Baltimore, Md. October 31, 2023 – BCR Cyber, a leading provider of comprehensive cybersecurity training, certification, and job placement services, announces the on-line availability of its Third Party Assessment Organization (3PAO) Personnel Database.
This database provides Cloud Service Providers (CSPs) and other interested parties with a mechanism for confirming BCR Cyber Proficiency Testing certification and qualifications of assessors performing Federal Risk and Authorization Management Program (FedRAMP) assessments. Additionally, it provides access to a subset of the assessor data maintained in support of the American Association for Laboratory Accreditation (A2LA) FedRAMP 3PAO accreditation program.
“BCR Cyber is committed to supporting both 3PAOs and CSPs involved in the FedRAMP program through the creation and maintenance of proficiency testing in support of the program,” says Michael Spector, President, BCR Cyber. “The launch of the database represents a new capability for identifying and confirming the skills, knowledge, and certifications of individual 3PAO assessors.”
Users of the database are prompted for an assessor name and the database response reflects the BCR Cyber Proficiency Testing certification status and 3PAO. The database does not provide lists of 3PAO organizations, assessors or provide assessor contact information. Use of the database is granted for a fee of $19.99, which provides 30 minutes of access time. The database is available at https://bcrcyber.com/3PAOdatabase. Cloud service providers are encouraged to utilize this database to confirm the qualifications of their contracted 3PAO personnel.
BCR Cyber holds the exclusive responsibility of conducting technical proficiency testing for 3PAOs as required by FedRAMP. BCR Cyber testing ensures that these organizations meet the standards necessary to assess and authorize cloud service providers to support the FedRAMP program.
Additionally, BCR Cyber has established valuable strategic relationships with state and federal government IT departments, enabling them to deliver cutting-edge cybersecurity training to their employees. By collaborating closely with these government entities, they contribute to strengthening their cybersecurity posture and fostering a culture of continuous learning and improvement.