{"id":3089,"date":"2021-10-01T13:33:42","date_gmt":"2021-10-01T17:33:42","guid":{"rendered":"https:\/\/seaglasstech.wpenginepowered.com\/?page_id=3089"},"modified":"2022-10-17T22:49:49","modified_gmt":"2022-10-18T02:49:49","slug":"moderate-impact-level","status":"publish","type":"page","link":"https:\/\/seaglasstechnology.com\/fedramp-compliance\/moderate-impact-level\/","title":{"rendered":"FedRAMP Moderate Impact Level Compliance"},"content":{"rendered":"<p><img fetchpriority=\"high\" decoding=\"async\" src=\"https:\/\/seaglasstech.wpenginepowered.com\/wp-content\/uploads\/2021\/10\/2-2.jpg\" alt=\"computer with lock for FedRAMP moderate impact level compliance\" width=\"300\" height=\"200\" class=\"alignright size-full wp-image-3123\" \/>Cloud computing has transformed the way that many businesses operate and manage their infrastructure. The federal government also recognizes the significant impact that the cloud can have on organizations and the information that they handle on a daily basis. To address security concerns surrounding cloud-based products and services, the Federal Risk and Authorization Management Program (FedRAMP) was established. This program was created to address the reliability and security of cloud services used by the federal government. <\/p>\n<h2>FedRAMP Moderate Impact Level<\/h2>\n<p>Before a cloud service offering (CSO) can be used by any federal agency, it will first need to demonstrate FedRAMP compliance. This refers to the organization\u2019s ability to meet government security requirements outlined in NIST 800-53, as well as supplemented by the FedRAMP Program Management Office (PMO). Compliance can be demonstrated by acquiring a FedRAMP authorization, otherwise known as a FedRAMP Authority to Operate (ATO).<\/p>\n<p>FedRAMP is made up of three basic levels: low, moderate and high. The lowest level represents the base level and as the levels go higher, the more security controls and tighter restrictions there are to follow. What level an organization has to adhere to will depend on the type of data that is to be processed, stored or transmitted, as well as the overall risk faced by the business.<\/p>\n<p>A moderate impact level deals with data that has not been made publicly available, such as personally identifiable information. This type of data is considered to be controlled unclassified information and must meet a total of 325 controls under the FedRAMP moderate impact level. Security controls enable cloud service companies to automate a wide range of risk detection and management functions to achieve a more secure system and data. When data is lost or exposed at a moderate level, it could directly impact a business\u2019s mission. It could also affect operations and expose personnel files.<\/p>\n<h2>Moderate Impact Level Compliance<\/h2>\n<p><img decoding=\"async\" src=\"https:\/\/seaglasstech.wpenginepowered.com\/wp-content\/uploads\/2021\/10\/1-1.jpg\" alt=\"locked for FedRAMP moderate impact level compliance\" width=\"300\" height=\"200\" class=\"alignright size-full wp-image-3122\" \/>Businesses interested in meeting FedRAMP moderate impact level compliance can do so by obtaining an agency ATO or JAB P-ATO. Both options can be a rigorous process that requires significant time and resources. The process requires the organization to provide documentation that the proper security controls have been implemented. The CSP must categorize their cloud service offerings in accordance with FIPS-199 to determine the proper level categorization which will then determine what NIST 800-53 controls will apply.