<!doctype html> <html lang="en"> <head> <!-- DAP Centrally Hosted URL --> <script async="" type="text/javascript" src="https://dap.digitalgov.gov/Universal-Federated-Analytics-Min.js?agency=GSA" id="_fed_an_ua_tag"></script> <!-- Google tag (gtag.js) --> <script async src="https://www.googletagmanager.com/gtag/js?id=G-HBYXWFP794"></script> <script> window.dataLayer = window.dataLayer || []; function gtag(){dataLayer.push(arguments);} gtag('js', new Date()); gtag('config', 'G-HBYXWFP794'); </script> <meta charset="utf-8"> <meta http-equiv="X-UA-Compatible" content="IE=edge"> <meta name="viewport" content="width=device-width, initial-scale=1"> <title>Learn About FedRAMP with Training Resources | FedRAMP.gov</title> <meta name="description" content="FedRAMP offers online courses, videos, and in-person events to serve as training resources. Browse stakeholder-specific resources to learn more."> <meta name="keywords" content="training, learning, videos, YouTube, courses, assessor, agency, cloud service provider, events, in-person, online, online courses, resources, documents, assessment, cloud service providers, stakeholder, trainings, program, federal agencies, federal agency, FedRAMP, FedRAMP 101, CSPs, third party assessors, 3PAOs"/> <meta property="og:type" content="website"> <meta property="og:title" content="Training | FedRAMP.gov" /> <meta name="twitter:title" content="Training | FedRAMP.gov"> <meta property="og:url" content="https://www.fedramp.gov/training/"> <meta name="twitter:card" content="summary_large_image"> <meta property="og:image" content="https://www.fedramp.gov/assets/img/feature-background.jpg"> <meta name="twitter:image" content="https://www.fedramp.gov/assets/img/feature-background.jpg"> <meta property="og:description" content="The Federal Risk and Authorization Management Program, or FedRAMP, is a government-wide program that provides a standardized approach to security assessment"> <meta name="twitter:description" content="The Federal Risk and Authorization Management Program, or FedRAMP, is a government-wide program that provides a standardized approach to security assessment"> <link rel="preload" as="font" crossorigin="anonymous" href="/assets/vendor/uswds-2.8.0/fonts/source-sans-pro/sourcesanspro-italic-webfont.woff2"> <link rel="preload" as="font" crossorigin="anonymous" href="/assets/vendor/uswds-2.8.0/fonts/source-sans-pro/sourcesanspro-regular-webfont.woff2"> <link rel="stylesheet" href="/assets/vendor/uswds-2.8.0/css/uswds.min.css"> <link rel="stylesheet" href="/assets/css/main.css"> <link rel="shortcut icon" type="image/x-icon" href="/assets/img/favicons/favicon.ico" /> <link rel="apple-touch-icon" sizes="57x57" href="/assets/img/favicons/apple-icon-57x57.png" /> <link rel="apple-touch-icon" sizes="60x60" href="/assets/img/favicons/apple-icon-60x60.png" /> <link rel="apple-touch-icon" sizes="72x72" href="/assets/img/favicons/apple-icon-72x72.png" /> <link rel="apple-touch-icon" sizes="76x76" href="/assets/img/favicons/apple-icon-76x76.png" /> <link rel="apple-touch-icon" sizes="114x114" href="/assets/img/favicons/apple-icon-114x114.png" /> <link rel="apple-touch-icon" sizes="120x120" href="/assets/img/favicons/apple-icon-120x120.png" /> <link rel="apple-touch-icon" sizes="144x144" href="/assets/img/favicons/apple-icon-144x144.png" /> <link rel="apple-touch-icon" sizes="152x152" href="/assets/img/favicons/apple-icon-152x152.png" /> <link rel="apple-touch-icon" sizes="180x180" href="/assets/img/favicons/apple-icon-180x180.png" /> <link rel="icon" type="image/png" sizes="192x192" href="/assets/img/favicons/android-icon-192x192.png" /> <link rel="icon" type="image/png" sizes="32x32" href="/assets/img/favicons/favicon-32x32.png" /> <link rel="icon" type="image/png" sizes="96x96" href="/assets/img/favicons/favicon-96x96.png" /> <link rel="icon" type="image/png" sizes="16x16" href="/assets/img/favicons/favicon-16x16.png" /> <link rel="manifest" href="/manifest.json"> <meta name="msapplication-TileColor" content="#ffffff"> <meta name="msapplication-TileImage" content="/ms-icon-144x144.png"> <meta name="theme-color" content="#ffffff"> <link rel="canonical" href="https://www.fedramp.gov/training/"> <link rel="alternate" type="application/rss+xml" title="FedRAMP.gov" href="https://www.fedramp.gov/feed.xml" /> <link href="/assets/vendor/fontawesome/css/all.min.css" rel="stylesheet"> </head> <body class="page-training"> <!-- Google Tag Manager (noscript) --> <noscript><iframe src="https://www.googletagmanager.com/ns.html?id=GTM-TT3D6BG" height="0" width="0" style="display:none;visibility:hidden"></iframe></noscript> <!-- End Google Tag Manager (noscript) --> <div class="usa-overlay"></div> <a href="#main" class="usa-skipnav">Skip to main content</a> <header class="usa-header usa-header-basic fedramp-header" role="banner"> <!-- Gov banner BEGIN --> <section class="usa-banner site-banner" aria-label="Official government website"> <div class="usa-accordion"> <header class="usa-banner__header"> <div class="usa-banner__inner"> <div class="grid-col-auto"> <img class="usa-banner__header-flag" width="16" src="/assets/img/us_flag_small.png" alt="U.S. flag"> </div> <div class="grid-col-fill tablet:grid-col-auto"> <p class="usa-banner__header-text">An official website of the United States government</p> <p class="usa-banner__header-action" aria-hidden="true">Here’s how you know</p> </div> <button class="usa-accordion__button usa-banner__button" aria-expanded="false" aria-controls="gov-banner"> <span class="usa-banner__button-text">Here’s how you know</span> </button> </div> </header> <div class="usa-banner__content usa-accordion__content" id="gov-banner" hidden=""> <div class="grid-row grid-gap-lg"> <div class="usa-banner__guidance tablet:grid-col-6"> <img class="usa-banner__icon usa-media-block__img" src="/assets/img/icon-dot-gov.svg" role="img" alt="Dot gov"> <div class="usa-media-block__body"> <p> <strong>Official websites use .gov</strong> <br> A <strong>.gov</strong> website belongs to an official government organization in the United States. </p> </div> </div> <div class="usa-banner__guidance tablet:grid-col-6"> <img class="usa-banner__icon usa-media-block__img" src="/assets/img/icon-https.svg" role="img" alt="Https"> <div class="usa-media-block__body"> <p> <strong>Secure .gov websites use HTTPS</strong> <br> A <strong>lock</strong> ( <span class="icon-lock"><svg xmlns="http://www.w3.org/2000/svg" width="52" height="64" viewBox="0 0 52 64" class="usa-banner__lock-image" role="img" aria-labelledby="banner-lock-title banner-lock-description"> <title id="banner-lock-title">Lock</title> <desc id="banner-lock-description">A locked padlock</desc> <path fill="#000000" fill-rule="evenodd" d="M26 0c10.493 0 19 8.507 19 19v9h3a4 4 0 0 1 4 4v28a4 4 0 0 1-4 4H4a4 4 0 0 1-4-4V32a4 4 0 0 1 4-4h3v-9C7 8.507 15.507 0 26 0zm0 8c-5.979 0-10.843 4.77-10.996 10.712L15 19v9h22v-9c0-6.075-4.925-11-11-11z"> </path> </svg></span> ) or <strong>https://</strong> means you’ve safely connected to the .gov website. Share sensitive information only on official, secure websites. </p> </div> </div> </div> </div> </div> </section> <!-- Gov banner END --> <!-- AV01 --> <div style="display: none;"> <p class="post-time">1731974400</p> <p class="post-time">1731024000</p> <p class="post-time">1731024000</p> <p class="post-time">1731024000</p> <p class="post-time">1729123200</p> <p class="post-time">1728950400</p> <p class="post-time">1727654400</p> <p class="post-time">1727654400</p> <p class="post-time">1727395200</p> <p class="post-time">1725321600</p> <p class="post-time">1724803200</p> <p class="post-time">1724716800</p> <p class="post-time">1723420800</p> <p class="post-time">1723161600</p> <p class="post-time">1723075200</p> <p class="post-time">1723075200</p> <p class="post-time">1722297600</p> <p class="post-time">1721952000</p> <p class="post-time">1721260800</p> <p class="post-time">1720656000</p> <p class="post-time">1720569600</p> <p class="post-time">1719446400</p> <p class="post-time">1717459200</p> <p class="post-time">1717113600</p> <p class="post-time">1717113600</p> <p class="post-time">1714435200</p> <p class="post-time">1711670400</p> <p class="post-time">1711670400</p> <p class="post-time">1711584000</p> <p class="post-time">1710460800</p> <p class="post-time">1709510400</p> <p class="post-time">1709510400</p> <p class="post-time">1709510400</p> <p class="post-time">1708041600</p> <p class="post-time">1707955200</p> <p class="post-time">1707955200</p> <p class="post-time">1707955200</p> <p class="post-time">1707955200</p> <p class="post-time">1707955200</p> <p class="post-time">1707955200</p> <p class="post-time">1707696000</p> <p class="post-time">1706745600</p> <p class="post-time">1706227200</p> <p class="post-time">1705622400</p> <p class="post-time">1705449600</p> <p class="post-time">1702512000</p> <p class="post-time">1701302400</p> <p class="post-time">1699833600</p> <p class="post-time">1698969600</p> <p class="post-time">1698710400</p> <p class="post-time">1698364800</p> <p class="post-time">1697155200</p> <p class="post-time">1695254400</p> <p class="post-time">1695081600</p> <p class="post-time">1693353600</p> <p class="post-time">1693353600</p> <p class="post-time">1693353600</p> <p class="post-time">1693353600</p> <p class="post-time">1693353600</p> <p class="post-time">1693353600</p> <p class="post-time">1690848000</p> <p class="post-time">1690243200</p> <p class="post-time">1689811200</p> <p class="post-time">1689292800</p> <p class="post-time">1689206400</p> <p class="post-time">1689206400</p> <p class="post-time">1688083200</p> <p class="post-time">1688083200</p> <p class="post-time">1688083200</p> <p class="post-time">1688083200</p> <p class="post-time">1688083200</p> <p class="post-time">1688083200</p> <p class="post-time">1688083200</p> <p class="post-time">1688083200</p> <p class="post-time">1688083200</p> <p class="post-time">1687910400</p> <p class="post-time">1687219200</p> <p class="post-time">1686873600</p> <p class="post-time">1686787200</p> <p class="post-time">1685404800</p> <p class="post-time">1685404800</p> <p class="post-time">1684454400</p> <p class="post-time">1683849600</p> <p class="post-time">1682467200</p> <p class="post-time">1680739200</p> <p class="post-time">1680739200</p> <p class="post-time">1675728000</p> <p class="post-time">1674604800</p> <p class="post-time">1673913600</p> <p class="post-time">1673395200</p> <p class="post-time">1671667200</p> <p class="post-time">1669680000</p> <p class="post-time">1668556800</p> <p class="post-time">1667952000</p> <p class="post-time">1666828800</p> <p class="post-time">1666656000</p> <p class="post-time">1663804800</p> <p class="post-time">1663113600</p> <p class="post-time">1661990400</p> <p class="post-time">1661990400</p> <p