Federal Risk and Authorization Management Program (FedRAMP) is a government-wide program that provides a standardized approach to security assessment, authorization, and continuous monitoring for cloud products and services.
FedRAMP simplifies security for the digital age by providing a standardized approach to security for the cloud.
- Enables Agencies to rapidly adapt from old, insecure legacy IT to mission-enabling, secure, and cost effective cloud-based IT.
- Creates and manages a core set of processes to ensure effective, repeatable cloud security for the government.
- Establishes a mature marketplace to increase utilization and familiarity with cloud services while facilitating collaboration across government through open exchanges of lessons learned, use cases, and tactical solutions.
The goal of FedRAMP is to
- Accelerate the adoption of secure cloud solutions through reuse of assessments and authorizations.
- Improve confidence in the security of cloud solutions and security assessments.
- Achieve consistent security authorizations using a baseline set of agreed-upon standards for cloud product approval in or outside of FedRAMP.
- Ensure consistent application of existing security practices.
- Increase automation and near real-time data for continuous monitoring.