Register for a live demo

Objective

The Federal Risk and Authorization Management Program (FedRAMP) is a U.S. government program that provides a standardized approach to security assessment, authorization, and continuous monitoring for cloud service providers (CSPs). A CSP must have a FedRAMP Authority to Operate (ATO) to provide services to the federal as well as state agencies. The FedRAMP Program Management Office (PMO) mission is to promote the adoption of secure cloud services across the Federal Government. Since these assessments are also based on NIST SP 800-53 Rev 4, FedRAMP can be thought of as “FISMA for the cloud” as it inherits the NIST baseline of controls and is tailored for cloud computing initiatives.

The course is divided into three parts (Part I to Part III) and each covers the various aspect of the FedRAMP program. The users will learn about FedRAMP history, program governance, and administration, Office of Management and Budget (OMB) responsibilities, benefits of the program, how to implement information security controls (NIST SP 800-53) using a federal risk-based (NIST SP 800-37) approach, FedRAMP certification, steps to become FedRAMP compliant, FedRAMP standard operating procedure, initial review SOP/checklists, detailed review checklists, review and approve the procedure, an authorization process, FedRAMP Security Assessment Framework, NIST Special Publications Overview, Implementing NIST 800-53, NIST Special Publications Explained, etc.

This interactive training course will ensure professionals and practitioners at all levels understand their roles and responsibilities, new developments, resources, and hallmarks of an effective compliance program. The course includes knowledge questions as users progress through the training and the final assessment test.