Vendors wanting to provide cloud service to the government must meet as many as 168 security controls under the FedRAMP program.

The General Services Administration released specific requirements around each of the security controls for FedRAMP last week for systems needing low and moderate security levels.

GSA and the departments of Defense and Homeland Security based these controls on the National Institute of Standards and Technology cybersecurity guidance, called special publication 800-53, Revision 3, for the Federal Information Security Management Act (FISMA).

via Federal News Radio, continued here.