Cybersecurity Inspection Body Program

A2LA offers accreditation of cybersecurity organizations to instill confidence in the quality of the independent assessment services to various compliance regimes.

The Cybersecurity Inspection Body Program was created to provide added trust and assurance in the quality of assessments performed by our accredited organizations. A2LA's third party accreditation offers an independent review of an organization's compliance to both ISO/IEC 17020 (Requirements for the operation of various types of bodies performing inspections) as well as competence in technical program requirements for the desired scope of accreditation (I.e. SOC II, HIPAA/HITECH, PCI, etc.).

Organizations accredited under this program will be known as Independent Assessment Organizations (IAOs). Accreditation as an IAO functions as the initial step to become a FedRAMP 3PAO. IAOs must hold a Cybersecurity Inspection Body Program Accreditation for a minimum period of 1 year before being considered for FedRAMP 3PAO status.

Please note that A2LA accreditation to the requirements of a given inspection scheme is not meant to replace an existing approval process through the scheme owner.

This specialty program is covered under the A2LA Inspection Body Accreditation Program.

Program Requirements

ISO/IEC 17020 Requirements for the Operation of Various Types of Bodies Performing Inspection
ILAC P15 - Application of ISO/IEC 17020
R335 - Specific Requirements: Cybersecurity Inspection Body Program

 

Contact Us      Apply      Get a Quote

 

Events

Resources

FAQs