- Designated lead agencies or agencies will oversee the continuous monitoring, including managing annual assessments, Corrective Action Plans (CAPs), suspensions, etc. It will be the responsibility of the receiving agency/ies to close out any in flight activities. Where an escalation impacts the marketplace visibility (e.g., suspension), the FedRAMP team will make the determination on requirements around changing the CSP’s marketplace status, informed directly by the lead agency. FedRAMP is also developing an updated performance management document that will enumerate its role in performance management marketplace-wide as a result of a failure to meet core security requirements.
Comments
0 comments
Please sign in to leave a comment.