• Skip to primary navigation
  • Skip to main content
  • Skip to footer
  • A2LA Annual Conference
  • Apply
  • Blog
  • Accreditation Estimate Request Form
  • Portal
  • Search Organizations
a2la logo

A2LA

A Better World Through Accreditation

  • Accreditation
    • ISO/IEC 17025 – Testing/Calibration Laboratories
      • Acoustics and Vibration Testing
      • Biological Testing Program
        • Cannabis Testing
        • Food And Pharmaceutical Accreditation
        • Veterinary Laboratory Accreditation Program
        • FDA ASCA Pilot Program (Basic Safety And Essential Performance)
        • Threat Agent Testing Laboratory Accreditation Program
        • FDA ASCA Pilot Program (Biocompatibility Testing Of Medical Devices)
      • Calibration
      • Chemical Testing
        • Veterinary Laboratory Accreditation Program
        • Competition Animal Drug Testing Laboratory Accreditation Program
        • Food And Pharmaceutical Accreditation
        • A2LA Consumer Product Safety Testing (CPSC)
        • Cannabis Testing
        • WADA Testing Accreditation
        • Oregon Toxic-Free Kids Act Accreditation Program
        • Threat Agent Testing Laboratory Accreditation Program
      • Construction Material Testing Accreditation
        • Harris County, TX/City Of Houston/Houston Port Authority
      • Electrical Testing Accreditation
        • The A2LA U.S. Federal Communications Commission Equipment Authorization Program
        • CTIA Wireless Association – LTE/CDMA Devices
        • A2LA Consumer Product Safety Testing (CPSC)
        • Bluetooth Testing Program
        • EPA ENERGY STAR Accreditation Program
        • NAVAIR
        • Automotive EMC Laboratory Recognition Program (AEMCLRP)
        • Notified Body Accreditation Program
        • The A2LA Project 25 (P25) Compliance Assessment Program
        • FDA ASCA Pilot Program (Basic Safety And Essential Performance)
        • ISED Equipment Authorization Program
      • Environmental Testing Accreditation
        • The A2LA CA ELAP Laboratory Assessment Program
        • EPA National Lead Laboratory Accreditation Program (NLLAP)
        • Kentucky Underground Storage Tank (UST) Testing Program
        • DOECAP Audit Program Accreditation
        • DOD Environmental Laboratory Accreditation Program
        • TNI Field Sampling & Measurement Organization (FSMO) Accreditation Program
        • Air Emission Testing Body Assessment Program (AETBs)
        • DOD Advanced Geophysical Classification Accreditation Program (DAGCAP)
        • Wyoming Storage Tank Remediation (STR) Program
        • State Environmental Laboratory Assessment Program – NELAP
      • Forensic Examination Accreditation Program
      • Geotechnical Accreditation Program
        • Harris County, TX/City Of Houston/Houston Port Authority
        • Putting Green Laboratory Accreditation Program (PUG)
      • Information Technology
        • Gaming Standards Association (GSA)
        • Internet Protocol Version 6 (IPv6)
      • Mechanical Testing Accreditation
        • A2LA Consumer Product Safety Testing (CPSC)
        • EPA ENERGY STAR Accreditation Program
        • Business & Institutional Furniture Manufacturer’s Association Compliant Program
        • Counterfeit Part Avoidance Testing
      • Nondestructive Testing Program – NDT
      • Sampling & Testing Accreditation
      • Sustainable Energy Testing
        • EPA ENERGY STAR Accreditation Program
      • Thermal
        • A2LA Consumer Product Safety Testing (CPSC)
        • EPA ENERGY STAR Accreditation Program
    • ISO/IEC 17020 – Inspection Bodies
      • ISO/IEC 17020 – Inspection Body Accreditation Program
        • Forensic Examination Accreditation Program
        • Special Inspections Accreditation Program
        • Cybersecurity Inspection Body Program
        • FedRAMP Third Party Assessment Organizations (3PAO)
        • Field Evaluation Body (FEB) Accreditation Program
        • Notified Body Accreditation Program
    • ISO/IEC 17065 – Product Certification Bodies
      • ISO/IEC 17065 Product Compliance Certification Accreditations
        • The A2LA Telecommunication Certification Body Program
        • EPA WaterSense Program
        • EPA ENERGY STAR Accreditation Program
        • Notified Body Accreditation Program
    • ISO/IEC 17043 – Proficiency Testing Providers
      • The A2LA Proficiency Testing Provider Accreditation Program
    • ISO 17034 – Reference Materials Producers
      • ISO 17034 – Reference Materials Producers Accreditation Program
    • ISO 15189 and CLIA – Clinical Testing Laboratories
      • ISO 15189 & CLIA – Clinical Testing Laboratories Accreditation Program
    • ISO 20387 – Biobanking Accreditation Program
      • ISO 20387 – Biobanking Accreditation Program
  • About
    • Overview
    • Board of Directors
    • Careers
    • Leadership
    • Recognitions
    • Regulators and Specifiers
  • Resources
    • Acronym Glossary
    • Annual Reports
    • Documents
    • Downloadable Content
    • FAQs
    • Press Releases
    • Training By A2LA WPT
  • Our Membership Options
  • Get a Quote
  • Online Payment

