Glossary · Government

Federal Risk and Authorization Management Program (FedRAMP)

U.S. government program standardizing security assessment and authorization for cloud services used by federal agencies.

Definition

In long form.

FedRAMP provides a standardized approach to security assessment, authorization, and continuous monitoring for cloud products and services used by federal agencies. There are three impact levels — Low, Moderate, and High — corresponding to the sensitivity of the data being processed. Authorization can come through the Joint Authorization Board (JAB) or through a sponsoring agency.

In context

Software running in federal contexts typically must run on a FedRAMP-authorized cloud (AWS GovCloud, Azure Government, etc.). The hosting platform's authorization level shapes what data the application can process.

Related terms

Adjacent definitions.

Section 508

Compliance

U.S. federal law requiring government information and communication technology to be accessible to people with disabilities.

Discovery first

Talk to us about your engagement.

Discovery calls are free. Scope, timelines, and pricing are quoted after we understand what you’re solving.

Request a discovery call