OSCAL Conversion for FedRAMP

Begin your journey by migrating existing documents over to OSCAL

Having converted many CSP FedRAMP packages over to OSCAL, we have the tools and the know-how to complete this expeditiously and accurately.

Schedule a Conversion

Featured Customer

“DRTConfidence team migrated our SSP and POA&M to OSCAL successfully and provided instant access to all our compliance documents within the GRC platform. With the click of a button, we can create a high-quality SSP in a printable and OSCAL format, positioning us well for FedRAMP’s future adoption of OSCAL. I would highly recommend them to others.”

- VP of Security, Copado

Our Onboarding Process

Our onboarding process ensures a smooth transition from your current GRC or manual documents, through OSCAL conversion, to continuous submissions in OSCAL

Intake

We provide an onboarding schedule at the time of sign-up. During intake we will review the existing documentation and provide a firm schedule for conversion.

Convert

During conversion we will work closely with your team to ensure all data gaps are addressed and validations are successful

Support

We will provide ongoing training and support through the initial phase of your team’s transition to our platform.

Conversion to OSCAL

We follow a 4-step process to convert existing Word and Excel based FedRAMP documents including the System Security Plan (SSP), and the Plan of Action and Milestones (POA&M).

1. Extract

We extract the content of existing FedRAMP template-based documents into an intermediary format. We extract from Word and Excel FedRAMP Templates for SSP, IIW, CIS and POA&M.

2. Map

We map the information extracted in the first step, to the OSCAL format in accordance with FedRAMP guidelines.

3. Augment

We work with you to augment the information required by OSCAL and FedRAMP guidelines, which may not have been provided in previous submissions. This is necessary to ensure the final OSCAL package will pass validations.

4. Validate

We perform FedRAMP proposed validations to ensure that the future submissions based on OSCAL will be successfully accepted by FedRAMP.

Ongoing Submissions

Once the FedRAMP authorization documents are converted to OSCAL, you can continue to manage the static portions of the information directly in our platform. You can leverage our APIs to continue to update the dynamic part of the information. You will be able to submit “OSCAL and/or human readable” documents to FedRAMP and Government Agencies.

FedRAMP Validated

First and Only platform that has successfully submitted a full ATO package in OSCAL format.

Schellman and DNANexus teamed with DRTConfidence to convert a complete ATO Package (SSP, POA&M, SAP, SAR) to OSCAL. The package was submitted to FedRAMP for validation ensuring it met all OSCAL and FedRAMP guidelines. The submission was deemed successfully validated by FedRAMP.

Read more

Avoid last minute rush to meet FedRAMP deadlines.

Schedule a Conversion Today