Definition

FedRAMP 3PAO (third-party assessment organization)

Part of the Cloud computing glossary:

A 3PAO is an organization that has been certified to help cloud service providers and government agencies meet FedRAMP compliance regulations. 3PAO stands for Third Party Assessment Organization.

A 3PAO evaluates a cloud provider's systems to ensure transparency between government and cloud providers and consistency in data security strategies. Certified 3PAOs use FedRAMP templates when performing security assessments.

The U.S. General Services Administration (GSA) website lists the following requirements for qualification as a 3PAO:

  • Independence and quality management in accordance with ISO/IEC 17020: 1998 standards.
  • Information assurance competence that includes experience with FISMA and testing security controls.
  • Competence in the security assessment of cloud-based information systems.

See also: Federal Cloud Computing Initiative

This was last updated in May 2013
Posted by: Margaret Rouse

Related Terms

Definitions

  • Direct Connect (AWS Direct Connect)

    - Direct Connect is a network service that allows an enterprise customer to establish a dedicated network connection between one of Amazon's Direct Connect locations and the customer's data center or... (searchAWS.com)

  • CloudWatch

    - Amazon CloudWatch is a component of Amazon Web Services (AWS) that provides monitoring for AWS resources and the customer applications running on the Amazon infrastructure. (searchAWS.com)

  • AWS Elastic Beanstalk

    - AWS Elastic Beanstalk is a cloud deployment and provisioning service that automates the process of getting applications set up on the Amazon Web Services (AWS) infrastructure. (searchAWS.com)

Glossaries

  • Cloud computing

    - Terms related to cloud computing, including definitions about on-demand, distributed computing and words and phrases about software-as-a-service, infrastructure-as-a-service and storage-as-a-service.

  • Internet applications

    - This WhatIs.com glossary contains terms related to Internet applications, including definitions about Software as a Service (SaaS) delivery models and words and phrases about web sites, e-commerce ...

Ask a Question About FedRAMP 3PAO (third-party assessment organization)Powered by ITKnowledgeExchange.com

Get answers from your peers on your most technical challenges

Tech TalkComment

Share
Comments

    Results

    Contribute to the conversation

    All fields are required. Comments will appear at the bottom of the article.