Skip to main content
follow
#main
CSPs Prioritized to Work with the JAB and the Next FedRAMP Connect Due Date
follow
/2021-11-02-csps-prioritized/
FedRAMP Releases Updated Marketplace Designations Document for CSPs
follow
/blog/2021-10-28-Updated-Marketplace-Designations-Document/
FedRAMP Marketplace Designations for Cloud Service Providers
follow
/assets/resources/documents/FedRAMP_Marketplace_Designations_for_Cloud_Service_Providers.pdf
FedRAMP Releases Updated Agency Authorization Playbook
follow
/blog/2021-10-20-Updated-Agency-Authorization-Playbook/
The Importance of ATO Letter Submission
follow
/blog/2021-09-22/ATO-Letter-Submission/
SSP ATTACHMENT 13 - FedRAMP Integrated Inventory Workbook Template
follow
/assets/resources/templates/SSP-A13-FedRAMP-Integrated-Inventory-Workbook-Template.xlsx
FedRAMP Updates CSP SSP (200A) Training
follow
/blog/2021-08-24/FedRAMP-Updates-CSP-SSP-Training/
FedRAMP Releases OSCAL Validations
follow
/blog/2021-08-12/FedRAMP-Releases-OSCAL-Validations/
FedRAMP Releases the FY21 Annual Survey!
follow
/blog/2021-08-10/FY-21-FedRAMP-Annual-Survey/
FedRAMP Releases Updated OSCAL Template & Tools
follow
/blog/2021-07-20-FedRAMP-Releases-Updated-OSCAL-Templates-Tools/
Requesting Public Comment on FedRAMP Authorization Boundary Guidance
follow
/blog/2021-07-14-Public-Comment-Boundary-Guidance/
FedRAMP Authorization Boundary Guidance
follow
/assets/resources/documents/CSP_A_FedRAMP_Authorization_Boundary_Guidance.pdf
A2LA Updates the R311
follow
/blog/2021-06-30-A2LA-Updates-the-R311/
FedRAMP Announces NIST’s OSCAL 1.0.0 Release
follow
/blog/2021-06-08-NISTs-OSCAL-1-0-0-Release/
An Update to FedRAMP’s Low, Moderate, and High Baseline SA-4 Controls and IR-3 High Baseline
follow
/blog/2021-05-20-SA-4_IR-3_Updates/
FedRAMP Security Controls Baseline
follow
/assets/resources/documents/FedRAMP_Security_Controls_Baseline.xlsx
FedRAMP System Security Plan (SSP) Moderate Baseline Template
follow
/assets/resources/templates/FedRAMP-SSP-Moderate-Baseline-Template.docx
FedRAMP System Security Plan (SSP) Low Baseline Template
follow
/assets/resources/templates/FedRAMP-SSP-Low-Baseline-Template.docx
FedRAMP System Security Plan (SSP) High Baseline Template
follow
/assets/resources/templates/FedRAMP-SSP-High-Baseline-Template.docx
FedRAMP Moderate Authorization Toolkit
follow
/assets/resources/toolkits/FedRAMP-Moderate-Authorization-Toolkit.zip
FedRAMP Low Authorization Toolkit
follow
/assets/resources/toolkits/FedRAMP-Low-Authorization-Toolkit.zip
FedRAMP High Authorization Toolkit
follow
/assets/resources/toolkits/FedRAMP-High-Authorization-Toolkit.zip
3PAO Obligations and Performance Guide
follow
/assets/resources/documents/3PAO_Obligations_and_Performance_Guide.pdf
Remote Testing of Datacenters
follow
/blog/2021-05-11-Remote-Testing-of-Datacenters/
Rev5 Transition Update
follow
/2021-05-06-Rev5-Update/
FedRAMP Connect Business Case Deadline Extended
follow
/2021-04-27-Connect-Business-Case-Deadline-Extended/
Release of FedRAMP Incident Communications Procedures
follow
/2021-04-15-Incident-Communications-Procedures/
Incident Communications Procedures
follow
/assets/resources/documents/CSP_Incident_Communications_Procedures.pdf