<\/p>\n<p>Once the proper documentation has been created and approved, an assessment is conducted by a third-party assessment organization (3PAO) who will develop a security assessment plan (SAP). The 3PAO will test the control implementation and create a security assessment report (SAR). The SAR is then reviewed by the federal government and approved. After achieving an ATO or JAB P-ATO, the cloud service provider then begins the continuous monitoring phase that ensures that the controls continue to operate efficiently.<\/p>\n<h2>Inquire About FedRAMP Compliance Services<\/h2>\n<p>Although meeting FedRAMP moderate impact level compliance requirements can be challenging, there is help available for organizations that are committed to the process. To learn more about FedRAMP compliance services or to schedule a consultation, <a href=\"\/contact\/\">contact SeaGlass Technology<\/a>.<\/p>\n","protected":false},"excerpt":{"rendered":"<p>Cloud computing has transformed the way that many businesses operate and manage their infrastructure. The federal government also recognizes the significant impact that the cloud can have on organizations and the information that they handle on a daily basis. To address security concerns surrounding cloud-based products and services, the Federal Risk and Authorization Management Program [&hellip;]<\/p>\n","protected":false},"author":13,"featured_media":3090,"parent":3083,"menu_order":0,"comment_status":"closed","ping_status":"closed","template":"","meta":{"_genesis_hide_title":false,"_genesis_hide_breadcrumbs":false,"_genesis_hide_singular_image":false,"_genesis_hide_footer_widgets":false,"_genesis_custom_body_class":"","_genesis_custom_post_class":"","_genesis_layout":"","footnotes":"","_links_to":"","_links_to_target":""},"class_list":{"0":"post-3089","1":"page","2":"type-page","3":"status-publish","4":"has-post-thumbnail","6":"entry"},"acf":[],"yoast_head":"<!-- This site is optimized with the Yoast SEO plugin v27.3 - https:\/\/yoast.com\/product\/yoast-seo-wordpress\/ -->\n<title>FedRAMP Moderate Impact Level Compliance - SeaGlass Technology<\/title>\n<meta name=\"description\" content=\"FedRAMP moderate impact level compliance requires organizations to provide documentation that proper security controls have been implemented.\" \/>\n<meta name=\"robots\" content=\"index, follow, max-snippet:-1, max-image-preview:large, max-video-preview:-1\" \/>\n<link rel=\"canonical\" href=\"https:\/\/seaglasstechnology.com\/fedramp-compliance\/moderate-impact-level\/\" \/>\n<meta property=\"og:locale\" content=\"en_US\" \/>\n<meta property=\"og:type\" content=\"article\" \/>\n<meta property=\"og:title\" content=\"FedRAMP Moderate Impact Level Compliance - SeaGlass Technology\" \/>\n<meta property=\"og:description\" content=\"FedRAMP moderate impact level compliance requires organizations to provide documentation that proper security controls have been implemented.