Fedramp system Security Plan (ssp) High Baseline Template

CA-7 Additional FedRAMP Requirements and Guidance

Download 1.2 Mb.

Page	143/478
Date	16.12.2020
Size	1.2 Mb.
	#54609

1 ... 139 140 141 142 143 144 145 146 ... 478

FedRAMP-SSP-High-Baseline-Template
FedRAMP-SSP-High-Baseline-Template, North Carolina Summary Table of Ecoregion Characteristics

CA-7 Additional FedRAMP Requirements and Guidance:

Requirement: Operating System Scans: at least monthly Database and Web Application Scans: at least monthly. All scans performed by Independent Assessor: at least annually.

Guidance: CSPs must provide evidence of closure and remediation of a high vulnerability within the timeframe for standard POA&M updates.

Guidance: See the FedRAMP Documents page under Key Cloud Service

Provider (CSP) Documents> Continuous Monitoring Strategy Guide

https://www.FedRAMP.gov/documents/

CA-7	Control Summary Information
Responsible Role:
Parameter CA-7(a):
Parameter CA-7(b)-1:
Parameter CA-7(b)-2:
Parameter CA-7(g)-1:
Parameter CA-7(g)-2:
Implementation Status (check all that apply): ☐ Implemented ☐ Partially implemented ☐ Planned ☐ Alternative implementation ☐ Not applicable
Control Origination (check all that apply): ☐ Service Provider Corporate ☐ Service Provider System Specific ☐ Service Provider Hybrid (Corporate and System Specific) ☐ Configured by Customer (Customer System Specific) ☐ Provided by Customer (Customer System Specific) ☐ Shared (Service Provider and Customer Responsibility) ☐ Inherited from pre-existing FedRAMP Authorization for Click here to enter text. ,

Download 1.2 Mb.

Share with your friends:

1 ... 139 140 141 142 143 144 145 146 ... 478