Pentagon plans to conduct 'gap analysis' between FedRAMP and CMMC for reciprocity

By Sara Friedman / February 22, 2021 at 1:13 PM
The Defense Department is working with the General Services Administration's Federal Risk and Authorization Management Program team to develop a "gap analysis" that will compare the cloud services effort with the Pentagon's Cybersecurity Maturity Model Certification initiative, according to DOD's Stacy Bostjanick. Developing reciprocity with other government and industry standards is something the Pentagon is exploring to "draw synergy so we don't put companies in a place where they have to do multiple certifications," Bostjanick said at an AFCEA event...

Not a subscriber? Sign up for 30 days free access to exclusive, behind-the-scenes reporting on defense policy and procurement.

Log in to access this content.