\" \/>\n<meta property=\"og:url\" content=\"https:\/\/seaglasstechnology.com\/fedramp-compliance\/moderate-impact-level\/\" \/>\n<meta property=\"og:site_name\" content=\"SeaGlass Technology\" \/>\n<meta property=\"article:modified_time\" content=\"2022-10-18T02:49:49+00:00\" \/>\n<meta property=\"og:image\" content=\"https:\/\/seaglasstechnology.com\/wp-content\/uploads\/2021\/10\/Business-owner-trying-to-meet-FedRAMP-moderate-impact-level-compliance-requirements.jpg\" \/>\n\t<meta property=\"og:image:width\" content=\"1600\" \/>\n\t<meta property=\"og:image:height\" content=\"800\" \/>\n\t<meta property=\"og:image:type\" content=\"image\/jpeg\" \/>\n<meta name=\"twitter:card\" content=\"summary_large_image\" \/>\n<meta name=\"twitter:label1\" content=\"Est. reading time\" \/>\n\t<meta name=\"twitter:data1\" content=\"3 minutes\" \/>\n<script type=\"application\/ld+json\" class=\"yoast-schema-graph\">{\"@context\":\"https:\\\/\\\/schema.org\",\"@graph\":[{\"@type\":\"WebPage\",\"@id\":\"https:\\\/\\\/seaglasstechnology.com\\\/fedramp-compliance\\\/moderate-impact-level\\\/\",\"url\":\"https:\\\/\\\/seaglasstechnology.com\\\/fedramp-compliance\\\/moderate-impact-level\\\/\",\"name\":\"FedRAMP Moderate Impact Level Compliance - SeaGlass Technology\",\"isPartOf\":{\"@id\":\"https:\\\/\\\/seaglasstechnology.com\\\/#website\"},\"primaryImageOfPage\":{\"@id\":\"https:\\\/\\\/seaglasstechnology.com\\\/fedramp-compliance\\\/moderate-impact-level\\\/#primaryimage\"},\"image\":{\"@id\":\"https:\\\/\\\/seaglasstechnology.com\\\/fedramp-compliance\\\/moderate-impact-level\\\/#primaryimage\"},\"thumbnailUrl\":\"https:\\\/\\\/seaglasstechnology.com\\\/wp-content\\\/uploads\\\/2021\\\/10\\\/Business-owner-trying-to-meet-FedRAMP-moderate-impact-level-compliance-requirements.jpg\",\"datePublished\":\"2021-10-01T17:33:42+00:00\",\"dateModified\":\"2022-10-18T02:49:49+00:00\",\"description\":\"FedRAMP moderate impact level compliance requires organizations to provide documentation that proper security controls have been implemented.\",\"breadcrumb\":{\"@id\":\"https:\\\/\\\/seaglasstechnology.com\\\/fedramp-compliance\\\/moderate-impact-level\\\/#breadcrumb\"},\"inLanguage\":\"en-US\",\"potentialAction\":[{\"@type\":\"ReadAction\",\"target\":[\"https:\\\/\\\/seaglasstechnology.com\\\/fedramp-compliance\\\/moderate-impact-level\\\/\"]}]},{\"@type\":\"ImageObject\",\"inLanguage\":\"en-US\",\"@id\":\"https:\\\/\\\/seaglasstechnology.com\\\/fedramp-compliance\\\/moderate-impact-level\\\/#primaryimage\",\"url\":\"https:\\\/\\\/seaglasstechnology.com\\\/wp-content\\\/uploads\\\/2021\\\/10\\\/Business-owner-trying-to-meet-FedRAMP-moderate-impact-level-compliance-requirements.jpg\",\"contentUrl\":\"https:\\\/\\\/seaglasstechnology.com\\\/wp-content\\\/uploads\\\/2021\\\/10\\\/Business-owner-trying-to-meet-FedRAMP-moderate-impact-level-compliance-requirements.jpg\",\"width\":1600,\"height\":800,\"caption\":\"Business owner trying to meet FedRAMP moderate impact level compliance requirements\"},{\"@type\":\"BreadcrumbList\",\"@id\":\"https:\\\/\\\/seaglasstechnology.com\\\/fedramp-compliance\\\/moderate-impact-level\\\/#breadcrumb\",\"itemListElement\":[{\"@type\":\"ListItem\",\"position\":1,\"name\":\"Home\",\"item\":\"https:\\\/\\\/seaglasstechnology.com\\\/\"},{\"@type\":\"ListItem\",\"position\":2,\"name\":\"FedRAMP Compliance Services\",\"item\":\"https:\\\/\\\/seaglasstechnology.com\\\/fedramp-compliance\\\/\"},{\"@type\":\"ListItem\",\"position\":3,\"name\":\"FedRAMP Moderate Impact Level Compliance\"}]},{\"@type\":\"WebSite\",\"@id\":\"https:\\\/\\\/seaglasstechnology.com\\\/#website\",\"url\":\"https:\\\/\\\/seaglasstechnology.com\\\/\",\"name\":\"SeaGlass Technology\",\"description\":\"Expert NYC IT Services You Can