class="post-time">1660780800</p> <p class="post-time">1660089600</p> <p class="post-time">1658793600</p> <p class="post-time">1658188800</p> <p class="post-time">1656979200</p> <p class="post-time">1656547200</p> <p class="post-time">1656374400</p> <p class="post-time">1655942400</p> <p class="post-time">1655769600</p> <p class="post-time">1654041600</p> <p class="post-time">1652918400</p> <p class="post-time">1651017600</p> <p class="post-time">1647388800</p> <p class="post-time">1646697600</p> <p class="post-time">1646179200</p> <p class="post-time">1644883200</p> <p class="post-time">1644883200</p> <p class="post-time">1643241600</p> <p class="post-time">1642550400</p> <p class="post-time">1642464000</p> <p class="post-time">1641254400</p> <p class="post-time">1640044800</p> <p class="post-time">1638921600</p> <p class="post-time">1638835200</p> <p class="post-time">1638403200</p> <p class="post-time">1637625600</p> <p class="post-time">1636416000</p> <p class="post-time">1635811200</p> <p class="post-time">1635379200</p> <p class="post-time">1634688000</p> <p class="post-time">1632268800</p> <p class="post-time">1629763200</p> <p class="post-time">1628726400</p> <p class="post-time">1628553600</p> <p class="post-time">1626739200</p> <p class="post-time">1626220800</p> <p class="post-time">1626134400</p> <p class="post-time">1625011200</p> <p class="post-time">1623110400</p> <p class="post-time">1621468800</p> <p class="post-time">1620691200</p> <p class="post-time">1620259200</p> <p class="post-time">1619481600</p> <p class="post-time">1618444800</p> <p class="post-time">1617062400</p> <p class="post-time">1616544000</p> <p class="post-time">1615852800</p> <p class="post-time">1615852800</p> <p class="post-time">1613433600</p> <p class="post-time">1612915200</p> <p class="post-time">1611705600</p> <p class="post-time">1607644800</p> <p class="post-time">1606780800</p> <p class="post-time">1606176000</p> <p class="post-time">1602201600</p> <p class="post-time">1600300800</p> <p class="post-time">1598918400</p> <p class="post-time">1597881600</p> <p class="post-time">1597363200</p> <p class="post-time">1596585600</p> <p class="post-time">1596153600</p> <p class="post-time">1595462400</p> <p class="post-time">1592956800</p> <p class="post-time">1591747200</p> <p class="post-time">1588809600</p> <p class="post-time">1585180800</p> <p class="post-time">1582675200</p> <p class="post-time">1582243200</p> <p class="post-time">1576540800</p> <p class="post-time">1571097600</p> <p class="post-time">1568073600</p> <p class="post-time">1567555200</p> <p class="post-time">1566864000</p> <p class="post-time">1563926400</p> <p class="post-time">1560988800</p> <p class="post-time">1560988800</p> <p class="post-time">1559174400</p> <p class="post-time">1557273600</p> <p class="post-time">1556668800</p> <p class="post-time">1551916800</p> <p class="post-time">1541462400</p> <p class="post-time">1535414400</p> <p class="post-time">1535414400</p> <p class="post-time">1535414400</p> <p class="post-time">1524700800</p> <p class="post-time">1522800000</p> <p class="post-time">1521504000</p> <p class="post-time">1521504000</p> <p class="post-time">1516838400</p> <p class="post-time">1510790400</p> <p class="post-time">1495065600</p> <p class="post-time">1323302400</p> </div> <div class="search-feature"> <div class="search-wrapper"> <div title="Notification Updates" class="bell" tabindex="0"> <img class="notification-bell-icon" src="/assets/img/notification-bell.svg" alt="Notification Bell" /> <button class="post-count" title="Post Count" style="display:none;"></button> <div id="alert-logic"> <div class="alert-wrapper-fallback"> <button class="bell-close"><img class="notification-close" src="/assets/img/bell-close.svg" alt="" /></button> <ul> <li class="no-new"> <p>No New Posts</p> </li> </ul> </div> <div class="alert-wrapper"> <button class="bell-close"><img class="notification-close" src="/assets/img/bell-close.svg" alt="" /></button> <ul> <li class="current-post"> <a href="/assets/resources/templates/FedRAMP-Continuous-Monitoring-Monthly-Executive-Summary-Template.xlsx">Continuous Monitoring Monthly Executive Summary Template</a> <p class="date"><strong>New Document</strong> | November 19, 2024</p> </li> <li class="current-post"> <a href="/assets/resources/templates/FedRAMP-SAR-Appendix-B-Moderate-Security-Requirements-Traceability-Matrix-Template.xlsx">FedRAMP SAR Appendix B - Moderate Security Requirements Traceability Matrix Template</a> <p class="date"><strong>New Document</strong> | November 8, 2024</p> </li> <li class="current-post"> <a href="/assets/resources/templates/FedRAMP-SAR-Appendix-B-Low-Security-Requirements-Traceability-Matrix-Template.xlsx">FedRAMP SAR Appendix B - Low Security Requirements Traceability Matrix Template</a> <p class="date"><strong>New Document</strong> | November 8, 2024</p> </li> <li class="current-post"> <a href="/assets/resources/templates/FedRAMP-SAR-Appendix-B-High-Security-Requirements-Traceability-Matrix-Template.xlsx">FedRAMP SAR Appendix B - High Security Requirements Traceability Matrix Template</a> <p class="date"><strong>New Document</strong> | November 8, 2024</p> </li> <li class="current-post"> <a href="/assets/resources/documents/3PAO_Readiness_Assessment_Report_Guide.pdf">3PAO Readiness Assessment Report Guide</a> <p class="date"><strong>Updated Document</strong> | October 17, 2024</p> </li> <li class="current-post"> <a href="/2024-10-15-fedramp-help-center/">FedRAMP Help Center</a> <p class="date"><strong>New Post</strong> | October 15, 2024</p> </li> <li class="current-post"> <a href="/assets/resources/templates/SSP-Appendix-A-High-FedRAMP-Security-Controls.docx">SSP Appendix A - High FedRAMP Security Controls</a> <p class="date"><strong>New Document</strong> | September 30, 2024</p> </li> <li class="current-post"> <a href="/assets/resources/documents/CSP_Incident_Communications_Procedures.pdf">Incident Communications Procedures</a> <p class="date"><strong>Updated Document</strong> | September 30, 2024</p> </li> <li class="current-post"> <a href="/2024-09-27-agile-delivery-pilot-update/">FedRAMP Agile Delivery Pilot Update</a> <p class="date"><strong>New Post</strong> | September 27, 2024</p> </li> <li class="current-post"> <a href="/2024-09-03-the-missing-piece-of-our-modernization-puzzle-the-fedramp-platform/">The Missing Piece of Our Modernization Puzzle&#58; The FedRAMP Platform</a> <p class="date"><strong>New Post</strong> | September 3, 2024</p> </li> <li class="current-post"> <a href="/2024-08-28-digital-authorization-pilot/">Digital Authorization Package Pilot Launch</a> <p class="date"><strong>New Post</strong> | August 28, 2024</p> </li> <li class="current-post"> <a href="/2024-08-27-welcoming-a-new-leader-for-a-new-fedramp/">Welcoming a New Leader for a New FedRAMP</a> <p class="date"><strong>New Post</strong> | August 27, 2024</p> </li> <li class="current-post"> <a href="/2024-08-12-moving-to-one-fedramp-authorization-an-update-on-the-jab-transition/">Moving to One FedRAMP Authorization&#58; An Update on the JAB Transition</a> <p class="date"><strong>New Post</strong> | August 12, 2024</p> </li> <li class="current-post"> <a href="/2024-08-09-strengthening-the-use-of-cryptography-to-secure-federal-cloud-systems/">Strengthening the Use of Cryptography to Secure Federal Cloud Systems</a> <p class="date"><strong>New Post</strong> | August 9, 2024</p> </li> <li class="current-post"> <a href="/assets/resources/templates/FedRAMP-Vulnerability-Deviation-Request-Form.xlsx">FedRAMP Vulnerability Deviation Request Form</a> <p class="date"><strong>New Document</strong> | August 8, 2024</p> </li> <li class="current-post"> <a href="/assets/resources/templates/FedRAMP-H-M-L-Li-Review-Report-Template-Rev4.xlsx">FedRAMP H-M-L-Li Review Report Template - Rev. 4</a> <p class="date"><strong>Updated Document</strong> | August 8, 2024</p> </li> <li class="current-post"> <a href="/2024-07-30-fedramps-metrics-for-public-comment/">FedRAMP Metrics for Public Comment</a> <p class="date"><strong>New Post</strong> | July 30, 2024</p> </li> <li class="current-post"> <a href="/2024-07-26-the-next-phase-of-fedramp/">The Next Phase of FedRAMP</a> <p class="date"><strong>New Post</strong> | July 26, 2024</p> </li> <li class="current-post"> <a href="/2024-07-18-fedramps-roadmap-progress-one-quarter-in/">FedRAMP's Roadmap Progress, One Quarter In</a> <p class="date"><strong>New Post</strong> | July 18, 2024</p> </li> <li class="current-post"> <a href="/2024-07-11-new-website-launch-automate-fedramp-gov/">New Website Launch&#58; automate.fedramp.gov</a> <p class="date"><strong>New Post</strong> | July 11, 2024</p> </li> <li class="current-post"> <a href="/2024-07-10-launch-of-the-fedramp-pilot-program/">The FedRAMP Agile Delivery Pilot</a> <p class="date"><strong>New Post</strong> | July 10, 2024</p> </li> <li class="current-post"> <a href="/2024-06-27-release-of-et-framework/">Release of Emerging Technology Prioritization Framework</a> <p class="date"><strong>New Post</strong> | June 27, 2024</p> </li> <li class="current-post"> <a href="/2024-06-04-fedramp-governance/">FedRAMP Governance</a> <p class="date"><strong>New Post</strong> | June 4, 2024</p> </li> <li class="current-post"> <a href="/assets/resources/templates/FedRAMP-Moderate-Readiness-Assessment-Report-(RAR)-Template.docx">FedRAMP Moderate Readiness Assessment Report (RAR) Template</a> <p class="date"><strong>Updated Document</strong> | May 31, 2024</p> </li> <li class="current-post"> <a href="/assets/resources/templates/FedRAMP-High-Readiness-Assessment-Report-(RAR)-Template.docx">FedRAMP High Readiness Assessment Report (RAR) Template</a> <p class="date"><strong>Updated Document</strong> | May 31, 2024</p> </li> <li class="current-post"> <a href="/assets/resources/documents/Agency_Package_Request_Form.pdf">FedRAMP Package Access Request Form</a> <p class="date"><strong>New Document</strong> | April 30, 2024</p> </li> <li class="current-post"> <a href="/assets/resources/templates/SAR-Appendix-A-FedRAMP-Risk-Exposure-Table-(RET)-Template.xlsx">SAR Appendix A - FedRAMP Risk Exposure Table (RET) Template</a> <p class="date"><strong>New Document</strong> | March 29, 2024</p> </li> <li class="current-post"> <a href="/assets/resources/templates/FedRAMP-POAM-Template.xlsx">FedRAMP Plan of Action and Milestones (POA&M) Template</a> <p class="date"><strong>Updated Document</strong> | March 29, 2024</p> </li> <li class="current-post"> <a href="/2024-03-28-a-new-roadmap-for-fedramp/">A New Roadmap for FedRAMP</a> <p class="date"><strong>New Post</strong> | March 28, 2024</p> </li> <li class="current-post"> <a href="/2024-03-15-rfq-for-grc-solution-released/">RFQ for GRC Solution Released</a> <p class="date"><strong>New Post</strong> | March 15, 2024</p> </li> <li