FEDRAMP (Federal Risk an Authorization Management Program)


Many agencies are looking to the cloud for many solutions such as SaaS (Software as a Service).  HDS can help your agency to prepare for FEDRAMP requirements.  HDS has extensive experience with NIST risk management frameworks and is ready to help you attain ATO status with some of the following documents:

The following are template friendly documents

  • System Security Plan

    • FIPS 199

    • E-authentication

    • Control Implementation Summary

    • CIS worksheet

    • IT Contingency Plans and Test

    • Privacy Threshold Analysis/Privacy Impact Assessment

    • Rules of Behavior

  • Security Assessment Plan

    • Security and assessment test cases

  • Security assessments report.

    • Security test cases.

  • Plan of Action and Milestone (POAM)

  • Agency ATO Letter

The following are custom developed or sustainment dependent:

  • System Security Plan Attachments

    • Information System Security Policies and Procedures.

    • Configuration Management Plan.

    • Incident Response Plan.

    • User Guide

    • Signature Page.

  • Security Assessment Plan

    • Rules of Engagement

  • Security Assessment Report

    • Vulnerability Scans

    • ad hoc evidence