LISTEN TO MIKE CRAIG ON THE VIRTUAL CISO PODCAST
Home Blog Story & Services Contact Courses

System Designers

Helping you make sense of FedRAMP requirements, and create a compliant solution that enhances your business

Where do you fit each journey phase?

Existing Product SMEs, Solution Architects, and Expert Witnesses 

In the Pathfinding phase, you help define system boundaries, evaluate existing infrastructure, and identify the largest and most expensive gaps to addressing FedRAMP requirements.

During the Solution Building, you need to intimately understand FedRAMP controls, requirements, and guidance interpretations controls, and integrate these controls into the system architecture.

In the Assessment Preparation phase, you are critical in conducting self-assessments, fixing identified security gaps, and preparing comprehensive documentation to demonstrate compliance. Finally, during the assessment process, you will be interviewed by 3PAO auditors, offering clarifications and demonstrating how the system meets the security requirements.

The skills you'll need at each phase are:

Pathfinding:

  • System Evaluation
  • Risk Assessment
  • Intimate FedRAMP Requirements Understanding

Solution Building:

  • System Admin/Developer Skills Needed to Implement Requirements
  • System Architecture
  • System Integration

Assessment Preparation:

  • Self-Assessment Against FedRAMP Requirements
  • System Documentation and Procedure Writing
  • Communication to Non-Technical Audiences
FedRAMP Accepted or Declined

What pitfalls and challenges can you expect?

As a technical expert on your product, your role is to advise on the impacts of required system changes, and find solutions to ensure continued operations in a way that meets FedRAMP requirements. What can you expect from each phase? The keys to success are understanding where requirements are and are not flexible, and flexible IT expertise to reduce the cscope, cost, and timeline of system changes.

Pitfalls

  • Misinterpretation of FedRAMP requirements that lead to misperceptions of required changes
  • Poor integration of new tools or design changes that negatively impact business operations
  • Poor documentation and/or communication of system operation processes and design, leading to confused assessors

Challenges

  • Accurately defining the system boundary
  • Managing changes in a timeframe that does not negatively impact customers or business operations
  • Gathering and maintaining evidence for each control, for every representative group of system components in the FedRAMP environment
 VANAHEIM SECURITY HAS BEEN THERE

 

As a former cloud security architect practice lead, and lead architect for a multi-cloud FedRAMP High platform serving multiple government missions, Vanaheim's consultation services draw from deep experience to help you understand and interpret FedRAMP requirements in depth, and assist you in developing creative solutions to your design and tool selection challenges.

Course Offerings

Easy-to-follow courses, on your own time

Our courses are designed to save you expensive consulting hours to get you comfortable with the bare basics a system architect, engineer, or administrator needs to know. You might opt to include honest stories and lessons learned from someone who has successfully navigated the process end-to-end and helped many others achieve the same.

Check out our free learnings, or some excerpts from each program tier to see the Vanaheim difference.

Free Examples

  • "Shared responsibility model"
  • "How your authorization informs design requirements"

Paid Tier Examples

  • Foundations: "FedRAMP authorized services by major cloud providers
  • Experiential Learning: "How CSP (Cloud Service Provider) native service approaches to security affect your FedRAMP compliance costs"

SYSTEM DESIGNERS BUNDLES

Includes selected learning modules from each FedRAMP journey phase offering, and new high-value content just for system architects, engineers, and administrators

Foundations

$500

Foundational Learning

  • Defining your FedRAMP role
  • Selected Foundations Tier course modules from each FedRAMP Journey phase
  • Tailored content for system designers and tech experts
PRE-ORDER

Experiential Learning

$2500

Most Popular

  • All bundled Foundations Tier content
  • Selected Experiential Learning Tier modules from each FedRAMP Journey phase
  • Lessons, insights, and case studies from Vanaheim's experienced consultants
PRE-ORDER

To help your whole team understand what is needed from them at each phase of the FedRAMP journey, see our explanatory series bundles: 

PATHFINDING PHASE
SOLUTION BUILDING PHASE
ASSESSMENT PREPARATION PHASE
PRICING AND PURCHASE