Community

FedRAMP 3rd Party Pentest and Audit Materials

223
4
02-19-2024 03:31 AM
ZeldaEls
by
New Contributor II
‎02-19-2024 03:31 AM

Good Day

The company I work for is busy conducting a cloud risk assessment of AGO and requires the FedRAMP pen test and audit reports. We have been requesting these reports via our local ESRI office since November 2023 with no success. It is my understanding that these reports are available based on the information provided on FedRAMP—ArcGIS Trust Center | Documentation .

Is there any possibility that I can be put in contact with someone at ESRI Software Security & Privacy directly? Please note I have mailed the SoftwareSecurity@esri.com but have received no response.

We cannot integrate our system with ESRI without these outstanding reports. 

Kind regards,

Zelda

0 Kudos
4 Replies
George_Thompson
by Esri Frequent Contributor
Esri Frequent Contributor
‎02-20-2024 04:49 AM

I would work directly with your Esri account manager or distributor to potentially obtain any more information on this.

--- George T.
0 Kudos
ZeldaEls
by
New Contributor II
‎02-23-2024 06:01 AM

Hi George

I have liaised directly with my ESRI account manager and the CTO for the distributor, but it was not successful.

0 Kudos
George_Thompson
by Esri Frequent Contributor
Esri Frequent Contributor
‎02-23-2024 06:11 AM

I am not aware of any specific contact, I would recommend following up to the email address above.

--- George T.
0 Kudos
JennyUrquidi
by Esri Contributor
Esri Contributor
‎03-19-2024 03:25 PM

Hello Zelda - We can provide the pentest and audit report to you with a fully executed NDA that can be obtained through your Esri account manger. If you run into any further obstacles please let me know.

Thank you.

Jenny

0 Kudos