This guide describes the requirements for all vulnerability scans provided by service providers to StateRAMP for products with a Ready, Provisional, or Authorized status.
Vulnerability Scan Requirements Guide Read More »
This document describes the process for StateRAMP stakeholders to use when reporting information concerning information system security incidents or suspected information system security incidents.
Incident Communications Procedures Read More »
Continuous monitoring review procedures outline the process to examine each monthly package.
Continuous Monitoring Guide Read More »
This document explains the actions taken when a service provider fails to maintain an adequate continuous monitoring program.
Continuous Monitoring Escalation Process Read More »
