What is the difference between FISMA and FedRAMP

Arlington Security Portal - Show on: Side Bar

FedRAMP is essentially “FISMA for the Cloud”. Per FISMA, the National Institute of Standards and Technology (NIST) is responsible for establishing “policies which shall set the framework for information technology standards for the Federal Government.” Specifically, both FedRAMP and FISMA use the NIST SP 800-53 security controls. The FedRAMP security controls are based on NIST SP 800-53 baselines and contain controls, parameters, and guidance above the NIST baseline that address the unique elements of cloud computing.

From Beginning to End, Complete Project Management for FedRAMP

With Arlington, we can manage your entire FedRAMP authorization process from beginning to end (i.e., from the initial FedRAMP scoping & gap assessment to post-Authorization to Operate (ATO) activities), providing essential services for getting you to the finish line in terms of your ATO. Core services and solutions offered include the following:

RFP Services
Scoping & Gap (i.e., Readiness) Assessments
Remediation Services
Managing the official Security Assessment Audit
System Security Plan (SSP) Development
Continuous Monitoring Services

Arlington Security Portal

Get Access to 100 + NIST RMF security and privacy policies & procedures, programs, and plan templates.

Learn More

DoD Strategy & Advisory

FedRAMP for DOD Contractors

TPRM & Supply Chain

NISP eMASS DCSA

Cybersecurity

Config. Mgmt.

NIST 800-171

Data Privacy

DoD Cloud Security

CMMC

vCO & vCISO

Awareness / Threat Training

Risk Assessments

FISMA

CP & IR

Non-DoD NIST RMF

About Arlington

Expertise

Focus

Values

DoD Briefs

Case Studies

FAQ's

What is the difference between FISMA and FedRAMP

Arlington Security Portal

SERVICES

RESOURCES

ABOUT