Continuum GRC has introduced an auditing platform designed to help cloud service providers comply with the Federal Risk and Authorization Management Program at a reduced cost.
The company said Wednesday its IT Audit Machine works to help CSPs come up with a security system plan that details the security controls used in a data system prior to a FedRAMP audit with a third-party assessment organization.
ITAM is a cloud-based platform that works to automate continuous monitoring tasks and integrate information technology governance, audit, risk, compliance, policy and incident management operations.
Michael Peters, CEO of Continuum GRC, said compliance with FedRAMP can cost CSPs approximately $2.2 million while continuous monitoring-related activities to maintain program certification can result in $1 million in annual costs.
“We feel those costs shut out most CSPs, which is a shame, because the U.S. government is the biggest single buyer of goods and services in the world,” Peters added.