FedRAMP Agency Authorization Review Report Sample Template
follow
/assets/resources/templates/FedRAMP_Agency_Authorization_Review_Report_Sample_Template.pdf
FedRAMP Moderate Readiness Assessment Report (RAR) Template
follow
/assets/resources/templates/FedRAMP-Moderate-RAR-Template.docx
FedRAMP High Readiness Assessment Report (RAR) Template
follow
/assets/resources/templates/FedRAMP-High-RAR-Template.docx
JAB Guidance on CentOS Linux End of Life
follow
/2021-03-30-CentOS-Linux-End-of-Life/
FedRAMP Initial Authorization Package Checklist
follow
/assets/resources/templates/FedRAMP-Initial-Authorization-Package-Checklist.xlsx
FedRAMP Launches YouTube Channel
follow
/2021-03-24-youtube-channel/
Vulnerability Scanning Requirements for Containers
follow
/2021-03-16-Vulnerability-Scanning-doc/
Vulnerability Scanning Requirements for Containers
follow
/assets/resources/documents/Vulnerability_Scanning_Requirements_for_Containers.pdf
The New FedRAMP.gov
follow
/2021-02-16-new-fedrampgov/
FedRAMP Explores a Threat-Based Methodology to Authorizations
follow
/2021-02-10-threat-based-methodology/
Threat-Based Risk Profiling Methodology White Paper
follow
/assets/resources/documents/Threat-Based_Risk_Profiling_Methodology.pdf
CSPs Prioritized to Work with the JAB and Next FedRAMP Connect Due Date
follow
/2021-01-27-csps-prioritized/
Branding Guidance
follow
/assets/resources/documents/FedRAMP_Branding_Guidance.pdf
Timeliness and Accuracy of Testing Requirements
follow
/assets/resources/documents/CSP_Timeliness_and_Accuracy_of_Testing_Requirements.pdf
FedRAMP Guide for Multi-Agency Continuous Monitoring
follow
/assets/resources/documents/Agency_Guide_for_Multi-Agency_Continuous_Monitoring.pdf
FedRAMP Tailored Authorization Toolkit
follow
/assets/resources/toolkits/FedRAMP-Tailored-Authorization-Toolkit.zip
FedRAMP Hosts a 3PAO Interact Week
follow
/fedramp-hosts-a-3pao-interact-week/
FedRAMP’s NIST Rev5 Transition Plan
follow
/FedRAMP-NIST-Rev5-Transition-Plan/
CSPs Prioritized to Work with the JAB and Next FedRAMP Connect Due Date
follow
/csps-prioritized-to-work-with-the-jab-and-next-fedramp-connect-due-date/
FedRAMP Reaches 200 Authorizations
follow
/fedramp-reaches-200-authorizations/
Updated 3PAO Obligations and Performance Standards document
follow
/updated-3PAO-obligations-and-performance-standards-document/
Additional FedRAMP OSCAL Resources and Templates
follow
/additional-fedramp-oscal-resources-and-templates/
Requesting Public Comment on Vulnerability Scanning Requirements for the Deployment and Use of Containers
follow
/vulnerability-scanning-requirements-for-the-deployment-and-use-of-containers/
Updated Customer Implementation Summary (CIS) and Customer Responsibility Matrix (CRM) Templates
follow
/updated-customer-implementation-summary-cis-and-customer-responsibility-matrix-crm-templates/
SSP ATTACHMENT 9 - FedRAMP Low or Moderate Control Implementation Summary (CIS) Workbook Template
follow
/assets/resources/templates/SSP-A09-FedRAMP-Low-or-Moderate-CIS-Workbook-Template.xlsx
SSP ATTACHMENT 9 - FedRAMP High Control Implementation Summary (CIS) Workbook Template
follow
/assets/resources/templates/SSP-A09-FedRAMP-High-CIS-Workbook-Template.xlsx
Please Take the FY20 FedRAMP Annual Survey!
