From: FedRAMP Program Management Office
FedRAMP has updated its Security Assessment Test Case Workbook to reflect significant changes to baseline control descriptions, enhancements and associated test procedures accordingly to NIST SP 800-53 Revision 4.
The workbook provides a standard risk and controls template for assessing baseline controls and helps to drive consistency in the annual assessment testing performed by Third Party Assessor Organizations (3PAOs). 3PAOs use this workbook to test selected baseline controls per required test procedures and document any control deficiencies and findings.
FedRAMP seeks industry and expert comment and feedback on this workbook. The 30 day open public comment starts November 3 and ends December 12. Please find the Rev 4 Test Case Workbook at http://cloud.cio.gov/document/rev-4-test-case-workbook and send any suggestions or changes to Info@FedRAMP.gov.
Thank you.
Best,
FedRAMP PMO
Leave a Reply