NIST-800-53-CA-2 2

Security Assessments | Specialized Assessments

Security Assessment and Authorization Policy for 18F

18F will enegage the 3PAO to conduct annual vulnerability assessments and penetration testing or when there are significant changes to its information systems to meet the FedRAMP continuous monitoring program objectives. All assessment activities will be planned, approved and announced before testing takes place. Covered By:

Security Assessment and Authorization Policy for 18F

cloud.gov implements continuous monitoring and vulnerability scanning that is conducted at least weekly. Manual penetration testing and red teaming is scheduled to happen in a yearly basis but it is an in-progress process. Covered By:

results matching ""

    No results matching ""