With the publishing of the U.S. Department of Defense memorandum for ‘FedRAMP Moderate Equivalency for Cloud Service Provider’s Cloud Service Offerings’, assessors will be asking defense contractors to provide the body of evidence (BoE) of any cloud service providers not authorized in the FedRAMP Marketplace.
For access to the Microsoft Office 365 GCC High and/or Azure Government BoEs, as per the memo, please contact:
The BoE is considered highly sensitive and confidential information. While Microsoft is transparent and will allow for customers to access the BoE under a Non-Disclosure Agreement (NDA), you must be a customer and make the request to the above email addresses.
For more details on Microsoft’s GCCH environment and FedRAMP compliance, check out Richard Wakeman’s detailed blog at https://aka.ms/FedRAMPGCCH.
About the author
Carley Salmon is a Senior Data Security Technical Specialist for Microsoft Federal Defense. Prior to coming to Microsoft, she spent 4 years with the DCMA DIBCAC and was part of the team that built the assessment processes.
