FedRAMP | FedRAMP.gov (original) (raw)

• FedRAMP 20x - One Month In and Moving Fast
  New Post | April 24, 2025
• FedRAMP in 2025
  New Post | March 24, 2025
• Focusing on Delivery
  New Post | January 17, 2025
• CSP Authorization Playbook
  New Document | January 17, 2025
• Exploring new ways to scale FedRAMP
  New Post | December 20, 2024
• FedRAMP, Looking Back on 2024, Ahead to 2025
  New Post | December 19, 2024
• SSP Appendix M - Integrated Inventory Workbook Template
  Updated Document | December 6, 2024
• SSP Appendix G - Information System Contingency Plan (ISCP) Template
  New Document | December 6, 2024
• FedRAMP Security Assessment Report (SAR) Template
  New Document | December 6, 2024
• Agency Authorization Playbook
  New Document | December 6, 2024
• FedRAMP Continuous Monitoring Deliverables Template
  New Document | December 4, 2024
• Continuous Monitoring Monthly Executive Summary Template
  New Document | November 19, 2024
• FedRAMP SAR Appendix B - Moderate Security Requirements Traceability Matrix Template
  New Document | November 8, 2024
• FedRAMP SAR Appendix B - Low Security Requirements Traceability Matrix Template
  New Document | November 8, 2024
• FedRAMP SAR Appendix B - High Security Requirements Traceability Matrix Template
  New Document | November 8, 2024
• 3PAO Readiness Assessment Report Guide
  Updated Document | October 17, 2024
• FedRAMP Help Center
  New Post | October 15, 2024
• SSP Appendix A - High FedRAMP Security Controls
  New Document | September 30, 2024
• Incident Communications Procedures
  Updated Document | September 30, 2024
• FedRAMP Agile Delivery Pilot Update
  New Post | September 27, 2024
• The Missing Piece of Our Modernization Puzzle: The FedRAMP Platform
  New Post | September 3, 2024
• Digital Authorization Package Pilot Launch
  New Post | August 28, 2024
• Welcoming a New Leader for a New FedRAMP
  New Post | August 27, 2024
• Moving to One FedRAMP Authorization: An Update on the JAB Transition
  New Post | August 12, 2024
• Strengthening the Use of Cryptography to Secure Federal Cloud Systems
  New Post | August 9, 2024
• FedRAMP Vulnerability Deviation Request Form
  New Document | August 8, 2024
• FedRAMP H-M-L-Li Review Report Template - Rev. 4
  Updated Document | August 8, 2024
• FedRAMP Metrics for Public Comment
  New Post | July 30, 2024
• The Next Phase of FedRAMP
  New Post | July 26, 2024
• FedRAMP's Roadmap Progress, One Quarter In
  New Post | July 18, 2024
• New Website Launch: automate.fedramp.gov
  New Post | July 11, 2024
• The FedRAMP Agile Delivery Pilot
  New Post | July 10, 2024
• Release of Emerging Technology Prioritization Framework
  New Post | June 27, 2024
• FedRAMP Governance
  New Post | June 4, 2024
• FedRAMP Moderate Readiness Assessment Report (RAR) Template
  Updated Document | May 31, 2024
• FedRAMP High Readiness Assessment Report (RAR) Template
  Updated Document | May 31, 2024
• FedRAMP Package Access Request Form
  New Document | April 30, 2024
• SAR Appendix A - FedRAMP Risk Exposure Table (RET) Template
  New Document | March 29, 2024
• FedRAMP Plan of Action and Milestones (POA&M) Template
  Updated Document | March 29, 2024
• A New Roadmap for FedRAMP
  New Post | March 28, 2024
• RFQ for GRC Solution Released
  New Post | March 15, 2024
• Penetration Test Guidance Public Comment Period
  New Post | March 4, 2024
• Annual Assessment Controls Selection Worksheet
  New Document | March 4, 2024
• Rev. 5 - Additional Documents Released
  New Post | February 16, 2024
• SSP Appendix A - Moderate FedRAMP Security Controls
  New Document | February 15, 2024
• FedRAMP Rev. 4 to Rev. 5 Assessment Controls Selection Template
  New Document | February 15, 2024
• Vulnerability Scanning Requirements
  New Document | February 15, 2024
