The General Services Administration released the first list of third-party assessment organizations for the Federal Risk and Authorization Management Program, otherwise known as FedRAMP.
Known as 3PAOs, the organizations will do initial assessments and test the controls of cloud service providers per FedRAMP requirements and provide evidence of compliance. The 3PAOs will also have an ongoing role in ensuring cloud service providers meet requirements.
The nine organizations:
- COACT Inc.
- Department of Transportation Enterprise Service Center
- Dynamics Research Corporation
- JD Biggs and Associates Inc.
- Knowledge Consulting Group Inc.
- Logyx LLC
- Lunarline Inc.
- SRA International Inc.
- Veris Group LLC