")
<\/a>
\n - Control Implementation Summary (CIS) <\/span><\/a><\/li>\n