Skip to main content

 CALL US:    800-967-1004            SUPPORT: 410-884-1004

FISMA Compliant Cloud

Complete FISMA Compliant Cloud Solutions

 

GovDataHosting's FISMA compliant cloud services comply with NIST and DoD RMF methodologies. A&A process authorization involves a rigorous inspection process in which our cloud policies, procedures, controls, and contingency planning are reviewed.

 

GovDataHosting is an expert FISMA compliant cloud consultant

Getting Started

 

FISMA lays groundwork for federal agencies to evaluate and understand the security of their information systems, applicable security controls, and security threats, and aids in resolving any deficiencies.

For each information system operated by or for a federal agency, a FISMA compliant cloud documentation package must be generated, including:

  • Information on security policies and procedures
  • The likelihood and impact of all possible threats
  • Evaluation and periodic testing of security policy efficiency
  • Evaluation of technical, management, and operational security controls
  • Security awareness training and expected rules of behavior for end-users

  • Procedures for reporting and responding to incidents
  • A process for addressing any reported deficiencies
  • Inventory of software and hardware assets
  • Contingency plans to ensure continuity of operations in the face of a disaster
  • Policies and procedures for detecting, tracking, and resolving vulnerabilities
  • Periodic risk assessments

What Is Required?

 

In preparing a FISMA A&A accreditation package, the following documents are typically required:

 

  • System Risk Categorization (FIPS 199)
  • System Description
  • System Boundary Diagram
  • Network Diagram and Data Flow Diagram
  • Configuration Management Plan (CMP)

  • System Security Plan (SSP)
  • System Contingency Plan (CP)
  • Testing & Evaluation (ST&E)
  • Incident Response Plan (ICP)
  • Plan of Actions and Milestones (POAM)

On average, a GovDataHosting team of two consultants experienced in A&A can help our cloud customers achieve accreditation in 3-6 months, though more time may be required depending on a system's risk categorization.

Originating Ideas

 

Contact us today to find out how our team can assist with the proper documentation to ensure a completely FISMA compliant cloud solution.

Copyright 2017 IT-CNP, Inc. All rights reserved.