FedRAMP Advisory and Documentation Support
We map each advisory service to a specific step of the FedRAMP process, so you can choose the level of support you need. Working closely with your team, our advisors help design and develop security controls that meet FedRAMP requirements.
- Complete required FedRAMP documentation:
- System security plan (SSP)
- Information security policies
- Contingency plan
- Incident response plan
- Configuration management plan
- Privacy threshold analysis and privacy impact assessment (if necessary)
- Digital identity workbook
- Rules of behavior
- System description and network architecture development and guidance
- FIPS 199 Security Categorization
- Control implementation summary
- Add-on advisory services:
- Vulnerability scanning
- Penetration testing
- Security hardening and engineering
- Security monitoring program development, optimization and engineering services
- 3PAO audit support
- Continuous monitoring program development
- Security cloud automation services