• Annual Assessment Guidance
  New Document | February 15, 2024
• Supplemental Direction v2 - CISA Emergency Directive 24-01
  New Post | February 12, 2024
• Supplemental Direction v1 - CISA Emergency Directive 24-01
  New Post | February 1, 2024
• FedRAMP's Emerging Technology Prioritization Framework - Overview and Request for Comment
  New Post | January 26, 2024
• CISA Emergency Directive 24-01
  New Post | January 19, 2024
• Modernization - Automating FedRAMP's Technology
  New Post | January 17, 2024
• FedRAMP Modernization Overview
  New Post | December 14, 2023
• Extended Comment Period on Draft FedRAMP Memo
  New Post | November 30, 2023
• FedRAMP Repository - USDA Connect Update
  New Post | November 13, 2023
• FedRAMP Policy Memo Public Engagement Forum with OMB
  New Post | November 3, 2023
• FedRAMP's Role In The AI Executive Order
  New Post | October 31, 2023
• OMB FedRAMP Memo
  New Post | October 27, 2023
• FedRAMP High, Moderate, Low, LI-SaaS Baseline System Security Plan (SSP)
  Updated Document | October 13, 2023
• FedRAMP Repository - Next Steps
  New Post | September 21, 2023
• A2LA Updates the R311
  New Post | September 19, 2023
• Rev. 5 - Additional Documents Released
  New Post | August 30, 2023
• SSP Appendix A - Low FedRAMP Security Controls
  New Document | August 30, 2023
• SSP Appendix A - LI-SaaS FedRAMP Security Controls
  New Document | August 30, 2023
• FedRAMP General Document Acceptance Criteria
  New Document | August 30, 2023
• FedRAMP Collaborative ConMon Quick Guide
  New Document | August 30, 2023
• Continuous Monitoring Performance Management Guide
  New Document | August 30, 2023
• New 3PAO Training - Obligations and Performance Standards
  New Post | August 1, 2023
• CSPs Prioritized to Work with the JAB
  New Post | July 25, 2023
• 3PAO Assessment Teams Must Be Qualified
  New Post | July 20, 2023
• FedRAMP Guidance for M-21-31 and M-22-09
  New Post | July 14, 2023
• The Rev. 5 Approach to SC-8, and Protecting Data-in-Transit
  New Post | July 13, 2023
• SSP Appendix J - CIS and CRM Workbook
  New Document | July 13, 2023
• Rev. 5 - Additional Documents Released
  New Post | June 30, 2023
• SSP Appendix Q - Cryptographic Modules Table
  New Document | June 30, 2023
• SSP Appendix F - Rules of Behavior (RoB) Template
  New Document | June 30, 2023
• FedRAMP Security Assessment Plan (SAP) Template
  New Document | June 30, 2023
• FedRAMP Laws, Regulations, Standards and Guidance Reference
  New Document | June 30, 2023
• FedRAMP Initial Authorization Package Checklist
  Updated Document | June 30, 2023
• Looking Ahead - FedRAMP PMO Communications Regarding Rev. 5
  New Post | June 28, 2023
• FedRAMP Marketplace Upgrade
  New Post | June 20, 2023
• FedRAMP Guidance on BOD 23-02
  New Post | June 16, 2023
• Updated Rev. 5 OSCAL Profiles and Resolved Profile Catalogs Have Been Released
  New Post | June 15, 2023
• Rev. 5 Baselines Have Been Approved and Released!
  New Post | May 30, 2023
• FedRAMP Security Controls Baseline
  Updated Document | May 30, 2023
• GSA Releases FedRAMP’s 2023 Customer Survey
  New Post | May 19, 2023
• GSA Administrator Appoints Members to the Federal Secure Cloud Advisory Committee
  New Post | May 12, 2023
• FedRAMP Authorizations Hit 300 Milestone
  New Post | April 26, 2023
• Updated FedRAMP 3PAO Obligations and Performance Standards Document
  New Post | April 6, 2023
• 3PAO Obligations and Performance Guide
  Updated Document | April 6, 2023
• CSPs Prioritized to Work with the JAB and Next FedRAMP Connect Due Date
  New Post | February 7, 2023
• Call for Federal Secure Cloud Advisory Committee Nominations
  New Post | January 25, 2023
• FedRAMP FY22 Annual Survey Recap
  New Post | January 17, 2023
• FedRAMP Announces the Passing of the FedRAMP Authorization Act!
