All Necessary Parties
Definition
All entities whose interests are affected directly by activity related to a specific cloud service offering in the context of a FedRAMP authorization. This always includes FedRAMP and any agency customer who is operating the cloud service offering, but may include additional parties depending on agreements made by the cloud service provider (such as consultants or third-party assessors). Potential agency customers or third-party cloud service providers should also be included in most cases but this is not a mandatory requirement under FedRAMP as ultimately the cloud service provider may choose who they wish to do business with.
Also Referred To As
Used in FedRAMP KSI Requirements
This term appears in FedRAMP Key Security Indicator statements. Understanding its precise definition is critical for accurate self-assessment.
Browse KSI themes →