top of page
Computer system technology that provides online network services. processor, software serv



akrup logo.PNG

Why FedRAMP?

If you have a Cloud Service Offering (CSO) that is being used by the US federal government, you should consider obtaining a FedRAMP Authorization. Cloud services that hold federal data must be FedRAMP Authorized.

akrup logo.PNG

How to obtain FedRAMP?

There are two approaches to obtaining a FedRAMP Authorization: a provisional authorization through the Joint Authorization Board (JAB) or an authorization through an agency. Both authorization paths require a security assessment based on Federal Information Security Management Act (FISMA) requirements and National Institute of Standards and Technology (NIST) 800-53 baselines.

akrup logo.PNG

FedRAMP is right for you if:
● You have an interest in selling your CSO to the US federal government. 
● Your current federal government customers are asking you to obtain a FedRAMP Authorization. 
● You are looking to expand the federal customer footprint by having the ability to market your service as FedRAMP Authorized

akrup logo.PNG

What is a System Security Plan (SSP)?
A SSP is the “security blueprint” for the Cloud Service Offering. AKRUP will help you to prepare a well-written SSP, which will allow the reviewer to pull the thread between the system’s architecture, data flows, security control implementations, and
authorization boundary.

akrup logo.PNG

Quality SSP is the key to success!

CSPs choose AKRUP as an experienced advisory partner to help develop the SSP. A common barrier to success is a poorly written, incomplete, inaccurate, and/or inconsistent SSP.

akrup logo.PNG

Assistance with dealing with AO and 3PAOs 

AKRUP will assist you to communicate with US Federal Agency Authorizing Official (AO) and Third Party Assessment Organizations (3PAOs).

bottom of page