follow
/take-the-fy20-annual-survey/
An Update to FedRAMP’s High Baseline SA-9(5) Control
follow
/an-update-to-fedramps-high-baseline-sa-95-control/
FedRAMP Announces Document and Template Updates
follow
/fedramp-announces-document-and-template-updates/
SSP ATTACHMENT 12 - FedRAMP Laws and Regulations Template
follow
/assets/resources/templates/SSP-A12-FedRAMP-Laws-and-Regulations-Template.xlsx
FedRAMP Master Acronym & Glossary
follow
/assets/resources/documents/FedRAMP_Master_Acronym_and_Glossary.pdf
FedRAMP Announces Agency Liaison Program
follow
/fedramp-announces-agency-liaison-program/
Using the FedRAMP OSCAL Resources and Templates
follow
/using-the-fedramp-oscal-resources-and-templates/
Do Once, Use Many - How Agencies Can Reuse a FedRAMP Authorization
follow
/how-agencies-can-reuse-a-fedramp-authorization/
Reusing Authorizations for Cloud Products Quick Guide
follow
/assets/resources/documents/Reusing_Authorizations_for_Cloud_Products_Quick_Guide.pdf
JAB Prioritized CSPs and FedRAMP Connect Updates
follow
/jab-prioritized-csps-and-fedramp-connect-updates/
JAB Prioritization Criteria and Guidance
follow
/assets/resources/documents/CSP_JAB_P-ATO_Prioritization_Criteria_and_Guidance.pdf
FedRAMP Lessons Learned for Small Businesses
follow
/FedRAMP-lessons-learned-for-small-businesses/
FedRAMP Looks Back on a Successful FY2019
follow
/FedRAMP-looks-back-on-a-successful-2019/
FedRAMP Moves to Automate the Authorization Process
follow
/FedRAMP-moves-to-automate-the-authorization-process/
Seeking Public Comments on the Draft Customer Implementation Summary (CIS) and Customer Responsibility Matrix (CRM) Templates
follow
/Seeking-Public-Comments-on-the-Draft-Customer-Implementation-Summary-and-Customer-Responsibility-Matrix-Templates/
A Successful FedRAMP Startup & Small Business Meetup in San Francisco
follow
/A-Successful-FedRAMP-Startup-and-Small-Business-Meetup-in-San-Francisco/
FedRAMP Connect Results and Next Round of Connect Open Until September 13th
follow
/FedRAMP-Connect-Results-and-Next-Round-of-Connect-Open-Until-September-13th/
FedRAMP Heads to San Francisco to Host Small Business & Startup Meetup
follow
/FedRAMP-Heads-West-to-Host-Small-Business-&-Startup-Meetup/
Please Take the FY19 FedRAMP Annual Survey!
follow
/Please-Take-the-FY19-FedRAMP-Annual-Survey/
FedRAMP Launches Ideation Challenge
follow
/FedRAMPs-Ideation-Challenge/
FedRAMP Marketplace Guidance Released
follow
/FedRAMP-Marketplace-Guidance-Released/
FedRAMP ATO Letter Template
follow
/assets/resources/templates/FedRAMP-ATO-Letter-Template.docx
Get to Know FedRAMP"s Program Manager of Security Operations
follow
/Get-to-Know-Fedramps-Program0-Manager-of-Security-Operations/
Meet FedRAMP"s Customer Success Manager
follow
/Meet-FedRAMPs-Customer-Success-Manager/
Best Practices for Multi-Agency Continuous Monitoring
follow
/Best-Practices-for-Multi-Agency-Continuous-Monitoring/
Reviewing the SAR - Best Practices for 3PAOs, Agencies, and Cloud Service Providers
follow
/reviewing-the-sar-best-practices-for-3paos-agencies-and-cloud-service-providers/
FedRAMP Updates 3PAO Requirements
follow
/fedramp-updates-3pao-requirements/
FedRAMP Vulnerability Deviation Request Form
follow
/assets/resources/templates/FedRAMP-Vulnerability-Deviation-Request-Form.xlsx
FedRAMP Significant Change Form Template
follow
/assets/resources/templates/FedRAMP-Significant-Change-Form-Template.pdf
FedRAMP New Cloud Service Offering (CSO) or Feature Onboarding Request Template
follow
/assets/resources/templates/FedRAMP-New-CSO-or-Feature-Onboarding-Request-Template.docx
Significant Change Policies and Procedures
follow
/assets/resources/documents/CSP_Significant_Change_Policies_and_Procedures.docx
APPENDIX B - FedRAMP Tailored LI-SaaS Template
follow
/assets/resources/templates/APPENDIX-B-FedRAMP-Tailored-LI-SaaS-Template.docx
Joint Authorization Board Charter
follow
/assets/resources/documents/FedRAMP_Joint_Authorization_Board_Charter.pdf
CSP Authorization Playbook: Getting Started with FedRAMP
follow
/assets/resources/documents/CSP_Authorization_Playbook_Getting_Started_with_FedRAMP.pdf
FedRAMP General Document Acceptance Criteria
