Partnering with FedRAMP®
FedRAMP helps federal agencies use cloud services to securely modernize their technology and support their mission.
To do this, agencies use FedRAMP’s standardized baselines to evaluate the security of cloud services. For any cloud services that they wish to use, agencies work with Cloud Service Providers (CSPs) to review the security posture and authorize the Cloud Service Offering (CSO). Agencies can review and reuse CSO security packages once they are designated as “Authorized” within the FedRAMP Marketplace by issuing their own authorization to use the product. FedRAMP’s “do once, use many” principle enables agencies to expand the marketplace of secure cloud services available to the federal government.
How FedRAMP Can Help
It is one of FedRAMP’s priorities to support agencies and their journey to using the latest cloud technologies. The FedRAMP PMO is here to assist and guide agencies through the FedRAMP Authorization process. To get started, please contact us at info@fedramp.gov.
Resources for Federal Agencies
Package Access Request Form
The Package Access Request Form can be used by any federal agency that is seeking to use a CSO that is already FedRAMP Authorized. Once it is completed and approved by the FedRAMP PMO, agencies can gain access to FedRAMP security assessment packages for up to 60 days. Additional 30 day increments may be granted upon request.
[File Info: PDF - 285KB]
Agency Authorization Playbook
The Agency Authorization Playbook provides agencies with step-by-step guidance, best practices, and tips to successfully implement the FedRAMP Agency Authorization process.
[File Info: PDF - 1.3MB]
Reusing Authorizations for Cloud Products Quick Guide
The Reusing Authorizations for Cloud Products Quick Guide outlines steps and guidance to help agencies quickly and efficiently reuse authorized cloud products within the FedRAMP Marketplace.
[File Info: PDF - 74KB]
FedRAMP’s Training Page
FedRAMP’s Training page has a path specifically for agencies. Courses that are available to agencies include the Information System Security Officer (ISSO) On-demand modules and live, virtual half-day virtual ISSO Training sessions. These trainings provide agency stakeholders with step-by-step guidance, best practices, and tips to successfully implement the FedRAMP Authorization process.