Core CSP Activities
Stage 1: Review and approve SAP prior to submission to the Agency or JAB
Stage 2: Assist Schellman by providing any required documentation and testing evidence. Document any Plan of Action and Milestones (POA&M) generated from the assessment.
Schellman 3PAO Activities
Stage 1: Draft and submit the SAP to the Agency or JAB for approval.
Stage 2: Conduct testing of all in-scope controls, complete detailed control finding matrices, and issue SAR.