FedRAMP Framework
CategoryFederal Security Regulation
Federal Risk and Authorization Management Program (FedRAMP) is a US government-wide program that provides a standard approach to security assessment, authorization and continuous monitoring for cloud-based products and services offered to the citizens.
Federal Cloud Protection
Authorization to Operate Federal Cloud Services
FedRAMP enables agencies to rapidly adapt from insecure, legacy IT infrastructure to mission-enabling, secure and cost-effective cloud-based environment.
The program manages a core set of processes to ensure effective, repeatable cloud security for the government. FedRAMP established a mature marketplace to increase utilization and familiarity with cloud services, while facilitating collaboration across government through open exchanges of use cases and lessons learned.
FedRAMP was created in collaboration with NIST, General Services Administration (GSA), Department of Defense (DOD) and Department of Homeland Security (DHS).
The program defines a general Security Assessment Framework (SAF) to ensure that cloud systems used by government entities have adequate safeguards, and Cloud Service Providers (CSP) use a standardized security baseline geared towards cloud systems. It provides processes, guidelines and a Secure Repository that enables federal agencies to leverage standardized security requirements and assessment procedures.