class="current-post"> <a href="/2024-03-04-penetration-test-guidance-public-comment-period/">Penetration Test Guidance Public Comment Period</a> <p class="date"><strong>New Post</strong> | March 4, 2024</p> </li> <li class="current-post"> <a href="/assets/resources/templates/FedRAMP-Continuous-Monitoring-Deliverables-Template.xlsx">FedRAMP Continuous Monitoring Deliverables Template</a> <p class="date"><strong>New Document</strong> | March 4, 2024</p> </li> <li class="current-post"> <a href="/assets/resources/documents/CSP_Annual_Assessment_Controls_Selection_Worksheet.xlsx">Annual Assessment Controls Selection Worksheet</a> <p class="date"><strong>New Document</strong> | March 4, 2024</p> </li> <li class="current-post"> <a href="/2024-02-16-rev-5-additional-documents-released/">Rev. 5 - Additional Documents Released</a> <p class="date"><strong>New Post</strong> | February 16, 2024</p> </li> <li class="current-post"> <a href="/assets/resources/templates/SSP-Appendix-A-Moderate-FedRAMP-Security-Controls.docx">SSP Appendix A - Moderate FedRAMP Security Controls</a> <p class="date"><strong>New Document</strong> | February 15, 2024</p> </li> <li class="current-post"> <a href="/assets/resources/templates/FedRAMP-Rev-4-to-Rev-5-Assessment-Controls-Selection-Template.xlsx">FedRAMP Rev. 4 to Rev. 5 Assessment Controls Selection Template</a> <p class="date"><strong>New Document</strong> | February 15, 2024</p> </li> <li class="current-post"> <a href="/assets/resources/documents/CSP_Vulnerability_Scanning_Requirements.pdf">Vulnerability Scanning Requirements</a> <p class="date"><strong>New Document</strong> | February 15, 2024</p> </li> <li class="current-post"> <a href="/assets/resources/documents/CSP_Authorization_Playbook.pdf">CSP Authorization Playbook</a> <p class="date"><strong>New Document</strong> | February 15, 2024</p> </li> <li class="current-post"> <a href="/assets/resources/documents/CSP_Annual_Assessment_Guidance.pdf">Annual Assessment Guidance</a> <p class="date"><strong>New Document</strong> | February 15, 2024</p> </li> <li class="current-post"> <a href="/assets/resources/documents/Agency_Authorization_Playbook.pdf">Agency Authorization Playbook</a> <p class="date"><strong>New Document</strong> | February 15, 2024</p> </li> <li class="current-post"> <a href="/2024-02-12-supplemental-direction-v2-cisa-emergency-directive-24-01/">Supplemental Direction v2 - CISA Emergency Directive 24-01</a> <p class="date"><strong>New Post</strong> | February 12, 2024</p> </li> <li class="current-post"> <a href="/2024-02-01-supplemental-direction-v1-cisa-emergency-directive-24-01/">Supplemental Direction v1 - CISA Emergency Directive 24-01</a> <p class="date"><strong>New Post</strong> | February 1, 2024</p> </li> <li class="current-post"> <a href="/2024-01-26-fedramps-emerging-technology-prioritization-framework-overview-and-request-for-comment/">FedRAMP's Emerging Technology Prioritization Framework - Overview and Request for Comment</a> <p class="date"><strong>New Post</strong> | January 26, 2024</p> </li> <li class="current-post"> <a href="/2024-01-19-cisa-emergency-directive-24-01/">CISA Emergency Directive 24-01</a> <p class="date"><strong>New Post</strong> | January 19, 2024</p> </li> <li class="current-post"> <a href="/2024-01-17-modernization-automating-fedramps-technology/">Modernization - Automating FedRAMP's Technology</a> <p class="date"><strong>New Post</strong> | January 17, 2024</p> </li> <li class="current-post"> <a href="/2023-12-14-fedramp-modernization-overview/">FedRAMP Modernization Overview</a> <p class="date"><strong>New Post</strong> | December 14, 2023</p> </li> <li class="current-post"> <a href="/2023-11-30-extended-comment-period-draft-fedramp-memo/">Extended Comment Period on Draft FedRAMP Memo</a> <p class="date"><strong>New Post</strong> | November 30, 2023</p> </li> <li class="current-post"> <a href="/2023-11-13-usda-connect-update-to-fedramp-stakeholders/">FedRAMP Repository - USDA Connect Update</a> <p class="date"><strong>New Post</strong> | November 13, 2023</p> </li> <li class="current-post"> <a href="/2023-11-03-fedramp-policy-memo-public-engagement-forum-with-omb/">FedRAMP Policy Memo Public Engagement Forum with OMB</a> <p class="date"><strong>New Post</strong> | November 3, 2023</p> </li> <li class="current-post"> <a href="/2023-10-31-fedramps-role-in-the-ai-executive-order/">FedRAMP's Role In The AI Executive Order</a> <p class="date"><strong>New Post</strong> | October 31, 2023</p> </li> <li class="current-post"> <a href="/2023-10-27-omb-fedramp-memo/">OMB FedRAMP Memo</a> <p class="date"><strong>New Post</strong> | October 27, 2023</p> </li> <li class="current-post"> <a href="/assets/resources/templates/FedRAMP-High-Moderate-Low-LI-SaaS-Baseline-System-Security-Plan-(SSP).docx">FedRAMP High, Moderate, Low, LI-SaaS Baseline System Security Plan (SSP)</a> <p class="date"><strong>Updated Document</strong> | October 13, 2023</p> </li> <li class="current-post"> <a href="/2023-09-21-fedramp-repository-next-steps/">FedRAMP Repository - Next Steps</a> <p class="date"><strong>New Post</strong> | September 21, 2023</p> </li> <li class="current-post"> <a href="/2023-09-19-a2la-updates-the-r311/">A2LA Updates the R311</a> <p class="date"><strong>New Post</strong> | September 19, 2023</p> </li> <li class="current-post"> <a href="/2023-08-30-rev-5-additional-documents-released/">Rev. 5 - Additional Documents Released</a> <p class="date"><strong>New Post</strong> | August 30, 2023</p> </li> <li class="current-post"> <a href="/assets/resources/templates/SSP-Appendix-A-Low-FedRAMP-Security-Controls.docx">SSP Appendix A - Low FedRAMP Security Controls</a> <p class="date"><strong>New Document</strong> | August 30, 2023</p> </li> <li class="current-post"> <a href="/assets/resources/templates/SSP-Appendix-A-LI-SaaS-FedRAMP-Security-Controls.docx">SSP Appendix A - LI-SaaS FedRAMP Security Controls</a> <p class="date"><strong>New Document</strong> | August 30, 2023</p> </li> <li class="current-post"> <a href="/assets/resources/documents/FedRAMP_General_Document_Acceptance_Criteria.pdf">FedRAMP General Document Acceptance Criteria</a> <p class="date"><strong>New Document</strong> | August 30, 2023</p> </li> <li class="current-post"> <a href="/assets/resources/documents/FedRAMP_Collaborative_ConMon_Quick_Guide.pdf">FedRAMP Collaborative ConMon Quick Guide</a> <p class="date"><strong>New Document</strong> | August 30, 2023</p> </li> <li class="current-post"> <a href="/assets/resources/documents/CSP_Continuous_Monitoring_Performance_Management_Guide.pdf">Continuous Monitoring Performance Management Guide</a> <p class="date"><strong>New Document</strong> | August 30, 2023</p> </li> <li class="current-post"> <a href="/2023-08-01-new-3pao-training-obligations-and-performance-standards/">New 3PAO Training - Obligations and Performance Standards</a> <p class="date"><strong>New Post</strong> | August 1, 2023</p> </li> <li class="current-post"> <a href="/2023-07-25-csps-prioritized-to-work-with-jab/">CSPs Prioritized to Work with the JAB</a> <p class="date"><strong>New Post</strong> | July 25, 2023</p> </li> <li class="current-post"> <a href="/2023-07-20-3pao-assessment-teams-must-be-qualified/">3PAO Assessment Teams Must Be Qualified</a> <p class="date"><strong>New Post</strong> | July 20, 2023</p> </li> <li class="current-post"> <a href="/2023-07-14-fedramp-guidance-for-m-21-31-and-m-22-09/">FedRAMP Guidance for M-21-31 and M-22-09</a> <p class="date"><strong>New Post</strong> | July 14, 2023</p> </li> <li class="current-post"> <a href="/2023-07-13-rev5-approach-to-sc8-protecting-data-in-transit/">The Rev. 5 Approach to SC-8, and Protecting Data-in-Transit</a> <p class="date"><strong>New Post</strong> | July 13, 2023</p> </li> <li class="current-post"> <a href="/assets/resources/templates/SSP-Appendix-J-CSO-CIS-and-CRM-Workbook.xlsx">SSP Appendix J - <CSO> CIS and CRM Workbook</a> <p class="date"><strong>New Document</strong> | July 13, 2023</p> </li> <li class="current-post"> <a href="/2023-06-30-rev-5-additional-documents-released/">Rev. 5 - Additional Documents Released</a> <p class="date"><strong>New Post</strong> | June 30, 2023</p> </li> <li class="current-post"> <a href="/assets/resources/templates/SSP-Appendix-Q-Cryptographic-Modules-Table.docx">SSP Appendix Q - Cryptographic Modules Table</a> <p class="date"><strong>New Document</strong> | June 30, 2023</p> </li> <li class="current-post"> <a href="/assets/resources/templates/SSP-Appendix-M-Integrated-Inventory-Workbook-Template.xlsx">SSP Appendix M - Integrated Inventory Workbook Template</a> <p class="date"><strong>Updated Document</strong> | June 30, 2023</p> </li> <li class="current-post"> <a href="/assets/resources/templates/SSP-Appendix-G-Information-System-Contingency-Plan-(ISCP)-Template.docx">SSP Appendix G - Information System Contingency Plan (ISCP) Template</a> <p class="date"><strong>New Document</strong> | June 30, 2023</p> </li> <li class="current-post"> <a href="/assets/resources/templates/SSP-Appendix-F-Rules-of-Behavior-(RoB)-Template.docx">SSP Appendix F - Rules of Behavior (RoB) Template</a> <p class="date"><strong>New Document</strong> | June 30, 2023</p> </li> <li class="current-post"> <a href="/assets/resources/templates/FedRAMP-Security-Assessment-Report-(SAR)-Template.docx">FedRAMP Security Assessment Report (SAR) Template</a> <p class="date"><strong>New Document</strong> | June 30, 2023</p> </li> <li class="current-post"> <a href="/assets/resources/templates/FedRAMP-Security-Assessment-Plan-(SAP)-Template.docx">FedRAMP Security Assessment Plan (SAP) Template</a> <p class="date"><strong>New Document</strong> | June 30, 2023</p> </li> <li class="current-post"> <a href="/assets/resources/templates/FedRAMP-Laws-Regulations-Standards-and-Guidance-Reference.xlsx">FedRAMP Laws, Regulations, Standards and Guidance Reference</a> <p class="date"><strong>New Document</strong> | June 30, 2023</p> </li> <li class="current-post"> <a href="/assets/resources/templates/FedRAMP-Initial-Authorization-Package-Checklist.xlsx">FedRAMP Initial Authorization Package Checklist</a> <p class="date"><strong>Updated Document</strong> | June 30, 2023</p> </li> <li class="current-post"> <a href="/2023-06-28-looking-ahead-fedramp-pmo-comms-regarding-rev-5/">Looking Ahead - FedRAMP PMO Communications Regarding Rev. 5</a> <p class="date"><strong>New Post</strong> | June 28, 2023</p> </li> <li class="current-post"> <a href="/2023-06-20-fedramp-marketplace-upgrade/">FedRAMP Marketplace Upgrade</a> <p class="date"><strong>New Post</strong> | June 20, 2023</p> </li> <li class="current-post"> <a href="/2023-06-16-fedramp-bod-23-02-guidance/">FedRAMP Guidance on BOD 23-02</a> <p class="date"><strong>New Post</strong> | June 16, 2023</p> </li> <li class="current-post"> <a href="/2023-06-15-updated-rev-5-oscal-profiles-and-resolved-profile-catalogs-have-been-released/">Updated Rev. 5 OSCAL Profiles and Resolved Profile Catalogs Have Been Released</a> <p class="date"><strong>New Post</strong> | June 15, 2023</p> </li> <li class="current-post"> <a href="/blog/2023-05-30-rev-5-baselines-have-been-approved-and-released/">Rev. 5 Baselines Have Been Approved and Released!