follow
/assets/resources/documents/FedRAMP_General_Document_Acceptance_Criteria.pdf
Annual Assessment Guidance
follow
/annual-assessment-guidance/
Continuous Monitoring Strategy Guide
follow
/assets/resources/documents/CSP_Continuous_Monitoring_Strategy_Guide.pdf
Plan of Action and Milestones (POA&M) Template Completion Guide
follow
/assets/resources/documents/CSP_POAM_Template_Completion_Guide.pdf
FedRAMP Accelerated: A Case Study for Change Within Government
follow
/assets/resources/documents/FedRAMP_Accelerated_A_Case_Study_For_Change_Within_Government.pdf
Vulnerability Scanning Requirements
follow
/assets/resources/documents/CSP_Vulnerability_Scanning_Requirements.pdf
Guide for Determining Eligibility and Requirements for the Use of Sampling for Vulnerability Scans
follow
/assets/resources/documents/CSP_Vulnerability_Scan_Requirements_Using_Sampling.pdf
Automated Vulnerability Risk Adjustment Framework Guidance
follow
/assets/resources/documents/CSP_Automated_Vulnerability_Risk_Adjustment_Framework.pdf
Annual Assessment Controls Selection Worksheet
follow
/assets/resources/documents/CSP_Annual_Assessment_Controls_Selection_Worksheet.xlsx
Continuous Monitoring Performance Management Guide
follow
/assets/resources/documents/CSP_Continuous_Monitoring_Performance_Management_Guide.pdf
Continuous Monitoring Monthly Executive Summary Template
follow
/assets/resources/templates/FedRAMP-Continuous-Monitoring-Monthly-Executive-Summary-Template.xlsx
Impact of FedRAMP for Small Businesses
follow
/impact-of-fedramp-for-small-businesses/
Control Specific Clauses
follow
/assets/resources/documents/Agency_Control_Specific_Contract_Clauses.pdf
Agency Authorization Playbook
follow
/assets/resources/documents/Agency_Authorization_Playbook.pdf
Penetration Test Guidance
follow
/assets/resources/documents/CSP_Penetration_Test_Guidance.pdf
Annual Assessment Guidance
follow
/assets/resources/documents/CSP_Annual_Assessment_Guidance.pdf
Understanding Baselines and Impact Levels in FedRAMP
follow
/understanding-baselines-and-impact-levels/
Security Assessment Framework
follow
/assets/resources/documents/FedRAMP_Security_Assessment_Framework.pdf
APPENDIX A - FedRAMP Tailored Security Controls Baseline
follow
/assets/resources/templates/APPENDIX-A-FedRAMP-Tailored-Security-Controls-Baseline.xlsx
FedRAMP Tailored LI-SaaS Requirements
follow
/assets/resources/templates/FedRAMP-Tailored-LI-SaaS-Requirements.docx
APPENDIX E - FedRAMP Tailored LI - SaaS Self-Attestation Requirements
follow
/assets/resources/templates/APPENDIX-E-FedRAMP-Tailored-LI-SaaS-Self-Attestation-Requirements.docx
APPENDIX D - FedRAMP Tailored LI - SaaS Continuous Monitoring Guide
follow
/assets/resources/templates/APPENDIX-D-FedRAMP-Tailored-LI-SaaS-Continuous-Monitoring-Guide.docx
APPENDIX C - FedRAMP Tailored LI-SaaS ATO Letter Template
follow
/assets/resources/templates/APPENDIX-C-FedRAMP-Tailored-LI-SaaS-ATO-Letter-Template.docx
FedRAMP Annual Security Assessment Report (SAR) Template
follow
/assets/resources/templates/FedRAMP-Annual-SAR-Template.docx
SSP ATTACHMENT 6 - FedRAMP Information System Contingency Plan (ISCP) Template
follow
/assets/resources/templates/SSP-A06-FedRAMP-ISCP-Template.docx
SSP ATTACHMENT 5 - FedRAMP Rules of Behavior (RoB) Template
follow
/assets/resources/templates/SSP-A05-FedRAMP-RoB-Template.docx
SSP ATTACHMENT 4 - FedRAMP Privacy Impact Assessment (PIA) Template
follow
/assets/resources/templates/SSP-A04-FedRAMP-PIA-Template.docx
FedRAMP Security Assessment Report (SAR) Template
follow
/assets/resources/templates/FedRAMP-SAR-Template.docx
FedRAMP Security Assessment Plan (SAP) Template
follow
/assets/resources/templates/FedRAMP-SAP-Template.docx
FedRAMP Annual Security Assessment Plan (SAP) Template
follow
/assets/resources/templates/FedRAMP-Annual-SAP-Template.docx
3PAO Readiness Assessment Report Guide
follow
/assets/resources/documents/3PAO_Readiness_Assessment_Report_Guide.pdf
CSP JAB P-ATO Roles and Responsibilities
follow
/assets/resources/documents/CSP_JAB_P-ATO_Roles_and_Responsibilites.pdf
3PAO JAB P-ATO Roles and Responsibilities
follow
/assets/resources/documents/3PAO_Roles_and_Responsibilities.pdf
