Dell Services Federal Group (DSFG): The JD Biggs Independent Assessment (IA) and Quality Assurance (QA) teams completed Pre-FedRAMP and FedRAMP assessments on the Dell Cloud for US Government (DCG). The IA team conducted testing on the DCG Infrastructure as a Service (IaaS), in accordance with the FedRAMP requirements as defined in the DCG Security Assessment Plan (SAP).
The IA team performed vulnerability scans and penetration testing of the accreditation boundary. In addition, the IA team performed vulnerability scans, penetration testing, validated False Positives (FP’s), collected evidentiary artifacts and developed the DCG Security Assessment Report (SAR).
QA managed the collection of evidentiary artifacts; reviewed 3PAO work products; facilitated Technical Reviewers (TR’s) SAR clarification requests and responses with the IA team; and finalized security authorization package submission into MAX.
The FedRAMP Program Management Office (PMO) and the Joint Authorization Board (JAB), TR’s were briefed on DCG risks documented in the SAR. The JAB issued DCG the Provisional Authority to Operate (P-ATO) decision, and the JD Biggs team is contracted for Continuous Monitoring (ConMon) of DCG.
Read More at fedramp.gov:
Read More at Government Contracting News Wire (GovConWire): https://www.govconwire.com/2016/04/dell-gets-support-from-infusionpoints-for-fedramp-jab-p-ato-efforts-george-newstrom-comments/
Read More at Business Wire:
The JD Biggs team completed a multi-year contract conducting Federal Information Security Management Act (FISMA) assessments and Continuous Monitoring (ConMon) support services, on the Office of Head Start Monitoring System (OHSMS). The OHSMS is a cloud Software as a Service (SaaS) solution for the Health and Human Services (HHS). The JD Biggs Independent Assessment (IA) team assessed the Infrastructure as a Service (IaaS) and SaaS accreditation boundary as defined in the Security Assessment Plan (SAP).
The Quality Assurance (QA) team managed the collection of evidentiary artifacts; reviewed for accuracy and completion each IA team members work products; and finalized security authorization package for the Authorizing Official (AO) accreditation decision. The AO issued the Authority to Operate (ATO) decision based on the Security Assessment Report (SAR).
The JD Biggs team was contracted to conduct Pre-FedRAMP and security authorization package development on the Federal Retirements Benefits (FRB) cloud solution offering. The JD Biggs Independent Assessment (IA) team worked directly with the software development team and other stakeholders to complete Pre-FedRAMP assessment activities. The Quality Assurance (QA) team completed package reviews and prepared the final security authorization package for the 3PAO assessment. The Joint Authorization Board (JAB) issued a Provisional Authority to Operate (P-ATO) decision for FRB.