FedRAMP

What is the FedRAMP ?

The Federal Risk and Authorization Management Program (FedRAMP) is a United States federal government-wide program that provides a standardized approach to security assessment, authorization, and continuous monitoring for cloud products and services. 

In 2011, the Office of Management and Budget (OMB) released a memorandum establishing FedRAMP to provide a cost-effective, risk-based approach for the adoption and use of cloud services to Executive departments and agencies. The General Services Administration  established the FedRAMP Program Management Office (PMO) 2012. The FedRAMP PMO mission is to promote the adoption of secure cloud services across the federal government by providing a standardized approach to security and risk assessment. Per the OMB memorandum, any cloud services that hold federal data must be FedRAMP authorized. FedRAMP prescribes the security requirements and process cloud service providers must follow in order for the government to use their service. 

There are two ways to authorize a cloud service through FedRAMP : a Joint Authorization Board (JAB) provisional authorization (P-ATO) and through individual agencies. 

This solution will facilitate the implementation of the FedRAMP.