</a> <p class="date"><strong>New Post</strong> | May 30, 2023</p> </li> <li class="current-post"> <a href="/assets/resources/documents/FedRAMP_Security_Controls_Baseline.xlsx">FedRAMP Security Controls Baseline</a> <p class="date"><strong>Updated Document</strong> | May 30, 2023</p> </li> <li class="current-post"> <a href="/2023-05-19-gsa-releases-fedramps-2023-customer-survey/">GSA Releases FedRAMP’s 2023 Customer Survey</a> <p class="date"><strong>New Post</strong> | May 19, 2023</p> </li> <li class="current-post"> <a href="/2023-05-12-gsa-administrator-appoints-members-federal-secure-cloud-advisory-committee/">GSA Administrator Appoints Members to the Federal Secure Cloud Advisory Committee</a> <p class="date"><strong>New Post</strong> | May 12, 2023</p> </li> <li class="current-post"> <a href="/2023-04-26-fedramp-authorizations-hit-300/">FedRAMP Authorizations Hit 300 Milestone</a> <p class="date"><strong>New Post</strong> | April 26, 2023</p> </li> <li class="current-post"> <a href="/updated-3PAO-obligations-and-performance-standards-document/">Updated FedRAMP 3PAO Obligations and Performance Standards Document</a> <p class="date"><strong>New Post</strong> | April 6, 2023</p> </li> <li class="current-post"> <a href="/assets/resources/documents/3PAO_Obligations_and_Performance_Standards.pdf">3PAO Obligations and Performance Guide</a> <p class="date"><strong>Updated Document</strong> | April 6, 2023</p> </li> <li class="current-post"> <a href="/2023-02-07-csps-prioritized-to-work-with-the-jab-and-next-fedramp-connect-due-date/">CSPs Prioritized to Work with the JAB and Next FedRAMP Connect Due Date</a> <p class="date"><strong>New Post</strong> | February 7, 2023</p> </li> <li class="current-post"> <a href="/blog/2023-01-25-call-fscac-noms/">Call for Federal Secure Cloud Advisory Committee Nominations</a> <p class="date"><strong>New Post</strong> | January 25, 2023</p> </li> <li class="current-post"> <a href="/blog/2023-01-17-fy22-annual-survey-recap/">FedRAMP FY22 Annual Survey Recap</a> <p class="date"><strong>New Post</strong> | January 17, 2023</p> </li> <li class="current-post"> <a href="/blog/2023-01-11-announces-passing-fedramp-auth-act/">FedRAMP Announces the Passing of the FedRAMP Authorization Act!</a> <p class="date"><strong>New Post</strong> | January 11, 2023</p> </li> <li class="current-post"> <a href="/blog/2022-12-22-crypto-modules-historical-status/">Status of Crypto Modules in Historical Status</a> <p class="date"><strong>New Post</strong> | December 22, 2022</p> </li> <li class="current-post"> <a href="/blog/2022-11-29-engaging-fedramp-part3-sar-debrief/"><b>Engaging with FedRAMP</b> - PART 3, The SAR Debrief</a> <p class="date"><strong>New Post</strong> | November 29, 2022</p> </li> <li class="current-post"> <a href="/blog/2022-11-16-engaging-fedramp-part2-kickoff-meeting/"><b>Engaging with FedRAMP</b> - PART 2, The Kickoff Meeting</a> <p class="date"><strong>New Post</strong> | November 16, 2022</p> </li> <li class="current-post"> <a href="/blog/2022-11-09-engaging-fedramp-part1-intake/"><b>Engaging with FedRAMP</b> - PART 1, The Intake Process</a> <p class="date"><strong>New Post</strong> | November 9, 2022</p> </li> <li class="current-post"> <a href="/blog/2022-10-27-a-look-back-at-FY-22/">A Look Back at Fiscal Year 2022</a> <p class="date"><strong>New Post</strong> | October 27, 2022</p> </li> <li class="current-post"> <a href="/blog/2022-10-25-csp-prioritized-work-with-jab/">CSP Prioritized to Work with the JAB and Next FedRAMP Connect Due Date</a> <p class="date"><strong>New Post</strong> | October 25, 2022</p> </li> <li class="current-post"> <a href="/blog/2022-09-22-fedramp-agency-liaisons/">FedRAMP Agency Liaisons</a> <p class="date"><strong>New Post</strong> | September 22, 2022</p> </li> <li class="current-post"> <a href="/blog/2022-09-14-public-comment-period-authorization-boundary-guidance/">FedRAMP Announces Public Comment Period for Authorization Boundary Guidance</a> <p class="date"><strong>New Post</strong> | September 14, 2022</p> </li> <li class="current-post"> <a href="/blog/2022-09-01-fedramp-releases-updated-brand-guide/">FedRAMP Releases Updated Brand Guide</a> <p class="date"><strong>New Post</strong> | September 1, 2022</p> </li> <li class="current-post"> <a href="/assets/resources/documents/FedRAMP_Branding_Guidance.pdf">Branding Guidance</a> <p class="date"><strong>New Document</strong> | September 1, 2022</p> </li> <li class="current-post"> <a href="/blog/2022-08-18-fedramp-launches-oscal-developer-data-bites-series/">FedRAMP Launches OSCAL Developer Data Bites Series</a> <p class="date"><strong>New Post</strong> | August 18, 2022</p> </li> <li class="current-post"> <a href="/blog/2022-08-10-fedramp-releases-fy22-annual-survey/">FedRAMP Releases the FY22 Annual Survey</a> <p class="date"><strong>New Post</strong> | August 10, 2022</p> </li> <li class="current-post"> <a href="/assets/resources/documents/Reusing_Authorizations_for_Cloud_Products_Quick_Guide.pdf">Reusing Authorizations for Cloud Products Quick Guide</a> <p class="date"><strong>New Document</strong> | July 26, 2022</p> </li> <li class="current-post"> <a href="/2022-07-19-pmo-releases-subnetting-white-paper/">PMO Releases Subnetting White Paper</a> <p class="date"><strong>New Post</strong> | July 19, 2022</p> </li> <li class="current-post"> <a href="/2022-07-05-penetration-test-guidance/">Penetration Test Guidance Updates</a> <p class="date"><strong>New Post</strong> | July 5, 2022</p> </li> <li class="current-post"> <a href="/assets/resources/documents/CSP_Penetration_Test_Guidance.pdf">Penetration Test Guidance</a> <p class="date"><strong>Updated Document</strong> | June 30, 2022</p> </li> <li class="current-post"> <a href="/2022-06-28-update-poam-template/">Update to the Plan of Actions and Milestones Template</a> <p class="date"><strong>New Post</strong> | June 28, 2022</p> </li> <li class="current-post"> <a href="/2022-06-23-cisa-updated-tra/">CISA Releases Updated Cloud Security Technical Reference Architecture</a> <p class="date"><strong>New Post</strong> | June 23, 2022</p> </li> <li class="current-post"> <a href="/assets/resources/documents/FedRAMP_subnets_white_paper.pdf">Subnets White Paper</a> <p class="date"><strong>New Document</strong> | June 21, 2022</p> </li> <li class="current-post"> <a href="/2022-06-01-csp-prioritized-work-jab-fedramp-connect/">CSPs Prioritized to Work with the JAB and Next FedRAMP Connect Due Date</a> <p class="date"><strong>New Post</strong> | June 1, 2022</p> </li> <li class="current-post"> <a href="/2022-05-19-first-oscal-system-security-plan/">FedRAMP Receives First OSCAL System Security Plan</a> <p class="date"><strong>New Post</strong> | May 19, 2022</p> </li> <li class="current-post"> <a href="/2022-04-27-rev5-transition-update/">FedRAMP Rev. 5 Transition Update</a> <p class="date"><strong>New Post</strong> | April 27, 2022</p> </li> <li class="current-post"> <a href="/2022-03-16-responsibilities-annual-assessment/">Responsibilities of CSPs and 3PAOs for FedRAMP Annual Assessment</a> <p class="date"><strong>New Post</strong> | March 16, 2022</p> </li> <li class="current-post"> <a href="/2022-03-08-fedramp-bod-22-01-guidance/">FedRAMP BOD 22-01 Guidance</a> <p class="date"><strong>New Post</strong> | March 8, 2022</p> </li> <li class="current-post"> <a href="/2022-03-02-prepares-for-zero-trust-stance/">FedRAMP Prepares for 'Zero Trust' Stance</a> <p class="date"><strong>New Post</strong> | March 2, 2022</p> </li> <li class="current-post"> <a href="/2022-02-15-threat-based-methodology-update/">FedRAMP Updates the Threat-Based Methodology to Authorizations</a> <p class="date"><strong>New Post</strong> | February 15, 2022</p> </li> <li class="current-post"> <a href="/assets/resources/documents/Threat-Based_Risk_Profiling_Methodology.pdf">Threat-Based Risk Profiling Methodology White Paper</a> <p class="date"><strong>New Document</strong> | February 15, 2022</p> </li> <li class="current-post"> <a href="/2022-01-27-fy21-annual-survey-recap/">FedRAMP FY21 Annual Survey Recap</a> <p class="date"><strong>New Post</strong> | January 27, 2022</p> </li> <li class="current-post"> <a href="/2022-01-19-FedRAMP-Connect-Business-Case-Deadline-Extended/">FedRAMP Connect Business Case Deadline Extended</a> <p class="date"><strong>New Post</strong> | January 19, 2022</p> </li> <li class="current-post"> <a href="/2022-01-18-FedRAMP-Releases-Updated-CSP-Authorization-Playbook/">FedRAMP Releases Updated CSP Authorization Playbook</a> <p class="date"><strong>New Post</strong> | January 18, 2022</p> </li> <li class="current-post"> <a href="/2022-01-04-updated-rar-templates/">Readiness Assessment Report (RAR) Templates and Guide Updates for 3PAOs</a> <p class="date"><strong>New Post</strong> | January 4, 2022</p> </li> <li class="current-post"> <a href="/2021-12-21-FedRAMP-Publishes-Draft-Rev-5-Baselines/">FedRAMP Publishes Draft Rev. 5 Baselines</a> <p class="date"><strong>New Post</strong> | December 21, 2021</p> </li> <li class="current-post"> <a href="/blog/2021-12-08/FedRAMP-Turns-10/">FedRAMP Turns 10!</a> <p class="date"><strong>New Post</strong> | December 8, 2021</p> </li> <li class="current-post"> <a href="/blog/2021-12-07/A2LA-Updates-R346/">A2LA Updates the R346 Regarding Remote Baltimore Cyber Range Assessments</a> <p class="date"><strong>New Post</strong> | December 7, 2021</p> </li> <li class="current-post"> <a href="/2021-12-02-container-scanning/">Unique Vulnerability Counts with Container Scanning</a> <p class="date"><strong>New Post</strong> | December 2, 2021</p> </li> <li class="current-post"> <a href="/assets/resources/documents/CSP_POAM_Template_Completion_Guide.pdf">Plan of Action and Milestones (POA&M) Template Completion Guide</a> <p class="date"><strong>Updated Document</strong> | November 23, 2021</p> </li> <li class="current-post"> <a href="/blog/2021-11-09-a-look-back-at-FY-21/">A Look Back at Fiscal Year 2021</a> <p class="date"><strong>New Post</strong> | November 9, 2021</p> </li> <li class="current-post"> <a href="/2021-11-02-csps-prioritized/">CSPs Prioritized to Work with the JAB and the Next FedRAMP Connect Due Date</a> <p class="date"><strong>New Post</strong> | November 2, 2021</p> </li> <li class="current-post"> <a href="/blog/2021-10-28-Updated-Marketplace-Designations-Document/">FedRAMP Releases Updated Marketplace Designations Document for CSPs</a> <p class="date"><strong>New Post</strong> | October 28, 2021</p> </li> <li class="current-post"> <a href="/blog/2021-10-20-Updated-Agency-Authorization-Playbook/">FedRAMP Releases Updated Agency Authorization Playbook</a> <p class="date"><strong>New Post</strong> | October 20, 2021</p> </li> <li class="current-post"> <a href="/blog/2021-09-22/ATO-Letter-Submission/">The Importance of ATO Letter Submission</a> <p class="date"><strong>New Post</strong> | September 22, 2021</p> </li> <li class="current-post"> <a href="/blog/2021-08-24/FedRAMP-Updates-CSP-SSP-Training/">FedRAMP Updates CSP SSP (200A) Training</a> <p class="date"><strong>New Post</strong> | August 24, 2021</p> </li> <li class="current-post"> <a href="/blog/2021-08-12/FedRAMP-Releases-OSCAL-Validations/">FedRAMP Releases OSCAL Validations</a> <p class="date"><strong>New Post</strong> | August 12, 2021</p> </li> <li class="current-post"> <a href="/blog/2021-08-10/FY-21-FedRAMP-Annual-Survey/">FedRAMP Releases the FY21 Annual Survey!