FedRAMP

What Is StateRAMP and How Does It Relate to FedRAMP?

How Does It Relate to FedRAMP?

StateRAMP provides a comprehensive security framework designed to improve cloud security for state and local governments. Learn the ins and outs of the StateRAMP compliance framework, its relationship with FedRAMP and how StateRAMP could impact your business. 

Read More

How HITRUST Certification Can Satisfy Your SOC 2,
ISO 27001, and FedRAMP Requirements 

How HITRUST Certification Can Satisfy Your SOC 2, ISO 27001, and FedRAMP Requirements 

The HITRUST CSF pulls from many major pre-existing frameworks to provide a complete, certifiable security standard.  Learn about the many different cybersecurity frameworks that can be incorporated into your organization’s HITRUST assessment to help streamline your approach to compliance.  

Read More

What is FedRAMP and Why Does My Organization Need It?

What is FedRAMP and Why Does My Organization Need It?

It’s a common practice to shorten long and complicated organizational names to more digestible acronyms. However, navigating these acronyms and the programs behind them can sometimes feel like sifting through alphabet soup.  That’s why I’m here to help decode one of the most-well known federal programs: the Federal Risk and Authorization Management Program—otherwise known as FedRAMP.  

Read More

How to Share Your Cybersecurity Assessment with Your Professional Community

Cybersecurity Assessment with Your Professional Community

A-LIGN’s SVP of Marketing, Brian Gladstein, has been sharing ideas and best practices for getting the word out about your cybersecurity assessment. As the final post in this series, Brian discusses sharing your cybersecurity assessment with your professional community and how to promote your commitment to their security.

Read More

CMMC Expert Tony Bai on the DFARS Interim Rule, Rollout Timelines, Certification, and More

CMMC-Expert

With questions surfacing around CMMC and the changing regulatory landscape, Tony Bai, Federal Practice Lead at A-LIGN, offers his expert advice on a variety of federal compliance topics to help you understand what frameworks your organization should care about, how you can prepare and what is on the horizon for federal compliance.

Read More

Mind the Gap: How to Change Auditors without Impacting Compliance

Mind the Gap: How to Change Auditors without Impacting Compliance

Increasingly, organizations are realizing that a strategic compliance program increases operational efficiencies by replacing ad hoc and transactional audits with a more thoughtful approach. And as organizations get more serious about strategic compliance, they realize consolidation is a key component.

Read More

FIPS 140-2 and FedRAMP: A 3PAO Perspective

FIPS 140-2 and FedRAMP: A 3PAO Perspective

Many organizations understand encryption is the key to keeping sensitive information secure, but there are several options like modules and algorithms to choose from – many without an established standard.

Read More

The New Normal:
Fully-Enabled Remote Audits

The New Normal: Fully-enabled Remote Audits

The new normal is anything but normal, but before we join in the chorus of “uncertain times” let’s take a moment to reflect on how standards organizations have responded to COVID-19 to enable remote audits so that organizations can continue to demonstrate trust.

Read More

Federal Compliance Definitions: A Glossary of Terms

Federal Compliance Definitions: A Glossary of Terms

The world of compliance is filled with acronyms and abbreviations for some of its more complicated regulation systems and organizations. There is perhaps no better example than the long list of acronyms associated with federal compliance laws.

Read More

Your Guide to FedRAMP, FISMA and NIST

FedRAMP, FISMA and NIST

The federal government processes large amounts of important data daily, which is why it is vital for government organizations to understand and undergo federal assessments such as FedRAMP, FISMA, NIST and NIST SP 800-171.

Read More