Presentation is loading. Please wait.

Presentation is loading. Please wait.

PAGE www.fedramp.gov Agency ATO Quick Guide 1 May 1, 2015 www.fedramp.gov.

Published byGriselda Reeves Modified over 9 years ago

Similar presentations

Presentation on theme: "PAGE www.fedramp.gov Agency ATO Quick Guide 1 May 1, 2015 www.fedramp.gov."— Presentation transcript:

1 PAGE www.fedramp.gov Agency ATO Quick Guide 1 May 1, 2015 www.fedramp.gov

2 PAGE www.fedramp.gov 2 The agency ATO process should follow the FedRAMP Security Assessment Framework (SAF) The SAF is based on the NIST Risk Management Framework The FedRAMP Security Assessment Framework is a available at FedRAMP.gov on the Templates and Key Documents webpageFedRAMP Security Assessment Framework Assessment Process

3 PAGE www.fedramp.gov 3 ATO Packages submitted to FedRAMP should have the following FedRAMP templates included. The PMO will check these documents for completeness FedRAMP Templates are available at FedRAMP.gov on the Templates and Key Documents webpage We suggest that you use the Test Cases that we released in Excel format for public comment: http://cloud.cio.gov/docume nt/rev-4-test-case-workbook http://cloud.cio.gov/docume nt/rev-4-test-case-workbook Security Assessment Plan (SAP) Test Case Workbook Security Assessment Report (SAR) Plan of Action and Milestone (POA&M) Document Check List – FedRAMP Templates FedRAMP Templates Available: FIPS 199 Control Implementation Summary (CIS) System Security Plan Security Policies and Procedures E-Authentication Template Privacy Threshold Analysis (PTA) / Privacy Impact Analysis (PIA) Rules of Behavior (ROB) IT Contingency Plan

4 PAGE www.fedramp.gov 4 The Agency ATO Packages submitted to FedRAMP should have the following documents included. The PMO will check these documents for completeness The documents listed on this slide do not have an FedRAMP template Document Check List – Documents without a FedRAMP Template No Templates Available: Security Policies and Procedures Business Impact Analysis Configuration Management Plan Incident Response Plan User Guide

5 PAGE www.fedramp.gov 5 Included with the authorization package should be an Authorization Letter and ATO Memo detailing your agency’s authorization. A sample Authorization Letter is attached below: You can find the Sample FedRAMP ATO Memo Template at FedRAMP.gov on the Templates and Key Documents webpageFedRAMP ATO Memo Template Sample ATO Letter Template Click the letter to open it.

Download ppt "PAGE www.fedramp.gov Agency ATO Quick Guide 1 May 1, 2015 www.fedramp.gov."

Similar presentations

Government E-commerce Network & Imaging Environment 2901 - Request for Authority to Purchase On-line V5 Click to begin.

Government E-commerce Network & Imaging Environment Request for Authority to Purchase On-line V5 Click to begin.
Federal Risk and Authorization Management Program (FedRAMP) Lisa Carnahan, Computer Scientist National Institute of Standards & Technology Standards Coordination.

Federal Risk and Authorization Management Program (FedRAMP) Lisa Carnahan, Computer Scientist National Institute of Standards & Technology Standards Coordination.
PAGE www.fedramp.gov Quick Guide to the FedRAMP Readiness Process 1 August 2014 Presented by: FedRAMP PMO www.fedramp.gov.

PAGE Quick Guide to the FedRAMP Readiness Process 1 August 2014 Presented by: FedRAMP PMO
PAGE www.fedramp.gov Agency ATO Quick Guide 1 December 23, 2014 www.fedramp.gov.

PAGE Agency ATO Quick Guide 1 December 23,
NIH Security, FISMA and EPLC Lots of Updates! Where do we start? Kay Coupe NIH FISMA Program Coordinator Office of the Chief Information Officer Project.

NIH Security, FISMA and EPLC Lots of Updates! Where do we start? Kay Coupe NIH FISMA Program Coordinator Office of the Chief Information Officer Project.
National Institute of Standards and Technology 1 NIST Guidance and Standards on System Level Information Security Management Dr. Alicia Clay Deputy Chief.

National Institute of Standards and Technology 1 NIST Guidance and Standards on System Level Information Security Management Dr. Alicia Clay Deputy Chief.
“Alberta - A Province Prepared” 2008 STAKEHOLDER SUMMIT.

“Alberta - A Province Prepared” 2008 STAKEHOLDER SUMMIT.
PAGE[classification marking]www.fedramp.gov[classification marking] FedRAMP Government Discussion Matt Goodrich, FedRAMP Director January 14, 2015 www.fedramp.gov.

PAGE[classification marking] marking] FedRAMP Government Discussion Matt Goodrich, FedRAMP Director January 14,
Risk Management Framework

Risk Management Framework
Federal IT Security Professional - Manager FITSP-M Module 1.

Federal IT Security Professional - Manager FITSP-M Module 1.
1 Dan Steinberg, JD Portland, OR May 4, 2011 Speaking Notes Privacy and Security for Research Repositories Please do not reuse or republish without attribution.

1 Dan Steinberg, JD Portland, OR May 4, 2011 Speaking Notes Privacy and Security for Research Repositories Please do not reuse or republish without attribution.
Glenn Research Center at Lewis Field Software Assurance of Web-based Applications SAWbA Tim Kurtz SAIC/GRC Software Assurance Symposium 2004.

Glenn Research Center at Lewis Field Software Assurance of Web-based Applications SAWbA Tim Kurtz SAIC/GRC Software Assurance Symposium 2004.
Framework for Improving Critical Infrastructure Cybersecurity Overview and Status Executive Order 13636 “Improving Critical Infrastructure Cybersecurity”

Framework for Improving Critical Infrastructure Cybersecurity Overview and Status Executive Order “Improving Critical Infrastructure Cybersecurity”
ShelterPoint™ Data-Entry Workflows. ShelterPoint v5.2.3.

ShelterPoint™ Data-Entry Workflows. ShelterPoint v5.2.3.
Complying With The Federal Information Security Act (FISMA)

Complying With The Federal Information Security Act (FISMA)
An overview of the NIST Risk Management Framework ISA 652 Fall 2010

An overview of the NIST Risk Management Framework ISA 652 Fall 2010
FedRAMP Federal Risk and Authorization Management Program Industry Day June 4, 2014 Industry Day.

FedRAMP Federal Risk and Authorization Management Program Industry Day June 4, 2014 Industry Day.
Panel: Moderator: Michele Iversen Guest Experts: Dr. Ron Ross, Rod Beckstrom, Bob Wandell.

Panel: Moderator: Michele Iversen Guest Experts: Dr. Ron Ross, Rod Beckstrom, Bob Wandell.
NATIONAL INSTITUTE OF STANDARDS AND TECHNOLOGY 1 Information Security Standards Promoting Trust, Transparency, and Due Diligence E-Gov Washington Workshop.

NATIONAL INSTITUTE OF STANDARDS AND TECHNOLOGY 1 Information Security Standards Promoting Trust, Transparency, and Due Diligence E-Gov Washington Workshop.
Applied Technology Services, Inc. Your Partner in Technology www.appliedtechnologyservices.com Applied Technology Services, Inc. Your Partner in Technology.

Applied Technology Services, Inc. Your Partner in Technology Applied Technology Services, Inc. Your Partner in Technology.

Similar presentations

Ads by Google