Deloitte Earns FedRAMP Third-party Assessment Organization Accreditation, Giving Prospective Federal Government Cloud Service Providers a New Choice
Deloitte now FedRAMP certified to provide third-party assessments, helping federal government agencies in journey to the cloud
WASHINGTON, June 15, 2017 — Deloitte announced today its accreditation as a FedRAMP Third-Party Assessment Organization (3PAO) by the American Association of Laboratory Accreditation (A2LA) and the FedRAMP Program Management Office (PMO). Being a 3PAO authorizes Deloitte to perform independent, third-party assessments of public and commercial cloud service providers who wish to provide cloud-based services to the federal government.
“Moving to the cloud requires a keen understanding of the new environment and the many security issues at play,” said Deborah Golden, principal, Deloitte & Touche LLP and federal cyber risk leader. “Because of the cyber risk work we do for both commercial entities and federal agencies, we are in a favorable position to collaborate across industries and support our client’s transition to the cloud in a way that meets the necessary security standards.”
To earn certification, Deloitte had to demonstrate technical competence in:
- Applying the unified, government-wide risk management program focused on security for cloud-based services prescribed by FedRAMP
- Establishing a quality management system compliant with the International Organization for Standardization (ISO) and the International Electrotechnical Commission (IEC) 17020:2012 Conformity Assessment under the Inspection Body Accreditation Program
With significant growth over the past several years, Deloitte’s federal cyber risk practice works with agencies across the federal government to become more secure, vigilant and resilient. In addition, Deloitte’s federal technology practice provides agencies with a comprehensive approach to help agencies maximum results from their cloud investment.
The 3PAO certification is in addition to the National Security Agency’s (NSA) Certified Incident Response Assistance (CIRA) accreditation Deloitte recently earned. CIRA identifies companies qualified to provide rapid, on-site support to national security systems (NSS) owners and operators in incident response and intrusion detection.
Deloitte provides industry-leading audit, consulting, tax and advisory services to many of the world’s most admired brands, including 80 percent of the Fortune 500 and more than 6,000 private and middle market companies. Our people work across more than 20 industry sectors to deliver measurable and lasting results that help reinforce public trust in our capital markets, inspire clients to make their most challenging business decisions with confidence, and help lead the way toward a stronger economy and a healthy society.