The Federal Risk and Authorization Management Program (FedRAMPĀ®) was established in 2011 to provide a cost-effective, risk-based approach for the adoption and use of cloud services by the federal government. FedRAMP empowers agencies to use modern cloud technologies, with an emphasis on security and protection of federal information. Third Party Assessment Organizations (3PAOs) play a critical role in the authorization process by evaluating the security of a Cloud Service Offering. The federal government uses this information as the basis for making informed, risk-based authorization decisions for the use of cloud products and services.

The purpose of this course is to define the requirements of FEDRAMP. Participants will learn more about key facts, components of the corresponding security framework and methodologies for compliance. We will delve into the security policy and control requirements, as well as the corresponding documentation and supporting evidence mandates.

This course helps participants understand best practices in effectively implementing a risk management program and improving cybersecurity practices by leveraging NIST 800-53 Rev. 5. We explore the FEDRAMP requirements, and the corresponding processes organizations should implement to ensure compliance. We discuss the benefits of implementing a single set of information security controls across the organization to allow for efficient and streamlined compliance with FEDRAMP.

Course Key Concepts: FEDRAMP, NIST, Cybersecurity, Compliance, Cloud.

Learning Objectives
  • Explore the basics of FEDRAMP.
  • Identify the key requirements of FEDRAMP.
  • Discover how NIST can be leveraged for compliance.
  • Recognize the impact of FEDRAMP and risk of non-compliance.
Last updated/reviewed: March 21, 2024
Prerequisites
Course Complexity: Foundational
No advanced preparation or prerequisites are required for this course.
Education Provider Information
Company: Illumeo, Inc., 75 East Santa Clara St., Suite 1215, San Jose, CA 95113
Contact: For more information regarding this course, including complaint and cancellation policies, please contact our offices at (408) 400- 3993 or send an e-mail to .
Instructor for this course
Course Syllabus
INTRODUCTION AND OVERVIEW
  An Introduction to FedRAMP and Agenda1:34
  What is FedRAMP?5:32
  The FedRAMP Process9:04
  FedRAMP Designation and NIST Requirements14:38
  The system Security Plan12:12
  Third Party Assessment Organization and FedRAMP Authorization Operate4:22
  The Market Place3:24
CONTINUOUS PLAY
  An Introduction to FedRAMP50:46
SUPPORTING MATERIAL
  Slides: An Introduction to FEDRAMPPDF
  An Introduction to FEDRAMP Glossary/IndexPDF
REVIEW AND TEST
  REVIEW QUESTIONSquiz
 FINAL EXAMexam