


What is FedRAMP?
What is FedRAMP? That’s a good question if you’ve been curious about what it is and if it applies to you. For example, do you have a cloud product that the US Government would gain benefit from using? Are you being asked to seek a security approval or an...
How Can POA&Ms Help Improve Your Security Budgeting Process?
Have you ever heard an IT security pro talk about their POA&M and wondered what they meant? You’re not alone. Many security consultants and engineers are uncertain about the meaning of the acronym “POA&M”. It stands for Plan of Actions and Milestones....
Quick Guide on FedRAMP Fundamentals
The federal government enacted the FedRAMP regulation in December 2011 to enable executive agencies and departments to use an assessment method based on risk and cost-effectiveness when adopting cloud technologies. A FedRAMP readiness assessment is mandatory for cloud...
OSCAL and FedRAMP Automation
The current FedRAMP Authorization process is a struggle. First, you must manage multiple regulatory standards and frameworks, which change over time. Second, regulatory standards and frameworks overlap in scope and can often conflict and be difficult to manage...