SAP APPENDIX A - FedRAMP Moderate Security Test Case Procedures Template
follow
/assets/resources/templates/SAP-AA-FedRAMP-Moderate-Security-Test-Case-Procedures-Template.xlsx
SAP APPENDIX A - FedRAMP Low Security Test Case Procedures Template
follow
/assets/resources/templates/SAP-AA-FedRAMP-Low-Security-Test-Case-Procedures-Template.xlsx
SAP APPENDIX A - FedRAMP High Security Test Case Procedures Template
follow
/assets/resources/templates/SAP-AA-FedRAMP-High-Security-Test-Case-Procedures-Template.xlsx
SAR APPENDIX A - FedRAMP Risk Exposure Table Template
follow
/assets/resources/templates/SAR-AA-FedRAMP-Risk-Exposure-Table-Template.xlsx
FedRAMP Plan of Action and Milestones (POA&M) Template
follow
/assets/resources/templates/FedRAMP-POAM-Template.xlsm
FedRAMP Package Access Request Form
follow
/assets/resources/documents/Agency_Package_Request_Form.pdf
FedRAMP Policy Memo
follow
/assets/resources/documents/FedRAMP_Policy_Memo.pdf
follow
https://www.fedramp.gov
Program Basics
follow
/program-basics/
Meet the Team
follow
/team/
Governance
follow
/governance/
Cloud Service Providers
follow
/cloud-service-providers/
Federal Agencies
follow
/federal-agencies/
Assessors
follow
/assessors/
Agency Authorization
follow
/agency-authorization/
JAB Authorization
follow
/jab-authorization/
Documents & Templates
follow
/documents-templates/
Training
follow
/training/
Tailored Authorization
follow
https://tailored.fedramp.gov
Marketplace
follow
https://marketplace.fedramp.gov
Learn Program Basics
follow
/program-basics/
Meet The Process
follow
#auth-process
Start Process
follow
/cloud-service-providers/
Learn How
follow
/federal-agencies/
Review Steps
follow
/assessors/
follow
/agency-authorization/
follow
/jab-authorization/
follow
/agency-authorization/
follow
/jab-authorization/
follow
/agency-authorization/#agency-readiness-assessment
follow
/agency-authorization/#agency-pre-authorization
follow
/agency-authorization/#agency-full-security-assessment
follow
/agency-authorization/#agency-authorization-process
follow
/agency-authorization/#agency-readiness-assessment
follow
/agency-authorization/#agency-pre-authorization
follow
/agency-authorization/#agency-full-security-assessment
follow
/agency-authorization/#agency-authorization-process
Readiness Assessment
follow
/agency-authorization/#agency-readiness-assessment
Pre-Authorization
follow
/agency-authorization/#agency-pre-authorization
Full Security Assessment
follow
/agency-authorization/#agency-full-security-assessment
Agency Authorization Process
follow
/agency-authorization/#agency-authorization-process
follow
/jab-authorization/#jab-fedramp-connect
follow
/jab-authorization/#jab-readiness-assessment
follow
/jab-authorization/#jab-full-security-assessment
follow
/jab-authorization/#jab-authorization-process
follow
/jab-authorization/#jab-fedramp-connect
follow
/jab-authorization/#jab-readiness-assessment
follow
/jab-authorization/#jab-full-security-assessment
follow
/jab-authorization/#jab-authorization-process
FedRAMP Connect
follow
/jab-authorization/#jab-fedramp-connect
Readiness Assessment
follow
/jab-authorization/#jab-readiness-assessment
Full Security Assessment
follow
/jab-authorization/#jab-full-security-assessment
JAB Authorization Process
follow
/jab-authorization/#jab-authorization-process
follow
https://www.gsa.gov/
follow
https://twitter.com/fedramp?lang=en
follow
https://www.youtube.com/c/FedRAMP?lang=en
Subscribe
follow
https://public.govdelivery.com/accounts/USGSA/subscriber/new
FedRAMP Privacy Policy
follow
https://www.gsa.gov/website-information/privacy-and-security-notice
GSA Privacy Policy
follow
https://www.gsa.gov/website-information/privacy-and-security-notice
USA.gov
follow
https://www.usa.gov
GSA FOIA
follow
https://www.gsa.gov/reference/freedom-of-information-act-foia
About GSA
follow
https://www.gsa.gov/about-us
Accessibility
follow
https://www.gsa.gov/website-information/accessibility-aids
Report fraud, waste, or abuse to the Office of the Inspector General
follow
https://www.gsaig.gov/
cookies policy
follow
https://www.gsa.gov/website-information/website-policies