Somnoware Partners With Lazarus Alliance for FedRAMP Certification Audit

Cloud-based respiratory healthcare management platform Somnoware has partnered with cyber security and GRC firm Lazarus Alliance for a FedRAMP certification audit

Lazarus Alliance, a leading cyber security, governance, risk, and compliance (GRC) firm, today announces its partnership with Somnoware, a cloud-based respiratory healthcare management platform. Lazarus Alliance will perform a FedRAMP Moderate 3PAO audit for Somnoware, help the company develop internal security policies, and perform penetration testing and vulnerability scanning.

FedRAMP was designed to support the federal government’s “cloud-first” initiative by making it easier for federal agencies to contract with cloud service providers (CSPs). CSPs are required to obtain FedRAMP certification to contract with U.S. federal government agencies, and a FedRAMP Authority to Operate (ATO) qualifies a CSP to provide services to any federal agency.

“We are excited to be working with Somnoware on its FedRAMP certification,” said Michael Peters, CEO of Lazarus Alliance. “FedRAMP certification ensures that CSPs who process and store government data adhere to the robust cyber security protocols and defenses needed in this very dangerous cyber threat environment.”

CSPs must prepare their own System Security Plan (SSP) document, which is the first step towards FedRAMP compliance. An SSP outlines the internal security controls the CSP is currently using and how they have been implemented.

“In this threat environment, where nation-state hackers are increasingly targeting federal contractors and subcontractors, FedRAMP certification isn’t just a matter of compliance. It’s a matter of national security,” said Michael Peters, CEO of Lazarus Alliance. “FedRAMP certification also helps CSPs compete for private-sector customers because everyone knows how difficult it is to obtain it. A CSP that has undergone a FedRAMP audit has proven that they have implemented rigorous internal security controls and procedures.”

Peters noted that Lazarus Alliance makes this process easier for its clients by providing them with access to the IT Audit Machine FedRAMP SSP module from Continuum GRC at no additional cost. The IT Audit Machine is a cloud-based GRC solution that integrates IT governance, policy management, risk management, compliance management, audit management, and incident management.

“The IT Audit Machine walks CSPs through the process of preparing their SSP and ensures that they have everything ready for their actual audit,” Peters explained. “Additionally, Lazarus Alliance uses Continuum GRC’s IT Audit Machine to perform the 3PAO audit. The pre-loaded, drag-and-drop modules greatly simplify and accelerate the FedRAMP certification process, saving our clients significant time and money. Through this process, some of our clients have saved up to 1,000% over traditional FedRAMP assessment methods.”

Source: Lazarus Alliance