Coalfire Systems, Inc. 11000 Westmoor Circle, Suite 450 Westminster, CO 80021 December 22, 2017 To Whom It May Concern: The purpose of this letter is to provide Google Services (Google Cloud Platform (GCP) and G Suite) customers assurance that Google Services is operating in compliance with requirements of NIST SP 800-53 for the 2017 reporting period. The Federal Risk and Authorization Management Program (FedRAMP) is a government-wide program that provides a standardized approach to security assessment, authorization and continuous monitoring for cloud-based services. As an accredited FedRAMP Third Party Assessment Organization (3PAO), Coalfire Systems (Coalfire) performs independent security assessments for cloud service provider offerings such as Google Services. As a 3PAO, Coalfire is required to meet strict accreditation requirements that ensure assessment independence and integrity. FedRAMP is recognized within the industry as one of the most comprehensive risk assessment programs for commercial or government agency cloud environments. The FedRAMP Moderate baseline is a set of 325 NIST SP 800-53 controls and additional requirements (including vulnerability scanning, penetration testing, and continuous monitoring) to be assessed to determine adequacy of security of a Moderate impact system (loss of confidentiality, integrity, and availability would result in serious adverse effects on customer operations, assets, or individuals). From June 19, 2017 to October 15, 2017, Coalfire performed a FedRAMP Moderate baseline assessment of Google Services. The assessment included security control analysis, vulnerability scanning, and penetration testing, the results of which are documented in the Google Services FedRAMP Security Assessment Report (SAR), dated November 1, 2017. As of the date of this letter, Google’s FedRAMP Package is being reviewed by the FedRAMP Joint Authorization Board and Provisional ATO is expected on February 7, 2018. As a result of assessment activities, Coalfire concludes that Google has implemented NIST SP 800-53 Revision 4 security controls in compliance with the FedRAMP Moderate baseline and that all deviations from the baseline are being tracked and remediated in accordance with FedRAMP guidance. Coalfire is the leading 3PAO of the FedRAMP program, having performed the most assessments to-date. Our reputation has been built on the comprehensiveness of our assessments that we provide to our clients and the overall thoroughness of our reviews on behalf of the US Federal Government. We stand behind all the work we perform and put forth unbiased deliverables outlining the findings from assessment activities. Any recommendations for authorization are based off the results of our review and presented to the US Federal Government for their authorization determination. Any questions regarding Coalfire’s 2017 assessment of Google Services can be directed by email to [email protected].

Sincerely,

Matthew Houy DIRECTOR | FEDRAMP ASSESSMENT SERVICES COALFIRE | Coalfire.com | (C) 210.663.6825 22630 Davis Drive | Suite 225 | Sterling | Virginia 20164

Coalfire Systems, Inc. 11000 Westmoor Circle, Suite ... services

Dec 22, 2017 - vulnerability scanning, penetration testing, and continuous monitoring) to be assessed ... 22630 Davis Drive | Suite 225 | Sterling | Virginia 20164.
Download PDF
288KB Sizes 1 Downloads 240 Views
Report

Recommend Documents

Coalfire Systems, Inc. 11000 Westmoor Circle ... Services
The Federal Risk and Authorization Management Program (FedRAMP) is a government-wide program that provides a standardized approach to security assessment, ... performs independent security assessments for cloud service provider offerings such as Goog
Coalfire Systems, Inc. 11000 Westmoor Circle ... - Services
Dec 22, 2017 - The Federal Risk and Authorization Management Program (FedRAMP) is a government-wide program that provides a standardized approach to security assessment, authorization and ... assessments for cloud service provider offerings such as G
abode services inc. - GovDelivery
Jan 28, 2015 - Are you moving, looking for a place; couch surfing, but can't afford the expense? If you meet the income limits or you don't have income at all?
abode services inc. - GovDelivery
Jan 28, 2015 - Are you moving, looking for a place; couch surfing, but can't afford the expense? If you meet the income limits or you don't have income at all? ... assistance (for up to 3 months). • Employment Support. • Help catching up on past
G Suite Deployment Advisory Services
applicable fully signed Ordering Document and any incorporated terms and conditions. © 2018 Google LLC. All rights reserved. Google and the Google logo are ...
Rationalize Productivity Suite Costs Services
tracker. Assist with design and deployment of scaled solutions for identified processes. Usage Assessment. Provide guidance on how to analyze data from user surveys, G Suite Admin Console, desktop software management tools, and (optionally) other thi
G Suite Deployment Advisory Services
The G Suite Deployment Advisory service offering will help implement a G Suite domain by establishing project management, scoping technical ... on methodology and best practices on deploying G Suite in the customer environment. Advisory support for .
Rationalize Productivity Suite Costs Services
of the cloud (e.g., powerful search, accessible revision history, social commenting, real-time translation and editing, backup and security, and access from any device), reduce file management complexity (e.g., removing the need to save, backup, copy
physician education course - Merit Medical Systems, Inc.
PHYSICIAN EDUCATION COURSE. TARGETED ... Understand the appropriate use of Merit technology ... New York, NY, Mount Sinai Hospital. MERIT.COM.
Suite 709 Cranks it into Party Mode with Events - Services
One week before each show, Suite 709 creates a Google+ Event and sends out invitations to fans, encouraging participation online and in-person. Band members interact directly with fans through the Event stream, responding to questions, encouraging fo
juror honesty during the voir dire - Jury Services, Inc
rors who have been excused; and (6) com- bining jurors who sit ... (S), armed robbery (6). receiving stolen goods ..... edge of police officers (34 percent v. 10 per-.
Teaching Note BEST FINANCIAL SERVICES INC. -
The fixed asset purchases are reasonable, given the company's recent sales growth and the need to replace office equipment from time to time; however, in the ...
Contract - Accu Care Home Health Services, Inc. 2016-2017.pdf ...
There was a problem loading more pages. Retrying... Whoops! There was a problem previewing this document. Retrying... Download. Connect more apps... Try one of the apps below to open or edit this item. Contract - Accu Care Home Health Services, Inc.
Reliable Financial Services, Inc. AS26824.pdf
Whoops! There was a problem loading more pages. Retrying... Reliable Financial Services, Inc. AS26824.pdf. Reliable Financial Services, Inc. AS26824.pdf.
11000 dia 11 Janeiro 11 - 19 hrs estatistica.pdf
Try one of the apps below to open or edit this item. 11000 dia 11 Janeiro 11 - 19 hrs estatistica.pdf. 11000 dia 11 Janeiro 11 - 19 hrs estatistica.pdf. Open. Extract.
The ELMA Philanthropies Services (U.S.) Inc. Job Posting New York ...
Sep 9, 2012 - ... and southern Africa and is among the leading grantmakers active on the ... program strategies, and priorities, please go to our website: ... for ensuring ELMA's health strategy is up-to-date with best practices and changes in.
The ELMA Philanthropies Services (U.S.) Inc. Job Posting New York ...
Sep 9, 2012 - Training and continuing education of nurses and midwives is a key focus area including development of facilities, curricula, accreditation and.
Circle (Japanese)
http://depositfiles.com/files/tz. 54 BURGER ..... Seijin Ai Senka. 聖人愛賛歌 ... CG, BDSM, Pregnant, Bukkake http://rapidshare.com/files/146535720. Butagoma ...