One of the ongoing challenges of GDPR is its (until recently) fragmented compliance and assessment approach. The requirements of GDPR are relatively open–they focus on standards and expectations, not implementation. Therefore, many assessment tools and frameworks have emerged to address the situation. Recently, Europrivacy has risen as a potential centralization of assessments under a common set of rules.
The journey towards StateRAMP compliance is complex, with IT decision-makers at the strategic forefront. ITDMs are responsible for an organization’s infrastructure, including security and regulations, guiding their organizations through the nuances of the compliance process.
While working with a framework like StateRAMP, these decision-makers will inevitably have to take leading roles in guiding company culture around these standards. This article is for those preparing for such a journey with StateRAMP.
The latest FedRAMP draft memo from the OMB shakes up quite a bit about the program. While nothing is set in stone, much ink is spilled on what it will mean for the program and participating cloud service providers.
In this article, we will discuss what this new memo says about automation–specifically, how the program will start approaching automation to ensure compliance within its ecosystem of providers.