Trust\",\"publisher\":{\"@id\":\"https:\\\/\\\/seaglasstechnology.com\\\/#organization\"},\"potentialAction\":[{\"@type\":\"SearchAction\",\"target\":{\"@type\":\"EntryPoint\",\"urlTemplate\":\"https:\\\/\\\/seaglasstechnology.com\\\/?s={search_term_string}\"},\"query-input\":{\"@type\":\"PropertyValueSpecification\",\"valueRequired\":true,\"valueName\":\"search_term_string\"}}],\"inLanguage\":\"en-US\"},{\"@type\":\"Organization\",\"@id\":\"https:\\\/\\\/seaglasstechnology.com\\\/#organization\",\"name\":\"SeaGlass Technology\",\"url\":\"https:\\\/\\\/seaglasstechnology.com\\\/\",\"logo\":{\"@type\":\"ImageObject\",\"inLanguage\":\"en-US\",\"@id\":\"https:\\\/\\\/seaglasstechnology.com\\\/#\\\/schema\\\/logo\\\/image\\\/\",\"url\":\"https:\\\/\\\/seaglasstechnology.com\\\/wp-content\\\/uploads\\\/2022\\\/05\\\/sgt-new-seaglass-logo.png\",\"contentUrl\":\"https:\\\/\\\/seaglasstechnology.com\\\/wp-content\\\/uploads\\\/2022\\\/05\\\/sgt-new-seaglass-logo.png\",\"width\":1000,\"height\":309,\"caption\":\"SeaGlass Technology\"},\"image\":{\"@id\":\"https:\\\/\\\/seaglasstechnology.com\\\/#\\\/schema\\\/logo\\\/image\\\/\"}}]}<\/script>\n<!-- \/ Yoast SEO plugin. -->","yoast_head_json":{"title":"FedRAMP Moderate Impact Level Compliance - SeaGlass Technology","description":"FedRAMP moderate impact level compliance requires organizations to provide documentation that proper security controls have been implemented.","robots":{"index":"index","follow":"follow","max-snippet":"max-snippet:-1","max-image-preview":"max-image-preview:large","max-video-preview":"max-video-preview:-1"},"canonical":"https:\/\/seaglasstechnology.com\/fedramp-compliance\/moderate-impact-level\/","og_locale":"en_US","og_type":"article","og_title":"FedRAMP Moderate Impact Level Compliance - SeaGlass Technology","og_description":"FedRAMP moderate impact level compliance requires organizations to provide documentation that proper security controls have been implemented.","og_url":"https:\/\/seaglasstechnology.com\/fedramp-compliance\/moderate-impact-level\/","og_site_name":"SeaGlass Technology","article_modified_time":"2022-10-18T02:49:49+00:00","og_image":[{"width":1600,"height":800,"url":"https:\/\/seaglasstechnology.com\/wp-content\/uploads\/2021\/10\/Business-owner-trying-to-meet-FedRAMP-moderate-impact-level-compliance-requirements.jpg","type":"image\/jpeg"}],"twitter_card":"summary_large_image","twitter_misc":{"Est. reading time":"3 minutes"},"schema":{"@context":"https:\/\/schema.org","@graph":[{"@type":"WebPage","@id":"https:\/\/seaglasstechnology.com\/fedramp-compliance\/moderate-impact-level\/","url":"https:\/\/seaglasstechnology.com\/fedramp-compliance\/moderate-impact-level\/","name":"FedRAMP Moderate Impact Level Compliance - SeaGlass Technology","isPartOf":{"@id":"https:\/\/seaglasstechnology.com\/#website"},"primaryImageOfPage":{"@id":"https:\/\/seaglasstechnology.com\/fedramp-compliance\/moderate-impact-level\/#primaryimage"},"image":{"@id":"https:\/\/seaglasstechnology.com\/fedramp-compliance\/moderate-impact-level\/#primaryimage"},"thumbnailUrl":"https:\/\/seaglasstechnology.com\/wp-content\/uploads\/2021\/10\/Business-owner-trying-to-meet-FedRAMP-moderate-impact-level-compliance-requirements.jpg","datePublished":"2021-10-01T17:33:42+00:00","dateModified":"2022-10-18T02:49:49+00:00","description":"FedRAMP moderate impact level compliance requires organizations to provide documentation that proper security controls have been