</a> <p class="date"><strong>New Post</strong> | August 10, 2021</p> </li> <li class="current-post"> <a href="/blog/2021-07-20-FedRAMP-Releases-Updated-OSCAL-Templates-Tools/">FedRAMP Releases Updated OSCAL Template & Tools</a> <p class="date"><strong>New Post</strong> | July 20, 2021</p> </li> <li class="current-post"> <a href="/blog/2021-07-14-Public-Comment-Boundary-Guidance/">Requesting Public Comment on FedRAMP Authorization Boundary Guidance</a> <p class="date"><strong>New Post</strong> | July 14, 2021</p> </li> <li class="current-post"> <a href="/assets/resources/documents/CSP_A_FedRAMP_Authorization_Boundary_Guidance.pdf">FedRAMP Authorization Boundary Guidance</a> <p class="date"><strong>Updated Document</strong> | July 13, 2021</p> </li> <li class="current-post"> <a href="/blog/2021-06-30-A2LA-Updates-the-R311/">A2LA Updates the R311</a> <p class="date"><strong>New Post</strong> | June 30, 2021</p> </li> <li class="current-post"> <a href="/blog/2021-06-08-NISTs-OSCAL-1-0-0-Release/">FedRAMP Announces NIST’s OSCAL 1.0.0 Release</a> <p class="date"><strong>New Post</strong> | June 8, 2021</p> </li> <li class="current-post"> <a href="/blog/2021-05-20-SA-4_IR-3_Updates/">An Update to FedRAMP’s Low, Moderate, and High Baseline SA-4 Controls and IR-3 High Baseline</a> <p class="date"><strong>New Post</strong> | May 20, 2021</p> </li> <li class="current-post"> <a href="/blog/2021-05-11-Remote-Testing-of-Datacenters/">Remote Testing of Datacenters</a> <p class="date"><strong>New Post</strong> | May 11, 2021</p> </li> <li class="current-post"> <a href="/2021-05-06-Rev5-Update/">Rev5 Transition Update</a> <p class="date"><strong>New Post</strong> | May 6, 2021</p> </li> <li class="current-post"> <a href="/2021-04-27-Connect-Business-Case-Deadline-Extended/">FedRAMP Connect Business Case Deadline Extended</a> <p class="date"><strong>New Post</strong> | April 27, 2021</p> </li> <li class="current-post"> <a href="/2021-04-15-Incident-Communications-Procedures/">Release of FedRAMP Incident Communications Procedures</a> <p class="date"><strong>New Post</strong> | April 15, 2021</p> </li> <li class="current-post"> <a href="/2021-03-30-CentOS-Linux-End-of-Life/">JAB Guidance on CentOS Linux End of Life</a> <p class="date"><strong>New Post</strong> | March 30, 2021</p> </li> <li class="current-post"> <a href="/2021-03-24-youtube-channel/">FedRAMP Launches YouTube Channel</a> <p class="date"><strong>New Post</strong> | March 24, 2021</p> </li> <li class="current-post"> <a href="/2021-03-16-Vulnerability-Scanning-doc/">Vulnerability Scanning Requirements for Containers</a> <p class="date"><strong>New Post</strong> | March 16, 2021</p> </li> <li class="current-post"> <a href="/assets/resources/documents/Vulnerability_Scanning_Requirements_for_Containers.pdf">Vulnerability Scanning Requirements for Containers</a> <p class="date"><strong>New Document</strong> | March 16, 2021</p> </li> <li class="current-post"> <a href="/2021-02-16-new-fedrampgov/">The New FedRAMP.gov</a> <p class="date"><strong>New Post</strong> | February 16, 2021</p> </li> <li class="current-post"> <a href="/2021-02-10-threat-based-methodology/">FedRAMP Explores a Threat-Based Methodology to Authorizations</a> <p class="date"><strong>New Post</strong> | February 10, 2021</p> </li> <li class="current-post"> <a href="/2021-01-27-csps-prioritized/">CSPs Prioritized to Work with the JAB and Next FedRAMP Connect Due Date</a> <p class="date"><strong>New Post</strong> | January 27, 2021</p> </li> <li class="current-post"> <a href="/assets/resources/documents/CSP_Timeliness_and_Accuracy_of_Testing_Requirements.pdf">Timeliness and Accuracy of Testing Requirements</a> <p class="date"><strong>New Document</strong> | December 11, 2020</p> </li> <li class="current-post"> <a href="/fedramp-hosts-a-3pao-interact-week/">FedRAMP Hosts a 3PAO Interact Week</a> <p class="date"><strong>New Post</strong> | December 1, 2020</p> </li> <li class="current-post"> <a href="/FedRAMP-NIST-Rev5-Transition-Plan/">FedRAMP’s NIST Rev5 Transition Plan</a> <p class="date"><strong>New Post</strong> | November 24, 2020</p> </li> <li class="current-post"> <a href="/csps-prioritized-to-work-with-the-jab-and-next-fedramp-connect-due-date/">CSPs Prioritized to Work with the JAB and Next FedRAMP Connect Due Date</a> <p class="date"><strong>New Post</strong> | October 9, 2020</p> </li> <li class="current-post"> <a href="/fedramp-reaches-200-authorizations/">FedRAMP Reaches 200 Authorizations</a> <p class="date"><strong>New Post</strong> | September 17, 2020</p> </li> <li class="current-post"> <a href="/updated-3PAO-obligations-and-performance-standards-document/">Updated 3PAO Obligations and Performance Standards document</a> <p class="date"><strong>New Post</strong> | September 1, 2020</p> </li> <li class="current-post"> <a href="/additional-fedramp-oscal-resources-and-templates/">Additional FedRAMP OSCAL Resources and Templates</a> <p class="date"><strong>New Post</strong> | August 20, 2020</p> </li> <li class="current-post"> <a href="/vulnerability-scanning-requirements-for-the-deployment-and-use-of-containers/">Requesting Public Comment on Vulnerability Scanning Requirements for the Deployment and Use of Containers</a> <p class="date"><strong>New Post</strong> | August 14, 2020</p> </li> <li class="current-post"> <a href="/take-the-fy20-annual-survey/">Please Take the FY20 FedRAMP Annual Survey!</a> <p class="date"><strong>New Post</strong> | August 5, 2020</p> </li> <li class="current-post"> <a href="/an-update-to-fedramps-high-baseline-sa-95-control/">An Update to FedRAMP’s High Baseline SA-9(5) Control</a> <p class="date"><strong>New Post</strong> | July 31, 2020</p> </li> <li class="current-post"> <a href="/fedramp-announces-document-and-template-updates/">FedRAMP Announces Document and Template Updates</a> <p class="date"><strong>New Post</strong> | July 23, 2020</p> </li> <li class="current-post"> <a href="/fedramp-announces-agency-liaison-program/">FedRAMP Announces Agency Liaison Program</a> <p class="date"><strong>New Post</strong> | June 24, 2020</p> </li> <li class="current-post"> <a href="/using-the-fedramp-oscal-resources-and-templates/">Using the FedRAMP OSCAL Resources and Templates</a> <p class="date"><strong>New Post</strong> | June 10, 2020</p> </li> <li class="current-post"> <a href="/how-agencies-can-reuse-a-fedramp-authorization/">Do Once, Use Many - How Agencies Can Reuse a FedRAMP Authorization</a> <p class="date"><strong>New Post</strong> | May 7, 2020</p> </li> <li class="current-post"> <a href="/jab-prioritized-csps-and-fedramp-connect-updates/">JAB Prioritized CSPs and FedRAMP Connect Updates</a> <p class="date"><strong>New Post</strong> | March 26, 2020</p> </li> <li class="current-post"> <a href="/FedRAMP-lessons-learned-for-small-businesses/">FedRAMP Lessons Learned for Small Businesses</a> <p class="date"><strong>New Post</strong> | February 26, 2020</p> </li> <li class="current-post"> <a href="/FedRAMP-looks-back-on-a-successful-2019/">FedRAMP Looks Back on a Successful FY2019</a> <p class="date"><strong>New Post</strong> | February 21, 2020</p> </li> <li class="current-post"> <a href="/FedRAMP-moves-to-automate-the-authorization-process/">FedRAMP Moves to Automate the Authorization Process</a> <p class="date"><strong>New Post</strong> | December 17, 2019</p> </li> <li class="current-post"> <a href="/A-Successful-FedRAMP-Startup-and-Small-Business-Meetup-in-San-Francisco/">A Successful FedRAMP Startup & Small Business Meetup in San Francisco</a> <p class="date"><strong>New Post</strong> | October 15, 2019</p> </li> <li class="current-post"> <a href="/FedRAMP-Connect-Results-and-Next-Round-of-Connect-Open-Until-September-13th/">FedRAMP Connect Results and Next Round of Connect Open Until September 13th</a> <p class="date"><strong>New Post</strong> | September 10, 2019</p> </li> <li class="current-post"> <a href="/FedRAMP-Heads-West-to-Host-Small-Business-&-Startup-Meetup/">FedRAMP Heads to San Francisco to Host Small Business & Startup Meetup</a> <p class="date"><strong>New Post</strong> | September 4, 2019</p> </li> <li class="current-post"> <a href="/Please-Take-the-FY19-FedRAMP-Annual-Survey/">Please Take the FY19 FedRAMP Annual Survey!