The U.S. government is one of the largest consumers of cloud products and services. This achievement allows ControlCase to evaluate cloud-based solutions for federal government agencies.
Fairfax, VA., September 2020
ControlCase, a leading provider of IT Security Certifications and Continuous Compliance Services announced their latest achievement – FedRAMP Third Party Assessment Organization (3PAO). This achievement qualifies ControlCase to assist cloud providers in achieving FedRAMP compliance; an accreditation currently attained by less than 40 assessor companies within the United States. In order to achieve 3PAO status, ControlCase underwent a rigorous assessment conducted by the American Association for Laboratory Accreditation (A2LA) to confirm compliance with the ISO/IEC 17020 accreditation requirements.
The Federal Risk and Authorization Management Program, known as FedRAMP, is one of the federal government’s most rigorous security compliance frameworks. It enables the federal government to accelerate the adoption of cloud computing by creating transparent standards and processes for security authorizations. FedRAMP provides a standardized approach to security assessment, authorization, and continuous monitoring for cloud products and services used by federal agencies. The 3PAO status verifies that ControlCase has the technical competence required by FedRAMP to assist cloud providers in achieving FedRAMP compliance. FedRAMP-authorized cloud service providers are then listed on the FedRAMP Marketplace.
“Government data is extremely sensitive,” said Kishor Vaswani, Chief Strategy Officer at ControlCase. “FedRAMP effectively provides a bridge between the private and the government sector by enabling government agencies to access secure cloud products and services from private companies. Companies wishing to secure business with the federal government are required to follow strict standards for integrity and security. The 3PAO status allows ControlCase to support cloud service providers to ensure their products and services secure and protect federal information through the FedRAMP assessment.”
The FedRAMP program creates and manages a core set of processes to ensure effective and repeatable cloud security for the government. Adopting the NIST 800-53 framework, the program established a mature marketplace to increase utilization and familiarity with cloud services while facilitating collaboration across government through open exchanges of lessons learned, use cases, and tactical solutions.
“As the federal government has become more focused on working with FedRAMP certified services, this accreditation validates our commitment to assisting our clients to achieve and maintain their security and compliance goals,” said Vaswani.
“We are thrilled to add FedRAMP certification to our portfolio of assessments and encourage ‘Infrastructure as a Service’, ‘Software as a Service’ and ‘Platform as a Service’ providers to consider FedRAMP compliance and how getting listed on the FedRAMP marketplace can streamline acquisition processes and really add to their bottom line.”