Stackarmour

FedRAMP Readiness Gap Assessment for Commercial SaaS and ISV’s

The US Federal Government is expected to nearly double its acquisition of cloud services from 2019 to 2024 based on a newly released market research report. With Federal cloud spending expected to reach nearly $9.1 Billion, there is likely to be a significant increase in Department of Defense acquisition of innovative cloud services especially due to the recent streamlining of the DOD ATO process. All FedRAMP Moderate P-ATO cloud service providers are eligible to meet DOD’s IL-2 compliance level without waiting for an explicit, DOD written authorization.

This is great news for commercial software vendors and SaaS solution providers using FedRAMP Moderate Accredited cloud service providers such as Amazon Web Services (AWS). Understanding the security and FedRAMP compliance process can be daunting for many software development organizations. stackArmor’s AWS cloud security and compliance experts have developed a simple FedRAMP Readiness Gap Assessment offering as part of the AWS Partner Network (APN).

As commercial ISV’s and SaaS look to access the US Government and Department of Defense (DOD) cloud market, it is important to understand the FedRAMP accreditation pathways, timelines, and associated costs. stackArmor’s FedRAMP Readiness Gap Assessment offering is designed to be a rapid 10 day consulting offer that helps decision makers gather critical data to make informed business decisions.

Key activities included as part of the stackArmor FedRAMP Readiness Gap Assessment include:

1) Capture current state of architecture, documentation, policies and procedures, through virtual workshops with key stakeholders to assess gap against FedRAMP requirements

2) Analyze data, users and use cases to categorize system sensitivity based on FIPS 199 to define applicable FedRAMP or DOD RMF requirements and define architecture impact e.g. using AWS East/West versus AWS GovCloud

3) Review and analyze business objectives including target markets, timelines and budgetary considerations to define an implementation roadmap and FedRAMP ATO pathway e.g. JAB versus Agency-sponsored

4) Management briefing to walk through findings, recommendations, and a proposed implementation plan with actionable next steps

Customers have the ability to tailor the stackArmor FedRAMP Readiness Gap Assessment to help answer specific questions covering business, technical, security or compliance questions. stackArmor offers this program as part of the ATO on AWS initiative. Contact us by filling out the form here or sending us an email at solutions at stackArmor dot com.

Learn more about how you can reduce the time and cost of your FedRAMP ATO with stackArmor ThreatAlert – Cloud GSS.