</a> <p class="date"><strong>New Post</strong> | August 27, 2019</p> </li> <li class="current-post"> <a href="/FedRAMPs-Ideation-Challenge/">FedRAMP Launches Ideation Challenge</a> <p class="date"><strong>New Post</strong> | July 24, 2019</p> </li> <li class="current-post"> <a href="/FedRAMP-Marketplace-Guidance-Released/">FedRAMP Marketplace Guidance Released</a> <p class="date"><strong>New Post</strong> | June 20, 2019</p> </li> <li class="current-post"> <a href="/assets/resources/templates/FedRAMP-ATO-Letter-Template.docx">FedRAMP ATO Letter Template</a> <p class="date"><strong>New Document</strong> | June 20, 2019</p> </li> <li class="current-post"> <a href="/Get-to-Know-Fedramps-Program0-Manager-of-Security-Operations/">Get to Know FedRAMP's Program Manager of Security Operations</a> <p class="date"><strong>New Post</strong> | May 30, 2019</p> </li> <li class="current-post"> <a href="/Meet-FedRAMPs-Customer-Success-Manager/">Meet FedRAMP's Customer Success Manager</a> <p class="date"><strong>New Post</strong> | May 8, 2019</p> </li> <li class="current-post"> <a href="/Best-Practices-for-Multi-Agency-Continuous-Monitoring/">Best Practices for Multi-Agency Continuous Monitoring</a> <p class="date"><strong>New Post</strong> | May 1, 2019</p> </li> <li class="current-post"> <a href="/reviewing-the-sar-best-practices-for-3paos-agencies-and-cloud-service-providers/">Reviewing the SAR - Best Practices for 3PAOs, Agencies, and Cloud Service Providers</a> <p class="date"><strong>New Post</strong> | March 7, 2019</p> </li> <li class="current-post"> <a href="/fedramp-updates-3pao-requirements/">FedRAMP Updates 3PAO Requirements</a> <p class="date"><strong>New Post</strong> | November 6, 2018</p> </li> <li class="current-post"> <a href="/assets/resources/templates/FedRAMP-Significant-Change-Form-Template.pdf">FedRAMP Significant Change Form Template</a> <p class="date"><strong>New Document</strong> | August 28, 2018</p> </li> <li class="current-post"> <a href="/assets/resources/templates/FedRAMP-New-CSO-or-Feature-Onboarding-Request-Template.docx">FedRAMP New Cloud Service Offering (CSO) or Feature Onboarding Request Template</a> <p class="date"><strong>New Document</strong> | August 28, 2018</p> </li> <li class="current-post"> <a href="/assets/resources/documents/CSP_Significant_Change_Policies_and_Procedures.docx">Significant Change Policies and Procedures</a> <p class="date"><strong>New Document</strong> | August 28, 2018</p> </li> <li class="current-post"> <a href="/annual-assessment-guidance/">Annual Assessment Guidance</a> <p class="date"><strong>New Post</strong> | April 26, 2018</p> </li> <li class="current-post"> <a href="/assets/resources/documents/CSP_Continuous_Monitoring_Strategy_Guide.pdf">Continuous Monitoring Strategy Guide</a> <p class="date"><strong>New Document</strong> | April 4, 2018</p> </li> <li class="current-post"> <a href="/assets/resources/documents/CSP_Vulnerability_Scan_Requirements_Using_Sampling.pdf">Guide for Determining Eligibility and Requirements for the Use of Sampling for Vulnerability Scans</a> <p class="date"><strong>New Document</strong> | March 20, 2018</p> </li> <li class="current-post"> <a href="/assets/resources/documents/CSP_Automated_Vulnerability_Risk_Adjustment_Framework.pdf">Automated Vulnerability Risk Adjustment Framework Guidance</a> <p class="date"><strong>New Document</strong> | March 20, 2018</p> </li> <li class="current-post"> <a href="/impact-of-fedramp-for-small-businesses/">Impact of FedRAMP for Small Businesses</a> <p class="date"><strong>New Post</strong> | January 25, 2018</p> </li> <li class="current-post"> <a href="/understanding-baselines-and-impact-levels/">Understanding Baselines and Impact Levels in FedRAMP</a> <p class="date"><strong>New Post</strong> | November 16, 2017</p> </li> <li class="current-post"> <a href="/assets/resources/documents/CSP_JAB_P-ATO_Roles_and_Responsibilites.pdf">CSP JAB P-ATO Roles and Responsibilities</a> <p class="date"><strong>New Document</strong> | May 18, 2017</p> </li> <li class="current-post"> <a href="/assets/resources/documents/FedRAMP_Policy_Memo.pdf">FedRAMP Policy Memo</a> <p class="date"><strong>New Document</strong> | December 8, 2011</p> </li> </ul> </div> </div> </div> <!-- AV01 end --> <!-- SEARCH START DISABLED --> <!-- <div class="search-feature">--> <!-- <div class="search-wrapper">--> <form class="usa-search" id="searchgovform" action="/search-results/"> <label class="usa-sr-only" for="searchgovinput">Search</label> <input name="search" type="search" id="searchgovinput" placeholder="Search"> <button type="submit" id="searchgovbutton" title="Submit Search" value="Submit Search"> <span class="usa-search-submit-text"><img class="search-button-icon" src="/assets/img/search-magnifying-glass.svg" alt="" /></span> </button> </form> </div> </div> <!--SEARCH END --> <div class="usa-nav-container"> <!-- <div class="usa-navbar">--> <button class="usa-menu-btn"><i class="fas fa-bars"></i></button> <div class="usa-logo" id="logo"> <em class="usa-logo-text"> <a href="https://www.fedramp.gov" accesskey="1" title="Home" aria-label="Home"> <img class="desk" src="/assets/img/fedramp-logo-vert.svg" alt="FedRAMP.gov"> <img class="mobile" src="/assets/img/logo-mobile-fedramp.svg" alt="FedRAMP.gov"> </a> </em> </div> <!-- </div>--> <!-- --> <nav role="navigation" class="usa-nav nav focus-within" id="navigation"> <button class="usa-nav__close"> <img src="/assets/img/menu-close.svg" width="20" alt="close"> </button> <ul class="usa-nav-primary usa-accordion"> <!-- 1st level --> <li tabindex="0" aria-haspopup="true" class="main-parent parent">Updates & Priorities<img src="/assets/img/down-chevron.svg" width="18" alt="close"> <ul class="sub-menu dropdown" aria-label="submenu"> <!-- 2nd level --> <li> <a tabindex="0" href="/blog/"> Blog </a> </li> <li> <a tabindex="0" href="/updates/changelog/"> Changelog </a> </li> <li> <a tabindex="0" href="/updates/policy-and-guidance/"> Policy & Guidance Changes </a> </li> <li> <a tabindex="0" href="/updates/et-framework/"> Emerging Technology Framework </a> </li> <li> <a tabindex="0" href="/updates/pilots/"> FedRAMP Pilots </a> </li> <li> <a tabindex="0" href="/updates/platform/"> The FedRAMP Platform </a> </li> </ul> </li> <li tabindex="0" aria-haspopup="true" class="main-parent parent">Get Authorized<img src="/assets/img/down-chevron.svg" width="18" alt="close"> <ul class="sub-menu dropdown" aria-label="submenu"> <!-- 2nd level --> <li> <a tabindex="0" href="/program-basics/"> Program Basics </a> </li> <li> <a tabindex="0" href="/agency-authorization/"> Agency Authorization </a> </li> </ul> </li> <li tabindex="0" aria-haspopup="true" class="main-parent parent">Partners<img src="/assets/img/down-chevron.svg" width="18" alt="close"> <ul class="sub-menu dropdown" aria-label="submenu"> <!-- 2nd level --> <li> <a tabindex="0" href="/cloud-service-providers/"> Cloud Service Providers </a> </li> <li> <a tabindex="0" href="/federal-agencies/"> Federal Agencies </a> </li> <li> <a tabindex="0" href="/assessors/"> Assessors </a> </li> <li> <a tabindex="0" href="/governance/"> Governance </a> </li> </ul> </li> <li tabindex="0" aria-haspopup="true" class="main-parent parent">Resources<img src="/assets/img/down-chevron.svg" width="18" alt="close"> <ul class="sub-menu dropdown" aria-label="submenu"> <!-- 2nd level --> <li> <a tabindex="0" href="/documents-templates/"> Documents & Templates </a> </li> <li> <a tabindex="0" href="https://help.fedramp.gov/hc/en-us" target="_blank">Help Center</a> </li> <li> <a tabindex="0" href="/training/"> Training </a> </li> <li> <a tabindex="0" href="/baselines/"> Baselines </a> </li> <li> <a tabindex="0" href="/rev5-transition/"> Rev. 5 Transition </a> </li> <li> <a tabindex="0" href="/team/"> Meet the Team </a> </li> </ul> </li> <li> <a class="external" href="https://marketplace.fedramp.gov" target="_blank">Marketplace</a> <li> <a class="external" href="https://automate.fedramp.gov" target="_blank">Dev Hub</a> </ul> </nav> </div> </header> <main id="main" tabindex="-1" class="" style="outline: 0px;"> <div class="page-banner-container"> <div class="page-banner"> <h1> Training</h1> </div> </div> <section class="fedramp-page-container"> <div class="padding-x-0 padding-y-8"> <div class="full-row grid-row padding-top-2"> <div class="full-col desktop:grid-col-12 intro-text"> <p class="margin-top-2">Knowledge sharing is a primary goal for FedRAMP® to ensure all stakeholders understand the FedRAMP requirements and the authorization process.</p> <p>Training is available in a couple different ways, either by pre-recorded courses on our Youtube page, or via live virtual training. Some courses are mandatory for specific roles in the program, but we urge all stakeholders to review the training materials available. FedRAMP creates training to help stakeholders obtain the knowledge and skills necessary to successfully navigate the FedRAMP process and meet its requirements. </p> </div> </div> </div> </section> <!-- Main In Page Navigation --> <section class="fedramp-page-container training-nav position-sticky training-navigation" style=""> <div class="full-row grid-row"> <div class="full-col tablet:grid-col-12 tablet:padding-2 tablet:padding-bottom-0"> <div id="main-header" class="lavalamp-menu"> <nav> <ul class="in-page-nav-menu horizontal-menu" id="horizontal-top-menu"> <li><a href="#cloud-service-providers">Cloud Service Providers</a></li> <li><a href="#third-party-assessors">Third Party Assessors</a></li> <li><a href="#federal-agencies">Federal Agencies</a></li> </ul> <div class="lavalamp"></div> </nav> </div> </div> </div> </section> <!-- Mobile Navigation <section class="fedramp-page-container position-relative resources-nav-mobile padding-bottom-2 padding-top-4" style="background-color: white;"> <div class="full-row grid-row"> <div> <div> <nav> <ul class="in-page-nav-menu" id="top-menu-mobile"> <h4 class="text-center mobile-nav-title">You can also browse the topics below.</h4> <li><a href="#cloud-service-providers">Cloud Service Providers</a></li> <li><a href="#third-party-assessors">Third Party Assessors</a></li> <li><a href="#federal-agencies">Federal Agencies</a></li> </ul> <div class="lavalamp"></div> </nav> </div> </div> </div> </section> --> <section class="fedramp-page-container in-page-nav-section in-page-nav-section-horizontal lightest-gray-bkg"> <div class="grid-container padding-y-0"> <div class="full-row grid-row grid-gap"> <div class="full-col tablet:grid-col-12 nav-main-section"> <div id="cloud-service-providers" class=""> <div class="full-row grid-row"> <div class="full-col desktop:grid-col-2"> <div class="courses-img-container"> <img class="courses-img" src="/assets/img/training-csp.svg" alt=""> </div> </div> <div class="full-col desktop:grid-col-10 desktop:padding-left-4"> <h3>Cloud Service Providers</h3> <p class="training-section-intro padding-bottom-2">These courses are designed to help cloud service providers (CSPs) understand the requirements of security package development as well as give a detailed overview of the required templates and supporting documentation.</p> <p class="training-section-intro padding-bottom-2">See below for an overview of each of the CSP 200 level courses.</p> </div> </div> </div> </div> </div> </div> </section> <section class="fedramp-page-container in-page-nav-section in-page-nav-section-horizontal training-courses"> <div class="grid-container"> <div class="full-row grid-row grid-gap"> <div class="full-col tablet:grid-col-12 nav-main-section"> <div class="grid-row"> <div class="full-col desktop:grid-col-4 tablet:padding-4"> <a href="https://youtu.be/AWqcLWofvf4" class="training-video-link" target="_blank"><img class="" src="/assets/img/training-video-200-a.png" alt=""></a> </div> <div class="full-col desktop:grid-col-8"> <h4>200-A: FedRAMP System Security Plan (SSP) Required Documents (Revised July 2021)</h4> <p>This course provides CSPs with a deeper understanding of the detail and rigor required to complete a System Security Plan (SSP). A SSP is the main document of a security package in which a CSP describes all of the security controls, in use on the information system, and their implementation. This course will familiarize a CSP with the required documentation, for initial package submission, and give a detailed overview of FedRAMP’s SSP template and its supporting documents.