Is FedRAMP different than SOC 1 / SOC 2?

Yes, FedRAMP is a security framework developed by the Federal Government along with industry professionals to align requirements for cloud service providers with that of the NIST framework. SOC 1 / SOC 2 are reports performed and issued under the SSAE 16 and AT 101 guidance, respectively, and developed by the AICPA and applicable to all third party service providers, rather than just cloud based.

Please log in to rate this.
0 people found this helpful.


Category: General

← FedRAMP FAQ
Signup for the Security Audit Mailing List: