Merge pull request #880 from GSA/sa-conmon-deliverables-template

Conmon deliverables template
GSA · Dec 4, 2024 · 3919278 · 3919278
2 parents 420cbb5 + e4620bf
commit 3919278
Show file tree

Hide file tree

Showing 3 changed files with 2 additions and 2 deletions.
diff --git a/_layouts/faqs.html b/_layouts/faqs.html
@@ -131,7 +131,7 @@ <h4 class="usa-accordion__heading">
 						aria-controls="gen-security-controls"> Who is responsible for the cloud security controls? </button>
           </h4>
           <div id="gen-security-controls" class="usa-accordion__content usa-prose">
-            <p>There is a shared security responsibility model when using cloud products. Cloud service providers (CSPs) and customers (agencies or leveraging CSPs) both assume important security roles and responsibilities to ensure data is protected within cloud environments. CSPs are required to submit a <a href="https://www.fedramp.gov/assets/resources/templates/SSP-Appendix-J-%3CCSO%3E-CIS-and-CRM-Workbook.xlsx">Control Implementation Summary/Customer Responsibility Matrix (CIS/CRM) workbook</a> as Appendix J to the System Security Plan (SSP). The CIS/CRM workbook identifies security controls that the CSP is responsible for implementing, security controls that the customer is responsible for implementing, security controls where there is a shared CSP/customer  responsibility, and security controls that are inherited from an underlying FedRAMP Authorized Infrastructure-as-a-Service (IaaS) or Platform-as-a-Service (PaaS). CSPs use the CRM to describe the specific elements of each control where the responsibility lies with the customer.</p>
+            <p>There is a shared security responsibility model when using cloud products. Cloud service providers (CSPs) and customers (agencies or leveraging CSPs) both assume important security roles and responsibilities to ensure data is protected within cloud environments. CSPs are required to submit a <a href="https://www.fedramp.gov/assets/resources/templates/SSP-Appendix-J-CSO-CIS-and-CRM-Workbook.xlsx">Control Implementation Summary/Customer Responsibility Matrix (CIS/CRM) workbook</a> as Appendix J to the System Security Plan (SSP). The CIS/CRM workbook identifies security controls that the CSP is responsible for implementing, security controls that the customer is responsible for implementing, security controls where there is a shared CSP/customer  responsibility, and security controls that are inherited from an underlying FedRAMP Authorized Infrastructure-as-a-Service (IaaS) or Platform-as-a-Service (PaaS). CSPs use the CRM to describe the specific elements of each control where the responsibility lies with the customer.</p>
           </div>
 
           <!-- Federal Agencies -------------------------------->

diff --git a/...nuous-Monitoring-Deliverables-Template.md → ...nuous-Monitoring-Deliverables-Template.md b/...nuous-Monitoring-Deliverables-Template.md → ...nuous-Monitoring-Deliverables-Template.md
@@ -5,7 +5,7 @@ category: Continuous Monitoring Phase
 weblink:
 filename: templates/FedRAMP-Continuous-Monitoring-Deliverables-Template.xlsx
 filetype: excel
-fileinfo: excel - 37KB
+fileinfo: excel - 127KB
 condition: new
 partner: Cloud Service Providers
 doctype:

diff --git a/assets/resources/templates/FedRAMP-Continuous-Monitoring-Deliverables-Template.xlsx b/assets/resources/templates/FedRAMP-Continuous-Monitoring-Deliverables-Template.xlsx