</p> <div class="training-sign-up"> <i class="far fa-clock"></i> 32 MIN <a href="https://youtu.be/AWqcLWofvf4" target="_blank" class="courses-button">View Course</a> <a href="https://www.fedramp.gov/assets/resources/training/200-A-FedRAMP-Training-FedRAMP-System-Security-Plan-SSP-Required-Documents.pdf" target="_blank" class="courses-button training-download">Download [PDF - 381KB]</a> </div> </div> <div class="full-col desktop:grid-col-4 tablet:padding-4"> <a href="https://www.youtube.com/watch?v=k4IfvfqrZic" class="training-video-link" target="_blank"><a href="#" class="training-video-link" target="_blank"><img class="" src="/assets/img/training-video-200-b.png" alt=""></a> </a> </div> <div class="full-col desktop:grid-col-8"> <h4>200-B: Security Assessment Plan (SAP)</h4> <p>This course is designed to help FedRAMP recognized 3PAO assessors understand how to write specific sections of a Security Assessment Plan (SAP) document, which contains the test plan to assess the security controls of a system. In addition, this course will cover the program’s reporting requirements for a SAP.</p> <div class="training-sign-up"> <i class="far fa-clock"></i> 32 MIN <a href="https://www.youtube.com/watch?v=k4IfvfqrZic" target="_blank" class="courses-button">View Course</a> <a href="https://www.fedramp.gov/assets/resources/training/200-B-FedRAMP-Training-Security-Assessment-Plan-SAP.pdf" target="_blank" class="courses-button training-download">Download [PDF - 637KB]</a> </div> </div> <div class="full-col desktop:grid-col-4 tablet:padding-4"> <a href="https://www.youtube.com/watch?v=d6RU12WIj4E" class="training-video-link" target="_blank"><a href="#" class="training-video-link" target="_blank"><img class="" src="/assets/img/training-video-200-c.png" alt=""></a> </a> </div> <div class="full-col desktop:grid-col-8"> <h4>200-C: Security Assessment Report (SAR)</h4> <p>This course is designed to help FedRAMP recognized 3PAO assessors understand how to write specific sections of a Security Assessment Report (SAR). The SAR is required by FedRAMP to evaluate a system’s implementation of, and compliance with, FedRAMP’s baseline security controls.</p> <div class="training-sign-up"> <i class="far fa-clock"></i> 36 MIN <a href="https://www.youtube.com/watch?v=d6RU12WIj4E" target="_blank" class="courses-button">View Course</a> <a href="https://www.fedramp.gov/assets/resources/training/200-C-FedRAMP-Training-Security-Assessment-Report-SAR.pdf" target="_blank" class="courses-button training-download">Download [PDF - 716KB]</a> </div> </div> <div class="full-col desktop:grid-col-4 tablet:padding-4"> <a href="https://www.youtube.com/watch?v=gQWctMjfH2M" class="training-video-link" target="_blank"><img class="" src="/assets/img/training-video-200-d.png" alt=""></a> </div> <div class="full-col desktop:grid-col-8"> <h4>200-D: Continuous Monitoring Overview</h4> <p>This course provides guidance on continuous monitoring and ongoing authorization in support of maintaining a security authorization that meets FedRAMP requirements.</p> <div class="training-sign-up"> <i class="far fa-clock"></i> 33 MIN <a href="https://www.youtube.com/watch?v=gQWctMjfH2M" target="_blank" class="courses-button">View Course</a> <a href="https://www.fedramp.gov/assets/resources/training/200-D-FedRAMP-Training-Continuous-Monitoring-ConMon-Overview.pdf" target="_blank" class="courses-button training-download">Download [PDF - 637KB]</a> </div> </div> <div class="full-col desktop:grid-col-4 tablet:padding-4"> <a href="https://www.youtube.com/watch?v=-geuTUFA8-g" class="training-video-link" target="_blank"><img class="" src="/assets/img/training-video-201-b.png" alt=""></a> </div> <div class="full-col desktop:grid-col-8"> <h4>201-B: How to Write a Control</h4> <p>This course gives an overview to a CSP of how to properly write a control that will satisfy the program’s requirements. This course is designed for a CSP pursuing a FedRAMP authorization, or a FedRAMP recognized 3PAO conducting an assessment of a cloud system.</p> <div class="training-sign-up no-line"> <i class="far fa-clock"></i> 42 MIN <a href="https://www.youtube.com/watch?v=-geuTUFA8-g" target="_blank" class="courses-button">View Course</a> <a href="https://www.fedramp.gov/assets/resources/training/201-B-FedRAMP-Training-How-to-Write-a-Control.pdf" target="_blank" class="courses-button training-download">Download [PDF - 637KB]</a> </div> </div> </div> </div> </div> </div> </section> <section class="fedramp-page-container in-page-nav-section in-page-nav-section-horizontal lightest-gray-bkg"> <div class="grid-container"> <div class="full-row grid-row grid-gap"> <div class="full-col tablet:grid-col-12 nav-main-section"> <div id="third-party-assessors" class=""> <div class="full-row grid-row"> <div class="full-col desktop:grid-col-2"> <div class="courses-img-container"> <img class="courses-img" src="/assets/img/training-3pao.svg" alt=""> </div> </div> <div class="full-col desktop:grid-col-10 desktop:padding-left-4"> <h3 class="no-line">Third Party Assessors</h3> <p class="training-section-intro padding-bottom-2 no-line">FedRAMP recognized third party assessment organizations (3PAOs) provide the insight and expertise necessary to successfully complete a FedRAMP assessment of a cloud service offering (CSO). These online modules are mandatory for all FedRAMP recognized 3PAO assessment team members; however, other stakeholders can use these modules as an excellent source to brush up on FedRAMP assessment review processes and requirements.</p> <p class="training-section-intro padding-bottom-2 no-line">FedRAMP recognized 3PAO assessment team members are required to take these trainings and successfully pass the quizzes at the end of each course. A certificate of completion is provided to participants who pass each quiz with an 80% or higher. If the score is below 80%, the participant may retake the quiz.</p> <p class="training-section-intro padding-bottom-2 no-line">Outlined below are the steps to view the 3PAO training courses:</p> </div> </div> </div> </div> </div> </div> </section> <section class="fedramp-page-container in-page-nav-section in-page-nav-section-horizontal training-courses"> <div class="grid-container"> <div class="full-row grid-row"> <div class="full-col desktop:grid-col-12 padding-3"> <h4 class="margin-top-1">Steps to Watch Training Videos</h4> <ol class="training-steps"> <li><strong>STEP 1:</strong> Select a training link below and watch the training course video on <a href="https://www.youtube.com/@FedRAMP" target="_blank">YouTube.</a> <ol class="training-step-sub"> <li>We recommend that you start with 300-0 and proceed sequentially with the subsequent training (300-00 through 300-F) once these courses are made available.</li> </ol> </li> <li><strong>STEP 2:</strong> If you wish to take the quiz, please return to this page after watching the video and follow the steps below to take the quiz.</li> </ol> <h4 class="margin-top-1">Steps to Take Training Quizzes</h4> <ol class="training-steps"> <li><strong>STEP 3:</strong> Once you have completed the video training course, please select the quiz link below that corresponds to the training course you watched. From there, you will be taken to a Qualtrics page.</li> <li><strong>STEP 4:</strong> Prior to starting the quiz, you will be asked to: <ol class="training-step-sub"> <li>Fill out your first and last name </li> <li>Provide your work email address</li> </ol> </li> <li><strong>STEP 5:</strong> Click enter and then begin the quiz.</li> <li><strong>STEP 6:</strong> Once you complete the quiz: <ol class="training-step-sub"> <li>A certificate of completion will be sent to the email address provided if a score of <b></b>80% or higher is achieved.</b></li> <li>If the score is below 80%, the participant may retake the quiz again.</li> </ol> </li> <li><strong>STEP 7:</strong> Save the certificate for your records.</li> </ol> <p><em>Note: 3PAO training requirements can be found in the American Association for Laboratory Accreditation (A2LA) <a href="https://a2la.qualtraxcloud.com/ShowDocument.aspx?ID=5621" target="_blank" rel="noopener noreferrer">R311- Specific Requirements: Federal Risk and Authorization Management Program (FedRAMP)</a>. This policy document outlines the requirements for all FedRAMP recognized 3PAOs and organizations seeking A2LA accreditation to be recognized by FedRAMP. To learn more please visit <a href="https://a2la.org/accreditation/fedramp/" target="_blank" rel="noopener">A2LA’s Website</a>.</em></p> </div> </div> <div class="full-row grid-row"> <div class="full-col desktop:grid-col-4 tablet:padding-4"> <a href="https://www.youtube.com/watch?v=fQ6r4sFSLvk" class="training-video-link" target="_blank"><img class="" src="/assets/img/training-video-300-0.png" alt=""></a> </div> <div class="full-col desktop:grid-col-8"> <h4>300-0: 3PAO Obligations and Performance Guide</h4> <p>The 300-0 level training provides an overview of the 3PAO responsibilities, obligations, and performance standards and intends to achieve the following learning objectives:</p> <ul> <li>Define the scope of a 3PAO’s roles and responsibilities relating to the FedRAMP assessment process</li> <li>Describe the importance of FedRAMP’s 3PAO obligations and performance standards as outlined in the <a href="https://www.fedramp.gov/assets/resources/documents/3PAO_Obligations_and_Performance_Standards.pdf" target="_blank" rel="noopener noreferrer">3PAO Obligations and Performance Standards document</a> </li> <li>Recall the process required for an Independent Assessment Organization (IAO) to become a FedRAMP recognized 3PAO</li> </ul> <div class="training-sign-up"> <i class="far fa-clock"></i> 41 MIN <a href="https://www.youtube.com/watch?v=fQ6r4sFSLvk" target="_blank" class="courses-button">View Course</a> <a href="https://feedback.gsa.gov/jfe/form/SV_8cXc8IyK8aJRhRQ" target="_blank" class="courses-button">Take Quiz</a> <a href="/assets/resources/training/300-0-3PAO-Obligations-and-Performance-Guide-with-Script.pdf" target="_blank" class="courses-button">Download PDF</a></div> </div> <div class="full-col desktop:grid-col-12 training-coming-soon"> <h4>Training planned next!</h4> <p>300-A Readiness Assessment Report (RAR) Guidance</p> <p>300-B Security Assessment Plan (SAP) Guidance </p> <p>300-C Security Assessment Report (SAR) Guidance</p> <p>300-D Documenting Evidence Procedures </p> <p>300-E 3PAO Vulnerability Scanning Methodology and Documentation</p> <p>300-F Review of Security Assessment Report (SAR) Tables</p> </div> </div> </div> </section> <section class="fedramp-page-container in-page-nav-section in-page-nav-section-horizontal lightest-gray-bkg"> <div class="grid-container"> <div class="full-row grid-row grid-gap"> <div class="full-col tablet:grid-col-12 nav-main-section"> <div id="federal-agencies" class=""> <div class="full-row grid-row"> <div class="full-col desktop:grid-col-2"> <div class="courses-img-container"> <img class="courses-img" src="/assets/img/training-federal-agencies.svg" alt=""> </div> </div> <div class="full-col desktop:grid-col-10 desktop:padding-left-4"> <h3>Federal Agencies</h3> <p class="training-section-intro padding-bottom-2">These training videos provide agency stakeholders with tips and best practices to successfully implement the FedRAMP Authorization process.