FedRAMP
Other content in this Stream

NIST SP 800-53: Transitioning from Revision 4 to Revision 5
Schellman's Matt Hungate looks at significant changes to NIST SP 800-53, Revision 5

HIPAA Security Rule Risk Analysis: ONC/OCR SRA Tool
Schellman Principal Doug Kanney provides an overview of the ONC/OCR SRA tool which by design helps organizations navigate the HIPAA risk analysis process.

EnergyTech Insights Update: New Mapping of CIP to NIST CSF
Schellman's Grayson Taylor shares an overview of the new mapping of NERC CIP Reliability Standards to NIST Cybersecurity Framework CSF

FedRAMP: Things Changed. At Schellman, Our Process was Ready
Every industry has been forced to scale processes and adapt business models to maintain their foothold in a landscape thrown off by COVID19. At Schellman our FedRAMP 3PAO assessment process was ready.

5 Common Pitfalls when Pursuing FedRAMP Authorization
What are the common reasons CSPs fail to achieve a FedRAMP Authority to Operate ATO in a timely manner?

CMMC – the New Protocol Droid for DoD Compliance
US DoD has been working to revise funding procurement procedures DFARS. Most important are regulations which mandate that defense contractors meet NIST SP 800-171 standard that deals with CUI.
![FedRAMP at a Glance [Infographic]](https://content.cdntwrk.com/mediaproxy?url=https%3A%2F%2Fcontent.cdntwrk.com%2Ffiles%2FaHViPTY1MTAwJmNtZD1pdGVtZWRpdG9yaW1hZ2UmZmlsZW5hbWU9aXRlbWVkaXRvcmltYWdlXzVkYzU4NTExOGU4OTAuanBnJnZlcnNpb249MDAwMCZzaWc9NTBjZGIyZTc2ZGRhNGJkNmE5NjRlMGNlNGYxYTczODA%25253D&size=1&version=1581863116&sig=21763bd2a7aedb27dfb8edb9a96debc0&default=hubs%2Ftilebg-blogs.jpg)
FedRAMP at a Glance [Infographic]
Schellman has performed a third of FedRAMP assessed systems and is the #2 3PAO provider.

Rundown: The Cloudy Role of FedRAMP
On Wednesday July 17th, I had the distinct honor of providing the assessor perspective at a FedRAMP hearing held by the Subcommittee on Government Operations—a subset of the House Oversight Committee.

Webinar - FedRAMP Best Practices and Federal Compliance Updates
Join Schellman's Federal Practice Team as they take a step back to navigate through the more recent updates with FedRAMP and more broadly Federal Assessments.

NIST CSF 2018
The 2018 National Institute of Standards and Technology (NIST) Cyber Security Framework is an updated version of the first version published in 2014. Notably, the two versions of the...

FedRAMP: Three Stages of Vulnerability Scanning and their Pitfalls
Though vulnerability scanning is only one of the control requirements in FedRAMP, it is actually one of the most frequent pitfalls in terms of impact to an authorization to operate...

NIST Special Publication 800-171
Government security breaches seem to hit the news every other month—keep an eye on your investments—including potential breaches caused by contractors. What may be a surprise is the...

Clarifying the FedRAMP Penetration Test Requirements
As a Third Party Assessment Organization (3PAO), Schellman regularly conducts FedRAMP assessments for Cloud Service Providers (CSPs). Included during these assessments is a penetration...

Could updated controls from NIST drive up cloud security costs?
Among the biggest complaints about the cloud security program known as the Federal Risk Authorization Management Program (FedRAMP) have been the cost for vendors and the time it takes...

Match on: FedRAMP vs. ISO 27001
Over the last few years, there has been a push to obtain cloud computing solutions at almost every turn. A plethora of companies continue to provide cloud services to their existing...