Home / Civilian / FedRAMP Issues New Documents, Updates to Optimize Continuous Monitoring Process

FedRAMP Issues New Documents, Updates to Optimize Continuous Monitoring Process

The Federal Risk and Authorization Management Program has released new documents and updated existing guides in an effort to streamline, clarify and optimize its continuous monitoring processes.

FedRAMP said Wednesday the new and updated documents integrate feedback from cloud service providers and Joint Authorization Board review teams.

The documents are intended to clarify certain elements of the continuous monitoring program; address parts of the process that were previously undocumented; and establish structure in aspects of the process that CSPs and JAB reviewers interpret differently.

FedRAMP updated the Continuous Monitoring Performance Management Guide; Vulnerability Deviation Request FormPlan of Action and Milestones Template Completion Guide; POA&M TemplateSignificant Change Form and the Continuous Monitoring Strategy & Guide.

The program also published the Digital Identity Requirements document to guide companies on digital identity capabilities needed to achieve and maintain a FedRAMP-compliant security authorization.

Other new guidances include the Transport Layer Security Requirements and the FedRAMP Continuous Monitoring Monthly Executive Summary.

FedRAMP will also release two new documents that will address vulnerability scanning later this year.

Check Also

Air Force Conducts F-35 Auto GCAS Test Flights

The U.S. Air Force’s 461st Flight Test Squadron has begun conducting test flights for the Automatic Ground Collision Avoidance System onboard the service’s F-35 aircraft, Edwards Air Force Base said Thursday.

Leave a Reply

Your email address will not be published. Required fields are marked *