What is FedRAMP 3PAO (third-party assessment organization)? - Definition from WhatIs.com

Definition

FedRAMP 3PAO (third-party assessment organization)

Part of the Cloud computing glossary:

A 3PAO is an organization that has been certified to help cloud service providers and government agencies meet FedRAMP compliance regulations. 3PAO stands for Third Party Assessment Organization.

A 3PAO evaluates a cloud provider's systems to ensure transparency between government and cloud providers and consistency in data security strategies. Certified 3PAOs use FedRAMP templates when performing security assessments.

The U.S. General Services Administration (GSA) website lists the following requirements for qualification as a 3PAO:

  • Independence and quality management in accordance with ISO/IEC 17020: 1998 standards.
  • Information assurance competence that includes experience with FISMA and testing security controls.
  • Competence in the security assessment of cloud-based information systems.

See also: Federal Cloud Computing Initiative

This was last updated in May 2013
Posted by: Margaret Rouse

Related Terms

Definitions

  • load-sharing mirror

    - A load-sharing mirror or load-balancing mirror is a mirror image copy of a site or service that not only acts as a backup but actively shares in serving a portion of traffic. (WhatIs.com)

  • data lake

    - A data lake is a large object-based storage repository that holds data in its native format until it is needed. (searchAWS.com)

  • cloud DBMS (cloud database management system)

    - A cloud database management system (CDBMS) is a database management system that is hosted by a third-party service provider on a remote server and accessed over the Internet. (WhatIs.com)

Glossaries

  • Cloud computing

    - Terms related to cloud computing, including definitions about on-demand, distributed computing and words and phrases about software-as-a-service, infrastructure-as-a-service and storage-as-a-service.

  • Internet applications

    - This WhatIs.com glossary contains terms related to Internet applications, including definitions about Software as a Service (SaaS) delivery models and words and phrases about web sites, e-commerce ...

Ask a Question About FedRAMP 3PAO (third-party assessment organization)Powered by ITKnowledgeExchange.com

Get answers from your peers on your most technical challenges

Tech TalkComment

Share
Comments

    Results

    Contribute to the conversation

    All fields are required. Comments will appear at the bottom of the article.