Deltek's Journey to FedRAMP Moderate Equivalency скачать в хорошем качестве

Deltek's Journey to FedRAMP Moderate Equivalency

I have a surprise for you --- the last GRC Academy podcast! In this last episode, Michael Greenman from Deltek shares the journey to FedRAMP Moderate Equivalency for Deltek Costpoint GovCon Cloud Moderate (GCC-M). And let me tell you, it's quite a story: changes in NIST baselines, new policy from the DoW, and lessons learned. 👉 Here are some of the biggest takeaways: ✅ The real-world implications of DoW's equivalency definition ✅ How the absence of continuous monitoring shapes the trust model ✅ How Deltek developed a customer responsibility matrix that reduces friction for their customers ✅ Should the DoW blow up FedRAMP moderate equivalency? We also discussed improvements that can be made by the DoW, the Cyber AB, and more! We recorded this months ago, but this conversation is still very relevant. On another note, it is kind of surreal to think this is the last episode of the GRC Academy podcast. I hope you've enjoyed watching!! What were your biggest takeaways? Let me know in the comments. Follow Michael on LinkedIn:   / michael-greenman-94952a3   Deltek Costpoint GCC-M: https://www.deltek.com/en/government-... ----------- Online GRC Training: https://grcacademy.io/courses/?utm_so... #cmmc 00:00 Beginning 00:22 Michael's Background 02:04 Deltek's CMMC Survey Results 05:19 FedRAMP Moderate Equivalency Journey 10:43 The 100% Compliance Requirement 12:50 Customer Responsibility Matrix 15:40 Sharing the Body of Evidence with Customers 19:29 Challenges with FedRAMP Equivalency 24:35 Pro's of FedRAMP Equivalency 26:46 Con's of FedRAMP Moderate Equivalency 28:09 Recommendations for FedRAMP Equivalency 31:46 NIST 800-171 Only for CSPs? 33:43 Confusion Around CMMC and Cloud Service Providers 35:33 Conclusion