Description
Annual security assessment required for FedRAMP authorized cloud service providers.
Requirements
- Engage 3PAO for annual assessment
- Complete Security Assessment Plan
- Conduct full security control assessment
- Submit Security Assessment Report
- Update POA&M
Applicable To
FedRAMP Authorized CSPs
Penalty Information
âš Failure to complete annual assessment can result in revocation of FedRAMP authorization.