top of page

LITIGATION SUPPORT TIP OF THE NIGHT

Featured on the ACEDS blog.

The views expressed in this blog are those of the owner and do not reflect the views or opinions of the owner’s employer. All content provided on this blog is for informational purposes only. The owner of this blog makes no representations as to the accuracy or completeness of any information on this site or found by following any link on this site. The owner will not be liable for any errors or omissions in this information nor for the availability of this information. The owner will not be liable for any losses, injuries, or damages from the display or use of this information. This policy is subject to change at any time. The owner is not an attorney, and nothing posted on this site should be construed as legal advice. Litigation Support Tip of the Night does not provide confirmation that any e-discovery technique or conduct is compliant with legal, regulatory, contractual or ethical requirements.

See my post on Running Regex Searches With a Grep Utility on the ILTA litigation support blog.

New tips for paralegals and litigation support profesionals are posted to this site each week. Click on the blog headings for better detail.

See How-To Videos on my YouTube channel.

FedRAMP 3PAOs

Sean O'Shea
Sep 2, 2020
1 min read

FedRAMP, the Federal Risk and Authorization Management Program, mandates the use of Third Party Assessment Organizations to confirm the security standards of cloud service providers. FedRAMP requires that 3PAOs be accredited by A2LA, the American Association for Laboratory Accreditation. 3PAOs are evaluated for a period of one year during which they are monitored and tested.

3PAOs prepare a Readiness Assessment Report (RAR) which is submitted to a FedRAMP repository. Once approved 3PAOs, such as Coalfire, can refer to themselves as a "Accredited FedRAMP Third Party Assessment Organization" and use the FedRAMP brand.

Be sure that your CSPs have been evaluated by a 3PAO approved by FedRAMP.

Recent Posts

S.D.N.Y.: Cybersecurity Risks Don't Need to Be Articulated with Maximum Specificity

This month the S.D.N.Y. dismissed much of the SEC's fraud suit against the software developer SolarWinds Corp. The SAML certificate...

HIPS - Host-Based Intrusion Prevention System

HIPS software, Host-based Intrusion Prevention System, checks a server, computer, or workstation for events occurring on that host which...

AWS Kinesis Data Firehose

Kinesis Data Firehose is an Amazon Web Services data transfer service which can move streaming data to data storage. It will extract...

bottom of page