The General Services Administration’s information security practices contain deficiencies in five of eight FISMA program areas, according to an independent evaluation done by KPMG, a professional auditing company. […]

Third party cloud security auditing firms are worried that new documentation requirements put in place by FedRAMP could open them to significant liability risks.