Not-for-profit-organization StateRAMP will begin membership registrations for its program aimed at helping vendors and agencies comply with cloud security standards (CSP) next month, GCN reported Tuesday.
StateRAMP, which is based on the Federal Risk and Authorization Management Program (FedRAMP), operates in compliance with National Institute of Standards and Technology’s (NIST) 800-53 controls to help ensure standardization among cloud service providers.
CSPs must undergo a readiness assessment to validate security controls and determine their potential to pass full FedRAMP assessments within a two to four-week period. StateRAMP has spent over 1,000 hours in outreach and awareness efforts on cloud security since its establishment in January.
The group’s outreach efforts include dialogue with 25 states and 44 out of over 800 cloud service providers that expressed interest in the organization’s cybersecurity vetting efforts.
Seventeen third-party assessment organizations for FedRAMP have announced their intent to concurrently serve as 3PAOs for StateRAMP.