implemented.","breadcrumb":{"@id":"https:\/\/seaglasstechnology.com\/fedramp-compliance\/moderate-impact-level\/#breadcrumb"},"inLanguage":"en-US","potentialAction":[{"@type":"ReadAction","target":["https:\/\/seaglasstechnology.com\/fedramp-compliance\/moderate-impact-level\/"]}]},{"@type":"ImageObject","inLanguage":"en-US","@id":"https:\/\/seaglasstechnology.com\/fedramp-compliance\/moderate-impact-level\/#primaryimage","url":"https:\/\/seaglasstechnology.com\/wp-content\/uploads\/2021\/10\/Business-owner-trying-to-meet-FedRAMP-moderate-impact-level-compliance-requirements.jpg","contentUrl":"https:\/\/seaglasstechnology.com\/wp-content\/uploads\/2021\/10\/Business-owner-trying-to-meet-FedRAMP-moderate-impact-level-compliance-requirements.jpg","width":1600,"height":800,"caption":"Business owner trying to meet FedRAMP moderate impact level compliance requirements"},{"@type":"BreadcrumbList","@id":"https:\/\/seaglasstechnology.com\/fedramp-compliance\/moderate-impact-level\/#breadcrumb","itemListElement":[{"@type":"ListItem","position":1,"name":"Home","item":"https:\/\/seaglasstechnology.com\/"},{"@type":"ListItem","position":2,"name":"FedRAMP Compliance Services","item":"https:\/\/seaglasstechnology.com\/fedramp-compliance\/"},{"@type":"ListItem","position":3,"name":"FedRAMP Moderate Impact Level Compliance"}]},{"@type":"WebSite","@id":"https:\/\/seaglasstechnology.com\/#website","url":"https:\/\/seaglasstechnology.com\/","name":"SeaGlass Technology","description":"Expert NYC IT Services You Can Trust","publisher":{"@id":"https:\/\/seaglasstechnology.com\/#organization"},"potentialAction":[{"@type":"SearchAction","target":{"@type":"EntryPoint","urlTemplate":"https:\/\/seaglasstechnology.com\/?s={search_term_string}"},"query-input":{"@type":"PropertyValueSpecification","valueRequired":true,"valueName":"search_term_string"}}],"inLanguage":"en-US"},{"@type":"Organization","@id":"https:\/\/seaglasstechnology.com\/#organization","name":"SeaGlass Technology","url":"https:\/\/seaglasstechnology.com\/","logo":{"@type":"ImageObject","inLanguage":"en-US","@id":"https:\/\/seaglasstechnology.com\/#\/schema\/logo\/image\/","url":"https:\/\/seaglasstechnology.com\/wp-content\/uploads\/2022\/05\/sgt-new-seaglass-logo.png","contentUrl":"https:\/\/seaglasstechnology.com\/wp-content\/uploads\/2022\/05\/sgt-new-seaglass-logo.png","width":1000,"height":309,"caption":"SeaGlass Technology"},"image":{"@id":"https:\/\/seaglasstechnology.com\/#\/schema\/logo\/image\/"}}]}},"featured_image_src":"https:\/\/seaglasstechnology.com\/wp-content\/uploads\/2021\/10\/Business-owner-trying-to-meet-FedRAMP-moderate-impact-level-compliance-requirements.jpg","featured_image_src_square":"https:\/\/seaglasstechnology.com\/wp-content\/uploads\/2021\/10\/Business-owner-trying-to-meet-FedRAMP-moderate-impact-level-compliance-requirements.jpg","_links":{"self":[{"href":"https:\/\/seaglasstechnology.com\/wp-json\/wp\/v2\/pages\/3089","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/seaglasstechnology.com\/wp-json\/wp\/v2\/pages"}],"about":[{"href":"https:\/\/seaglasstechnology.com\/wp-json\/wp\/v2\/types\/page"}],"author":[{"embeddable":true,"href":"https:\/\/seaglasstechnology.com\/wp-json\/wp\/v2\/users\/13"}],"replies":[{"embeddable":true,"href":"https:\/\/seaglasstechnology.com\/wp-json\/wp\/v2\/comments?post=3089"}],"version-history":[{"count":0,"href":"https:\/\/seaglasstechnology.com\/wp-json\/wp\/v2\/pages\/3089\/revisions"}],"up":[{"embeddable":true,"href":"https:\/\/seaglasstechnology.com\/wp-json\/wp\/v2\/pages\/3083"}],"wp:featuredmedia":[{"embeddable":true,"href":"https:\/\/seaglasstechnology.com\/wp-json\/wp\/v2\/media\/3090"}],"wp:attachment":[{"href":"https:\/\/seaglasstechnology.com\/wp-json\/wp\/v2\/media?parent=3089"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}