Chief Compliance Officer for Claudius-Cloud, Inc.

Assume that you are the Chief Compliance Officer for Claudius-Cloud, Inc., a cloud service provider. You are currently working on your FedRAMP policies and procedures. The board of directors has asked you to write a memo explaining the policies and procedures set forth in the FedRAMP System Security Plan (SSP) High Baseline Template.
In particular, the board has asked you to:
• Explain in 1 page the purpose of the following four general types of policies and procedures set forth in the FedRAMP System Security Template:
o Access Control
o Identification and Authentication
o Physical Environment and Protection, and
o Risk Assessment (including in particular Vulnerability Scanning.
• In 3 pages of your memo, you have been asked to describe 2 specific policies and procedures from EACH of those four categories listed above (Access Control, Identification and Authentication, Physical Environment and Protection, and Risk Assessment). In describing these 8 total policies and procedures, you the board has asked you to:
o Explain how they work
o Explain why you believe these specific policies and procedures have been included in the FedRAMP required policies and procedures

 

Sample Solution

The Federal Risk Authorization Management Program (FedRAMP) plays a key role in providing a standardized approach to security assessment, authorization, and continuous monitoring of Cloud Service Providers (CSPs) that do business with the Federal government.CSPs must achieve FedRAMP Authorization status to do business with the federal government. One of the key requirements for attaining this status is developing a System Security Plan (SSP), a comprehensive document describing the CSP’s security controls, systems architecture, and roles and responsibilities. FedRAMP sets a high bar for security. FedRAMP security baselines include additional controls above and beyond the National Institute of Standards and Technology

et equilibrium is the position at which the demand becomes equal to the supply and this helps in analysing the price which needed to be charged, and such price is known as an equilibrium price. The equilibrium price is the point where demand and supply interact with each other. The price is believed to be constant until an external force affects the demand and supply of the goods, and such can result in the shift in the curve (Schneider, 2013). Therefore, the demand and supply data shows that the demand and supply are becoming equal at 50m units when the price is charged at £30 from the customers. The market equilibrium price for SmartWatch is £30, and the equilibrium quantity is 50m units annually.

B.Supply and Demand Schedule

(Fig. 2)

The increase in the price at £40 would affect the demand in an inverse way which means that that the demand will decrease with an increasing price. The price plays a major role in the demand of a product, and the law of demand states that an increase in prices will decrease the demand when other things are kept constant (Arnold, 2008). After evaluating the above figure, it has been evaluated that the price of £40 will result in the demand decrease at 30m units annually.

(Fig. 3)

The price and supply have a direct relationship which states that an increase in the price will result in increased supply. The law of supply states that the supply will be affected only by the price, and the other elements are kept constant and the increase in price will increase the demand (Arnold, 2008). Therefore, it can be stated that an increase in price at £40 will result in an increase in demand, and this can be evaluated from the graph above which shows that when the price becomes £40, the supply becomes 70m units per year.

Income Effect

Normal goods are the goods, whose demand shows a direct relationship with the income as such goods are the goods that the customers demand when the income increases, and the affordability also increases. The goods whose demand falls when the income of the individual decreases, and the demand increases when th

This question has been answered.

Get Answer