What is FedRAMP 3PAO (third-party assessment organization)? - Definition from WhatIs.com

Definition

FedRAMP 3PAO (third-party assessment organization)

Part of the Cloud computing glossary:

A 3PAO is an organization that has been certified to help cloud service providers and government agencies meet FedRAMP compliance regulations. 3PAO stands for Third Party Assessment Organization.

A 3PAO evaluates a cloud provider's systems to ensure transparency between government and cloud providers and consistency in data security strategies. Certified 3PAOs use FedRAMP templates when performing security assessments.

The U.S. General Services Administration (GSA) website lists the following requirements for qualification as a 3PAO:

  • Independence and quality management in accordance with ISO/IEC 17020: 1998 standards.
  • Information assurance competence that includes experience with FISMA and testing security controls.
  • Competence in the security assessment of cloud-based information systems.

See also: Federal Cloud Computing Initiative

This was last updated in May 2013
Posted by: Margaret Rouse

Related Terms

Definitions

  • Rackspace Cloud

    - Cloud provider Rackspace offers several different cloud storage services including Cloud Files, Cloud Block Storage and Cloud Backup. (SearchCloudStorage.com)

  • subscription-based pricing model

    - A subscription-based pricing model is a payment structure that allows a customer or organization to purchase or subscribe to a vendor's IT services for a specific period of time for a set price. (searchCloudComputing.com)

  • cloud engineer

    - A cloud engineer is an IT professional responsible for any technological duties associated with cloud computing, including design, planning, management, maintenance and support. (searchCloudComputing.com)

Glossaries

  • Cloud computing

    - Terms related to cloud computing, including definitions about on-demand, distributed computing and words and phrases about software-as-a-service, infrastructure-as-a-service and storage-as-a-service.

  • Internet applications

    - This WhatIs.com glossary contains terms related to Internet applications, including definitions about Software as a Service (SaaS) delivery models and words and phrases about web sites, e-commerce ...

Ask a Question About FedRAMP 3PAO (third-party assessment organization)Powered by ITKnowledgeExchange.com

Get answers from your peers on your most technical challenges

Tech TalkComment

Share
Comments

    Results

    Contribute to the conversation

    All fields are required. Comments will appear at the bottom of the article.