FedRAMP is FISMA for the cloud. Per FISMA, the National Institute of Standards and Technology (NIST) is responsible for establishing “policies which shall set the framework for information technology standards for the Federal Government”. Based on this law, NIST developed the Risk Management Framework .
Both FedRAMP and FISMA use the NIST SP 800-53 security controls. The FedRAMP security controls are based on NIST SP 800-53 baselines and contain controls, parameters and guidance above the NIST baseline that address the unique elements of cloud computing.
Comments
0 comments
Please sign in to leave a comment.