FedRAMP (Federal Risk and Authorization Management Program)
The Federal Risk and Authorization Management Program (FedRAMP) is a risk management program that provides a standardized approach for assessing and monitoring the security of cloud products and services.
FedRAMP was created to support the government’s cloud computing plan.The program is intended to facilitate the adoption of cloud computing services among federal agencies by providing cloud service providers (CSPs) with a single accreditation that could be used by all agencies. The goal of FedRAMP is to reduce the time and money that individual agencies would otherwise have to spend on assessing a cloud provider's security. Certifications are based on a unified risk management process that includes security requirements agreed upon by the federal departments and agencies.
Although the FedRAMP certification process is quite intensive, qualified CSPs are eligible to work with government agencies, and non-government customers may be more confident in a certified CSP’s approach to security.
See also: FedRAMP 3PAO, Federal Cloud Computing Initiative, FISMA, NIST 800 Series