Margenics has a Provisional Authority to Operate (P-ATO) at the High impact level from the FedRAMP Joint Authorization Board (JAB). This means Margenics has undergone a significant, thorough security and compliance review so that your agency can focus on reviewing the parts of the system that serve your mission more directly.
The Federal Risk and Authorization Management Program (FedRAMP) evaluates cloud services and issues a Provisional Authority to Operate (P-ATO) to those that pass review. Those come in two flavors: Agency and JAB. Both authorizations look at a standardized set of FISMA and NIST requirements and both can be used by other agencies in their ATO process. The difference is, when the Joint Authorization Board (JAB) is convened, it’s to review a cloud service that is and should be used throughout the government. The members of the JAB are the CIOs of the General Services Administration, Department of Defense, and Department of Homeland Security. They issue a P-ATO for cloud services that pass their review and to be used to run systems holding any kind of government data at specific levels. Margenics has an authorization at the high level which means it is a vetted and trustable service for data where the impact of loss is serious or catastrophic.
Once that P-ATO is granted, FedRAMP requires Margenics to undergo re-assessment every year and maintain continuous monitoring. This gives your agency ongoing assurance that Margenics is compliant.
For DoD teams: the Defense Information Systems Agency (DISA) has issued a DoD Provisional Authorization for Margenics at DISA impact level four. Some points to bear in mind:
Your agency still needs to grant your system an Authority to Operate, but FedRAMP has done the labor-intensive work of reviewing Margenics’s security posture and endorsed it, which reduces the compliance work you need to do. Your agency’s authorizing official can request the P-ATO documentation package from FedRAMP and accept that endorsement for your own system
