FedRAMP closer to rollout with GSA's release of third-party assessors

The Federal Risk and Authorization Management Program, the governmentwide standardized approach to cloud services and security, is one step closer to rollout, reports Camille Tuutti in Federal Computer Week.

The General Services Administration on May 14 released a list of accredited third-party assessment organizations -- or 3PAOs for short -- that will do initial assessments and test the controls of cloud service providers per FedRAMP requirements, and provide evidence of compliance. The 3PAOs will also have an ongoing part in ensuring cloud service providers meet requirements.

The nine organizations consist of eight from private industry and one from government:

  • COACT Inc.
  • Department of Transportation Enterprise Service Center.
  • Dynamics Research Corp.
  • JD Biggs and Associates Inc.
  • Knowledge Consulting Group Inc.
  • Logyx LLC
  • Lunarline Inc.
  • SRA International Inc.
  • Veris Group LLC

To read Tuutti’s full report click here

About the Author

Connect with the GCN staff on Twitter @GCNtech.


  • Records management: Look beyond the NARA mandates

    Records management is about to get harder

    New collaboration technologies ramped up in the wake of the pandemic have introduced some new challenges.

  • puzzled employee (fizkes/Shutterstock.com)

    Phish Scale: Weighing the threat from email scammers

    The National Institute of Standards and Technology’s Phish Scale quantifies characteristics of phishing emails that are likely to trick users.

Stay Connected

Sign up for our newsletter.

I agree to this site's Privacy Policy.