Building a Compliance Framework for Providers & Agencies (Day 3)

This event qualifies for .1 CEUs

This event qualifies for 1 CPEs

This event qualifies for 1 CLPs

Building a cybersecurity-compliance framework is about more than simply purchasing services from a GovRAMP-certified provider. For instance, GovRAMP itself states that “using an infrastructure with a GovRAMP Authorized status does not automatically make the service provider’s system GovRAMP compliant. Each layer (e.g. IaaS, PaaS, and SaaS) must be evaluated on its own for the provider to obtain a GovRAMP Authorized status.”

Learning Objectives:

Understand the structure of the NIST cybersecurity framework, including which elements are agencies’ responsibility and which rest on the CSP
Identify the organizations, such as NIST, that create the standards and compliance framework in order to monitor for changes or additional guidance

Speaker and Presenter Information

Michael Kennedy

Contributing Editor,
FedInsider

Relevant Government Agencies

Air Force, Army, Navy & Marine Corps, Intelligence Agencies, DOD & Military, Office of the President (includes OMB), Dept of Agriculture, Dept of Commerce, Dept of Education, Dept of Energy, Dept of Health & Human Services, Dept of Homeland Security, Dept of Housing & Urban Development, Dept of the Interior, Dept of Justice, Dept of Labor, Dept of State, Dept of Transportation, Dept of Treasury, Dept of Veterans Affairs, EPA, GSA, USPS, SSA, NASA, Other Federal Agencies, Legislative Agencies (GAO, GPO, LOC, etc.), Judicial Branch Agencies, State Government, County Government, City Government, Municipal Government, CIA, FEMA, Office of Personnel Management, Coast Guard, National Institutes of Health, FAA, Census Bureau, USAID, National Guard Association, EEOC, Federal Government, State & Local Government, FDA, Foreign Governments/Agencies, NSA, FCC