Federal Risk and Authorization Management Program (FedRAMP)

FedRAMP, short for the Federal Risk and Authorization Management Program, is a U.S. government program established to standardize the security assessment, authorization, and continuous monitoring processes for cloud products and services. Its primary goal is to ensure that cloud solutions used by federal agencies meet consistent and stringent security standards.

Based on NIST Special Publication 800-53, it defines security controls and families.

Controls address aspects like Access Control, Communications Protection, and Security Assessment.

FedRAMP Marketplace

The FedRAMP Marketplace is an online repository that provides a comprehensive list of cloud products and services that have received authorization through the Federal Risk and Authorization Management Program (FedRAMP). It serves as a valuable resource for federal agencies and organizations seeking FedRAMP-compliant cloud solutions.

Examples of FedRAMP Authorized Cloud Services:

• Amazon Web Services (AWS)

• Microsoft Azure

• Google Cloud Platform (GCP)

• Salesforce Government Cloud

• ServiceNow

• Adobe Document Cloud for Government

• Oracle Cloud Infrastructure (OCI)