FedRAMP Third Party Assessment Organizations (3PAO)

Home » Accreditations » FedRAMP Third Party Assessment Organizations (3PAO)

A2LA offers accreditation of Third-Party Assessment Organizations (3PAOs) as part of the Federal Risk and Authorization Management Program (FedRAMP).

FedRAMP is a government-wide program that provides a standardized approach to security assessment, authorization, and continuous monitoring for cloud-based services. Under the Security Assessment Framework, 3PAOs are required to be accredited by A2LA in order to be recognized by the FedRAMP Program Management Office (PMO). The A2LA assessment process involves a rigorous evaluation of the technical competence of the 3PAOs and their compliance with international standards.

An organization that wishes to become an accredited FedRAMP 3PAO must spend at least a year in the Cybersecurity Inspection Body Program in order to demonstrate a level of technical competence prior to consideration for FedRAMP 3PAO recognition. The additional requirements for FedRAMP 3PAO recognition are available upon request.

The list of FedRAMP-approved 3PAOs can be found on the FedRAMP Marketplace. This specialty program is covered under the A2LA Inspection Body Accreditation Program.

Program Requirements

  • ISO/IEC 17020 Requirements for the Operation of Various Types of Bodies Performing Inspection
  • ILAC P15 – Application of ISO/IEC 17020 for the Accreditation of Inspection Bodies
  • R311 – Specific Requirements: Federal Risk and Authorization Management Program (FedRAMP)
  • Information on the FedRAMP process for recognizing cloud services providers may be found on the FedRAMP website.

In partnership with FedRAMP, A2LA works exclusively with Baltimore Cyber Range to provide technical proficiency testing for third party assessment organizations (3PAOs). The Baltimore Cyber Range FedRAMP exercise “is a real-time assessment of a simulated cloud environment. Participating teams are provided four hours to review an abbreviated system security plan and assess a subset of 20 security controls for system implementation and configuration non-compliance issues using the examine, test, and interview assessment methods.” A2LA conveniently manages this testing for our customers, streamlining the entire process.

Footer

Headquarters 5202 Presidents Court, Ste 220 Frederick, MD 21703
301.644.3248
info@A2LA.org
Social Icon
Social Icon
Social Icon
Social Icon
  • Careers
  • Contact A2LA
  • Lodging a Complaint
  • Get Involved
  • Privacy Agreement
  • Online Payment
  • A2LA Annual Conference
  • Apply
  • Blog
  • Accreditation Estimate Request Form
  • Portal
  • Search Organizations

© 2023 A2LA · Powered by Orases Custom Software · Website Privacy Policy & Terms of Use