Sandbox Assessments

Rehearse a FedRAMP or agency-ATO assessment and generate practice OSCAL artifacts.

Compliance & risk

Sandbox Assessments is a practice environment for FedRAMP and internal-ATO assessments. You create a package (optionally linked to an RMF Pre-Adjudication package), choose a mode (commercial 3PAO prep or agency ATO rehearsal) and audit path, and generate practice OSCAL artifacts — SAP, SAR, and POA&M. A persistent banner makes clear these are rehearsal artifacts, not a signed assessment.

How to use it

Open Sandbox Assessments from the sidebar and click New practice assessment.
Optionally link an RMF Pre-Adjudication package — this seeds findings and auto-fills the framework.
Name the assessment, choose the mode and audit path, and confirm the framework.
Create the package and open its detail page to generate artifacts.
Use the What-If Sandbox to model scenarios before committing.

Tips

Generated SAP / SAR / POA&M artifacts are practice-only — an accredited assessor or AO must review them before any official use.

Open Sandbox Assessments in the app

Jump straight to the feature, or browse the rest of the guides.

Go to Sandbox Assessments All feature guides →

Sandbox Assessments

How to use it

Tips

Related

Open Sandbox Assessments in the app