</p> </div> </div> </div> </div> </div> </div> </section> <section class="fedramp-page-container in-page-nav-section in-page-nav-section-horizontal training-courses"> <div id="" class="padding-y-4"> <div class="full-row grid-row"> <div class="full-col desktop:grid-col-4 tablet:padding-4"> </div> <div class="full-col desktop:grid-col-8"> <h4>400-A: ISSO On-Demand Modules</h4> <p>This training is designed for Information System Security Officers (ISSOs) based on <a href="/assets/resources/documents/Agency_Authorization_Playbook.pdf" target="_blank">FedRAMP’s Agency Authorization Playbook</a> and includes a deep dive into each authorization phase. This course provides ISSOs the knowledge necessary to effectively review FedRAMP Authorization packages for cloud services and understand the FedRAMP framework and available resources.</p> <p><em>This course is currently unavailable</em></p> </div> </div> </div> </section> <section class="teal-bkg fedramp-page-container"> <div class="padding-x-0 padding-y-8"> <div class="full-row grid-row padding-top-2"> <div class="full-col desktop:grid-col-12 intro-text"> <h2 class="text-white center" style="padding-bottom: 0;">Connect with FedRAMP</h2> </div> </div> <div class="full-row grid-row padding-x-0 tablet:padding-x-4 padding-top-6"> <div class="full-col desktop:grid-col-6 desktop:padding-right-4"> <div class="full-row grid-row"> <div class="full-col tablet:grid-col-4"> <div class="training-img-container"> <img class="training-img" src="/assets/img/training-videos.svg" alt=""> </div> </div> <div class="full-col tablet:grid-col-8 tablet:padding-left-2 margin-top-4 tablet:margin-top-0"> <h3 class="margin-top-0 text-white">YouTube</h3> <p class="margin-top-0 text-white">To view videos about general FedRAMP information and both required and optional FedRAMP training, tune into the FedRAMP YouTube channel.</p> <p class="margin-top-4"><a href="https://www.youtube.com/@FedRAMP" class="white-button">Browse Videos</a></p> </div> </div> </div> <div class="full-col desktop:grid-col-6 desktop:padding-left-4 margin-top-8 desktop:margin-top-0"> <div class="full-row grid-row"> <div class="full-col tablet:grid-col-4"> <div class="training-img-container"> <img class="training-img" src="/assets/img/newsletter-icon.svg" alt=""> </div> </div> <div class="full-col tablet:grid-col-8 tablet:padding-left-2 margin-top-4 tablet:margin-top-0"> <h3 class="margin-top-0 text-white">Newsletter</h3> <p class="margin-top-0 text-white">To receive immediate notification when blogs, the monthly PMO Newsletter, and any important announcements or program updates are released, join the FedRAMP subscriber list.</p> <p class="margin-top-4"><a href="https://public.govdelivery.com/accounts/USGSA/subscriber/new" target="_blank" class="white-button">Subscribe</a></p> </div> </div> </div> </div> </div> </section> <a id="topButton"></a> </main> <!-- New Footer --> <footer class="usa-footer usa-footer-medium" role="contentinfo"> <!-- Footer columuns --> <div class="footer-container"> <div class="footer-col-1-phone"> <div class="footer-col f-col-1"> <p>The Federal Risk and Authorization Management Program (FedRAMP®) is managed by the FedRAMP Program Management Office.</p> <p>The FedRAMP name and the FedRAMP logo are the property of the General Services Administration (GSA) and may not be used without GSA’s express, written permission. For more information, please see the <a class="footer-brand-guide-link" href="/assets/resources/documents/FedRAMP_Branding_Guidance.pdf" target="_blank">FedRAMP Brand Guide</a>.</p> </div> <div class="footer-col f-col-2"> <div class="street-address"> <h4>Connect With Us</h4> <p>Please reach out to FedRAMP with any questions.</p> </div> <div class="info-mailbox"> <p class="footer-contact"><a class="" href="mailto:info@FedRAMP.gov" target="_blank"> <img class="footer-mail-icon" src="/assets/img/footer-mail-icon.svg" alt="mail to fedramp">info@FedRAMP.gov</a></p> </div> </div> <div class="clearfix mobile-clear"></div> </div> <div class="footer-row"> <div class="footer-col f-col-3"> <div class="footer-social"> <h4>Follow Us</h4> </div> <div class="footer-social"> <p><a target="_blank" href="https://x.com/fedramp?lang=en"> <img src="/assets/img/FedRAMP_X.svg" alt="x icon" style="margin: 0px 15px 0px 0px; position: relative; top: 8px; height:28px; width:28px;}"> X </a></p> <p><a target="_blank" href="https://www.youtube.com/c/FedRAMP?lang=en"> <img src="/assets/img/FedRAMP-youtube.svg" alt="youtube icon" style="margin: 0px 15px 0px 0px; position: relative; top: 8px;"> YouTube </a></p> </div> </div> </div> <div class="footer-col f-col-4"> <div class="newsletter-footer"> <form id="contact" action="https://public.govdelivery.com/accounts/USGSA/subscriber/topics?qsp=USGSA_2224" method="POST"> <h4>Keep Up To Date</h4> <p>To receive news and updates, join the GSA’s <span class="no-wrap;">subscriber list.</span></p> <div class="newsletter-inner"> <a class="footer-submit" href="https://public.govdelivery.com/accounts/USGSA/subscriber/new" target="_blank">Subscribe</a> </div> </form> </div> </div> <div class="clearfix"></div> </div> <!-- Bottom Footer --> </footer> <div class="usa-identifier"> <section class="usa-identifier__section usa-identifier__section--masthead" aria-label="Agency identifier," style="padding-bottom: 0;"> <div class="footer-container"> <div class="usa-identifier__container"> <div> <a href="https://www.gsa.gov/" target="_blank"><img class="usa-footer-logo-img" src="/assets/img/gsa-reversed-logo.svg" alt="GSA logo"></a> </div> <div class="usa-identifier__identity" aria-label="Agency description"> <p class="usa-identifier__identity-domain">FedRAMP.gov</p> <p class="usa-identifier__identity-disclaimer"> <span aria-hidden="true">An </span> official website of the GSA’s <a href="https://www.gsa.gov/about-us/organization/federal-acquisition-service/technology-transformation-services" class="gov-links">Technology Transformation Services</a> </p> </div> </div> </div> </section> <div class="footer-container" style="padding-bottom: 0;"> <nav class="usa-identifier__section usa-identifier__section--required-links" aria-label="Important links," > <div class="usa-identifier__container"> <ul class="usa-identifier__required-links-list"> <li class="usa-identifier__required-links-item"> <a href="https://www.gsa.gov/about-us" class="usa-identifier__required-link usa-link" >About GSA</a > </li> <li class="usa-identifier__required-links-item"> <a href="https://www.gsa.gov/website-information/accessibility-statement" class="usa-identifier__required-link usa-link" >Accessibility statement</a > </li> <li class="usa-identifier__required-links-item"> <a href="https://www.gsa.gov/reference/freedom-of-information-act-foia" class="usa-identifier__required-link usa-link" >GSA FOIA</a > </li> <li class="usa-identifier__required-links-item"> <a href="https://www.gsa.gov/reference/civil-rights-programs/notification-and-federal-employee-antidiscrimination-and-retaliation-act-of-2002" class="usa-identifier__required-link usa-link" >No FEAR Act data</a > </li> <li class="usa-identifier__required-links-item"> <a href="https://www.gsaig.gov/" class="usa-identifier__required-link usa-link" >Office of the Inspector General</a > </li> <li class="usa-identifier__required-links-item"> <a href="https://www.gsa.gov/reference/reports" class="usa-identifier__required-link usa-link" >Performance reports</a > </li> <li class="usa-identifier__required-links-item"> <a href="https://www.gsa.gov/website-information/website-policies#privacy" class="usa-identifier__required-link usa-link" >GSA privacy policy</a > </li> <li class="usa-identifier__required-links-item"> <a href="https://www.gsa.gov/vulnerability-disclosure-policy" class="usa-identifier__required-link usa-link" >Vulnerability disclosure policy</a > </li> </ul> </div> </nav> </div> <section class="usa-identifier__section usa-identifier__section--usagov" aria-label="U.S. government information and services,"> <div class="footer-container"> <div class="usa-identifier__container"> <div class="usa-identifier__usagov-description" style="margin-left: 0;"> Looking for U.S. government information and services? </div> <a href="https://www.usa.gov/" class="usa-link gov-links">Visit USA.gov</a> </div> </div> </section> </div> <script src="/assets/vendor/uswds-2.8.0/js/uswds.min.js"></script> <script src="/assets/vendor/jquery-3.6.0.min.js"></script> <script src="/assets/js/index.min.js"></script> <script src="/assets/js/functions.min.js" type="text/javascript"></script> <script src="/assets/js/tabs.min.js" type="text/javascript" defer></script> <script src="/assets/js/inpageNav.js" type="text/javascript" defer></script> <script src="/assets/js/fedramp-totals.js" type="text/javascript"></script> <script src="/assets/js/glance.js"></script> <style> </style> <div> <div id="cookie-notice"> <div class="cookie-container"> <div class="cookie-notice cookie-text"><p>You consent to our cookies by clicking “I Accept” or by continuing to use our website. See <a href="https://www.gsa.gov/website-information/website-policies" target="_blank" class="more-info btn btn-primary btn-sm">cookies policy</a>.</p></div> <div class="cookie-accept-container"> <a id="cookie-notice-accept" class="btn btn-primary btn-sm cookie-accept">I Accept</a> </div> </div> </div> </div> <script> function createCookie(name,value,days) { var expires = ""; if (days) { var date = new Date(); date.setTime(date.getTime() + (days*24*60*60*1000)); expires = "; expires=" + date.toUTCString(); } document.cookie = name + "=" + value + expires + "; path=/"; } function readCookie(name) { var nameEQ = name + "="; var ca = document.cookie.split(';'); for(var i=0;i < ca.length;i++) { var c = ca[i]; while (c.charAt(0)==' ') c = c.substring(1,c.length); if (c.indexOf(nameEQ) == 0) return c.substring(nameEQ.length,c.length); } return null; } function eraseCookie(name) { createCookie(name,"",-1); } if(readCookie('cookie-notice-dismissed')=='true') { } else { document.getElementById('cookie-notice').style.display = 'inline'; } document.getElementById('cookie-notice-accept').addEventListener("click",function() { createCookie('cookie-notice-dismissed','true',31); document.getElementById('cookie-notice').style.display = 'none'; location.reload(); }); </script> </body> </html>