Fedramp system Security Plan (ssp) High Baseline Template


CA-7 Additional FedRAMP Requirements and Guidance



Download 1.2 Mb.
Page143/478
Date16.12.2020
Size1.2 Mb.
#54609
1   ...   139   140   141   142   143   144   145   146   ...   478
FedRAMP-SSP-High-Baseline-Template
FedRAMP-SSP-High-Baseline-Template, North Carolina Summary Table of Ecoregion Characteristics
CA-7 Additional FedRAMP Requirements and Guidance:

Requirement: Operating System Scans: at least monthly Database and Web Application Scans: at least monthly. All scans performed by Independent Assessor: at least annually.

Guidance: CSPs must provide evidence of closure and remediation of a high vulnerability within the timeframe for standard POA&M updates.

Guidance: See the FedRAMP Documents page under Key Cloud Service

Provider (CSP) Documents> Continuous Monitoring Strategy Guide



https://www.FedRAMP.gov/documents/

CA-7

Control Summary Information

Responsible Role:

Parameter CA-7(a):

Parameter CA-7(b)-1:

Parameter CA-7(b)-2:

Parameter CA-7(g)-1:

Parameter CA-7(g)-2:

Implementation Status (check all that apply):

Implemented

☐ Partially implemented

Planned

☐ Alternative implementation

Not applicable

Control Origination (check all that apply):

☐ Service Provider Corporate

☐ Service Provider System Specific

☐ Service Provider Hybrid (Corporate and System Specific)

☐ Configured by Customer (Customer System Specific)

☐ Provided by Customer (Customer System Specific)

☐ Shared (Service Provider and Customer Responsibility)

☐ Inherited from pre-existing FedRAMP Authorization for Click here to enter text. ,




Download 1.2 Mb.

Share with your friends:
1   ...   139   140   141   142   143   144   145   146   ...   478




The database is protected by copyright ©ininet.org 2024
send message

    Main page