  New Post | January 11, 2023
• Status of Crypto Modules in Historical Status
  New Post | December 22, 2022
• Engaging with FedRAMP - PART 3, The SAR Debrief
  New Post | November 29, 2022
• Engaging with FedRAMP - PART 2, The Kickoff Meeting
  New Post | November 16, 2022
• Engaging with FedRAMP - PART 1, The Intake Process
  New Post | November 9, 2022
• A Look Back at Fiscal Year 2022
  New Post | October 27, 2022
• CSP Prioritized to Work with the JAB and Next FedRAMP Connect Due Date
  New Post | October 25, 2022
• FedRAMP Agency Liaisons
  New Post | September 22, 2022
• FedRAMP Announces Public Comment Period for Authorization Boundary Guidance
  New Post | September 14, 2022
• FedRAMP Releases Updated Brand Guide
  New Post | September 1, 2022
• Branding Guidance
  New Document | September 1, 2022
• FedRAMP Launches OSCAL Developer Data Bites Series
  New Post | August 18, 2022
• FedRAMP Releases the FY22 Annual Survey
  New Post | August 10, 2022
• Reusing Authorizations for Cloud Products Quick Guide
  New Document | July 26, 2022
• PMO Releases Subnetting White Paper
  New Post | July 19, 2022
• Penetration Test Guidance Updates
  New Post | July 5, 2022
• Penetration Test Guidance
  Updated Document | June 30, 2022
• Update to the Plan of Actions and Milestones Template
  New Post | June 28, 2022
• CISA Releases Updated Cloud Security Technical Reference Architecture
  New Post | June 23, 2022
• Subnets White Paper
  New Document | June 21, 2022
• CSPs Prioritized to Work with the JAB and Next FedRAMP Connect Due Date
  New Post | June 1, 2022
• FedRAMP Receives First OSCAL System Security Plan
  New Post | May 19, 2022
• FedRAMP Rev. 5 Transition Update
  New Post | April 27, 2022
• Responsibilities of CSPs and 3PAOs for FedRAMP Annual Assessment
  New Post | March 16, 2022
• FedRAMP BOD 22-01 Guidance
  New Post | March 8, 2022
• FedRAMP Prepares for 'Zero Trust' Stance
  New Post | March 2, 2022
• FedRAMP Updates the Threat-Based Methodology to Authorizations
  New Post | February 15, 2022
• Threat-Based Risk Profiling Methodology White Paper
  New Document | February 15, 2022
• FedRAMP FY21 Annual Survey Recap
  New Post | January 27, 2022
• FedRAMP Connect Business Case Deadline Extended
  New Post | January 19, 2022
• FedRAMP Releases Updated CSP Authorization Playbook
  New Post | January 18, 2022
• Readiness Assessment Report (RAR) Templates and Guide Updates for 3PAOs
  New Post | January 4, 2022
• FedRAMP Publishes Draft Rev. 5 Baselines
  New Post | December 21, 2021
• FedRAMP Turns 10!
  New Post | December 8, 2021
• A2LA Updates the R346 Regarding Remote Baltimore Cyber Range Assessments
  New Post | December 7, 2021
• Unique Vulnerability Counts with Container Scanning
  New Post | December 2, 2021
• Plan of Action and Milestones (POA&M) Template Completion Guide
  Updated Document | November 23, 2021
• A Look Back at Fiscal Year 2021
  New Post | November 9, 2021
• CSPs Prioritized to Work with the JAB and the Next FedRAMP Connect Due Date
  New Post | November 2, 2021
• FedRAMP Releases Updated Marketplace Designations Document for CSPs
  New Post | October 28, 2021
• FedRAMP Releases Updated Agency Authorization Playbook
  New Post | October 20, 2021
• The Importance of ATO Letter Submission
  New Post | September 22, 2021
• FedRAMP Updates CSP SSP (200A) Training
  New Post | August 24, 2021
• FedRAMP Releases OSCAL Validations
  New Post | August 12, 2021
• FedRAMP Releases the FY21 Annual Survey!
  New Post | August 10, 2021
• FedRAMP Releases Updated OSCAL Template & Tools
  New Post | July 20, 2021
• Requesting Public Comment on FedRAMP Authorization Boundary Guidance
  New Post | July 14, 2021
• FedRAMP Authorization Boundary Guidance
  Updated Document | July 13, 2021
• A2LA Updates the R311
  New Post | June 30, 2021
• FedRAMP Announces NIST’s OSCAL 1.0.0 Release
  New Post | June 8, 2021
• An Update to FedRAMP’s Low, Moderate, and High Baseline SA-4 Controls and IR-3 High Baseline
  New Post | May 20, 2021
• Remote Testing of Datacenters
  New Post | May 11, 2021
• Rev5 Transition Update
  New Post | May 6, 2021
• FedRAMP Connect Business Case Deadline Extended
  New Post | April 27, 2021
• Release of FedRAMP Incident Communications Procedures
  New Post | April 15, 2021
• JAB Guidance on CentOS Linux End of Life
  New Post | March 30, 2021
• FedRAMP Launches YouTube Channel
  New Post | March 24, 2021
• Vulnerability Scanning Requirements for Containers
  New Post | March 16, 2021
• Vulnerability Scanning Requirements for Containers
  New Document | March 16, 2021
• The New FedRAMP.gov
  New Post | February 16, 2021
• FedRAMP Explores a Threat-Based Methodology to Authorizations
  New Post | February 10, 2021
• CSPs Prioritized to Work with the JAB and Next FedRAMP Connect Due Date
  New Post | January 27, 2021
• Timeliness and Accuracy of Testing Requirements
  New Document | December 11, 2020
• FedRAMP Hosts a 3PAO Interact Week
  New Post | December 1, 2020
• FedRAMP’s NIST Rev5 Transition Plan
  New Post | November 24, 2020
• CSPs Prioritized to Work with the JAB and Next FedRAMP Connect Due Date
  New Post | October 9, 2020
• FedRAMP Reaches 200 Authorizations
  New Post | September 17, 2020
• Updated 3PAO Obligations and Performance Standards document
  New Post | September 1, 2020
• Additional FedRAMP OSCAL Resources and Templates
  New Post | August 20, 2020
• Requesting Public Comment on Vulnerability Scanning Requirements for the Deployment and Use of Containers
  New Post | August 14, 2020
• Please Take the FY20 FedRAMP Annual Survey!
  New Post | August 5, 2020
• An Update to FedRAMP’s High Baseline SA-9(5) Control
  New Post | July 31, 2020
• FedRAMP Announces Document and Template Updates
  New Post | July 23, 2020
• FedRAMP Announces Agency Liaison Program
  New Post | June 24, 2020
• Using the FedRAMP OSCAL Resources and Templates
  New Post | June 10, 2020
• Do Once, Use Many - How Agencies Can Reuse a FedRAMP Authorization
  New Post | May 7, 2020
• JAB Prioritized CSPs and FedRAMP Connect Updates
  New Post | March 26, 2020
• FedRAMP Lessons Learned for Small Businesses
  New Post | February 26, 2020
• FedRAMP Looks Back on a Successful FY2019
  New Post | February 21, 2020
• FedRAMP Moves to Automate the Authorization Process
  New Post | December 17, 2019
• A Successful FedRAMP Startup & Small Business Meetup in San Francisco
  New Post | October 15, 2019
• FedRAMP Connect Results and Next Round of Connect Open Until September 13th
  New Post | September 10, 2019
• FedRAMP Heads to San Francisco to Host Small Business & Startup Meetup
  New Post | September 4, 2019
• Please Take the FY19 FedRAMP Annual Survey!
  New Post | August 27, 2019
• FedRAMP Launches Ideation Challenge
  New Post | July 24, 2019
• FedRAMP Marketplace Guidance Released
  New Post | June 20, 2019
• FedRAMP ATO Letter Template
  New Document | June 20, 2019
• Get to Know FedRAMP's Program Manager of Security Operations
  New Post | May 30, 2019
• Meet FedRAMP's Customer Success Manager
  New Post | May 8, 2019
• Best Practices for Multi-Agency Continuous Monitoring
  New Post | May 1, 2019
• Reviewing the SAR - Best Practices for 3PAOs, Agencies, and Cloud Service Providers
  New Post | March 7, 2019
• FedRAMP Updates 3PAO Requirements
  New Post | November 6, 2018
• FedRAMP Significant Change Form Template
  New Document | August 28, 2018
• FedRAMP New Cloud Service Offering (CSO) or Feature Onboarding Request Template
  New Document | August 28, 2018
• Significant Change Policies and Procedures
  New Document | August 28, 2018
• Annual Assessment Guidance
  New Post | April 26, 2018
• Continuous Monitoring Strategy Guide
  New Document | April 4, 2018
• Guide for Determining Eligibility and Requirements for the Use of Sampling for Vulnerability Scans
  New Document | March 20, 2018
• Automated Vulnerability Risk Adjustment Framework Guidance
  New Document | March 20, 2018
• Impact of FedRAMP for Small Businesses
  New Post | January 25, 2018
• Understanding Baselines and Impact Levels in FedRAMP
  New Post | November 16, 2017
• CSP JAB P-ATO Roles and Responsibilities
  New Document | May 18, 2017
• FedRAMP Policy Memo
  New Document | December 8, 2011